Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/462FFF33C31C789B381060D18764EFC1B39F677FA89503C899A260903BF52AE5/0/3230302e35392e36342e302f31382d3234203d3e203130363137.roa
File:                     3230302e35392e36342e302f31382d3234203d3e203130363137.roa (raw, json)
Hash identifier:          f53pT77amDTuBArH+WEzU3OCsT9epXBysx2Y5ijj/2U=
Subject key identifier:   35:3A:CC:DE:DE:B2:FC:87:F5:29:63:EC:F7:5E:80:D8:73:0A:41:7E
Certificate issuer:       /CN=991C3EDCC03E2270A8EAAF822EC17BEC741B1AA3
Certificate serial:       02F6C798F1CBD75DCABB3A2ED6F25400990E65FB
Authority key identifier: 99:1C:3E:DC:C0:3E:22:70:A8:EA:AF:82:2E:C1:7B:EC:74:1B:1A:A3
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/991C3EDCC03E2270A8EAAF822EC17BEC741B1AA3.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/462FFF33C31C789B381060D18764EFC1B39F677FA89503C899A260903BF52AE5/0/3230302e35392e36342e302f31382d3234203d3e203130363137.roa
Signing time:             Tue 04 Feb 2025 18:03:36 +0000
ROA not before:           Tue 04 Feb 2025 17:58:36 +0000
ROA not after:            Tue 03 Feb 2026 18:03:36 +0000
asID:                     10617
IP address blocks:        200.59.64.0/18 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            02:f6:c7:98:f1:cb:d7:5d:ca:bb:3a:2e:d6:f2:54:00:99:0e:65:fb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=991C3EDCC03E2270A8EAAF822EC17BEC741B1AA3
        Validity
            Not Before: Feb  4 17:58:36 2025 GMT
            Not After : Feb  3 18:03:36 2026 GMT
        Subject: CN=353ACCDEDEB2FC87F52963ECF75E80D8730A417E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:12:1c:9c:e1:53:ef:6d:7a:68:84:8b:75:6c:
                    bc:35:a9:97:d9:1b:aa:7c:2d:e9:df:7e:c9:2b:96:
                    ec:9e:3d:e6:cf:81:4e:f2:89:65:12:fc:75:e5:95:
                    81:1c:ad:95:66:fd:44:3a:47:8d:50:18:f8:43:55:
                    96:15:7a:ab:c8:09:ec:45:53:31:52:91:45:66:49:
                    35:de:e2:3b:dd:95:e5:9b:e0:8a:f6:78:1f:0d:95:
                    6e:09:93:b9:63:0a:48:72:fd:a4:a8:4d:8d:18:9c:
                    64:da:bb:bc:2b:98:ba:18:1b:9d:bf:48:3e:73:9e:
                    1d:c6:85:36:26:c5:14:d6:4a:7b:35:6d:ef:17:05:
                    86:10:8f:b0:74:95:79:13:21:b6:37:4e:2f:c6:e4:
                    1f:bf:08:8e:c9:eb:11:26:a8:44:60:1c:61:30:79:
                    d6:be:5e:dd:14:b7:fe:e0:6d:15:24:d0:48:1c:cf:
                    e7:38:30:3e:e1:60:e5:c0:0d:3a:d3:ec:b3:d3:9e:
                    9f:be:c3:83:2a:78:9c:95:e8:13:36:71:b4:ad:05:
                    c5:24:b2:2f:ea:67:fe:8d:cc:9a:d8:19:c4:e0:9e:
                    9e:50:d5:4e:d8:d5:72:fc:e0:d0:a5:a0:cc:0e:bd:
                    b4:b1:83:d2:6b:1d:be:eb:b5:1b:fa:eb:cd:1f:2d:
                    61:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                35:3A:CC:DE:DE:B2:FC:87:F5:29:63:EC:F7:5E:80:D8:73:0A:41:7E
            X509v3 Authority Key Identifier:
                keyid:99:1C:3E:DC:C0:3E:22:70:A8:EA:AF:82:2E:C1:7B:EC:74:1B:1A:A3

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/462FFF33C31C789B381060D18764EFC1B39F677FA89503C899A260903BF52AE5/0/991C3EDCC03E2270A8EAAF822EC17BEC741B1AA3.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/991C3EDCC03E2270A8EAAF822EC17BEC741B1AA3.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/462FFF33C31C789B381060D18764EFC1B39F677FA89503C899A260903BF52AE5/0/3230302e35392e36342e302f31382d3234203d3e203130363137.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.59.64.0/18

    Signature Algorithm: sha256WithRSAEncryption
         26:e4:5b:23:8a:1e:ef:55:c2:aa:62:68:40:9b:65:35:1d:cd:
         a0:26:1e:6c:b2:84:89:e2:1e:2b:a8:6d:53:93:f7:f0:fa:90:
         17:da:30:1b:42:44:7d:df:35:fc:c8:e3:7f:8e:90:75:66:43:
         e0:6c:36:b7:90:06:6c:52:80:a9:53:16:06:53:a4:96:f0:cc:
         08:42:52:67:bc:0e:c4:a8:8a:8d:ab:8f:a2:06:e4:35:97:28:
         fd:59:25:59:c1:1c:31:37:ea:32:16:e9:d0:cf:5d:a9:35:0d:
         a1:4e:3f:ca:09:88:bc:e7:e3:c0:0e:47:2f:22:fe:cc:f0:8d:
         c5:5f:c2:3b:df:c4:24:63:ee:35:1d:3a:63:6b:34:74:19:46:
         cf:9b:78:3e:26:3e:30:dd:03:54:1b:d4:22:34:e6:ae:e9:ec:
         ca:62:ec:0e:1d:cc:d3:9c:82:49:d5:3e:d3:03:bb:b8:53:0f:
         21:37:69:46:9d:cf:ca:74:72:df:ba:66:f4:24:85:34:da:52:
         c8:8b:58:91:f3:97:2f:1d:8a:dc:76:07:32:d6:52:34:26:53:
         1e:a9:10:47:10:43:54:3a:dd:01:4e:e1:01:a0:9e:9a:c9:f9:
         51:85:c8:b1:fe:ce:29:23:16:8e:13:ea:54:f9:58:3b:89:69:
         3e:79:53:8d
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIUAvbHmPHL113Kuzou1vJUAJkOZfswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOTkxQzNFRENDMDNFMjI3MEE4RUFBRjgyMkVDMTdCRUM3
NDFCMUFBMzAeFw0yNTAyMDQxNzU4MzZaFw0yNjAyMDMxODAzMzZaMDMxMTAvBgNV
BAMTKDM1M0FDQ0RFREVCMkZDODdGNTI5NjNFQ0Y3NUU4MEQ4NzMwQTQxN0UwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzEhyc4VPvbXpohIt1bLw1qZfZ
G6p8LenffskrluyePebPgU7yiWUS/HXllYEcrZVm/UQ6R41QGPhDVZYVeqvICexF
UzFSkUVmSTXe4jvdleWb4Ir2eB8NlW4Jk7ljCkhy/aSoTY0YnGTau7wrmLoYG52/
SD5znh3GhTYmxRTWSns1be8XBYYQj7B0lXkTIbY3Ti/G5B+/CI7J6xEmqERgHGEw
eda+Xt0Ut/7gbRUk0Egcz+c4MD7hYOXADTrT7LPTnp++w4MqeJyV6BM2cbStBcUk
si/qZ/6NzJrYGcTgnp5Q1U7Y1XL84NCloMwOvbSxg9JrHb7rtRv6680fLWEtAgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQUNTrM3t6y/If1KWPs916A2HMKQX4wHwYDVR0j
BBgwFoAUmRw+3MA+InCo6q+CLsF77HQbGqMwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy80NjJGRkYzM0MzMUM3ODlCMzgxMDYwRDE4NzY0RUZDMUIz
OUY2NzdGQTg5NTAzQzg5OUEyNjA5MDNCRjUyQUU1LzAvOTkxQzNFRENDMDNFMjI3
MEE4RUFBRjgyMkVDMTdCRUM3NDFCMUFBMy5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC85OTFDM0VEQ0MwM0UyMjcwQThF
QUFGODIyRUMxN0JFQzc0MUIxQUEzLmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNDYyRkZGMzNDMzFDNzg5QjM4MTA2MEQxODc2NEVGQzFCMzlGNjc3RkE4
OTUwM0M4OTlBMjYwOTAzQkY1MkFFNS8wLzMyMzAzMDJlMzUzOTJlMzYzNDJlMzAy
ZjMxMzgyZDMyMzQyMDNkM2UyMDMxMzAzNjMxMzcucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAbIO0AwDQYJ
KoZIhvcNAQELBQADggEBACbkWyOKHu9VwqpiaECbZTUdzaAmHmyyhIniHiuobVOT
9/D6kBfaMBtCRH3fNfzI43+OkHVmQ+BsNreQBmxSgKlTFgZTpJbwzAhCUme8DsSo
io2rj6IG5DWXKP1ZJVnBHDE36jIW6dDPXak1DaFOP8oJiLzn48AORy8i/szwjcVf
wjvfxCRj7jUdOmNrNHQZRs+beD4mPjDdA1Qb1CI05q7p7Mpi7A4dzNOcgknVPtMD
u7hTDyE3aUadz8p0ct+6ZvQkhTTaUsiLWJHzly8ditx2BzLWUjQmUx6pEEcQQ1Q6
3QFO4QGgnprJ+VGFyLH+zikjFo4T6lT5WDuJaT55U40=
-----END CERTIFICATE-----