Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/4C952DC0ACFFF908C6FA14C8A7AAE8B6331B30DAE0410F148E94CF1B47A832D9/0/3230302e302e39322e302f32332d3234203d3e203238333934.roa
File:                     3230302e302e39322e302f32332d3234203d3e203238333934.roa (raw, json)
Hash identifier:          UYh12AxgwNfwODLNrsBuhjlwk47B6PbFKvgEKCxnanc=
Subject key identifier:   BF:1E:A7:49:50:EB:13:B8:1E:D9:9A:14:20:1A:16:C2:BA:1D:33:02
Certificate issuer:       /CN=FF591A13316346A2BCEF07F6DF8D44DD0250F841
Certificate serial:       3B37FBAFE511FC7DABAC1C469A9EF97FFE3E056D
Authority key identifier: FF:59:1A:13:31:63:46:A2:BC:EF:07:F6:DF:8D:44:DD:02:50:F8:41
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/FF591A13316346A2BCEF07F6DF8D44DD0250F841.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/4C952DC0ACFFF908C6FA14C8A7AAE8B6331B30DAE0410F148E94CF1B47A832D9/0/3230302e302e39322e302f32332d3234203d3e203238333934.roa
Signing time:             Mon 19 Aug 2024 18:40:00 +0000
ROA not before:           Mon 19 Aug 2024 18:35:00 +0000
ROA not after:            Mon 18 Aug 2025 18:40:00 +0000
asID:                     28394
IP address blocks:        200.0.92.0/23 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3b:37:fb:af:e5:11:fc:7d:ab:ac:1c:46:9a:9e:f9:7f:fe:3e:05:6d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=FF591A13316346A2BCEF07F6DF8D44DD0250F841
        Validity
            Not Before: Aug 19 18:35:00 2024 GMT
            Not After : Aug 18 18:40:00 2025 GMT
        Subject: CN=BF1EA74950EB13B81ED99A14201A16C2BA1D3302
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:10:4b:0e:5d:23:80:fa:1d:79:c7:ea:b0:15:
                    4b:b8:38:17:43:4b:29:7d:0a:4f:d4:54:2a:9d:f8:
                    3e:99:5d:e4:93:7b:8d:a7:ff:4b:72:2c:0f:fa:e7:
                    4e:68:9e:f9:c1:c2:8c:24:3e:1c:00:74:b1:03:05:
                    fd:4e:4b:23:b1:e3:66:4b:52:e2:b5:14:ca:60:3d:
                    8f:38:56:d6:62:fb:53:e1:7e:04:ab:d3:c5:4b:29:
                    7a:fb:ce:47:23:15:96:c0:2f:5e:2d:62:0f:91:88:
                    41:1c:fc:db:41:af:b2:0f:e9:64:1a:00:ec:6f:d3:
                    13:24:b3:fa:30:be:21:58:1d:66:37:f6:17:36:e2:
                    d3:98:95:31:06:f2:97:cd:ca:f3:5f:de:f0:6e:ce:
                    e9:96:4e:40:0c:35:21:52:b4:a1:45:b3:2a:86:be:
                    a3:ca:05:37:1a:71:4d:10:51:4b:67:a7:6b:26:7a:
                    e0:7a:88:26:99:e9:95:da:22:d4:33:db:f4:f7:1a:
                    b6:c1:08:98:44:0f:34:58:f8:80:50:67:7f:98:cb:
                    50:77:12:ae:29:0c:fc:5a:80:1e:ba:51:9a:bc:42:
                    03:58:1c:6d:bb:b3:2d:ef:be:34:e9:73:80:6e:88:
                    35:cb:7a:55:d1:64:c5:a8:62:f9:7d:34:00:f7:4a:
                    7f:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BF:1E:A7:49:50:EB:13:B8:1E:D9:9A:14:20:1A:16:C2:BA:1D:33:02
            X509v3 Authority Key Identifier:
                keyid:FF:59:1A:13:31:63:46:A2:BC:EF:07:F6:DF:8D:44:DD:02:50:F8:41

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/4C952DC0ACFFF908C6FA14C8A7AAE8B6331B30DAE0410F148E94CF1B47A832D9/0/FF591A13316346A2BCEF07F6DF8D44DD0250F841.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/FF591A13316346A2BCEF07F6DF8D44DD0250F841.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/4C952DC0ACFFF908C6FA14C8A7AAE8B6331B30DAE0410F148E94CF1B47A832D9/0/3230302e302e39322e302f32332d3234203d3e203238333934.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.0.92.0/23

    Signature Algorithm: sha256WithRSAEncryption
         95:b4:c5:6b:49:ac:04:6d:2b:04:38:59:bd:eb:29:60:25:8d:
         16:fa:09:a6:9f:29:70:c0:df:08:45:9c:20:c1:35:06:cf:82:
         6a:19:2c:a6:b2:86:bc:9a:8f:92:57:f0:f4:59:26:dd:b6:5c:
         d1:a6:30:78:05:a7:0e:50:3e:58:59:49:a5:3b:56:6d:53:73:
         02:94:26:eb:99:2c:8b:00:8d:28:dd:41:ae:2c:dc:53:88:3d:
         ac:86:a5:38:e0:f1:56:85:02:37:96:f6:0f:b8:5d:0e:bf:63:
         69:70:11:45:f6:0d:a2:2f:98:5d:ca:65:a6:b6:40:aa:04:07:
         0b:5a:62:46:01:ec:e1:fe:e6:79:2a:35:06:58:d9:71:fe:a3:
         28:27:19:89:95:9d:25:ed:10:42:ac:83:65:00:a8:da:cd:99:
         92:91:f7:a3:62:75:a6:83:52:e3:41:25:27:5d:5e:1b:a3:3c:
         b9:b8:cd:1c:40:55:b5:4c:dd:ea:ab:38:05:f6:81:77:f5:4c:
         58:47:19:70:2f:56:20:1e:8a:f5:02:10:5b:b3:41:f5:7d:79:
         d7:df:7b:2c:57:fe:4c:56:89:92:f2:1f:b4:6f:ff:86:55:1f:
         d6:6c:63:e7:06:30:86:cb:c0:15:de:6b:30:21:59:eb:14:32:
         17:a2:c5:cd
-----BEGIN CERTIFICATE-----
MIIFujCCBKKgAwIBAgIUOzf7r+UR/H2rrBxGmp75f/4+BW0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRkY1OTFBMTMzMTYzNDZBMkJDRUYwN0Y2REY4RDQ0REQw
MjUwRjg0MTAeFw0yNDA4MTkxODM1MDBaFw0yNTA4MTgxODQwMDBaMDMxMTAvBgNV
BAMTKEJGMUVBNzQ5NTBFQjEzQjgxRUQ5OUExNDIwMUExNkMyQkExRDMzMDIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqEEsOXSOA+h15x+qwFUu4OBdD
Syl9Ck/UVCqd+D6ZXeSTe42n/0tyLA/6505onvnBwowkPhwAdLEDBf1OSyOx42ZL
UuK1FMpgPY84VtZi+1PhfgSr08VLKXr7zkcjFZbAL14tYg+RiEEc/NtBr7IP6WQa
AOxv0xMks/owviFYHWY39hc24tOYlTEG8pfNyvNf3vBuzumWTkAMNSFStKFFsyqG
vqPKBTcacU0QUUtnp2smeuB6iCaZ6ZXaItQz2/T3GrbBCJhEDzRY+IBQZ3+Yy1B3
Eq4pDPxagB66UZq8QgNYHG27sy3vvjTpc4BuiDXLelXRZMWoYvl9NAD3Sn9xAgMB
AAGjggLEMIICwDAdBgNVHQ4EFgQUvx6nSVDrE7ge2ZoUIBoWwrodMwIwHwYDVR0j
BBgwFoAU/1kaEzFjRqK87wf2341E3QJQ+EEwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy80Qzk1MkRDMEFDRkZGOTA4QzZGQTE0QzhBN0FBRThCNjMz
MUIzMERBRTA0MTBGMTQ4RTk0Q0YxQjQ3QTgzMkQ5LzAvRkY1OTFBMTMzMTYzNDZB
MkJDRUYwN0Y2REY4RDQ0REQwMjUwRjg0MS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9GRjU5MUExMzMxNjM0NkEyQkNF
RjA3RjZERjhENDRERDAyNTBGODQxLmNlcjCBwwYIKwYBBQUHAQsEgbYwgbMwgbAG
CCsGAQUFBzALhoGjcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNEM5NTJEQzBBQ0ZGRjkwOEM2RkExNEM4QTdBQUU4QjYzMzFCMzBEQUUw
NDEwRjE0OEU5NENGMUI0N0E4MzJEOS8wLzMyMzAzMDJlMzAyZTM5MzIyZTMwMmYz
MjMzMmQzMjM0MjAzZDNlMjAzMjM4MzMzOTM0LnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQByABcMA0GCSqG
SIb3DQEBCwUAA4IBAQCVtMVrSawEbSsEOFm96ylgJY0W+gmmnylwwN8IRZwgwTUG
z4JqGSymsoa8mo+SV/D0WSbdtlzRpjB4BacOUD5YWUmlO1ZtU3MClCbrmSyLAI0o
3UGuLNxTiD2shqU44PFWhQI3lvYPuF0Ov2NpcBFF9g2iL5hdymWmtkCqBAcLWmJG
Aezh/uZ5KjUGWNlx/qMoJxmJlZ0l7RBCrINlAKjazZmSkfejYnWmg1LjQSUnXV4b
ozy5uM0cQFW1TN3qqzgF9oF39UxYRxlwL1YgHor1AhBbs0H1fXnX33ssV/5MVomS
8h+0b/+GVR/WbGPnBjCGy8AV3mswIVnrFDIXosXN
-----END CERTIFICATE-----