Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/4CD18697CCD6A0801504102AE175C164A8EF049BEC02E6650B76FB41E227D9A9/0/3230302e3131322e3233392e302f32342d3234203d3e203133333831.roa
File:                     3230302e3131322e3233392e302f32342d3234203d3e203133333831.roa (raw, json)
Hash identifier:          Kiys9yfSy7v06HCQym0b7TL41pHOVICvCWyzqT/4nPg=
Subject key identifier:   CD:EB:35:D6:0D:65:23:49:35:13:38:78:1D:DF:FA:D1:95:71:FA:E6
Certificate issuer:       /CN=A35E57ED97246E8C02997E4FCF0C3ED13E10074A
Certificate serial:       12CAAF094D5951D31B425833B4E081C1E7838779
Authority key identifier: A3:5E:57:ED:97:24:6E:8C:02:99:7E:4F:CF:0C:3E:D1:3E:10:07:4A
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A35E57ED97246E8C02997E4FCF0C3ED13E10074A.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/4CD18697CCD6A0801504102AE175C164A8EF049BEC02E6650B76FB41E227D9A9/0/3230302e3131322e3233392e302f32342d3234203d3e203133333831.roa
Signing time:             Tue 04 Feb 2025 20:07:58 +0000
ROA not before:           Tue 04 Feb 2025 20:02:58 +0000
ROA not after:            Tue 03 Feb 2026 20:07:58 +0000
asID:                     13381
IP address blocks:        200.112.239.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            12:ca:af:09:4d:59:51:d3:1b:42:58:33:b4:e0:81:c1:e7:83:87:79
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A35E57ED97246E8C02997E4FCF0C3ED13E10074A
        Validity
            Not Before: Feb  4 20:02:58 2025 GMT
            Not After : Feb  3 20:07:58 2026 GMT
        Subject: CN=CDEB35D60D652349351338781DDFFAD19571FAE6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:41:e2:4b:db:67:86:6d:2c:47:cd:53:e8:da:
                    23:e0:78:30:7d:96:86:96:be:63:83:6c:5c:3a:0a:
                    bb:9e:e0:5b:17:46:2f:8f:40:42:ae:e3:20:fa:27:
                    e8:b4:92:4f:75:87:19:b5:e5:fe:1a:dc:c1:3f:13:
                    b5:2a:be:7e:3d:a0:e4:96:1e:06:c1:e2:20:34:ea:
                    b8:73:77:f6:ea:ef:53:95:60:1a:de:26:56:bc:91:
                    2b:05:7e:83:c6:1f:0a:41:a0:d5:9f:51:7e:7f:25:
                    f2:d6:9e:3f:3e:bd:90:72:75:f3:c1:72:b4:27:cd:
                    5f:11:e4:cf:1c:66:4e:7f:8f:d4:0f:30:b7:91:8b:
                    7e:14:37:31:8b:98:8e:48:8c:41:dd:ab:75:cc:d1:
                    8c:94:8e:65:19:7d:6a:60:38:02:fc:35:3e:d8:ab:
                    6a:52:7d:02:90:de:7c:99:90:03:0e:78:dd:59:10:
                    b4:c8:52:d1:41:7a:cb:03:d7:8f:9d:2c:09:d2:77:
                    5d:53:1f:94:f2:d5:0b:b4:40:69:58:89:f9:86:ea:
                    7b:26:fc:4e:af:17:c1:48:56:5b:70:1f:71:5c:9b:
                    2d:51:4c:4b:f7:52:a7:db:8a:f2:d0:2a:69:00:a1:
                    ca:a7:f0:f1:63:54:56:78:4a:99:b4:03:5e:c7:f4:
                    0f:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CD:EB:35:D6:0D:65:23:49:35:13:38:78:1D:DF:FA:D1:95:71:FA:E6
            X509v3 Authority Key Identifier:
                keyid:A3:5E:57:ED:97:24:6E:8C:02:99:7E:4F:CF:0C:3E:D1:3E:10:07:4A

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/4CD18697CCD6A0801504102AE175C164A8EF049BEC02E6650B76FB41E227D9A9/0/A35E57ED97246E8C02997E4FCF0C3ED13E10074A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A35E57ED97246E8C02997E4FCF0C3ED13E10074A.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/4CD18697CCD6A0801504102AE175C164A8EF049BEC02E6650B76FB41E227D9A9/0/3230302e3131322e3233392e302f32342d3234203d3e203133333831.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.112.239.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4d:e6:7f:9a:cb:75:75:d8:be:54:24:c4:dd:eb:92:48:15:88:
         05:0f:c1:0b:7e:50:ef:9e:e9:a3:10:86:61:80:9a:d1:39:4d:
         8b:88:4e:59:19:85:e5:cc:82:3b:f8:5b:75:d9:41:25:7c:28:
         ae:61:e6:f1:83:40:51:03:8e:80:ad:09:a4:fc:66:4b:ff:45:
         f9:3d:1e:1b:16:cc:e3:b4:60:6c:1e:6b:32:35:b5:4c:5e:33:
         d8:b6:b1:1c:19:65:e3:c8:8f:de:f9:94:a1:67:3f:54:4e:a1:
         a3:d7:42:e6:c3:28:f4:20:e7:95:e8:40:b3:de:64:5f:58:3c:
         ad:8f:f3:41:ae:c3:dc:b0:dd:76:63:ab:b8:aa:8b:cd:0e:2d:
         0c:6c:57:a9:ad:9b:d2:f0:34:77:6a:ac:7d:31:a7:6f:4e:b3:
         0e:a1:a8:6a:a5:82:a9:f4:29:e9:8e:17:d8:74:cb:a7:ef:a3:
         ec:33:1c:8d:76:98:e3:99:30:c7:6e:84:6b:9b:46:d8:59:98:
         ca:66:4a:63:49:5b:17:93:8f:15:f4:ed:ab:8b:d2:f1:2d:d4:
         45:24:f4:c1:88:40:4d:25:78:b0:ff:06:df:98:99:fe:fc:8d:
         e8:19:ee:46:cf:fc:e4:05:7d:5d:d8:ff:1d:f9:33:b4:7a:ec:
         96:63:c2:22
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUEsqvCU1ZUdMbQlgztOCBweeDh3kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTM1RTU3RUQ5NzI0NkU4QzAyOTk3RTRGQ0YwQzNFRDEz
RTEwMDc0QTAeFw0yNTAyMDQyMDAyNThaFw0yNjAyMDMyMDA3NThaMDMxMTAvBgNV
BAMTKENERUIzNUQ2MEQ2NTIzNDkzNTEzMzg3ODFEREZGQUQxOTU3MUZBRTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCQeJL22eGbSxHzVPo2iPgeDB9
loaWvmODbFw6Crue4FsXRi+PQEKu4yD6J+i0kk91hxm15f4a3ME/E7Uqvn49oOSW
HgbB4iA06rhzd/bq71OVYBreJla8kSsFfoPGHwpBoNWfUX5/JfLWnj8+vZBydfPB
crQnzV8R5M8cZk5/j9QPMLeRi34UNzGLmI5IjEHdq3XM0YyUjmUZfWpgOAL8NT7Y
q2pSfQKQ3nyZkAMOeN1ZELTIUtFBessD14+dLAnSd11TH5Ty1Qu0QGlYifmG6nsm
/E6vF8FIVltwH3Fcmy1RTEv3UqfbivLQKmkAocqn8PFjVFZ4Spm0A17H9A/jAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUzes11g1lI0k1Ezh4Hd/60ZVx+uYwHwYDVR0j
BBgwFoAUo15X7ZckbowCmX5Pzww+0T4QB0owDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy80Q0QxODY5N0NDRDZBMDgwMTUwNDEwMkFFMTc1QzE2NEE4
RUYwNDlCRUMwMkU2NjUwQjc2RkI0MUUyMjdEOUE5LzAvQTM1RTU3RUQ5NzI0NkU4
QzAyOTk3RTRGQ0YwQzNFRDEzRTEwMDc0QS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9BMzVFNTdFRDk3MjQ2RThDMDI5
OTdFNEZDRjBDM0VEMTNFMTAwNzRBLmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNENEMTg2OTdDQ0Q2QTA4MDE1MDQxMDJBRTE3NUMxNjRBOEVGMDQ5QkVD
MDJFNjY1MEI3NkZCNDFFMjI3RDlBOS8wLzMyMzAzMDJlMzEzMTMyMmUzMjMzMzky
ZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzMzODMxLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAyHDv
MA0GCSqGSIb3DQEBCwUAA4IBAQBN5n+ay3V12L5UJMTd65JIFYgFD8ELflDvnumj
EIZhgJrROU2LiE5ZGYXlzII7+Ft12UElfCiuYebxg0BRA46ArQmk/GZL/0X5PR4b
FszjtGBsHmsyNbVMXjPYtrEcGWXjyI/e+ZShZz9UTqGj10Lmwyj0IOeV6ECz3mRf
WDytj/NBrsPcsN12Y6u4qovNDi0MbFeprZvS8DR3aqx9MadvTrMOoahqpYKp9Cnp
jhfYdMun76PsMxyNdpjjmTDHboRrm0bYWZjKZkpjSVsXk48V9O2ri9LxLdRFJPTB
iEBNJXiw/wbfmJn+/I3oGe5Gz/zkBX1d2P8d+TO0euyWY8Ii
-----END CERTIFICATE-----