Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/4D55C2C01B222783517E8A474C06CBA263251E58BFF147F361D42B68D689671A/0/3230302e32362e3233362e302f32322d3234203d3e20323636373439.roa
File:                     3230302e32362e3233362e302f32322d3234203d3e20323636373439.roa (raw, json)
Hash identifier:          YnZJEbTq+VyvgS4+KZxQSae9vCKpg4vpSfVqCZAs4xY=
Subject key identifier:   AF:2C:65:3A:79:FF:A7:C4:D5:C5:39:30:1A:FA:D2:93:50:C5:65:56
Certificate issuer:       /CN=096E1E9E3FD723EA1CD1C1986AE9A6C345ACDC35
Certificate serial:       5E01DE98DCF353A261F3D3F5A51E3BBD6AAFCB40
Authority key identifier: 09:6E:1E:9E:3F:D7:23:EA:1C:D1:C1:98:6A:E9:A6:C3:45:AC:DC:35
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/096E1E9E3FD723EA1CD1C1986AE9A6C345ACDC35.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/4D55C2C01B222783517E8A474C06CBA263251E58BFF147F361D42B68D689671A/0/3230302e32362e3233362e302f32322d3234203d3e20323636373439.roa
Signing time:             Tue 04 Feb 2025 19:58:03 +0000
ROA not before:           Tue 04 Feb 2025 19:53:03 +0000
ROA not after:            Tue 03 Feb 2026 19:58:03 +0000
asID:                     266749
IP address blocks:        200.26.236.0/22 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5e:01:de:98:dc:f3:53:a2:61:f3:d3:f5:a5:1e:3b:bd:6a:af:cb:40
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=096E1E9E3FD723EA1CD1C1986AE9A6C345ACDC35
        Validity
            Not Before: Feb  4 19:53:03 2025 GMT
            Not After : Feb  3 19:58:03 2026 GMT
        Subject: CN=AF2C653A79FFA7C4D5C539301AFAD29350C56556
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:2d:a3:40:01:5f:1c:66:d9:9c:c6:c4:2a:19:
                    80:95:4b:91:48:ef:36:29:61:64:b0:48:3b:c0:46:
                    5b:6e:c3:bd:27:38:29:a9:1a:6a:b1:df:7d:dc:be:
                    3d:3e:9a:9c:f8:45:24:97:fb:20:1d:64:80:d8:05:
                    10:ac:fc:21:64:25:18:a8:c5:ad:e1:70:60:ea:56:
                    ad:85:d4:23:b8:56:0d:39:5c:b0:a9:90:c6:f7:87:
                    d7:b5:58:f1:67:3d:42:a2:6a:e5:ab:6c:24:b9:0d:
                    2d:1b:09:48:6f:56:8d:91:da:cd:43:96:f8:0c:8c:
                    e2:2f:ab:12:0b:57:bc:89:fc:46:4a:ec:e5:ef:7c:
                    ea:d8:5d:1f:28:65:14:a5:dc:5f:60:1e:87:4f:59:
                    71:b1:99:5e:0a:07:8d:5d:c9:7f:fb:12:d6:fb:d4:
                    cf:72:d3:99:e0:f8:b8:4f:bf:5b:28:03:49:8a:cc:
                    64:ff:ca:e2:32:6c:6e:12:d8:e8:54:29:95:52:b0:
                    73:7b:cd:8e:dd:47:88:04:37:8f:35:26:ec:8e:8c:
                    ba:3e:14:b5:de:9b:88:24:ba:e0:8d:9f:fc:b2:fd:
                    ab:36:cf:52:eb:98:fe:13:c7:38:f2:b3:e6:13:ef:
                    57:1f:59:a0:27:42:0d:6e:6b:08:33:30:4c:ec:1b:
                    17:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AF:2C:65:3A:79:FF:A7:C4:D5:C5:39:30:1A:FA:D2:93:50:C5:65:56
            X509v3 Authority Key Identifier:
                keyid:09:6E:1E:9E:3F:D7:23:EA:1C:D1:C1:98:6A:E9:A6:C3:45:AC:DC:35

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/4D55C2C01B222783517E8A474C06CBA263251E58BFF147F361D42B68D689671A/0/096E1E9E3FD723EA1CD1C1986AE9A6C345ACDC35.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/096E1E9E3FD723EA1CD1C1986AE9A6C345ACDC35.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/4D55C2C01B222783517E8A474C06CBA263251E58BFF147F361D42B68D689671A/0/3230302e32362e3233362e302f32322d3234203d3e20323636373439.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.26.236.0/22

    Signature Algorithm: sha256WithRSAEncryption
         4c:7c:2d:b2:2c:60:6b:96:c7:48:0a:a8:0f:a1:51:ae:f8:83:
         0d:04:f9:f6:79:af:ee:13:ac:ad:7c:19:7d:37:e4:35:5d:60:
         72:3c:8e:a6:c1:fa:83:df:d2:ec:d4:18:e7:1d:21:bf:b4:49:
         25:cc:d9:ff:b0:b7:34:f0:11:40:26:44:40:c5:ba:a4:60:fc:
         65:31:b1:12:5c:5c:9a:f3:08:e1:14:a7:ee:c3:1f:87:2b:9d:
         b5:ce:46:96:9c:61:0c:16:9d:fe:55:68:e0:d2:32:c6:18:ca:
         7d:e3:76:aa:c0:59:59:b1:2b:84:37:18:8c:0e:95:31:7d:f6:
         31:49:7c:9d:fc:cf:d8:c8:02:21:9d:34:fe:fd:96:5b:ae:50:
         9e:b0:a4:ce:91:0e:36:23:e2:36:d3:44:bf:96:b5:30:65:ff:
         31:fa:25:f9:c7:d3:00:93:95:30:82:86:9c:9e:07:bd:b1:86:
         81:86:4e:95:e8:43:9d:f5:4c:60:f5:8b:7b:62:17:f6:58:54:
         20:10:4a:e9:37:f8:c6:60:3f:e9:d3:ed:7f:70:b0:27:38:06:
         e0:b0:96:e0:28:b6:86:09:28:b2:d4:6c:68:1a:23:52:06:0c:
         2c:65:d9:eb:f3:2a:a1:8a:40:e9:3d:57:49:60:6c:82:b4:c4:
         2f:09:e7:bd
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUXgHemNzzU6Jh89P1pR47vWqvy0AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk2RTFFOUUzRkQ3MjNFQTFDRDFDMTk4NkFFOUE2QzM0
NUFDREMzNTAeFw0yNTAyMDQxOTUzMDNaFw0yNjAyMDMxOTU4MDNaMDMxMTAvBgNV
BAMTKEFGMkM2NTNBNzlGRkE3QzRENUM1MzkzMDFBRkFEMjkzNTBDNTY1NTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDVLaNAAV8cZtmcxsQqGYCVS5FI
7zYpYWSwSDvARltuw70nOCmpGmqx333cvj0+mpz4RSSX+yAdZIDYBRCs/CFkJRio
xa3hcGDqVq2F1CO4Vg05XLCpkMb3h9e1WPFnPUKiauWrbCS5DS0bCUhvVo2R2s1D
lvgMjOIvqxILV7yJ/EZK7OXvfOrYXR8oZRSl3F9gHodPWXGxmV4KB41dyX/7Etb7
1M9y05ng+LhPv1soA0mKzGT/yuIybG4S2OhUKZVSsHN7zY7dR4gEN481JuyOjLo+
FLXem4gkuuCNn/yy/as2z1LrmP4Txzjys+YT71cfWaAnQg1uawgzMEzsGxf1AgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUryxlOnn/p8TVxTkwGvrSk1DFZVYwHwYDVR0j
BBgwFoAUCW4enj/XI+oc0cGYaummw0Ws3DUwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy80RDU1QzJDMDFCMjIyNzgzNTE3RThBNDc0QzA2Q0JBMjYz
MjUxRTU4QkZGMTQ3RjM2MUQ0MkI2OEQ2ODk2NzFBLzAvMDk2RTFFOUUzRkQ3MjNF
QTFDRDFDMTk4NkFFOUE2QzM0NUFDREMzNS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8wOTZFMUU5RTNGRDcyM0VBMUNE
MUMxOTg2QUU5QTZDMzQ1QUNEQzM1LmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNEQ1NUMyQzAxQjIyMjc4MzUxN0U4QTQ3NEMwNkNCQTI2MzI1MUU1OEJG
RjE0N0YzNjFENDJCNjhENjg5NjcxQS8wLzMyMzAzMDJlMzIzNjJlMzIzMzM2MmUz
MDJmMzIzMjJkMzIzNDIwM2QzZTIwMzIzNjM2MzczNDM5LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCyBrs
MA0GCSqGSIb3DQEBCwUAA4IBAQBMfC2yLGBrlsdICqgPoVGu+IMNBPn2ea/uE6yt
fBl9N+Q1XWByPI6mwfqD39Ls1BjnHSG/tEklzNn/sLc08BFAJkRAxbqkYPxlMbES
XFya8wjhFKfuwx+HK521zkaWnGEMFp3+VWjg0jLGGMp943aqwFlZsSuENxiMDpUx
ffYxSXyd/M/YyAIhnTT+/ZZbrlCesKTOkQ42I+I200S/lrUwZf8x+iX5x9MAk5Uw
goacnge9sYaBhk6V6EOd9Uxg9Yt7Yhf2WFQgEErpN/jGYD/p0+1/cLAnOAbgsJbg
KLaGCSiy1GxoGiNSBgwsZdnr8yqhikDpPVdJYGyCtMQvCee9
-----END CERTIFICATE-----