Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/50072E5743143975C51B47D9F3A728F2952D2260ADDD001F0CA6307875AD41C8/0/3230302e33352e3139312e302f32342d3234203d3e203237373432.roa
File:                     3230302e33352e3139312e302f32342d3234203d3e203237373432.roa (raw, json)
Hash identifier:          34QxkQuyDCZeci+NiT9k12lLTAoH9vGcdjMPoFmxkj4=
Subject key identifier:   BA:E1:5C:70:D1:62:8A:22:F0:78:FD:BD:1F:F0:2D:7E:D4:47:15:71
Certificate issuer:       /CN=4CC10087B32EE69A488F5AE8AFA2EE2F5061ADE0
Certificate serial:       2CA0DE96D8EA0CD764BB909CC9EED20CC55438D4
Authority key identifier: 4C:C1:00:87:B3:2E:E6:9A:48:8F:5A:E8:AF:A2:EE:2F:50:61:AD:E0
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/4CC10087B32EE69A488F5AE8AFA2EE2F5061ADE0.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/50072E5743143975C51B47D9F3A728F2952D2260ADDD001F0CA6307875AD41C8/0/3230302e33352e3139312e302f32342d3234203d3e203237373432.roa
Signing time:             Tue 04 Feb 2025 18:15:33 +0000
ROA not before:           Tue 04 Feb 2025 18:10:33 +0000
ROA not after:            Tue 03 Feb 2026 18:15:33 +0000
asID:                     27742
IP address blocks:        200.35.191.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2c:a0:de:96:d8:ea:0c:d7:64:bb:90:9c:c9:ee:d2:0c:c5:54:38:d4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4CC10087B32EE69A488F5AE8AFA2EE2F5061ADE0
        Validity
            Not Before: Feb  4 18:10:33 2025 GMT
            Not After : Feb  3 18:15:33 2026 GMT
        Subject: CN=BAE15C70D1628A22F078FDBD1FF02D7ED4471571
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:c5:bf:fc:28:16:35:ca:37:7a:d0:5d:07:74:
                    3b:88:c9:61:6a:0d:c9:3b:dd:dd:e9:dd:34:b9:90:
                    64:f4:35:53:1f:ef:99:ab:98:3a:4f:09:8a:4a:9c:
                    7d:21:dd:25:17:7b:fc:52:a7:8e:2e:9e:21:34:fc:
                    d9:a0:54:49:18:61:40:5f:b9:49:88:bc:65:e1:de:
                    9b:29:46:28:5a:59:a9:25:57:b9:ce:b4:05:9b:46:
                    7f:6c:9b:e7:a6:cd:54:a4:b7:ed:80:67:0f:ff:04:
                    52:db:6b:fa:b1:40:25:8d:d2:26:39:b9:44:83:c7:
                    ed:b8:eb:47:6f:fe:6b:70:a6:6b:ff:af:a3:bb:ec:
                    2e:05:b0:c1:4b:ec:27:3a:be:ca:b2:0f:60:2d:88:
                    19:7b:ea:39:22:14:8c:74:3e:41:7e:63:22:7d:a5:
                    f7:02:88:0a:55:ac:11:22:05:33:6e:c1:8f:e8:ef:
                    10:cb:00:5f:59:eb:a5:0c:38:19:9d:ad:41:05:67:
                    e0:25:8a:c8:4c:d4:aa:28:73:f9:b4:36:75:48:b2:
                    3c:cc:51:2b:e4:a9:50:ae:2c:db:20:3f:21:c1:14:
                    04:cb:57:33:62:77:66:27:c0:99:82:36:0f:40:40:
                    48:0c:c5:9f:ed:f1:d1:5a:1b:1e:9a:a4:16:83:23:
                    8c:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BA:E1:5C:70:D1:62:8A:22:F0:78:FD:BD:1F:F0:2D:7E:D4:47:15:71
            X509v3 Authority Key Identifier:
                keyid:4C:C1:00:87:B3:2E:E6:9A:48:8F:5A:E8:AF:A2:EE:2F:50:61:AD:E0

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/50072E5743143975C51B47D9F3A728F2952D2260ADDD001F0CA6307875AD41C8/0/4CC10087B32EE69A488F5AE8AFA2EE2F5061ADE0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/4CC10087B32EE69A488F5AE8AFA2EE2F5061ADE0.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/50072E5743143975C51B47D9F3A728F2952D2260ADDD001F0CA6307875AD41C8/0/3230302e33352e3139312e302f32342d3234203d3e203237373432.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.35.191.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8b:ed:7e:f7:e2:c0:aa:0a:56:af:1d:b2:3f:8f:e0:35:3f:d4:
         d4:86:03:c6:cd:7f:d8:17:88:3d:1f:a6:2b:71:58:ef:95:64:
         c3:ed:c0:fa:f4:de:46:23:79:9f:f2:3b:fe:96:e2:ab:09:93:
         28:92:98:53:bb:44:04:be:3b:05:cf:2c:6b:38:6d:a2:24:cf:
         00:8a:28:95:a8:57:79:80:82:b0:ae:31:ee:87:e0:7b:4d:1a:
         a3:2a:7a:f5:6a:b2:76:d8:f4:1c:2d:c0:eb:75:2f:45:2b:bc:
         80:3e:09:44:6d:93:dd:26:d1:77:44:ee:5f:aa:98:49:cb:36:
         ff:8b:62:76:2e:d3:89:db:b8:11:bd:2b:44:fa:23:1c:6a:d2:
         2b:a1:a9:c9:9b:c8:a0:f5:3d:4a:d5:58:63:11:bc:ff:59:92:
         76:ec:ea:13:97:61:a1:ce:d5:b3:cc:56:e4:b0:98:bf:d6:33:
         73:7d:8f:08:f4:73:e6:26:aa:a1:5e:48:d5:83:e8:b8:2b:25:
         88:5a:43:86:74:4c:6d:82:c6:79:3a:8a:72:ec:22:0f:64:d5:
         cb:86:19:00:05:7e:c5:f1:a8:4b:a9:80:05:0b:da:ae:f1:a0:
         56:f0:2f:e6:78:ff:d7:20:bf:34:b5:2b:07:79:d4:fe:97:65:
         e2:37:7f:c4
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIULKDeltjqDNdku5Ccye7SDMVUONQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNENDMTAwODdCMzJFRTY5QTQ4OEY1QUU4QUZBMkVFMkY1
MDYxQURFMDAeFw0yNTAyMDQxODEwMzNaFw0yNjAyMDMxODE1MzNaMDMxMTAvBgNV
BAMTKEJBRTE1QzcwRDE2MjhBMjJGMDc4RkRCRDFGRjAyRDdFRDQ0NzE1NzEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDAxb/8KBY1yjd60F0HdDuIyWFq
Dck73d3p3TS5kGT0NVMf75mrmDpPCYpKnH0h3SUXe/xSp44uniE0/NmgVEkYYUBf
uUmIvGXh3pspRihaWaklV7nOtAWbRn9sm+emzVSkt+2AZw//BFLba/qxQCWN0iY5
uUSDx+2460dv/mtwpmv/r6O77C4FsMFL7Cc6vsqyD2AtiBl76jkiFIx0PkF+YyJ9
pfcCiApVrBEiBTNuwY/o7xDLAF9Z66UMOBmdrUEFZ+AlishM1Kooc/m0NnVIsjzM
USvkqVCuLNsgPyHBFATLVzNid2YnwJmCNg9AQEgMxZ/t8dFaGx6apBaDI4wfAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUuuFccNFiiiLweP29H/AtftRHFXEwHwYDVR0j
BBgwFoAUTMEAh7Mu5ppIj1ror6LuL1BhreAwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy81MDA3MkU1NzQzMTQzOTc1QzUxQjQ3RDlGM0E3MjhGMjk1
MkQyMjYwQURERDAwMUYwQ0E2MzA3ODc1QUQ0MUM4LzAvNENDMTAwODdCMzJFRTY5
QTQ4OEY1QUU4QUZBMkVFMkY1MDYxQURFMC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC80Q0MxMDA4N0IzMkVFNjlBNDg4
RjVBRThBRkEyRUUyRjUwNjFBREUwLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNTAwNzJFNTc0MzE0Mzk3NUM1MUI0N0Q5RjNBNzI4RjI5NTJEMjI2MEFE
REQwMDFGMENBNjMwNzg3NUFENDFDOC8wLzMyMzAzMDJlMzMzNTJlMzEzOTMxMmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzNzM3MzQzMi5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMgjvzAN
BgkqhkiG9w0BAQsFAAOCAQEAi+1+9+LAqgpWrx2yP4/gNT/U1IYDxs1/2BeIPR+m
K3FY75Vkw+3A+vTeRiN5n/I7/pbiqwmTKJKYU7tEBL47Bc8sazhtoiTPAIoolahX
eYCCsK4x7ofge00aoyp69Wqydtj0HC3A63UvRSu8gD4JRG2T3SbRd0TuX6qYScs2
/4tidi7Tidu4Eb0rRPojHGrSK6GpyZvIoPU9StVYYxG8/1mSduzqE5dhoc7Vs8xW
5LCYv9Yzc32PCPRz5iaqoV5I1YPouCsliFpDhnRMbYLGeTqKcuwiD2TVy4YZAAV+
xfGoS6mABQvarvGgVvAv5nj/1yC/NLUrB3nU/pdl4jd/xA==
-----END CERTIFICATE-----