Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/537F02F600231DC6310D94727E3E2B5B3D31D666E29F8A8417F77E64BA229314/0/3230302e332e3231362e302f32312d3234203d3e203237383133.roa
File:                     3230302e332e3231362e302f32312d3234203d3e203237383133.roa (raw, json)
Hash identifier:          lpk9PxRBlykGor1P5tWv+yazJVsfzL6wj9SSK/bKeko=
Subject key identifier:   57:B0:38:4B:C9:90:24:AE:42:AC:61:34:E0:9F:68:55:50:9C:79:86
Certificate issuer:       /CN=32ACF58772BC97B9F0D9462619DA1F27850FDDB1
Certificate serial:       085BD5F334FC5D93D29D94729AE16429CC6F95B3
Authority key identifier: 32:AC:F5:87:72:BC:97:B9:F0:D9:46:26:19:DA:1F:27:85:0F:DD:B1
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/32ACF58772BC97B9F0D9462619DA1F27850FDDB1.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/537F02F600231DC6310D94727E3E2B5B3D31D666E29F8A8417F77E64BA229314/0/3230302e332e3231362e302f32312d3234203d3e203237383133.roa
Signing time:             Tue 04 Feb 2025 20:04:21 +0000
ROA not before:           Tue 04 Feb 2025 19:59:21 +0000
ROA not after:            Tue 03 Feb 2026 20:04:21 +0000
asID:                     27813
IP address blocks:        200.3.216.0/21 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            08:5b:d5:f3:34:fc:5d:93:d2:9d:94:72:9a:e1:64:29:cc:6f:95:b3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=32ACF58772BC97B9F0D9462619DA1F27850FDDB1
        Validity
            Not Before: Feb  4 19:59:21 2025 GMT
            Not After : Feb  3 20:04:21 2026 GMT
        Subject: CN=57B0384BC99024AE42AC6134E09F6855509C7986
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:9b:d3:7f:2d:94:ac:90:d6:01:c6:f5:55:7e:
                    62:81:fe:eb:95:04:89:cb:22:d8:a5:cc:bb:e0:85:
                    d7:67:98:3e:e5:40:cc:52:d7:9c:31:a0:df:00:12:
                    8f:4e:80:e7:83:17:2a:f7:d7:37:40:85:16:e5:c3:
                    1d:96:52:fc:30:48:15:9e:10:ed:af:85:ff:73:aa:
                    3b:58:c3:1d:74:86:11:d7:a2:51:fc:64:ce:f1:80:
                    44:b2:6e:8a:1c:42:eb:50:12:8e:c4:58:6e:41:79:
                    8d:03:f0:01:cb:07:77:7c:e3:de:2d:e3:ba:19:d3:
                    58:7f:52:68:e1:a2:a3:33:f5:fd:ae:97:60:4b:bb:
                    78:25:63:ec:9e:93:5c:95:ae:d6:e3:a0:43:59:55:
                    e9:98:b1:a0:0a:b9:cd:9e:f4:df:83:ff:70:a3:3f:
                    f6:3a:b7:1d:be:93:b6:0b:ac:9f:d6:15:a9:da:63:
                    dc:42:b3:a7:ad:bd:fb:28:92:62:e4:7d:af:6f:ae:
                    dd:3b:01:d6:92:4f:0a:f1:88:b1:ae:4e:40:3d:df:
                    4d:06:db:5b:47:12:04:67:95:c4:3e:b0:17:43:6a:
                    cd:32:6d:cd:1c:e2:50:ba:af:0b:ba:92:82:5d:ca:
                    36:ca:b6:26:c8:a2:a7:c3:3e:af:ca:29:dd:79:68:
                    3e:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                57:B0:38:4B:C9:90:24:AE:42:AC:61:34:E0:9F:68:55:50:9C:79:86
            X509v3 Authority Key Identifier:
                keyid:32:AC:F5:87:72:BC:97:B9:F0:D9:46:26:19:DA:1F:27:85:0F:DD:B1

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/537F02F600231DC6310D94727E3E2B5B3D31D666E29F8A8417F77E64BA229314/0/32ACF58772BC97B9F0D9462619DA1F27850FDDB1.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/32ACF58772BC97B9F0D9462619DA1F27850FDDB1.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/537F02F600231DC6310D94727E3E2B5B3D31D666E29F8A8417F77E64BA229314/0/3230302e332e3231362e302f32312d3234203d3e203237383133.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.3.216.0/21

    Signature Algorithm: sha256WithRSAEncryption
         5c:2a:28:69:ea:63:f5:67:6d:75:05:9d:f5:af:aa:6c:1d:7c:
         1c:8e:31:bc:46:5f:f1:e2:8e:0a:0b:8c:1c:65:26:c9:ae:08:
         11:13:f2:cc:57:70:91:7b:47:ad:83:c9:d5:2a:ea:3d:76:b9:
         7a:05:e7:86:fe:34:11:30:74:4a:85:31:46:b4:a5:c8:f7:e4:
         1a:73:5b:d6:9c:fb:7c:2d:36:76:d0:53:4d:43:58:12:41:d1:
         f1:4a:b2:8f:85:20:0d:85:7e:fd:0a:bd:1e:dc:66:60:77:db:
         dd:bb:a7:e8:51:57:3b:3f:9b:c0:c4:09:ed:b0:68:d4:ec:14:
         fc:0a:5b:1c:2b:7a:cb:2e:7b:8c:16:e2:e9:9d:4c:b1:eb:e8:
         0a:86:64:98:fa:5b:c0:98:47:0c:ad:92:d7:40:9d:56:57:2e:
         cb:cd:5e:63:ee:ec:bc:28:c9:9e:ba:f6:f5:3e:ef:b5:48:ad:
         19:55:05:e9:9e:81:9e:d8:ce:5c:ce:51:78:a1:74:c4:6a:6e:
         79:2e:ad:d2:04:dc:40:12:c4:68:45:78:8b:b5:e3:c6:62:e8:
         06:95:ca:a0:07:1d:dd:ad:15:f8:0b:18:64:d6:70:c5:4e:4d:
         9c:4c:31:f8:92:34:6c:33:fb:14:87:78:fc:83:2c:94:e8:5e:
         3c:e1:9b:a8
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIUCFvV8zT8XZPSnZRymuFkKcxvlbMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzJBQ0Y1ODc3MkJDOTdCOUYwRDk0NjI2MTlEQTFGMjc4
NTBGRERCMTAeFw0yNTAyMDQxOTU5MjFaFw0yNjAyMDMyMDA0MjFaMDMxMTAvBgNV
BAMTKDU3QjAzODRCQzk5MDI0QUU0MkFDNjEzNEUwOUY2ODU1NTA5Qzc5ODYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCsm9N/LZSskNYBxvVVfmKB/uuV
BInLItilzLvghddnmD7lQMxS15wxoN8AEo9OgOeDFyr31zdAhRblwx2WUvwwSBWe
EO2vhf9zqjtYwx10hhHXolH8ZM7xgESyboocQutQEo7EWG5BeY0D8AHLB3d8494t
47oZ01h/UmjhoqMz9f2ul2BLu3glY+yek1yVrtbjoENZVemYsaAKuc2e9N+D/3Cj
P/Y6tx2+k7YLrJ/WFanaY9xCs6etvfsokmLkfa9vrt07AdaSTwrxiLGuTkA9300G
21tHEgRnlcQ+sBdDas0ybc0c4lC6rwu6koJdyjbKtibIoqfDPq/KKd15aD6HAgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQUV7A4S8mQJK5CrGE04J9oVVCceYYwHwYDVR0j
BBgwFoAUMqz1h3K8l7nw2UYmGdofJ4UP3bEwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy81MzdGMDJGNjAwMjMxREM2MzEwRDk0NzI3RTNFMkI1QjNE
MzFENjY2RTI5RjhBODQxN0Y3N0U2NEJBMjI5MzE0LzAvMzJBQ0Y1ODc3MkJDOTdC
OUYwRDk0NjI2MTlEQTFGMjc4NTBGRERCMS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8zMkFDRjU4NzcyQkM5N0I5RjBE
OTQ2MjYxOURBMUYyNzg1MEZEREIxLmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNTM3RjAyRjYwMDIzMURDNjMxMEQ5NDcyN0UzRTJCNUIzRDMxRDY2NkUy
OUY4QTg0MTdGNzdFNjRCQTIyOTMxNC8wLzMyMzAzMDJlMzMyZTMyMzEzNjJlMzAy
ZjMyMzEyZDMyMzQyMDNkM2UyMDMyMzczODMxMzMucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAPIA9gwDQYJ
KoZIhvcNAQELBQADggEBAFwqKGnqY/VnbXUFnfWvqmwdfByOMbxGX/HijgoLjBxl
JsmuCBET8sxXcJF7R62DydUq6j12uXoF54b+NBEwdEqFMUa0pcj35BpzW9ac+3wt
NnbQU01DWBJB0fFKso+FIA2Ffv0KvR7cZmB32927p+hRVzs/m8DECe2waNTsFPwK
Wxwressue4wW4umdTLHr6AqGZJj6W8CYRwytktdAnVZXLsvNXmPu7LwoyZ669vU+
77VIrRlVBemegZ7YzlzOUXihdMRqbnkurdIE3EASxGhFeIu148Zi6AaVyqAHHd2t
FfgLGGTWcMVOTZxMMfiSNGwz+xSHePyDLJToXjzhm6g=
-----END CERTIFICATE-----