Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/58F85986DA8CDF7ECB900C687ED2D78B60D557263C06CEF787BE89EE732DFA96/0/3230302e36332e3130342e302f32322d3234203d3e20323633323338.roa
File:                     3230302e36332e3130342e302f32322d3234203d3e20323633323338.roa (raw, json)
Hash identifier:          iYbQe8G6OMTes2VTce17xuNwTPvxdfgPnq8pMzna2QA=
Subject key identifier:   37:00:DC:8E:EB:64:1A:F0:0B:40:8B:73:2E:95:32:22:E6:18:14:45
Certificate issuer:       /CN=59733F5876DFD9F28DCAA69B8752B844D0C39173
Certificate serial:       2320EDEAC31A8C63E9146DF1ACD12956FB344D4A
Authority key identifier: 59:73:3F:58:76:DF:D9:F2:8D:CA:A6:9B:87:52:B8:44:D0:C3:91:73
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/59733F5876DFD9F28DCAA69B8752B844D0C39173.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/58F85986DA8CDF7ECB900C687ED2D78B60D557263C06CEF787BE89EE732DFA96/0/3230302e36332e3130342e302f32322d3234203d3e20323633323338.roa
Signing time:             Tue 04 Feb 2025 18:25:12 +0000
ROA not before:           Tue 04 Feb 2025 18:20:12 +0000
ROA not after:            Tue 03 Feb 2026 18:25:12 +0000
asID:                     263238
IP address blocks:        200.63.104.0/22 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            23:20:ed:ea:c3:1a:8c:63:e9:14:6d:f1:ac:d1:29:56:fb:34:4d:4a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=59733F5876DFD9F28DCAA69B8752B844D0C39173
        Validity
            Not Before: Feb  4 18:20:12 2025 GMT
            Not After : Feb  3 18:25:12 2026 GMT
        Subject: CN=3700DC8EEB641AF00B408B732E953222E6181445
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:6d:f7:08:5e:2f:bd:8b:c2:37:bf:36:f0:e9:
                    b5:a2:dd:b4:02:6c:76:01:9c:3e:2b:f4:ff:69:dc:
                    87:9c:fb:24:d3:cf:f6:32:b1:f0:ef:db:51:c7:af:
                    a9:e8:e8:7b:99:f2:f8:39:4a:6a:3f:d4:55:7b:57:
                    20:41:20:88:0e:a0:89:d7:61:0f:1d:bb:52:19:4f:
                    5e:c3:b1:b1:fd:43:5a:00:64:36:cf:15:e3:64:d2:
                    6d:5c:a8:db:87:7c:71:3c:0b:24:5a:a4:92:3d:43:
                    1d:2a:e8:92:b5:1f:ca:f8:fc:ec:54:7a:b3:a2:7f:
                    62:6c:a6:5c:b7:1e:9f:13:fd:6e:02:b7:f7:b6:44:
                    6e:49:dc:83:65:5d:a6:6e:7b:aa:9d:ed:99:3f:f4:
                    0f:4d:5d:83:07:38:80:35:77:c1:ec:8d:b0:13:93:
                    83:7c:7b:9a:f3:65:16:f2:53:5d:41:f3:eb:01:96:
                    b6:6f:50:b3:b7:5f:20:fd:4c:29:ed:59:f1:c5:b4:
                    6f:d1:c0:61:15:a5:4c:72:66:e2:d9:d2:2a:fe:82:
                    db:90:6b:d4:23:1f:a0:52:ae:0d:df:70:47:c2:87:
                    f1:67:2f:62:bb:5b:48:7d:58:68:72:8a:de:e9:25:
                    33:2a:7d:ed:af:9b:da:62:3f:95:93:4f:06:9f:6d:
                    24:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                37:00:DC:8E:EB:64:1A:F0:0B:40:8B:73:2E:95:32:22:E6:18:14:45
            X509v3 Authority Key Identifier:
                keyid:59:73:3F:58:76:DF:D9:F2:8D:CA:A6:9B:87:52:B8:44:D0:C3:91:73

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/58F85986DA8CDF7ECB900C687ED2D78B60D557263C06CEF787BE89EE732DFA96/0/59733F5876DFD9F28DCAA69B8752B844D0C39173.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/59733F5876DFD9F28DCAA69B8752B844D0C39173.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/58F85986DA8CDF7ECB900C687ED2D78B60D557263C06CEF787BE89EE732DFA96/0/3230302e36332e3130342e302f32322d3234203d3e20323633323338.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.63.104.0/22

    Signature Algorithm: sha256WithRSAEncryption
         92:f6:bc:aa:2b:01:00:d1:d6:9c:a6:91:93:c7:41:8a:da:22:
         c2:7c:e8:62:e4:3f:52:2d:e4:17:42:99:7a:4d:49:b4:ac:79:
         de:c6:ef:50:ab:21:f4:c1:83:8e:09:95:8e:93:ee:34:80:67:
         c7:4d:04:5c:06:6a:e3:7a:5a:6b:96:11:08:40:45:1c:ce:af:
         e1:69:93:0f:f6:19:28:78:eb:c3:54:1e:6e:16:b8:cf:3f:cc:
         6a:5b:92:3b:fb:ff:38:0a:a6:db:31:44:bc:48:b6:fb:cd:97:
         9e:d0:64:e8:12:8e:a4:ce:db:16:6f:a4:34:b6:2a:b0:9e:24:
         fe:ac:33:8f:7a:d4:b2:9e:98:d0:6d:b2:2a:c5:b0:41:22:b9:
         84:c0:25:c7:c8:35:79:81:f8:7e:44:9e:ae:18:96:52:70:d4:
         7e:7b:06:d8:59:d8:69:9e:98:16:84:c3:b9:33:3b:4c:6c:52:
         1f:e2:74:5c:e6:58:a4:db:0a:ec:2d:26:f6:cb:3d:84:f5:9d:
         da:14:05:31:fc:ab:26:3e:86:a8:cb:d9:0e:75:36:dd:91:bd:
         f3:4c:e7:70:26:2e:1b:5d:08:8c:4d:60:ad:8d:fe:1d:1d:c4:
         91:dc:30:a8:29:83:0e:84:8b:d6:fa:5b:a2:cb:f9:82:ad:f0:
         95:a4:43:3d
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUIyDt6sMajGPpFG3xrNEpVvs0TUowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNTk3MzNGNTg3NkRGRDlGMjhEQ0FBNjlCODc1MkI4NDRE
MEMzOTE3MzAeFw0yNTAyMDQxODIwMTJaFw0yNjAyMDMxODI1MTJaMDMxMTAvBgNV
BAMTKDM3MDBEQzhFRUI2NDFBRjAwQjQwOEI3MzJFOTUzMjIyRTYxODE0NDUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCibfcIXi+9i8I3vzbw6bWi3bQC
bHYBnD4r9P9p3Iec+yTTz/YysfDv21HHr6no6HuZ8vg5Smo/1FV7VyBBIIgOoInX
YQ8du1IZT17DsbH9Q1oAZDbPFeNk0m1cqNuHfHE8CyRapJI9Qx0q6JK1H8r4/OxU
erOif2Jsply3Hp8T/W4Ct/e2RG5J3INlXaZue6qd7Zk/9A9NXYMHOIA1d8HsjbAT
k4N8e5rzZRbyU11B8+sBlrZvULO3XyD9TCntWfHFtG/RwGEVpUxyZuLZ0ir+gtuQ
a9QjH6BSrg3fcEfCh/FnL2K7W0h9WGhyit7pJTMqfe2vm9piP5WTTwafbSTxAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUNwDcjutkGvALQItzLpUyIuYYFEUwHwYDVR0j
BBgwFoAUWXM/WHbf2fKNyqabh1K4RNDDkXMwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy81OEY4NTk4NkRBOENERjdFQ0I5MDBDNjg3RUQyRDc4QjYw
RDU1NzI2M0MwNkNFRjc4N0JFODlFRTczMkRGQTk2LzAvNTk3MzNGNTg3NkRGRDlG
MjhEQ0FBNjlCODc1MkI4NDREMEMzOTE3My5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC81OTczM0Y1ODc2REZEOUYyOERD
QUE2OUI4NzUyQjg0NEQwQzM5MTczLmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNThGODU5ODZEQThDREY3RUNCOTAwQzY4N0VEMkQ3OEI2MEQ1NTcyNjND
MDZDRUY3ODdCRTg5RUU3MzJERkE5Ni8wLzMyMzAzMDJlMzYzMzJlMzEzMDM0MmUz
MDJmMzIzMjJkMzIzNDIwM2QzZTIwMzIzNjMzMzIzMzM4LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCyD9o
MA0GCSqGSIb3DQEBCwUAA4IBAQCS9ryqKwEA0dacppGTx0GK2iLCfOhi5D9SLeQX
Qpl6TUm0rHnexu9QqyH0wYOOCZWOk+40gGfHTQRcBmrjelprlhEIQEUczq/haZMP
9hkoeOvDVB5uFrjPP8xqW5I7+/84CqbbMUS8SLb7zZee0GToEo6kztsWb6Q0tiqw
niT+rDOPetSynpjQbbIqxbBBIrmEwCXHyDV5gfh+RJ6uGJZScNR+ewbYWdhpnpgW
hMO5MztMbFIf4nRc5lik2wrsLSb2yz2E9Z3aFAUx/KsmPoaoy9kOdTbdkb3zTOdw
Ji4bXQiMTWCtjf4dHcSR3DCoKYMOhIvW+luiy/mCrfCVpEM9
-----END CERTIFICATE-----