Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/5AC33D4AC844439D945F2FA9F7BB78F06468E22C8BF5834A568CC00049AC3A7B/0/3230302e31302e36302e302f32332d3234203d3e203238303031.roa
File:                     3230302e31302e36302e302f32332d3234203d3e203238303031.roa (raw, json)
Hash identifier:          3f3qRR0CEzRICOr3+l87X9I4ATlpSVqPqjEhKtley9I=
Subject key identifier:   2C:CF:36:98:2A:AE:F9:24:77:B7:F1:59:4C:82:ED:F8:BF:8B:59:84
Certificate issuer:       /CN=1F56B9011AE8C9ADDD96803DECE1D1F9306D81DE
Certificate serial:       5FE8CB1D39000B2F11BF589957BED518DBDBB7B6
Authority key identifier: 1F:56:B9:01:1A:E8:C9:AD:DD:96:80:3D:EC:E1:D1:F9:30:6D:81:DE
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/1F56B9011AE8C9ADDD96803DECE1D1F9306D81DE.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/5AC33D4AC844439D945F2FA9F7BB78F06468E22C8BF5834A568CC00049AC3A7B/0/3230302e31302e36302e302f32332d3234203d3e203238303031.roa
Signing time:             Tue 04 Feb 2025 18:19:37 +0000
ROA not before:           Tue 04 Feb 2025 18:14:37 +0000
ROA not after:            Tue 03 Feb 2026 18:19:37 +0000
asID:                     28001
IP address blocks:        200.10.60.0/23 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5f:e8:cb:1d:39:00:0b:2f:11:bf:58:99:57:be:d5:18:db:db:b7:b6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1F56B9011AE8C9ADDD96803DECE1D1F9306D81DE
        Validity
            Not Before: Feb  4 18:14:37 2025 GMT
            Not After : Feb  3 18:19:37 2026 GMT
        Subject: CN=2CCF36982AAEF92477B7F1594C82EDF8BF8B5984
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:88:48:a6:9f:5c:20:bb:78:a8:fe:9c:22:81:
                    77:5f:5e:a9:05:4c:8d:43:be:28:af:74:f9:38:7a:
                    3c:a9:a9:63:22:ab:26:a5:46:20:e0:a4:69:c1:08:
                    bf:ba:81:f7:df:17:e7:fe:ea:3d:53:86:92:c4:d2:
                    ef:fd:59:1b:c9:f5:59:6d:6b:b3:b1:c6:68:9e:c1:
                    79:48:f4:ac:57:c4:ae:ef:e2:94:31:26:3b:ac:c6:
                    ea:bb:e4:26:34:3a:ae:8a:be:f2:ef:df:31:1c:d0:
                    32:2d:bf:e7:71:c3:e9:d4:d9:03:69:b3:0b:ae:f2:
                    98:5c:50:47:20:a9:f6:cb:ff:e3:d8:9d:15:ba:29:
                    98:c6:b2:81:ab:00:38:23:35:cc:dd:85:17:16:a4:
                    7f:77:2e:db:5e:9e:95:2a:53:e7:ac:aa:d2:26:ff:
                    b5:70:01:d5:80:cb:0c:0e:89:ec:e5:06:c0:1d:f9:
                    c3:32:26:ef:36:e9:41:10:9f:5e:43:83:da:ad:24:
                    8e:72:1d:c5:73:e2:73:8c:1e:c5:f2:54:dc:50:4a:
                    eb:1c:36:73:c5:02:86:bf:a5:0d:b5:48:4a:8a:a7:
                    a8:52:fc:03:24:bb:c3:be:a0:96:cc:81:5a:3f:2c:
                    42:19:47:1f:01:6a:a8:87:d6:1c:ff:1f:d1:36:5f:
                    f6:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2C:CF:36:98:2A:AE:F9:24:77:B7:F1:59:4C:82:ED:F8:BF:8B:59:84
            X509v3 Authority Key Identifier:
                keyid:1F:56:B9:01:1A:E8:C9:AD:DD:96:80:3D:EC:E1:D1:F9:30:6D:81:DE

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/5AC33D4AC844439D945F2FA9F7BB78F06468E22C8BF5834A568CC00049AC3A7B/0/1F56B9011AE8C9ADDD96803DECE1D1F9306D81DE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/1F56B9011AE8C9ADDD96803DECE1D1F9306D81DE.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/5AC33D4AC844439D945F2FA9F7BB78F06468E22C8BF5834A568CC00049AC3A7B/0/3230302e31302e36302e302f32332d3234203d3e203238303031.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.10.60.0/23

    Signature Algorithm: sha256WithRSAEncryption
         37:2f:c1:71:96:30:7b:dd:74:cc:bb:33:24:2a:85:6c:4d:8a:
         23:93:71:60:69:1d:36:99:d3:4d:f4:fe:fb:d2:0f:e1:68:b4:
         d8:2a:be:73:de:07:d3:16:fa:e6:f7:01:6f:2b:bc:96:e5:c2:
         3f:65:cb:3b:41:b2:37:29:2a:80:48:3b:18:05:72:4b:10:63:
         6b:be:28:44:66:2b:a1:23:89:a0:be:cf:92:3a:27:fb:07:48:
         48:b6:4d:ae:ba:7d:32:32:00:db:62:ac:97:fc:0f:2e:22:d1:
         2f:02:74:29:ff:1b:5d:97:26:85:c2:7e:36:ee:1d:09:c3:74:
         2d:ae:32:de:96:46:9c:e4:85:39:b0:cf:6a:14:71:2e:30:f1:
         60:16:c5:c4:9f:c4:56:5e:1d:3c:ca:0b:12:e5:e9:73:af:04:
         a2:ca:fb:66:c1:ed:fe:f9:5c:69:d5:21:ed:37:7c:85:4c:61:
         71:35:dc:92:19:59:42:c3:4e:c1:57:a5:21:d8:38:bf:10:51:
         fd:e6:3c:27:38:29:a3:1f:d0:0c:2a:34:ad:66:9e:17:9f:00:
         f8:66:2c:ac:a0:37:45:e4:e7:55:2b:c4:09:31:07:c7:80:11:
         8a:07:f3:d2:cd:21:c7:f2:35:d6:62:bb:c7:4f:79:bb:0c:4b:
         da:b0:1a:59
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIUX+jLHTkACy8Rv1iZV77VGNvbt7YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMUY1NkI5MDExQUU4QzlBREREOTY4MDNERUNFMUQxRjkz
MDZEODFERTAeFw0yNTAyMDQxODE0MzdaFw0yNjAyMDMxODE5MzdaMDMxMTAvBgNV
BAMTKDJDQ0YzNjk4MkFBRUY5MjQ3N0I3RjE1OTRDODJFREY4QkY4QjU5ODQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCNiEimn1wgu3io/pwigXdfXqkF
TI1DviivdPk4ejypqWMiqyalRiDgpGnBCL+6gfffF+f+6j1ThpLE0u/9WRvJ9Vlt
a7OxxmiewXlI9KxXxK7v4pQxJjusxuq75CY0Oq6KvvLv3zEc0DItv+dxw+nU2QNp
swuu8phcUEcgqfbL/+PYnRW6KZjGsoGrADgjNczdhRcWpH93LttenpUqU+esqtIm
/7VwAdWAywwOiezlBsAd+cMyJu826UEQn15Dg9qtJI5yHcVz4nOMHsXyVNxQSusc
NnPFAoa/pQ21SEqKp6hS/AMku8O+oJbMgVo/LEIZRx8BaqiH1hz/H9E2X/Y/AgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQULM82mCqu+SR3t/FZTILt+L+LWYQwHwYDVR0j
BBgwFoAUH1a5ARroya3dloA97OHR+TBtgd4wDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy81QUMzM0Q0QUM4NDQ0MzlEOTQ1RjJGQTlGN0JCNzhGMDY0
NjhFMjJDOEJGNTgzNEE1NjhDQzAwMDQ5QUMzQTdCLzAvMUY1NkI5MDExQUU4QzlB
REREOTY4MDNERUNFMUQxRjkzMDZEODFERS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8xRjU2QjkwMTFBRThDOUFEREQ5
NjgwM0RFQ0UxRDFGOTMwNkQ4MURFLmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNUFDMzNENEFDODQ0NDM5RDk0NUYyRkE5RjdCQjc4RjA2NDY4RTIyQzhC
RjU4MzRBNTY4Q0MwMDA0OUFDM0E3Qi8wLzMyMzAzMDJlMzEzMDJlMzYzMDJlMzAy
ZjMyMzMyZDMyMzQyMDNkM2UyMDMyMzgzMDMwMzEucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAHICjwwDQYJ
KoZIhvcNAQELBQADggEBADcvwXGWMHvddMy7MyQqhWxNiiOTcWBpHTaZ0030/vvS
D+FotNgqvnPeB9MW+ub3AW8rvJblwj9lyztBsjcpKoBIOxgFcksQY2u+KERmK6Ej
iaC+z5I6J/sHSEi2Ta66fTIyANtirJf8Dy4i0S8CdCn/G12XJoXCfjbuHQnDdC2u
Mt6WRpzkhTmwz2oUcS4w8WAWxcSfxFZeHTzKCxLl6XOvBKLK+2bB7f75XGnVIe03
fIVMYXE13JIZWULDTsFXpSHYOL8QUf3mPCc4KaMf0AwqNK1mnhefAPhmLKygN0Xk
51UrxAkxB8eAEYoH89LNIcfyNdZiu8dPebsMS9qwGlk=
-----END CERTIFICATE-----