Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/64BE182DE4657F29B77D19D907210D65D5419A77C6402515C05340E28FDCE5C2/0/3230312e3232312e37322e302f32312d3234203d3e203237373839.roa
File:                     3230312e3232312e37322e302f32312d3234203d3e203237373839.roa (raw, json)
Hash identifier:          eQmsA9O7U4U9dZ0rblseJcJOj5fTdmkuZG2s4GTDiWk=
Subject key identifier:   13:DD:0A:D4:33:9B:55:8F:06:64:75:F8:93:99:C6:D4:A9:04:19:1D
Certificate issuer:       /CN=2E7374FD42831BDDB6286DA8B8A1D5DBADA59B26
Certificate serial:       59B9C32B7A9103D5EE491D266CF3DAB2005AE118
Authority key identifier: 2E:73:74:FD:42:83:1B:DD:B6:28:6D:A8:B8:A1:D5:DB:AD:A5:9B:26
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/2E7374FD42831BDDB6286DA8B8A1D5DBADA59B26.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/64BE182DE4657F29B77D19D907210D65D5419A77C6402515C05340E28FDCE5C2/0/3230312e3232312e37322e302f32312d3234203d3e203237373839.roa
Signing time:             Tue 04 Feb 2025 20:08:38 +0000
ROA not before:           Tue 04 Feb 2025 20:03:38 +0000
ROA not after:            Tue 03 Feb 2026 20:08:38 +0000
asID:                     27789
IP address blocks:        201.221.72.0/21 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            59:b9:c3:2b:7a:91:03:d5:ee:49:1d:26:6c:f3:da:b2:00:5a:e1:18
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2E7374FD42831BDDB6286DA8B8A1D5DBADA59B26
        Validity
            Not Before: Feb  4 20:03:38 2025 GMT
            Not After : Feb  3 20:08:38 2026 GMT
        Subject: CN=13DD0AD4339B558F066475F89399C6D4A904191D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:aa:6a:5b:ab:f7:cd:3f:1d:05:ba:9f:21:08:
                    0b:57:8a:9d:ca:af:d3:56:cd:29:3e:a8:1f:10:a2:
                    b3:15:d3:f6:26:5a:95:4d:d9:3a:34:dd:48:7f:26:
                    6b:9d:63:44:5b:c6:9f:66:d1:ea:10:9c:f7:5d:bf:
                    b0:4d:be:c6:47:43:dd:3a:70:30:10:a4:5e:39:5a:
                    44:c5:67:8f:46:48:a7:a8:41:3a:0e:f8:88:c4:fe:
                    19:3b:6b:b8:3b:8a:10:ea:d1:51:98:0e:75:68:80:
                    85:ad:bb:e6:5f:1e:21:f4:89:6b:7a:5c:53:c5:8b:
                    cc:c6:66:63:4c:5b:0a:bf:28:a1:d5:53:e6:71:e6:
                    d1:c9:55:de:e4:0c:cd:d7:ae:b3:6a:f9:07:f4:c9:
                    00:6e:3e:51:e8:35:1c:32:bf:8f:d1:03:4a:47:09:
                    f5:7d:b4:19:56:56:13:06:5f:0d:ae:2a:f4:c7:38:
                    a8:66:dd:e2:52:31:af:29:3c:29:47:2d:84:a6:c3:
                    14:5f:97:f4:64:c2:dc:09:6f:c0:38:a1:46:99:12:
                    6d:65:71:a5:ce:3e:df:2b:e1:5d:1d:30:06:4c:b2:
                    c2:38:1a:84:ed:ec:f7:94:ed:c4:a9:3e:27:29:5d:
                    58:ad:65:66:25:b5:1c:c4:6e:85:73:da:1e:3e:07:
                    33:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                13:DD:0A:D4:33:9B:55:8F:06:64:75:F8:93:99:C6:D4:A9:04:19:1D
            X509v3 Authority Key Identifier:
                keyid:2E:73:74:FD:42:83:1B:DD:B6:28:6D:A8:B8:A1:D5:DB:AD:A5:9B:26

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/64BE182DE4657F29B77D19D907210D65D5419A77C6402515C05340E28FDCE5C2/0/2E7374FD42831BDDB6286DA8B8A1D5DBADA59B26.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/2E7374FD42831BDDB6286DA8B8A1D5DBADA59B26.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/64BE182DE4657F29B77D19D907210D65D5419A77C6402515C05340E28FDCE5C2/0/3230312e3232312e37322e302f32312d3234203d3e203237373839.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  201.221.72.0/21

    Signature Algorithm: sha256WithRSAEncryption
         97:04:09:c5:15:88:f1:71:45:72:31:b2:e6:51:2c:56:c2:a1:
         03:a1:ae:88:5d:eb:a5:da:3f:57:e5:07:57:52:56:a4:f2:60:
         41:98:83:d1:c1:01:4a:26:dc:7a:fc:f7:37:3c:74:c3:e4:a7:
         55:0a:6c:6a:3b:21:e4:9c:43:34:fd:a0:6f:83:4b:2e:f1:a6:
         5f:7c:ea:b7:45:d5:be:d2:ff:80:4b:94:ef:bf:46:24:1b:a4:
         5d:05:fb:29:38:68:63:fd:27:66:fd:4b:7a:35:e7:79:b5:3a:
         97:fc:8a:6f:15:15:c6:ce:76:ad:d7:74:bc:6c:d7:93:4e:eb:
         5c:a6:16:1a:2c:26:37:02:f5:2a:23:63:74:f9:a6:89:fe:be:
         8d:5d:63:6b:64:db:6c:dd:6c:3c:55:5d:34:b5:24:a6:d2:df:
         76:1e:b1:5b:dc:d1:09:4e:2b:9b:d3:14:9b:d5:47:06:a4:2d:
         2d:1f:45:6b:8e:5b:ad:4f:5c:e3:f5:cf:c4:48:73:fd:da:ba:
         d4:b3:a3:67:9b:fd:a2:9a:09:7a:1b:07:39:2e:40:6e:ad:79:
         1d:39:09:08:11:94:a5:7e:84:a2:e5:6f:02:8c:d4:3a:38:fc:
         ee:7b:1d:e9:d0:04:c9:24:42:de:d5:22:03:6d:d0:e1:56:12:
         82:61:e4:12
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUWbnDK3qRA9XuSR0mbPPasgBa4RgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMkU3Mzc0RkQ0MjgzMUJEREI2Mjg2REE4QjhBMUQ1REJB
REE1OUIyNjAeFw0yNTAyMDQyMDAzMzhaFw0yNjAyMDMyMDA4MzhaMDMxMTAvBgNV
BAMTKDEzREQwQUQ0MzM5QjU1OEYwNjY0NzVGODkzOTlDNkQ0QTkwNDE5MUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCNqmpbq/fNPx0Fup8hCAtXip3K
r9NWzSk+qB8QorMV0/YmWpVN2To03Uh/JmudY0Rbxp9m0eoQnPddv7BNvsZHQ906
cDAQpF45WkTFZ49GSKeoQToO+IjE/hk7a7g7ihDq0VGYDnVogIWtu+ZfHiH0iWt6
XFPFi8zGZmNMWwq/KKHVU+Zx5tHJVd7kDM3XrrNq+Qf0yQBuPlHoNRwyv4/RA0pH
CfV9tBlWVhMGXw2uKvTHOKhm3eJSMa8pPClHLYSmwxRfl/RkwtwJb8A4oUaZEm1l
caXOPt8r4V0dMAZMssI4GoTt7PeU7cSpPicpXVitZWYltRzEboVz2h4+BzMzAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUE90K1DObVY8GZHX4k5nG1KkEGR0wHwYDVR0j
BBgwFoAULnN0/UKDG922KG2ouKHV262lmyYwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy82NEJFMTgyREU0NjU3RjI5Qjc3RDE5RDkwNzIxMEQ2NUQ1
NDE5QTc3QzY0MDI1MTVDMDUzNDBFMjhGRENFNUMyLzAvMkU3Mzc0RkQ0MjgzMUJE
REI2Mjg2REE4QjhBMUQ1REJBREE1OUIyNi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8yRTczNzRGRDQyODMxQkREQjYy
ODZEQThCOEExRDVEQkFEQTU5QjI2LmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNjRCRTE4MkRFNDY1N0YyOUI3N0QxOUQ5MDcyMTBENjVENTQxOUE3N0M2
NDAyNTE1QzA1MzQwRTI4RkRDRTVDMi8wLzMyMzAzMTJlMzIzMjMxMmUzNzMyMmUz
MDJmMzIzMTJkMzIzNDIwM2QzZTIwMzIzNzM3MzgzOS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA8ndSDAN
BgkqhkiG9w0BAQsFAAOCAQEAlwQJxRWI8XFFcjGy5lEsVsKhA6GuiF3rpdo/V+UH
V1JWpPJgQZiD0cEBSibcevz3Nzx0w+SnVQpsajsh5JxDNP2gb4NLLvGmX3zqt0XV
vtL/gEuU779GJBukXQX7KThoY/0nZv1LejXnebU6l/yKbxUVxs52rdd0vGzXk07r
XKYWGiwmNwL1KiNjdPmmif6+jV1ja2TbbN1sPFVdNLUkptLfdh6xW9zRCU4rm9MU
m9VHBqQtLR9Fa45brU9c4/XPxEhz/dq61LOjZ5v9opoJehsHOS5Abq15HTkJCBGU
pX6EouVvAozUOjj87nsd6dAEySRC3tUiA23Q4VYSgmHkEg==
-----END CERTIFICATE-----