Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/6B448B2F99F750DEE4FB3820BFDEEA5C070AC78AC1DDEAE4BA5B472B580DA264/0/3230312e3139302e3230382e302f32312d3234203d3e203238303735.roa
File:                     3230312e3139302e3230382e302f32312d3234203d3e203238303735.roa (raw, json)
Hash identifier:          MIarTVm4Pe+2p1sicGT9jbJ3RlJOGEnOsu8lMkjWS58=
Subject key identifier:   47:49:88:C5:EE:07:D8:A7:81:32:63:E2:08:E4:27:2B:65:B5:61:47
Certificate issuer:       /CN=CCC7DFB2C7C9FCF2F114061476ECB87B573A4E18
Certificate serial:       6B5B286CA6F8BE68FAE0EC98711F479480F913A8
Authority key identifier: CC:C7:DF:B2:C7:C9:FC:F2:F1:14:06:14:76:EC:B8:7B:57:3A:4E:18
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/CCC7DFB2C7C9FCF2F114061476ECB87B573A4E18.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/6B448B2F99F750DEE4FB3820BFDEEA5C070AC78AC1DDEAE4BA5B472B580DA264/0/3230312e3139302e3230382e302f32312d3234203d3e203238303735.roa
Signing time:             Tue 04 Feb 2025 19:59:02 +0000
ROA not before:           Tue 04 Feb 2025 19:54:02 +0000
ROA not after:            Tue 03 Feb 2026 19:59:02 +0000
asID:                     28075
IP address blocks:        201.190.208.0/21 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6b:5b:28:6c:a6:f8:be:68:fa:e0:ec:98:71:1f:47:94:80:f9:13:a8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=CCC7DFB2C7C9FCF2F114061476ECB87B573A4E18
        Validity
            Not Before: Feb  4 19:54:02 2025 GMT
            Not After : Feb  3 19:59:02 2026 GMT
        Subject: CN=474988C5EE07D8A7813263E208E4272B65B56147
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:7e:a3:97:6c:3d:03:97:b9:86:b7:fd:72:c4:
                    e1:f3:b3:8b:67:cb:03:4f:66:2b:b8:aa:3c:39:2a:
                    c7:61:1b:75:93:6a:84:eb:ed:52:e3:2f:d2:04:eb:
                    f4:92:17:0a:23:2f:87:80:b6:fd:6c:ee:e5:bb:28:
                    e1:da:ae:60:c3:4e:21:91:d1:71:9c:fc:d0:46:f7:
                    f1:dd:c4:90:46:df:65:5a:7e:ca:b3:e4:ed:f4:4b:
                    a9:7c:61:10:59:e4:19:8a:d0:4f:cb:bf:62:49:23:
                    5e:3f:e6:14:a2:08:32:4e:e1:ed:06:09:e9:6b:ee:
                    26:37:30:c0:51:51:b9:84:d9:f8:2f:5e:55:23:c2:
                    6b:df:39:37:7a:a4:7a:ff:63:4a:5b:2f:f2:4c:e8:
                    75:7d:c7:43:7e:df:c7:64:d2:30:9e:32:c1:98:19:
                    8e:80:33:a3:df:ea:d5:b4:8d:20:01:8a:1d:5e:30:
                    72:64:7e:ac:c6:0c:c4:e7:78:7d:15:ff:d7:28:10:
                    f1:41:82:15:ca:96:f1:52:46:5a:4c:0c:5f:35:08:
                    61:0b:c5:c5:b6:61:3b:f6:2e:50:85:d8:51:27:6f:
                    d0:72:5c:b2:26:ae:f5:89:4a:17:9c:fc:ac:7c:e2:
                    71:17:dd:70:36:5b:75:1f:20:8e:b7:45:f2:5b:2f:
                    2a:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                47:49:88:C5:EE:07:D8:A7:81:32:63:E2:08:E4:27:2B:65:B5:61:47
            X509v3 Authority Key Identifier:
                keyid:CC:C7:DF:B2:C7:C9:FC:F2:F1:14:06:14:76:EC:B8:7B:57:3A:4E:18

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/6B448B2F99F750DEE4FB3820BFDEEA5C070AC78AC1DDEAE4BA5B472B580DA264/0/CCC7DFB2C7C9FCF2F114061476ECB87B573A4E18.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/CCC7DFB2C7C9FCF2F114061476ECB87B573A4E18.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/6B448B2F99F750DEE4FB3820BFDEEA5C070AC78AC1DDEAE4BA5B472B580DA264/0/3230312e3139302e3230382e302f32312d3234203d3e203238303735.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  201.190.208.0/21

    Signature Algorithm: sha256WithRSAEncryption
         37:cc:8c:f2:f0:0a:36:ea:3e:c1:da:b1:1d:da:50:8e:9d:5a:
         b4:4d:96:5b:22:3b:e9:ca:4f:6c:df:8f:4b:b2:b1:cb:55:9a:
         4d:cc:c0:52:8d:07:ed:8e:a2:16:1c:8a:61:83:b6:f2:79:3a:
         10:8a:09:e4:b7:65:ba:76:6d:3e:19:12:f5:c6:8a:f5:d5:3a:
         b8:ed:af:d7:88:0d:03:0b:3f:d5:a6:63:69:7b:4b:c2:90:07:
         7b:93:de:cc:b9:d3:7b:a9:02:8b:66:d8:cb:0a:c8:5f:fa:19:
         34:b6:ad:48:61:6d:df:e4:a9:e1:34:26:36:0a:18:e7:d7:d1:
         9b:96:43:16:dd:67:ae:69:c0:b9:a2:a8:22:22:4a:fb:9f:a1:
         53:f7:f3:4b:e0:ab:85:92:ef:9b:0c:af:21:20:80:40:36:06:
         07:ae:86:d6:46:1c:5a:c3:a4:19:52:80:f0:41:bd:cd:4f:2e:
         db:76:24:ca:d9:ed:1f:2d:c0:74:09:b0:82:29:2a:c1:06:61:
         63:2a:53:d5:99:52:07:6b:40:5a:fd:94:08:61:73:8c:72:e3:
         4d:8e:b8:93:5d:98:7d:9b:00:bf:57:a1:6f:0d:60:e6:3c:ee:
         7c:0d:bf:1e:09:8e:60:a3:ac:16:a1:66:48:10:d6:ac:6e:a6:
         ee:bc:2a:88
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUa1sobKb4vmj64OyYcR9HlID5E6gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQ0NDN0RGQjJDN0M5RkNGMkYxMTQwNjE0NzZFQ0I4N0I1
NzNBNEUxODAeFw0yNTAyMDQxOTU0MDJaFw0yNjAyMDMxOTU5MDJaMDMxMTAvBgNV
BAMTKDQ3NDk4OEM1RUUwN0Q4QTc4MTMyNjNFMjA4RTQyNzJCNjVCNTYxNDcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDUfqOXbD0Dl7mGt/1yxOHzs4tn
ywNPZiu4qjw5KsdhG3WTaoTr7VLjL9IE6/SSFwojL4eAtv1s7uW7KOHarmDDTiGR
0XGc/NBG9/HdxJBG32Vafsqz5O30S6l8YRBZ5BmK0E/Lv2JJI14/5hSiCDJO4e0G
Celr7iY3MMBRUbmE2fgvXlUjwmvfOTd6pHr/Y0pbL/JM6HV9x0N+38dk0jCeMsGY
GY6AM6Pf6tW0jSABih1eMHJkfqzGDMTneH0V/9coEPFBghXKlvFSRlpMDF81CGEL
xcW2YTv2LlCF2FEnb9ByXLImrvWJShec/Kx84nEX3XA2W3UfII63RfJbLyr/AgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUR0mIxe4H2KeBMmPiCOQnK2W1YUcwHwYDVR0j
BBgwFoAUzMffssfJ/PLxFAYUduy4e1c6ThgwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy82QjQ0OEIyRjk5Rjc1MERFRTRGQjM4MjBCRkRFRUE1QzA3
MEFDNzhBQzFEREVBRTRCQTVCNDcyQjU4MERBMjY0LzAvQ0NDN0RGQjJDN0M5RkNG
MkYxMTQwNjE0NzZFQ0I4N0I1NzNBNEUxOC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9DQ0M3REZCMkM3QzlGQ0YyRjEx
NDA2MTQ3NkVDQjg3QjU3M0E0RTE4LmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNkI0NDhCMkY5OUY3NTBERUU0RkIzODIwQkZERUVBNUMwNzBBQzc4QUMx
RERFQUU0QkE1QjQ3MkI1ODBEQTI2NC8wLzMyMzAzMTJlMzEzOTMwMmUzMjMwMzgy
ZTMwMmYzMjMxMmQzMjM0MjAzZDNlMjAzMjM4MzAzNzM1LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDyb7Q
MA0GCSqGSIb3DQEBCwUAA4IBAQA3zIzy8Ao26j7B2rEd2lCOnVq0TZZbIjvpyk9s
349LsrHLVZpNzMBSjQftjqIWHIphg7byeToQignkt2W6dm0+GRL1xor11Tq47a/X
iA0DCz/VpmNpe0vCkAd7k97MudN7qQKLZtjLCshf+hk0tq1IYW3f5KnhNCY2Chjn
19GblkMW3WeuacC5oqgiIkr7n6FT9/NL4KuFku+bDK8hIIBANgYHrobWRhxaw6QZ
UoDwQb3NTy7bdiTK2e0fLcB0CbCCKSrBBmFjKlPVmVIHa0Ba/ZQIYXOMcuNNjriT
XZh9mwC/V6FvDWDmPO58Db8eCY5go6wWoWZIENasbqbuvCqI
-----END CERTIFICATE-----