Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/870C83D25E7FA67388832052309332085572C074B86F60E54C9F48F630BD5AA6/0/3230372e3234382e312e302f32342d3234203d3e203634313339.roa
File:                     3230372e3234382e312e302f32342d3234203d3e203634313339.roa (raw, json)
Hash identifier:          17aua5GuH/jXOK2fnL5GQLxBCjbC3i5irE8HkaHadcA=
Subject key identifier:   FB:68:B7:BC:2C:77:9E:1D:96:80:F2:E2:6A:13:06:49:EF:DC:84:3C
Certificate issuer:       /CN=367EAE467C8B549D5E6615661A70C865954F55EE
Certificate serial:       320501E1A5C7E5FBD3D0F3D97ECEBC6D3D59C7DB
Authority key identifier: 36:7E:AE:46:7C:8B:54:9D:5E:66:15:66:1A:70:C8:65:95:4F:55:EE
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/367EAE467C8B549D5E6615661A70C865954F55EE.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/870C83D25E7FA67388832052309332085572C074B86F60E54C9F48F630BD5AA6/0/3230372e3234382e312e302f32342d3234203d3e203634313339.roa
Signing time:             Tue 04 Feb 2025 20:01:52 +0000
ROA not before:           Tue 04 Feb 2025 19:56:52 +0000
ROA not after:            Tue 03 Feb 2026 20:01:52 +0000
asID:                     64139
IP address blocks:        207.248.1.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            32:05:01:e1:a5:c7:e5:fb:d3:d0:f3:d9:7e:ce:bc:6d:3d:59:c7:db
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=367EAE467C8B549D5E6615661A70C865954F55EE
        Validity
            Not Before: Feb  4 19:56:52 2025 GMT
            Not After : Feb  3 20:01:52 2026 GMT
        Subject: CN=FB68B7BC2C779E1D9680F2E26A130649EFDC843C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:64:71:36:9c:61:08:a7:9f:71:4d:16:38:80:
                    60:59:56:57:00:61:ef:46:f4:1c:4f:a2:04:42:91:
                    ce:15:95:bf:97:b1:67:1c:be:42:a6:37:f4:9c:09:
                    ec:39:56:32:f0:cf:01:1b:75:6d:64:d0:f8:d0:d4:
                    df:00:bd:c5:16:6c:7c:27:b8:9f:cb:be:64:7e:1e:
                    fc:19:34:a3:8b:84:e0:a8:02:6f:c2:4a:98:93:81:
                    99:81:2e:7b:c7:96:5f:9d:6d:bd:72:07:7b:94:62:
                    c5:8d:d6:72:60:43:67:23:5c:e3:86:c7:62:85:19:
                    1b:5f:9b:7e:6d:59:4b:e5:8d:24:0f:8b:de:5f:b2:
                    92:10:b9:53:dd:0f:cf:21:1f:85:11:fa:c3:ed:ee:
                    fa:be:34:5c:7f:29:0a:f4:77:36:b1:de:e8:19:27:
                    59:03:b0:d5:10:c5:b1:90:18:32:ce:b4:0f:34:63:
                    7c:82:60:ba:63:b3:d4:30:22:3b:3e:86:d6:7c:65:
                    dd:9c:7f:d5:c6:05:1f:5a:43:a0:0c:5f:57:c0:bf:
                    df:3f:d1:02:5b:0c:66:a9:9c:66:c4:ea:44:91:a2:
                    44:84:b7:3e:3e:90:82:b2:89:73:c8:19:60:e3:1c:
                    7d:73:e7:1a:f6:15:21:b5:9b:47:56:14:ab:75:6d:
                    fa:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FB:68:B7:BC:2C:77:9E:1D:96:80:F2:E2:6A:13:06:49:EF:DC:84:3C
            X509v3 Authority Key Identifier:
                keyid:36:7E:AE:46:7C:8B:54:9D:5E:66:15:66:1A:70:C8:65:95:4F:55:EE

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/870C83D25E7FA67388832052309332085572C074B86F60E54C9F48F630BD5AA6/0/367EAE467C8B549D5E6615661A70C865954F55EE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/367EAE467C8B549D5E6615661A70C865954F55EE.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/870C83D25E7FA67388832052309332085572C074B86F60E54C9F48F630BD5AA6/0/3230372e3234382e312e302f32342d3234203d3e203634313339.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  207.248.1.0/24

    Signature Algorithm: sha256WithRSAEncryption
         52:e6:fb:7a:f6:0b:f6:e1:b1:4a:0d:52:ff:7e:93:81:d1:b9:
         ce:1e:90:9e:58:6a:5c:9b:d6:aa:8f:88:bd:90:c1:6f:de:a1:
         e0:7b:a1:81:06:da:66:28:7a:14:de:3a:04:3b:5b:c2:57:39:
         7b:d2:c9:4d:90:1f:b6:29:04:17:e0:85:28:9c:bb:85:3f:71:
         e8:30:64:ae:30:0a:11:5c:f7:e0:89:83:0b:fc:79:3e:b9:04:
         3d:b6:2d:a2:63:75:29:ff:5c:dd:3a:c0:2d:87:c5:20:e1:3a:
         d0:00:6c:d4:3f:6e:fb:ed:6d:14:fc:8d:55:cb:55:2b:d8:07:
         ec:38:44:89:ab:26:11:e5:ad:d8:40:27:7b:2f:4f:36:33:22:
         b3:bc:97:1a:1b:24:52:55:31:53:21:75:f2:1d:e7:64:37:b6:
         3e:18:88:8b:b2:2f:10:70:32:07:a4:94:e4:bb:74:06:d4:df:
         14:8e:bc:01:74:cb:a8:3d:dc:f2:12:15:d4:da:9e:dc:d0:12:
         e8:38:00:44:14:1e:10:20:ec:2f:5f:69:41:1b:ef:80:19:da:
         67:1f:b7:38:51:c9:f0:05:f9:7a:ed:f0:03:f1:fe:93:3a:dc:
         58:94:31:02:9c:d0:fc:ee:f2:85:ba:17:12:1b:32:d6:08:d9:
         81:58:c4:a2
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIUMgUB4aXH5fvT0PPZfs68bT1Zx9swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzY3RUFFNDY3QzhCNTQ5RDVFNjYxNTY2MUE3MEM4NjU5
NTRGNTVFRTAeFw0yNTAyMDQxOTU2NTJaFw0yNjAyMDMyMDAxNTJaMDMxMTAvBgNV
BAMTKEZCNjhCN0JDMkM3NzlFMUQ5NjgwRjJFMjZBMTMwNjQ5RUZEQzg0M0MwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDYZHE2nGEIp59xTRY4gGBZVlcA
Ye9G9BxPogRCkc4Vlb+XsWccvkKmN/ScCew5VjLwzwEbdW1k0PjQ1N8AvcUWbHwn
uJ/LvmR+HvwZNKOLhOCoAm/CSpiTgZmBLnvHll+dbb1yB3uUYsWN1nJgQ2cjXOOG
x2KFGRtfm35tWUvljSQPi95fspIQuVPdD88hH4UR+sPt7vq+NFx/KQr0dzax3ugZ
J1kDsNUQxbGQGDLOtA80Y3yCYLpjs9QwIjs+htZ8Zd2cf9XGBR9aQ6AMX1fAv98/
0QJbDGapnGbE6kSRokSEtz4+kIKyiXPIGWDjHH1z5xr2FSG1m0dWFKt1bfqHAgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQU+2i3vCx3nh2WgPLiahMGSe/chDwwHwYDVR0j
BBgwFoAUNn6uRnyLVJ1eZhVmGnDIZZVPVe4wDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy84NzBDODNEMjVFN0ZBNjczODg4MzIwNTIzMDkzMzIwODU1
NzJDMDc0Qjg2RjYwRTU0QzlGNDhGNjMwQkQ1QUE2LzAvMzY3RUFFNDY3QzhCNTQ5
RDVFNjYxNTY2MUE3MEM4NjU5NTRGNTVFRS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8zNjdFQUU0NjdDOEI1NDlENUU2
NjE1NjYxQTcwQzg2NTk1NEY1NUVFLmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvODcwQzgzRDI1RTdGQTY3Mzg4ODMyMDUyMzA5MzMyMDg1NTcyQzA3NEI4
NkY2MEU1NEM5RjQ4RjYzMEJENUFBNi8wLzMyMzAzNzJlMzIzNDM4MmUzMTJlMzAy
ZjMyMzQyZDMyMzQyMDNkM2UyMDM2MzQzMTMzMzkucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADP+AEwDQYJ
KoZIhvcNAQELBQADggEBAFLm+3r2C/bhsUoNUv9+k4HRuc4ekJ5Yalyb1qqPiL2Q
wW/eoeB7oYEG2mYoehTeOgQ7W8JXOXvSyU2QH7YpBBfghSicu4U/cegwZK4wChFc
9+CJgwv8eT65BD22LaJjdSn/XN06wC2HxSDhOtAAbNQ/bvvtbRT8jVXLVSvYB+w4
RImrJhHlrdhAJ3svTzYzIrO8lxobJFJVMVMhdfId52Q3tj4YiIuyLxBwMgeklOS7
dAbU3xSOvAF0y6g93PISFdTantzQEug4AEQUHhAg7C9faUEb74AZ2mcftzhRyfAF
+Xrt8APx/pM63FiUMQKc0Pzu8oW6FxIbMtYI2YFYxKI=
-----END CERTIFICATE-----