Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/870C83D25E7FA67388832052309332085572C074B86F60E54C9F48F630BD5AA6/0/3230372e3234382e322e302f32332d3234203d3e203634313339.roa
File:                     3230372e3234382e322e302f32332d3234203d3e203634313339.roa (raw, json)
Hash identifier:          MjJg6JnZsQU4ICvkolMjs/IpuTbN3c6lSv5ExkNJwoQ=
Subject key identifier:   E7:3D:6A:46:19:19:18:F4:66:2E:04:BA:E3:E2:BB:0F:07:47:30:46
Certificate issuer:       /CN=367EAE467C8B549D5E6615661A70C865954F55EE
Certificate serial:       48197D25222EE6498DA01DCDCCF83BB955459CD4
Authority key identifier: 36:7E:AE:46:7C:8B:54:9D:5E:66:15:66:1A:70:C8:65:95:4F:55:EE
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/367EAE467C8B549D5E6615661A70C865954F55EE.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/870C83D25E7FA67388832052309332085572C074B86F60E54C9F48F630BD5AA6/0/3230372e3234382e322e302f32332d3234203d3e203634313339.roa
Signing time:             Tue 04 Feb 2025 20:01:53 +0000
ROA not before:           Tue 04 Feb 2025 19:56:53 +0000
ROA not after:            Tue 03 Feb 2026 20:01:53 +0000
asID:                     64139
IP address blocks:        207.248.2.0/23 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            48:19:7d:25:22:2e:e6:49:8d:a0:1d:cd:cc:f8:3b:b9:55:45:9c:d4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=367EAE467C8B549D5E6615661A70C865954F55EE
        Validity
            Not Before: Feb  4 19:56:53 2025 GMT
            Not After : Feb  3 20:01:53 2026 GMT
        Subject: CN=E73D6A46191918F4662E04BAE3E2BB0F07473046
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:db:1a:ca:79:95:4c:af:33:a5:b8:ed:9c:b8:
                    49:12:ff:d1:b8:9b:5e:90:cf:ac:5f:f7:67:b1:57:
                    33:11:5d:5b:d4:40:91:ea:d3:d9:49:e3:08:7e:09:
                    ee:1c:1b:cc:20:7c:22:21:1c:6a:9a:c5:05:80:7a:
                    5d:98:fa:38:2b:f6:9c:49:62:f8:48:ed:a5:ec:88:
                    99:28:29:cc:53:e4:7d:13:04:a4:14:ab:07:f1:d4:
                    36:c6:7f:1b:cf:cf:98:d0:83:fa:b0:68:58:f7:ec:
                    c7:47:40:66:3d:f7:f9:f5:1b:f0:80:b3:88:c9:2f:
                    bc:56:ff:0b:20:94:95:0c:d4:64:74:00:aa:fc:46:
                    b2:0c:e0:e3:9c:a9:97:6b:f9:32:9b:2f:3a:99:de:
                    1f:8b:79:7e:9f:f0:f3:8b:7c:70:c5:bd:ab:92:f3:
                    c3:37:ec:ec:0c:64:3e:06:4b:f0:c0:91:fd:6d:97:
                    bb:92:96:2b:ef:d9:16:41:46:f5:de:d7:65:4a:88:
                    b4:65:6f:72:93:b4:b0:2e:6d:59:d1:9a:a8:85:c4:
                    f3:61:41:e3:ec:d5:b9:b6:d0:f9:89:42:49:73:72:
                    75:18:fe:66:87:f4:39:e5:7c:65:9a:37:f8:09:66:
                    56:27:a6:7a:73:39:c7:61:34:87:c1:d7:de:27:f1:
                    17:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E7:3D:6A:46:19:19:18:F4:66:2E:04:BA:E3:E2:BB:0F:07:47:30:46
            X509v3 Authority Key Identifier:
                keyid:36:7E:AE:46:7C:8B:54:9D:5E:66:15:66:1A:70:C8:65:95:4F:55:EE

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/870C83D25E7FA67388832052309332085572C074B86F60E54C9F48F630BD5AA6/0/367EAE467C8B549D5E6615661A70C865954F55EE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/367EAE467C8B549D5E6615661A70C865954F55EE.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/870C83D25E7FA67388832052309332085572C074B86F60E54C9F48F630BD5AA6/0/3230372e3234382e322e302f32332d3234203d3e203634313339.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  207.248.2.0/23

    Signature Algorithm: sha256WithRSAEncryption
         05:66:50:b0:87:21:99:47:fb:8d:8a:d2:7d:da:9d:9e:ac:60:
         44:04:1b:54:8b:d2:3e:2c:0d:cc:92:5b:cb:1f:fa:07:ad:3a:
         43:93:58:cb:82:4f:b6:62:f0:f0:e5:09:d7:72:77:f3:27:3b:
         29:35:e1:82:57:23:56:d0:77:10:af:fe:de:e1:99:cc:7e:fa:
         28:1d:b9:cc:8c:d1:7f:d5:63:7c:c7:72:d9:72:74:d4:49:96:
         d7:53:5f:3e:52:78:b2:2c:8e:87:ac:90:68:6a:16:be:11:1e:
         5a:2c:4e:84:c0:d6:ec:77:ca:20:8d:7f:c9:2f:ca:39:41:12:
         1a:84:ac:cf:5a:74:a4:61:3c:16:30:8a:47:9c:19:97:d2:4e:
         7e:5f:97:11:b1:f2:44:b2:ad:3f:ac:93:0f:c8:32:43:83:5e:
         5e:18:83:7f:98:37:b7:0c:ba:cf:8a:3e:ed:6c:e1:c6:55:60:
         9c:04:db:f8:5c:6f:7b:99:82:b0:54:7b:c8:3d:74:23:ce:70:
         c1:e5:d3:a7:63:cb:b1:49:63:ce:70:d0:58:d1:bd:69:14:4e:
         fc:19:3e:6f:48:43:96:00:51:c3:bd:80:f0:c3:0f:7e:f8:5d:
         17:19:fc:b9:89:fa:a1:a9:df:87:ea:44:25:57:a3:4e:b6:da:
         78:54:bd:73
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIUSBl9JSIu5kmNoB3NzPg7uVVFnNQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzY3RUFFNDY3QzhCNTQ5RDVFNjYxNTY2MUE3MEM4NjU5
NTRGNTVFRTAeFw0yNTAyMDQxOTU2NTNaFw0yNjAyMDMyMDAxNTNaMDMxMTAvBgNV
BAMTKEU3M0Q2QTQ2MTkxOTE4RjQ2NjJFMDRCQUUzRTJCQjBGMDc0NzMwNDYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDF2xrKeZVMrzOluO2cuEkS/9G4
m16Qz6xf92exVzMRXVvUQJHq09lJ4wh+Ce4cG8wgfCIhHGqaxQWAel2Y+jgr9pxJ
YvhI7aXsiJkoKcxT5H0TBKQUqwfx1DbGfxvPz5jQg/qwaFj37MdHQGY99/n1G/CA
s4jJL7xW/wsglJUM1GR0AKr8RrIM4OOcqZdr+TKbLzqZ3h+LeX6f8POLfHDFvauS
88M37OwMZD4GS/DAkf1tl7uSlivv2RZBRvXe12VKiLRlb3KTtLAubVnRmqiFxPNh
QePs1bm20PmJQklzcnUY/maH9DnlfGWaN/gJZlYnpnpzOcdhNIfB194n8RdlAgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQU5z1qRhkZGPRmLgS64+K7DwdHMEYwHwYDVR0j
BBgwFoAUNn6uRnyLVJ1eZhVmGnDIZZVPVe4wDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy84NzBDODNEMjVFN0ZBNjczODg4MzIwNTIzMDkzMzIwODU1
NzJDMDc0Qjg2RjYwRTU0QzlGNDhGNjMwQkQ1QUE2LzAvMzY3RUFFNDY3QzhCNTQ5
RDVFNjYxNTY2MUE3MEM4NjU5NTRGNTVFRS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8zNjdFQUU0NjdDOEI1NDlENUU2
NjE1NjYxQTcwQzg2NTk1NEY1NUVFLmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvODcwQzgzRDI1RTdGQTY3Mzg4ODMyMDUyMzA5MzMyMDg1NTcyQzA3NEI4
NkY2MEU1NEM5RjQ4RjYzMEJENUFBNi8wLzMyMzAzNzJlMzIzNDM4MmUzMjJlMzAy
ZjMyMzMyZDMyMzQyMDNkM2UyMDM2MzQzMTMzMzkucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAHP+AIwDQYJ
KoZIhvcNAQELBQADggEBAAVmULCHIZlH+42K0n3anZ6sYEQEG1SL0j4sDcySW8sf
+getOkOTWMuCT7Zi8PDlCddyd/MnOyk14YJXI1bQdxCv/t7hmcx++igducyM0X/V
Y3zHctlydNRJltdTXz5SeLIsjoeskGhqFr4RHlosToTA1ux3yiCNf8kvyjlBEhqE
rM9adKRhPBYwikecGZfSTn5flxGx8kSyrT+skw/IMkODXl4Yg3+YN7cMus+KPu1s
4cZVYJwE2/hcb3uZgrBUe8g9dCPOcMHl06djy7FJY85w0FjRvWkUTvwZPm9IQ5YA
UcO9gPDDD374XRcZ/LmJ+qGp34fqRCVXo0622nhUvXM=
-----END CERTIFICATE-----