Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/975F2EEDC3CDC8A47ECBC63AEED537E5CEA54C721A90E76254B29FF4DC3F7F23/0/3230302e35392e3139322e302f32302d3234203d3e203136373332.roa
File:                     3230302e35392e3139322e302f32302d3234203d3e203136373332.roa (raw, json)
Hash identifier:          QugRwsmjRyyAE2xzv800kuXndGGFjeTdpjGhnkvVjo0=
Subject key identifier:   BE:17:1C:C0:AC:E6:61:DB:2B:8F:ED:2D:DD:65:E5:41:E1:B5:8C:D8
Certificate issuer:       /CN=A6ACAC8EFF6DF8432618C600B74CDC544FED94B7
Certificate serial:       39B85D037856288614D9523EFC279EC2DED76EA5
Authority key identifier: A6:AC:AC:8E:FF:6D:F8:43:26:18:C6:00:B7:4C:DC:54:4F:ED:94:B7
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A6ACAC8EFF6DF8432618C600B74CDC544FED94B7.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/975F2EEDC3CDC8A47ECBC63AEED537E5CEA54C721A90E76254B29FF4DC3F7F23/0/3230302e35392e3139322e302f32302d3234203d3e203136373332.roa
Signing time:             Tue 04 Feb 2025 18:53:27 +0000
ROA not before:           Tue 04 Feb 2025 18:48:27 +0000
ROA not after:            Tue 03 Feb 2026 18:53:27 +0000
asID:                     16732
IP address blocks:        200.59.192.0/20 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            39:b8:5d:03:78:56:28:86:14:d9:52:3e:fc:27:9e:c2:de:d7:6e:a5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A6ACAC8EFF6DF8432618C600B74CDC544FED94B7
        Validity
            Not Before: Feb  4 18:48:27 2025 GMT
            Not After : Feb  3 18:53:27 2026 GMT
        Subject: CN=BE171CC0ACE661DB2B8FED2DDD65E541E1B58CD8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:87:15:a8:a2:f4:22:73:15:4d:33:21:da:51:
                    e3:80:04:7c:e3:c3:04:84:1c:40:08:5f:38:7c:bc:
                    b7:0b:e5:82:9e:33:05:85:98:7e:72:8a:09:0e:55:
                    9a:c9:eb:22:42:57:69:cc:9d:d2:b6:5d:f2:32:3a:
                    1f:59:11:23:2e:12:cd:dd:f0:d8:00:94:38:e5:4b:
                    72:26:5d:3d:75:b7:67:61:9e:c7:be:b1:a2:72:3e:
                    d0:94:5a:5a:b8:7b:ee:3c:6d:58:cf:46:91:12:e0:
                    7c:50:de:37:12:f4:c6:33:cd:5d:2f:38:db:e1:fb:
                    df:de:d4:4e:12:a2:e9:6f:8a:76:80:d4:05:04:b6:
                    4d:57:f6:89:96:c2:a6:27:bf:10:16:96:0b:6f:95:
                    54:cd:2c:7f:b9:fc:c7:4d:0f:67:37:33:76:4a:5d:
                    05:8d:bb:9b:e9:93:ce:51:76:b0:10:38:4c:84:24:
                    19:35:ab:3b:72:16:9c:02:72:86:4d:b7:fa:52:53:
                    63:27:21:f0:15:a2:9e:ee:d4:27:ed:40:c7:8e:68:
                    52:cc:69:35:1a:03:c3:84:ee:d9:e4:75:26:e9:c7:
                    06:05:6a:af:90:76:a8:f7:76:c9:6d:7c:b6:64:0f:
                    b2:aa:88:7c:5c:34:16:75:28:1b:a5:5a:99:ee:8e:
                    42:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BE:17:1C:C0:AC:E6:61:DB:2B:8F:ED:2D:DD:65:E5:41:E1:B5:8C:D8
            X509v3 Authority Key Identifier:
                keyid:A6:AC:AC:8E:FF:6D:F8:43:26:18:C6:00:B7:4C:DC:54:4F:ED:94:B7

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/975F2EEDC3CDC8A47ECBC63AEED537E5CEA54C721A90E76254B29FF4DC3F7F23/0/A6ACAC8EFF6DF8432618C600B74CDC544FED94B7.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A6ACAC8EFF6DF8432618C600B74CDC544FED94B7.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/975F2EEDC3CDC8A47ECBC63AEED537E5CEA54C721A90E76254B29FF4DC3F7F23/0/3230302e35392e3139322e302f32302d3234203d3e203136373332.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.59.192.0/20

    Signature Algorithm: sha256WithRSAEncryption
         10:db:fd:4e:ac:f0:9a:bb:65:6b:ca:59:a7:52:12:8e:7c:f3:
         91:9a:2a:a6:f0:45:4d:13:83:a8:94:b0:ac:a0:cb:34:7b:fe:
         92:e4:5a:eb:41:99:8e:2a:a4:e7:7a:6e:81:08:44:67:32:29:
         0a:a1:21:d6:78:4e:03:eb:ea:c1:06:76:fb:dd:98:e5:ad:76:
         a7:ae:17:c3:5b:30:fd:12:ed:7b:f7:62:3d:cc:12:f8:64:31:
         41:16:11:17:7a:85:d5:97:7b:95:29:df:67:a3:20:b8:60:12:
         42:91:cd:da:bf:9c:49:32:6c:3a:61:ac:4c:ea:f6:d4:58:11:
         37:b4:00:de:ef:ea:cb:36:fc:07:1e:ba:e5:c6:75:c9:1f:24:
         86:1a:22:9e:74:e9:73:62:6b:f7:77:1b:6b:33:b0:16:17:7d:
         5f:b3:22:5e:6f:71:57:09:21:10:9a:3d:dc:3d:83:35:a7:2b:
         0a:1f:c0:d8:39:25:b6:c4:b7:34:7f:e0:a9:08:03:70:66:97:
         11:7e:ca:8f:69:3b:b3:5d:a9:c4:74:43:01:12:3c:7f:69:5c:
         e1:01:94:a8:d5:16:38:ff:66:fd:5d:e7:c0:c8:4e:2a:c4:9d:
         35:8b:4c:6c:50:6c:2a:8d:a3:f3:e7:05:2f:f2:fe:0f:d4:87:
         60:b7:48:4a
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUObhdA3hWKIYU2VI+/Ceewt7XbqUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTZBQ0FDOEVGRjZERjg0MzI2MThDNjAwQjc0Q0RDNTQ0
RkVEOTRCNzAeFw0yNTAyMDQxODQ4MjdaFw0yNjAyMDMxODUzMjdaMDMxMTAvBgNV
BAMTKEJFMTcxQ0MwQUNFNjYxREIyQjhGRUQyRERENjVFNTQxRTFCNThDRDgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDShxWoovQicxVNMyHaUeOABHzj
wwSEHEAIXzh8vLcL5YKeMwWFmH5yigkOVZrJ6yJCV2nMndK2XfIyOh9ZESMuEs3d
8NgAlDjlS3ImXT11t2dhnse+saJyPtCUWlq4e+48bVjPRpES4HxQ3jcS9MYzzV0v
ONvh+9/e1E4SoulvinaA1AUEtk1X9omWwqYnvxAWlgtvlVTNLH+5/MdND2c3M3ZK
XQWNu5vpk85RdrAQOEyEJBk1qztyFpwCcoZNt/pSU2MnIfAVop7u1CftQMeOaFLM
aTUaA8OE7tnkdSbpxwYFaq+Qdqj3dsltfLZkD7KqiHxcNBZ1KBulWpnujkJDAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUvhccwKzmYdsrj+0t3WXlQeG1jNgwHwYDVR0j
BBgwFoAUpqysjv9t+EMmGMYAt0zcVE/tlLcwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy85NzVGMkVFREMzQ0RDOEE0N0VDQkM2M0FFRUQ1MzdFNUNF
QTU0QzcyMUE5MEU3NjI1NEIyOUZGNERDM0Y3RjIzLzAvQTZBQ0FDOEVGRjZERjg0
MzI2MThDNjAwQjc0Q0RDNTQ0RkVEOTRCNy5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9BNkFDQUM4RUZGNkRGODQzMjYx
OEM2MDBCNzRDREM1NDRGRUQ5NEI3LmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvOTc1RjJFRURDM0NEQzhBNDdFQ0JDNjNBRUVENTM3RTVDRUE1NEM3MjFB
OTBFNzYyNTRCMjlGRjREQzNGN0YyMy8wLzMyMzAzMDJlMzUzOTJlMzEzOTMyMmUz
MDJmMzIzMDJkMzIzNDIwM2QzZTIwMzEzNjM3MzMzMi5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBMg7wDAN
BgkqhkiG9w0BAQsFAAOCAQEAENv9Tqzwmrtla8pZp1ISjnzzkZoqpvBFTRODqJSw
rKDLNHv+kuRa60GZjiqk53pugQhEZzIpCqEh1nhOA+vqwQZ2+92Y5a12p64Xw1sw
/RLte/diPcwS+GQxQRYRF3qF1Zd7lSnfZ6MguGASQpHN2r+cSTJsOmGsTOr21FgR
N7QA3u/qyzb8Bx665cZ1yR8khhoinnTpc2Jr93cbazOwFhd9X7MiXm9xVwkhEJo9
3D2DNacrCh/A2DkltsS3NH/gqQgDcGaXEX7Kj2k7s12pxHRDARI8f2lc4QGUqNUW
OP9m/V3nwMhOKsSdNYtMbFBsKo2j8+cFL/L+D9SHYLdISg==
-----END CERTIFICATE-----