Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/975F2EEDC3CDC8A47ECBC63AEED537E5CEA54C721A90E76254B29FF4DC3F7F23/0/3230302e35392e36302e302f32322d3234203d3e2037303439.roa
File:                     3230302e35392e36302e302f32322d3234203d3e2037303439.roa (raw, json)
Hash identifier:          xWZNkRyZh+netsale+7p1e91LwbVnvOL4TRcX8bOcY0=
Subject key identifier:   DE:11:A6:FF:E7:89:F5:87:A6:13:AC:68:AE:7E:82:63:FE:67:0F:C1
Certificate issuer:       /CN=A6ACAC8EFF6DF8432618C600B74CDC544FED94B7
Certificate serial:       7BBE5B66CD0D6013DF53F2D8221BB81D4FFE3579
Authority key identifier: A6:AC:AC:8E:FF:6D:F8:43:26:18:C6:00:B7:4C:DC:54:4F:ED:94:B7
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A6ACAC8EFF6DF8432618C600B74CDC544FED94B7.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/975F2EEDC3CDC8A47ECBC63AEED537E5CEA54C721A90E76254B29FF4DC3F7F23/0/3230302e35392e36302e302f32322d3234203d3e2037303439.roa
Signing time:             Tue 04 Feb 2025 18:53:24 +0000
ROA not before:           Tue 04 Feb 2025 18:48:24 +0000
ROA not after:            Tue 03 Feb 2026 18:53:24 +0000
asID:                     7049
IP address blocks:        200.59.60.0/22 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7b:be:5b:66:cd:0d:60:13:df:53:f2:d8:22:1b:b8:1d:4f:fe:35:79
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A6ACAC8EFF6DF8432618C600B74CDC544FED94B7
        Validity
            Not Before: Feb  4 18:48:24 2025 GMT
            Not After : Feb  3 18:53:24 2026 GMT
        Subject: CN=DE11A6FFE789F587A613AC68AE7E8263FE670FC1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f5:36:d5:94:06:d4:84:c3:26:64:ce:d0:4b:51:
                    27:48:ff:1d:76:ff:20:21:22:69:86:6e:3b:5c:d4:
                    66:23:8e:4e:31:f3:ab:c3:c9:19:ef:d8:8b:ca:dd:
                    c8:ab:56:9a:55:fe:8a:17:9d:eb:8e:6a:25:78:23:
                    f7:c7:43:0d:ce:b4:08:b9:c8:59:96:93:2e:05:b1:
                    33:9c:3f:28:88:7b:34:bd:de:56:a7:d1:4d:48:9c:
                    22:0e:6c:37:3f:a9:76:ed:62:f8:01:9f:1e:d4:3b:
                    7c:21:d9:f0:23:26:a7:16:f2:7d:a6:af:54:fb:8c:
                    ba:39:ac:3c:95:25:ba:75:55:a9:71:1e:7e:18:d5:
                    04:3f:0b:a4:27:f7:ae:e4:f9:3c:5f:7d:85:30:34:
                    5d:8c:43:b4:3c:0c:33:c8:f4:5a:cf:e5:13:0b:fc:
                    64:2f:35:c3:22:0f:d8:4c:15:60:ae:7e:6d:d3:9f:
                    c3:7f:be:d0:fa:93:7c:63:6f:e5:e5:c9:1d:31:49:
                    84:7e:bd:17:41:f2:35:96:db:e2:b4:47:58:40:ae:
                    03:93:92:aa:40:d6:06:f9:04:c7:74:3a:e4:59:8c:
                    5b:89:f6:8f:50:11:57:25:08:1e:21:7e:3f:0f:85:
                    23:4a:02:66:c8:64:08:ff:f6:3b:8b:22:ed:2d:20:
                    f4:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DE:11:A6:FF:E7:89:F5:87:A6:13:AC:68:AE:7E:82:63:FE:67:0F:C1
            X509v3 Authority Key Identifier:
                keyid:A6:AC:AC:8E:FF:6D:F8:43:26:18:C6:00:B7:4C:DC:54:4F:ED:94:B7

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/975F2EEDC3CDC8A47ECBC63AEED537E5CEA54C721A90E76254B29FF4DC3F7F23/0/A6ACAC8EFF6DF8432618C600B74CDC544FED94B7.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A6ACAC8EFF6DF8432618C600B74CDC544FED94B7.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/975F2EEDC3CDC8A47ECBC63AEED537E5CEA54C721A90E76254B29FF4DC3F7F23/0/3230302e35392e36302e302f32322d3234203d3e2037303439.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.59.60.0/22

    Signature Algorithm: sha256WithRSAEncryption
         7b:23:6e:b9:65:be:ca:f8:6a:5f:b9:34:76:f5:98:11:f7:1b:
         b2:90:81:e7:b6:2d:87:18:39:58:26:e6:d3:2c:59:b6:ad:5e:
         f4:4e:47:d8:bf:7c:fd:2b:1c:5d:57:8d:77:53:7b:d0:53:d5:
         ec:03:5d:86:d3:8f:10:cc:02:c0:d1:4a:16:f3:50:97:1f:05:
         d6:72:0a:74:ed:64:0e:bf:a4:8b:89:fb:d7:2d:6a:69:ed:5a:
         4a:09:97:16:2f:31:3e:c4:3e:4a:2b:83:b6:ad:6b:5d:87:65:
         06:81:76:46:48:a9:c4:8f:ce:59:db:b9:5a:a5:61:71:1d:41:
         c9:d7:17:db:9f:39:ee:97:2e:0a:da:8c:bb:6d:26:24:72:eb:
         ad:db:66:4d:9c:8b:72:08:34:f3:1e:7d:3e:83:00:51:02:91:
         b1:73:f1:25:c9:c1:78:44:4f:fd:82:8d:7c:e5:e3:cf:0c:f2:
         d1:5e:8e:e8:6e:c5:32:4c:66:cb:54:81:72:a7:41:33:41:da:
         0c:40:a8:c3:a5:83:c2:4e:02:0b:75:8a:24:e8:dd:e8:ca:10:
         8d:48:57:3f:9a:d2:64:f2:db:0b:57:1f:c5:f0:3b:13:b4:10:
         1d:9f:16:a4:9a:20:17:44:6f:2b:06:80:0d:99:51:d6:42:b9:
         44:bb:a2:af
-----BEGIN CERTIFICATE-----
MIIFujCCBKKgAwIBAgIUe75bZs0NYBPfU/LYIhu4HU/+NXkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTZBQ0FDOEVGRjZERjg0MzI2MThDNjAwQjc0Q0RDNTQ0
RkVEOTRCNzAeFw0yNTAyMDQxODQ4MjRaFw0yNjAyMDMxODUzMjRaMDMxMTAvBgNV
BAMTKERFMTFBNkZGRTc4OUY1ODdBNjEzQUM2OEFFN0U4MjYzRkU2NzBGQzEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD1NtWUBtSEwyZkztBLUSdI/x12
/yAhImmGbjtc1GYjjk4x86vDyRnv2IvK3cirVppV/ooXneuOaiV4I/fHQw3OtAi5
yFmWky4FsTOcPyiIezS93lan0U1InCIObDc/qXbtYvgBnx7UO3wh2fAjJqcW8n2m
r1T7jLo5rDyVJbp1ValxHn4Y1QQ/C6Qn967k+TxffYUwNF2MQ7Q8DDPI9FrP5RML
/GQvNcMiD9hMFWCufm3Tn8N/vtD6k3xjb+XlyR0xSYR+vRdB8jWW2+K0R1hArgOT
kqpA1gb5BMd0OuRZjFuJ9o9QEVclCB4hfj8PhSNKAmbIZAj/9juLIu0tIPSdAgMB
AAGjggLEMIICwDAdBgNVHQ4EFgQU3hGm/+eJ9YemE6xorn6CY/5nD8EwHwYDVR0j
BBgwFoAUpqysjv9t+EMmGMYAt0zcVE/tlLcwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy85NzVGMkVFREMzQ0RDOEE0N0VDQkM2M0FFRUQ1MzdFNUNF
QTU0QzcyMUE5MEU3NjI1NEIyOUZGNERDM0Y3RjIzLzAvQTZBQ0FDOEVGRjZERjg0
MzI2MThDNjAwQjc0Q0RDNTQ0RkVEOTRCNy5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9BNkFDQUM4RUZGNkRGODQzMjYx
OEM2MDBCNzRDREM1NDRGRUQ5NEI3LmNlcjCBwwYIKwYBBQUHAQsEgbYwgbMwgbAG
CCsGAQUFBzALhoGjcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvOTc1RjJFRURDM0NEQzhBNDdFQ0JDNjNBRUVENTM3RTVDRUE1NEM3MjFB
OTBFNzYyNTRCMjlGRjREQzNGN0YyMy8wLzMyMzAzMDJlMzUzOTJlMzYzMDJlMzAy
ZjMyMzIyZDMyMzQyMDNkM2UyMDM3MzAzNDM5LnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCyDs8MA0GCSqG
SIb3DQEBCwUAA4IBAQB7I265Zb7K+GpfuTR29ZgR9xuykIHnti2HGDlYJubTLFm2
rV70TkfYv3z9KxxdV413U3vQU9XsA12G048QzALA0UoW81CXHwXWcgp07WQOv6SL
ifvXLWpp7VpKCZcWLzE+xD5KK4O2rWtdh2UGgXZGSKnEj85Z27lapWFxHUHJ1xfb
nznuly4K2oy7bSYkcuut22ZNnItyCDTzHn0+gwBRApGxc/ElycF4RE/9go185ePP
DPLRXo7obsUyTGbLVIFyp0EzQdoMQKjDpYPCTgILdYok6N3oyhCNSFc/mtJk8tsL
Vx/F8DsTtBAdnxakmiAXRG8rBoANmVHWQrlEu6Kv
-----END CERTIFICATE-----