Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/9EE9AB12A7E927ADB9CFE5EC8BA2FC014BAC9C22556AFE8653C2BC6A496C15EF/0/3230302e3131342e39362e302f32312d3234203d3e203238303830.roa
File:                     3230302e3131342e39362e302f32312d3234203d3e203238303830.roa (raw, json)
Hash identifier:          m2PToqtkXKCNNDPX65lkZjaBOXxjCP+OI11Z1OTvhCo=
Subject key identifier:   30:B9:C0:8C:05:B2:E5:2D:96:B2:90:E4:95:5C:59:E5:6B:58:80:5C
Certificate issuer:       /CN=2905F3DD739DE8F57BFF83877ECBC631E7B12A02
Certificate serial:       0D2D0D4EA6F669BC333050E8904DF6F2207D46DD
Authority key identifier: 29:05:F3:DD:73:9D:E8:F5:7B:FF:83:87:7E:CB:C6:31:E7:B1:2A:02
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/2905F3DD739DE8F57BFF83877ECBC631E7B12A02.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/9EE9AB12A7E927ADB9CFE5EC8BA2FC014BAC9C22556AFE8653C2BC6A496C15EF/0/3230302e3131342e39362e302f32312d3234203d3e203238303830.roa
Signing time:             Tue 04 Feb 2025 18:48:17 +0000
ROA not before:           Tue 04 Feb 2025 18:43:17 +0000
ROA not after:            Tue 03 Feb 2026 18:48:17 +0000
asID:                     28080
IP address blocks:        200.114.96.0/21 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0d:2d:0d:4e:a6:f6:69:bc:33:30:50:e8:90:4d:f6:f2:20:7d:46:dd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2905F3DD739DE8F57BFF83877ECBC631E7B12A02
        Validity
            Not Before: Feb  4 18:43:17 2025 GMT
            Not After : Feb  3 18:48:17 2026 GMT
        Subject: CN=30B9C08C05B2E52D96B290E4955C59E56B58805C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f1:05:26:89:bc:4a:49:1a:24:16:c9:0b:1b:3b:
                    18:e1:95:a5:2e:99:3f:ca:d7:a4:f2:87:73:67:28:
                    14:44:93:93:91:37:3b:d3:0c:4d:ac:2d:d1:97:2a:
                    34:fb:71:ef:d6:45:9b:48:1a:7c:cd:53:67:de:67:
                    bc:e4:fd:aa:d3:73:74:14:b7:b6:33:17:43:57:7f:
                    29:c9:d3:ad:80:41:e7:6a:82:b7:9e:97:57:0f:01:
                    33:4f:28:d1:0e:59:f0:ad:28:e1:e8:52:d3:3b:6f:
                    b0:a6:85:b2:a6:30:ad:9e:a6:2c:9e:aa:b2:1c:59:
                    d5:7f:46:47:07:77:97:c3:02:58:8d:bf:6e:a9:82:
                    d3:b7:82:ca:97:e4:0d:ad:fa:48:75:40:79:33:91:
                    5a:d0:da:db:be:d6:a7:37:66:52:8e:da:77:d1:4c:
                    0d:90:c5:33:97:49:dd:8d:71:e7:4d:31:cd:0b:23:
                    03:18:61:5f:20:cc:01:65:42:e7:85:6c:fa:3a:c5:
                    9c:3e:ee:60:27:a0:e4:76:c0:61:b6:ab:e5:47:c5:
                    2a:83:b8:9c:b1:a7:c4:7d:2e:c5:89:1a:05:b0:9d:
                    14:06:ee:27:b2:f7:de:d9:ed:ec:45:80:92:ad:79:
                    b3:dd:e9:af:be:20:99:80:3e:11:f9:d2:81:5b:2b:
                    63:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                30:B9:C0:8C:05:B2:E5:2D:96:B2:90:E4:95:5C:59:E5:6B:58:80:5C
            X509v3 Authority Key Identifier:
                keyid:29:05:F3:DD:73:9D:E8:F5:7B:FF:83:87:7E:CB:C6:31:E7:B1:2A:02

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/9EE9AB12A7E927ADB9CFE5EC8BA2FC014BAC9C22556AFE8653C2BC6A496C15EF/0/2905F3DD739DE8F57BFF83877ECBC631E7B12A02.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/2905F3DD739DE8F57BFF83877ECBC631E7B12A02.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/9EE9AB12A7E927ADB9CFE5EC8BA2FC014BAC9C22556AFE8653C2BC6A496C15EF/0/3230302e3131342e39362e302f32312d3234203d3e203238303830.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.114.96.0/21

    Signature Algorithm: sha256WithRSAEncryption
         6b:9d:45:67:31:13:be:f4:41:95:78:41:19:7a:17:9d:02:8c:
         bf:94:f3:4e:2e:b9:c6:87:2d:aa:3f:53:6a:59:4a:ca:14:e8:
         c3:98:ec:0c:35:98:70:a9:a5:ae:30:37:93:cb:5d:df:be:19:
         80:5b:f3:db:87:c5:a9:8e:bc:8f:49:10:95:cc:0c:35:32:65:
         e4:76:76:b8:43:cc:8c:a6:ff:eb:20:fb:7d:74:20:7b:b0:ed:
         59:e3:31:03:d1:48:77:bd:ca:48:3f:db:04:61:b5:af:fd:25:
         9d:c6:29:34:bc:64:bb:91:b8:30:95:4a:0b:58:f2:5b:ec:82:
         e0:95:21:f2:c1:56:36:94:df:ee:8f:78:19:46:e6:c3:5b:df:
         fa:ae:ba:91:10:1c:ab:6e:fd:74:e9:d0:ed:3b:6f:bd:8d:95:
         18:52:a0:c8:e2:08:f3:51:03:4e:9a:61:a3:91:3a:09:22:31:
         22:64:db:97:10:df:5c:b2:84:2a:12:00:80:81:9b:9e:ad:2e:
         5e:96:2f:14:8c:cc:8d:f4:d5:02:49:7b:fa:58:aa:41:f7:c2:
         c9:8e:9d:db:1f:b9:52:ba:55:6b:19:a6:6e:cc:c8:c8:c6:54:
         97:f1:44:10:93:66:48:b2:93:9e:58:89:76:9e:98:25:99:04:
         d7:a7:c2:32
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUDS0NTqb2abwzMFDokE328iB9Rt0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjkwNUYzREQ3MzlERThGNTdCRkY4Mzg3N0VDQkM2MzFF
N0IxMkEwMjAeFw0yNTAyMDQxODQzMTdaFw0yNjAyMDMxODQ4MTdaMDMxMTAvBgNV
BAMTKDMwQjlDMDhDMDVCMkU1MkQ5NkIyOTBFNDk1NUM1OUU1NkI1ODgwNUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDxBSaJvEpJGiQWyQsbOxjhlaUu
mT/K16Tyh3NnKBREk5ORNzvTDE2sLdGXKjT7ce/WRZtIGnzNU2feZ7zk/arTc3QU
t7YzF0NXfynJ062AQedqgreel1cPATNPKNEOWfCtKOHoUtM7b7CmhbKmMK2epiye
qrIcWdV/RkcHd5fDAliNv26pgtO3gsqX5A2t+kh1QHkzkVrQ2tu+1qc3ZlKO2nfR
TA2QxTOXSd2NcedNMc0LIwMYYV8gzAFlQueFbPo6xZw+7mAnoOR2wGG2q+VHxSqD
uJyxp8R9LsWJGgWwnRQG7iey997Z7exFgJKtebPd6a++IJmAPhH50oFbK2PtAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUMLnAjAWy5S2WspDklVxZ5WtYgFwwHwYDVR0j
BBgwFoAUKQXz3XOd6PV7/4OHfsvGMeexKgIwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy85RUU5QUIxMkE3RTkyN0FEQjlDRkU1RUM4QkEyRkMwMTRC
QUM5QzIyNTU2QUZFODY1M0MyQkM2QTQ5NkMxNUVGLzAvMjkwNUYzREQ3MzlERThG
NTdCRkY4Mzg3N0VDQkM2MzFFN0IxMkEwMi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8yOTA1RjNERDczOURFOEY1N0JG
RjgzODc3RUNCQzYzMUU3QjEyQTAyLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvOUVFOUFCMTJBN0U5MjdBREI5Q0ZFNUVDOEJBMkZDMDE0QkFDOUMyMjU1
NkFGRTg2NTNDMkJDNkE0OTZDMTVFRi8wLzMyMzAzMDJlMzEzMTM0MmUzOTM2MmUz
MDJmMzIzMTJkMzIzNDIwM2QzZTIwMzIzODMwMzgzMC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA8hyYDAN
BgkqhkiG9w0BAQsFAAOCAQEAa51FZzETvvRBlXhBGXoXnQKMv5TzTi65xoctqj9T
allKyhTow5jsDDWYcKmlrjA3k8td374ZgFvz24fFqY68j0kQlcwMNTJl5HZ2uEPM
jKb/6yD7fXQge7DtWeMxA9FId73KSD/bBGG1r/0lncYpNLxku5G4MJVKC1jyW+yC
4JUh8sFWNpTf7o94GUbmw1vf+q66kRAcq279dOnQ7TtvvY2VGFKgyOII81EDTpph
o5E6CSIxImTblxDfXLKEKhIAgIGbnq0uXpYvFIzMjfTVAkl7+liqQffCyY6d2x+5
UrpVaxmmbszIyMZUl/FEEJNmSLKTnliJdp6YJZkE16fCMg==
-----END CERTIFICATE-----