Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/A1FA039B9EAF13ADE817882DD4BBFFA2BE1D491764BF9383ECEE908BD23F4CF0/0/3230302e37352e3137302e302f32342d3234203d3e203232353431.roa
File:                     3230302e37352e3137302e302f32342d3234203d3e203232353431.roa (raw, json)
Hash identifier:          Lyaohehv9gN0yp5BcDTSDKmyYHnbks/Ddg3FCgeTVoM=
Subject key identifier:   FB:4F:DC:A6:0F:DD:30:23:BD:E3:5E:8C:3A:BB:F5:42:05:73:27:8A
Certificate issuer:       /CN=620D1FDBBD457CA0F9CCFC63A8B85C99A819AF3D
Certificate serial:       78D7A2964C02E248C4C449A5072844553CCD3B
Authority key identifier: 62:0D:1F:DB:BD:45:7C:A0:F9:CC:FC:63:A8:B8:5C:99:A8:19:AF:3D
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/620D1FDBBD457CA0F9CCFC63A8B85C99A819AF3D.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/A1FA039B9EAF13ADE817882DD4BBFFA2BE1D491764BF9383ECEE908BD23F4CF0/0/3230302e37352e3137302e302f32342d3234203d3e203232353431.roa
Signing time:             Tue 04 Feb 2025 19:59:17 +0000
ROA not before:           Tue 04 Feb 2025 19:54:17 +0000
ROA not after:            Tue 03 Feb 2026 19:59:17 +0000
asID:                     22541
IP address blocks:        200.75.170.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            78:d7:a2:96:4c:02:e2:48:c4:c4:49:a5:07:28:44:55:3c:cd:3b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=620D1FDBBD457CA0F9CCFC63A8B85C99A819AF3D
        Validity
            Not Before: Feb  4 19:54:17 2025 GMT
            Not After : Feb  3 19:59:17 2026 GMT
        Subject: CN=FB4FDCA60FDD3023BDE35E8C3ABBF5420573278A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:0b:92:f3:e8:53:9c:87:cd:83:e2:0d:d9:66:
                    2e:45:63:93:79:cc:90:18:c1:97:72:37:a5:0a:3a:
                    99:2f:c4:f4:62:4b:37:5a:09:b1:7a:a7:dc:3a:6c:
                    8e:c5:3e:30:80:e1:09:4b:5a:de:b7:11:e7:fc:08:
                    b5:36:82:01:9f:75:b8:6e:cf:a3:48:09:72:e4:c5:
                    d6:ce:b8:45:5e:c4:d2:71:44:57:01:8d:5a:f7:1b:
                    c6:43:9c:46:b5:45:07:5d:f6:34:3e:6a:49:ef:7d:
                    a2:25:c3:1a:bb:42:90:89:c9:27:2e:f2:6c:21:08:
                    33:47:de:05:88:e2:96:a1:18:e7:bf:ac:58:1e:ea:
                    2b:c2:ef:d3:40:c5:a2:ea:7d:83:f5:9d:1f:6e:b7:
                    91:ae:6d:40:38:7d:98:ad:63:dc:46:a8:4b:cb:43:
                    ba:f8:ec:01:eb:63:9c:1d:a5:e1:7b:06:bc:1c:cd:
                    23:a2:6f:a7:e3:b6:36:c6:41:7c:21:f5:b2:83:37:
                    9d:8e:31:a4:69:0b:d3:14:80:fe:30:a0:33:e9:48:
                    06:68:64:71:bd:2d:2e:29:05:35:06:88:16:bd:4e:
                    b5:4a:1a:2a:d7:e0:cf:2d:39:84:db:ba:04:dc:02:
                    bb:d6:04:2c:3e:cf:3d:76:da:47:10:db:f1:09:71:
                    72:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FB:4F:DC:A6:0F:DD:30:23:BD:E3:5E:8C:3A:BB:F5:42:05:73:27:8A
            X509v3 Authority Key Identifier:
                keyid:62:0D:1F:DB:BD:45:7C:A0:F9:CC:FC:63:A8:B8:5C:99:A8:19:AF:3D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/A1FA039B9EAF13ADE817882DD4BBFFA2BE1D491764BF9383ECEE908BD23F4CF0/0/620D1FDBBD457CA0F9CCFC63A8B85C99A819AF3D.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/620D1FDBBD457CA0F9CCFC63A8B85C99A819AF3D.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/A1FA039B9EAF13ADE817882DD4BBFFA2BE1D491764BF9383ECEE908BD23F4CF0/0/3230302e37352e3137302e302f32342d3234203d3e203232353431.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.75.170.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3b:dd:17:d9:9e:06:13:51:88:7e:1f:85:c5:0f:8e:ec:0f:f5:
         d9:1d:83:3b:ed:31:18:ac:38:ca:9e:d1:72:5d:a0:30:d1:ac:
         06:21:cb:9d:ec:fb:1f:c5:a1:fc:95:02:31:07:ff:2e:f5:e4:
         48:16:fa:1f:e9:c0:01:23:a2:dd:3e:d4:2e:51:22:fe:71:f3:
         a1:0d:5d:61:f1:1d:8c:9e:3a:36:ae:fe:6f:77:3a:61:00:68:
         89:b9:33:1d:c1:68:8e:4f:eb:3b:8e:34:41:e5:6c:b6:49:e5:
         e1:21:f9:f2:19:47:6a:4d:40:a7:2b:2d:e4:89:d6:b6:5d:0b:
         70:ef:bb:27:37:80:77:cf:d7:ad:65:c0:b9:3a:9e:65:73:65:
         cd:4f:1a:c7:c6:7d:c6:b3:a0:96:b3:82:6c:0f:8b:44:54:4b:
         5b:0b:1f:59:60:0d:b0:21:41:44:19:b6:b9:01:85:10:25:4a:
         28:0d:04:83:87:86:55:2e:93:fd:da:70:e4:ee:95:f2:46:0c:
         7b:b5:57:d6:7b:74:57:24:c4:07:2a:69:28:65:af:6a:73:bb:
         2e:0e:7e:d9:c2:76:7b:32:e4:94:b4:0c:4a:09:a6:cf:a2:03:
         1b:70:2a:d1:c2:92:6c:51:c1:e3:b0:22:6f:44:39:8b:46:0e:
         38:65:0e:12
-----BEGIN CERTIFICATE-----
MIIFvTCCBKWgAwIBAgITeNeilkwC4kjExEmlByhEVTzNOzANBgkqhkiG9w0BAQsF
ADAzMTEwLwYDVQQDEyg2MjBEMUZEQkJENDU3Q0EwRjlDQ0ZDNjNBOEI4NUM5OUE4
MTlBRjNEMB4XDTI1MDIwNDE5NTQxN1oXDTI2MDIwMzE5NTkxN1owMzExMC8GA1UE
AxMoRkI0RkRDQTYwRkREMzAyM0JERTM1RThDM0FCQkY1NDIwNTczMjc4QTCCASIw
DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMELkvPoU5yHzYPiDdlmLkVjk3nM
kBjBl3I3pQo6mS/E9GJLN1oJsXqn3DpsjsU+MIDhCUta3rcR5/wItTaCAZ91uG7P
o0gJcuTF1s64RV7E0nFEVwGNWvcbxkOcRrVFB132ND5qSe99oiXDGrtCkInJJy7y
bCEIM0feBYjilqEY57+sWB7qK8Lv00DFoup9g/WdH263ka5tQDh9mK1j3EaoS8tD
uvjsAetjnB2l4XsGvBzNI6Jvp+O2NsZBfCH1soM3nY4xpGkL0xSA/jCgM+lIBmhk
cb0tLikFNQaIFr1OtUoaKtfgzy05hNu6BNwCu9YELD7PPXbaRxDb8QlxckECAwEA
AaOCAsgwggLEMB0GA1UdDgQWBBT7T9ymD90wI73jXow6u/VCBXMnijAfBgNVHSME
GDAWgBRiDR/bvUV8oPnM/GOouFyZqBmvPTAOBgNVHQ8BAf8EBAMCB4AwgbAGA1Ud
HwSBqDCBpTCBoqCBn6CBnIaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0
L3Jwa2kvbGFjbmljL0ExRkEwMzlCOUVBRjEzQURFODE3ODgyREQ0QkJGRkEyQkUx
RDQ5MTc2NEJGOTM4M0VDRUU5MDhCRDIzRjRDRjAvMC82MjBEMUZEQkJENDU3Q0Ew
RjlDQ0ZDNjNBOEI4NUM5OUE4MTlBRjNELmNybDCBuQYIKwYBBQUHAQEEgawwgakw
gaYGCCsGAQUFBzAChoGZcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBr
aS9sYWNuaWMvRkRDMzU5NERENEU1NEJBREU3MDlBQzBEMjU1Q0YyNzlDNDc3MTZE
MkU4QjNGNEQ0NURDNDYzNTU4OTlCMzZENC8wLzYyMEQxRkRCQkQ0NTdDQTBGOUND
RkM2M0E4Qjg1Qzk5QTgxOUFGM0QuY2VyMIHHBggrBgEFBQcBCwSBujCBtzCBtAYI
KwYBBQUHMAuGgadyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy9BMUZBMDM5QjlFQUYxM0FERTgxNzg4MkRENEJCRkZBMkJFMUQ0OTE3NjRC
RjkzODNFQ0VFOTA4QkQyM0Y0Q0YwLzAvMzIzMDMwMmUzNzM1MmUzMTM3MzAyZTMw
MmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMyMzUzNDMxLnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAyEuqMA0G
CSqGSIb3DQEBCwUAA4IBAQA73RfZngYTUYh+H4XFD47sD/XZHYM77TEYrDjKntFy
XaAw0awGIcud7PsfxaH8lQIxB/8u9eRIFvof6cABI6LdPtQuUSL+cfOhDV1h8R2M
njo2rv5vdzphAGiJuTMdwWiOT+s7jjRB5Wy2SeXhIfnyGUdqTUCnKy3kida2XQtw
77snN4B3z9etZcC5Op5lc2XNTxrHxn3Gs6CWs4JsD4tEVEtbCx9ZYA2wIUFEGba5
AYUQJUooDQSDh4ZVLpP92nDk7pXyRgx7tVfWe3RXJMQHKmkoZa9qc7suDn7ZwnZ7
MuSUtAxKCabPogMbcCrRwpJsUcHjsCJvRDmLRg44ZQ4S
-----END CERTIFICATE-----