Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/A1FCECC3D570D3DFE78A2EEC1CAF6F07E8AD1FD3A359CD6FA8735C1A880A05E9/0/3230302e32362e3230322e302f32342d3234203d3e203532323333.roa
File:                     3230302e32362e3230322e302f32342d3234203d3e203532323333.roa (raw, json)
Hash identifier:          r7qHcQQDX5fW58s7Dk4HvrHwurxC6/pX62HWmdlg1k4=
Subject key identifier:   73:E8:F8:D5:8A:10:C9:D8:84:86:67:22:0C:11:4E:8A:3D:87:86:65
Certificate issuer:       /CN=237D63DAE61C3211909C89DEBD463B26F873E44B
Certificate serial:       39544734F68EDC3CC5715F64EA93AFFB9E9558D8
Authority key identifier: 23:7D:63:DA:E6:1C:32:11:90:9C:89:DE:BD:46:3B:26:F8:73:E4:4B
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/237D63DAE61C3211909C89DEBD463B26F873E44B.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/A1FCECC3D570D3DFE78A2EEC1CAF6F07E8AD1FD3A359CD6FA8735C1A880A05E9/0/3230302e32362e3230322e302f32342d3234203d3e203532323333.roa
Signing time:             Tue 04 Feb 2025 18:50:51 +0000
ROA not before:           Tue 04 Feb 2025 18:45:51 +0000
ROA not after:            Tue 03 Feb 2026 18:50:51 +0000
asID:                     52233
IP address blocks:        200.26.202.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            39:54:47:34:f6:8e:dc:3c:c5:71:5f:64:ea:93:af:fb:9e:95:58:d8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=237D63DAE61C3211909C89DEBD463B26F873E44B
        Validity
            Not Before: Feb  4 18:45:51 2025 GMT
            Not After : Feb  3 18:50:51 2026 GMT
        Subject: CN=73E8F8D58A10C9D8848667220C114E8A3D878665
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:49:43:bc:04:16:8f:e9:e1:1e:78:65:91:9d:
                    18:dc:a3:3b:aa:56:b8:ba:53:ed:08:0b:49:5a:f3:
                    42:02:71:fa:03:cd:c8:e9:72:6a:c8:9b:72:c7:81:
                    c1:a9:4d:45:e4:e2:6f:a9:b0:b9:8a:f4:d7:01:0a:
                    ad:80:96:6b:9c:49:e1:d1:90:7b:4b:e8:b8:b6:ed:
                    f8:66:63:9e:95:13:6d:5f:4d:ea:b7:5d:6c:3e:07:
                    2e:bc:cf:1d:1c:94:a7:d4:b5:72:f6:f9:5f:d8:6b:
                    0f:76:d9:53:a6:78:3e:e2:61:d3:ef:f0:8d:d6:b3:
                    a9:18:ad:39:cd:62:b4:27:c9:b5:74:3f:36:74:7e:
                    8c:75:7a:c3:d6:2a:ea:0b:90:97:a1:0c:c9:7c:d9:
                    2c:31:95:36:e5:76:fd:f9:86:7f:36:5c:95:04:90:
                    a6:67:2f:6d:87:94:99:d3:ed:1a:31:c0:3e:c8:7d:
                    05:41:27:4d:e9:33:1a:49:a1:8d:dd:e6:31:02:d9:
                    5e:1c:e6:95:5d:b3:a2:b9:41:35:c8:c5:bf:a3:4d:
                    c2:e1:89:23:f1:5b:fb:d8:74:f0:be:df:f7:98:79:
                    95:0f:ac:78:87:a1:90:4b:19:ff:8b:01:c3:14:f2:
                    8b:b6:23:08:c0:1b:d8:f5:da:ec:27:7d:d8:b5:6a:
                    9c:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                73:E8:F8:D5:8A:10:C9:D8:84:86:67:22:0C:11:4E:8A:3D:87:86:65
            X509v3 Authority Key Identifier:
                keyid:23:7D:63:DA:E6:1C:32:11:90:9C:89:DE:BD:46:3B:26:F8:73:E4:4B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/A1FCECC3D570D3DFE78A2EEC1CAF6F07E8AD1FD3A359CD6FA8735C1A880A05E9/0/237D63DAE61C3211909C89DEBD463B26F873E44B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/237D63DAE61C3211909C89DEBD463B26F873E44B.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/A1FCECC3D570D3DFE78A2EEC1CAF6F07E8AD1FD3A359CD6FA8735C1A880A05E9/0/3230302e32362e3230322e302f32342d3234203d3e203532323333.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.26.202.0/24

    Signature Algorithm: sha256WithRSAEncryption
         56:6c:33:6c:1e:55:c4:5f:bd:25:06:e8:ff:97:18:9b:bb:de:
         73:da:f5:07:79:86:ca:e3:09:b9:55:da:b1:f1:fc:19:21:0a:
         67:ae:cf:36:64:34:0a:bf:5a:66:3b:54:d3:74:87:27:b2:bd:
         93:3f:be:e1:6c:5b:06:1c:2c:f3:7c:a2:c3:bf:4f:09:59:3c:
         86:39:f8:9e:1d:35:46:02:f7:4f:d3:fb:e0:ab:77:02:a2:55:
         24:03:da:f4:bc:cc:d1:f1:d1:8e:e2:95:9d:76:da:22:7f:3c:
         85:7b:6e:91:77:83:4b:e4:d5:5a:f2:aa:95:4b:38:44:83:7f:
         f3:bc:df:20:f2:24:5b:0f:7c:b8:96:77:6a:67:70:b4:8b:06:
         9b:49:f8:8f:3e:28:03:f3:93:a5:73:b7:be:d8:46:72:37:47:
         27:44:80:5a:b5:3c:d4:57:e9:72:e6:cc:c4:30:6b:0a:6b:a4:
         39:06:38:f3:ff:8b:ac:3b:68:f6:7f:cd:d4:29:d7:eb:74:91:
         c8:0a:61:7d:2d:7f:58:d7:22:d2:64:16:60:c0:c9:7d:a7:0f:
         cc:b8:b8:35:f9:d3:4d:51:35:18:64:1a:f8:83:55:ad:6d:2b:
         db:80:60:56:76:85:ad:d3:5f:3b:c0:0d:21:c5:27:47:a1:1d:
         69:55:e8:2e
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUOVRHNPaO3DzFcV9k6pOv+56VWNgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjM3RDYzREFFNjFDMzIxMTkwOUM4OURFQkQ0NjNCMjZG
ODczRTQ0QjAeFw0yNTAyMDQxODQ1NTFaFw0yNjAyMDMxODUwNTFaMDMxMTAvBgNV
BAMTKDczRThGOEQ1OEExMEM5RDg4NDg2NjcyMjBDMTE0RThBM0Q4Nzg2NjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCiSUO8BBaP6eEeeGWRnRjcozuq
Vri6U+0IC0la80ICcfoDzcjpcmrIm3LHgcGpTUXk4m+psLmK9NcBCq2AlmucSeHR
kHtL6Li27fhmY56VE21fTeq3XWw+By68zx0clKfUtXL2+V/Yaw922VOmeD7iYdPv
8I3Ws6kYrTnNYrQnybV0PzZ0fox1esPWKuoLkJehDMl82SwxlTbldv35hn82XJUE
kKZnL22HlJnT7RoxwD7IfQVBJ03pMxpJoY3d5jEC2V4c5pVds6K5QTXIxb+jTcLh
iSPxW/vYdPC+3/eYeZUPrHiHoZBLGf+LAcMU8ou2IwjAG9j12uwnfdi1apw5AgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUc+j41YoQydiEhmciDBFOij2HhmUwHwYDVR0j
BBgwFoAUI31j2uYcMhGQnInevUY7Jvhz5EswDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9BMUZDRUNDM0Q1NzBEM0RGRTc4QTJFRUMxQ0FGNkYwN0U4
QUQxRkQzQTM1OUNENkZBODczNUMxQTg4MEEwNUU5LzAvMjM3RDYzREFFNjFDMzIx
MTkwOUM4OURFQkQ0NjNCMjZGODczRTQ0Qi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8yMzdENjNEQUU2MUMzMjExOTA5
Qzg5REVCRDQ2M0IyNkY4NzNFNDRCLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQTFGQ0VDQzNENTcwRDNERkU3OEEyRUVDMUNBRjZGMDdFOEFEMUZEM0Ez
NTlDRDZGQTg3MzVDMUE4ODBBMDVFOS8wLzMyMzAzMDJlMzIzNjJlMzIzMDMyMmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzUzMjMyMzMzMy5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMgayjAN
BgkqhkiG9w0BAQsFAAOCAQEAVmwzbB5VxF+9JQbo/5cYm7vec9r1B3mGyuMJuVXa
sfH8GSEKZ67PNmQ0Cr9aZjtU03SHJ7K9kz++4WxbBhws83yiw79PCVk8hjn4nh01
RgL3T9P74Kt3AqJVJAPa9LzM0fHRjuKVnXbaIn88hXtukXeDS+TVWvKqlUs4RIN/
87zfIPIkWw98uJZ3amdwtIsGm0n4jz4oA/OTpXO3vthGcjdHJ0SAWrU81FfpcubM
xDBrCmukOQY48/+LrDto9n/N1CnX63SRyAphfS1/WNci0mQWYMDJfacPzLi4NfnT
TVE1GGQa+INVrW0r24BgVnaFrdNfO8ANIcUnR6EdaVXoLg==
-----END CERTIFICATE-----