Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/A300BCF37CC7EB3A319E7C92A3F89B23C2B65CEE6E1F16AE07EED710CCC40CFE/0/3230302e37312e3139352e302f32342d3234203d3e203230303135.roa
File:                     3230302e37312e3139352e302f32342d3234203d3e203230303135.roa (raw, json)
Hash identifier:          0SRCTZaHqg2A6fdp4E6NHztimgSF/HCp4Nw7mSLmEH0=
Subject key identifier:   3D:04:44:9E:C6:07:F0:58:E9:38:F5:EC:F5:6E:4C:43:C3:BF:98:1C
Certificate issuer:       /CN=D6368A1CCA4398AC245E8096FFF2D9BD515D42F3
Certificate serial:       65BB71652DAEC3B36CC712E67BD3FAF0A4C2FFAD
Authority key identifier: D6:36:8A:1C:CA:43:98:AC:24:5E:80:96:FF:F2:D9:BD:51:5D:42:F3
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D6368A1CCA4398AC245E8096FFF2D9BD515D42F3.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/A300BCF37CC7EB3A319E7C92A3F89B23C2B65CEE6E1F16AE07EED710CCC40CFE/0/3230302e37312e3139352e302f32342d3234203d3e203230303135.roa
Signing time:             Tue 04 Feb 2025 18:52:19 +0000
ROA not before:           Tue 04 Feb 2025 18:47:19 +0000
ROA not after:            Tue 03 Feb 2026 18:52:19 +0000
asID:                     20015
IP address blocks:        200.71.195.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            65:bb:71:65:2d:ae:c3:b3:6c:c7:12:e6:7b:d3:fa:f0:a4:c2:ff:ad
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=D6368A1CCA4398AC245E8096FFF2D9BD515D42F3
        Validity
            Not Before: Feb  4 18:47:19 2025 GMT
            Not After : Feb  3 18:52:19 2026 GMT
        Subject: CN=3D04449EC607F058E938F5ECF56E4C43C3BF981C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:da:f9:0e:f0:de:dc:73:7f:60:9c:50:13:9c:
                    7d:7f:59:7d:90:ac:da:5b:0c:03:53:c1:2f:01:68:
                    f4:e1:71:5d:8c:d0:08:3e:52:7e:77:9f:22:49:42:
                    65:29:b3:87:85:6e:14:22:6a:4c:fc:ef:98:3f:21:
                    96:21:6b:16:3f:77:8f:04:a2:02:1a:1a:00:c9:3f:
                    2d:05:36:6b:2b:ec:6c:44:e7:c7:4c:9a:41:91:c4:
                    9d:5e:90:60:e2:88:a4:ef:2f:a8:98:c7:8b:a3:c0:
                    ea:06:85:82:81:fe:26:f2:aa:06:af:a6:23:d5:e5:
                    c9:fd:c1:e1:21:c8:aa:f1:60:26:03:7f:72:7d:60:
                    ac:3c:42:85:c9:1f:89:53:89:46:9b:6f:93:eb:46:
                    39:5a:7a:3a:47:9a:5a:bc:b6:a1:3b:9e:8f:41:fb:
                    a7:64:32:b8:d3:31:d0:d7:c0:67:c7:71:13:31:c4:
                    48:8e:15:83:5c:46:de:1d:f4:a2:c2:fd:7a:2b:7d:
                    0f:93:20:12:06:11:38:86:c3:45:0c:f3:21:36:17:
                    7c:f0:85:e8:ac:19:ab:1c:5c:09:88:c8:ba:7f:0e:
                    43:c2:e7:8c:e6:54:46:50:0e:72:7a:7c:cd:d1:7e:
                    0d:ee:90:71:0a:8f:9c:ff:62:fd:ec:70:e1:ca:47:
                    b6:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3D:04:44:9E:C6:07:F0:58:E9:38:F5:EC:F5:6E:4C:43:C3:BF:98:1C
            X509v3 Authority Key Identifier:
                keyid:D6:36:8A:1C:CA:43:98:AC:24:5E:80:96:FF:F2:D9:BD:51:5D:42:F3

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/A300BCF37CC7EB3A319E7C92A3F89B23C2B65CEE6E1F16AE07EED710CCC40CFE/0/D6368A1CCA4398AC245E8096FFF2D9BD515D42F3.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D6368A1CCA4398AC245E8096FFF2D9BD515D42F3.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/A300BCF37CC7EB3A319E7C92A3F89B23C2B65CEE6E1F16AE07EED710CCC40CFE/0/3230302e37312e3139352e302f32342d3234203d3e203230303135.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.71.195.0/24

    Signature Algorithm: sha256WithRSAEncryption
         14:98:bd:98:82:69:de:c7:62:8c:ac:a1:1b:9d:1b:70:72:59:
         30:9f:77:a2:46:41:ca:18:fc:e3:5b:69:c5:e0:f7:d8:05:71:
         ad:db:4a:a2:a6:28:d8:f3:71:fc:24:ee:5d:2b:15:1e:7c:36:
         bc:44:07:5d:0e:1d:7d:f2:b1:72:4d:8e:b7:d5:60:7b:c0:34:
         fe:9f:e0:33:50:05:9a:bb:ce:e0:c1:30:0d:7c:b4:3f:86:95:
         65:b2:35:cd:68:e4:49:16:a5:54:54:5d:7a:3b:3b:b4:e4:b3:
         0c:8d:2d:4e:58:b1:d0:c8:8f:7a:1c:ee:d0:a5:ad:11:56:de:
         f1:a8:31:d1:24:38:48:d7:2a:54:0d:c1:a4:2d:45:45:ba:6b:
         ae:d8:56:a5:29:c8:2a:b5:26:3f:ae:f4:78:6c:02:96:30:79:
         44:5c:c4:fa:a0:05:21:ec:55:c5:9b:05:f7:13:c2:70:af:33:
         fd:7a:39:a5:19:14:10:6e:16:56:8d:ce:e5:51:49:21:69:af:
         0e:8f:91:77:c9:74:d5:34:5f:34:d5:f0:10:d1:82:41:55:e1:
         40:70:43:63:fd:2b:1f:4f:b2:4c:88:79:e2:8b:97:ab:1f:0e:
         05:2d:6c:47:f4:3a:f9:54:1a:44:95:54:e5:95:94:da:68:9c:
         2a:17:c0:70
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUZbtxZS2uw7NsxxLme9P68KTC/60wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRDYzNjhBMUNDQTQzOThBQzI0NUU4MDk2RkZGMkQ5QkQ1
MTVENDJGMzAeFw0yNTAyMDQxODQ3MTlaFw0yNjAyMDMxODUyMTlaMDMxMTAvBgNV
BAMTKDNEMDQ0NDlFQzYwN0YwNThFOTM4RjVFQ0Y1NkU0QzQzQzNCRjk4MUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCX2vkO8N7cc39gnFATnH1/WX2Q
rNpbDANTwS8BaPThcV2M0Ag+Un53nyJJQmUps4eFbhQiakz875g/IZYhaxY/d48E
ogIaGgDJPy0FNmsr7GxE58dMmkGRxJ1ekGDiiKTvL6iYx4ujwOoGhYKB/ibyqgav
piPV5cn9weEhyKrxYCYDf3J9YKw8QoXJH4lTiUabb5PrRjlaejpHmlq8tqE7no9B
+6dkMrjTMdDXwGfHcRMxxEiOFYNcRt4d9KLC/XorfQ+TIBIGETiGw0UM8yE2F3zw
heisGascXAmIyLp/DkPC54zmVEZQDnJ6fM3Rfg3ukHEKj5z/Yv3scOHKR7anAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUPQREnsYH8FjpOPXs9W5MQ8O/mBwwHwYDVR0j
BBgwFoAU1jaKHMpDmKwkXoCW//LZvVFdQvMwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9BMzAwQkNGMzdDQzdFQjNBMzE5RTdDOTJBM0Y4OUIyM0My
QjY1Q0VFNkUxRjE2QUUwN0VFRDcxMENDQzQwQ0ZFLzAvRDYzNjhBMUNDQTQzOThB
QzI0NUU4MDk2RkZGMkQ5QkQ1MTVENDJGMy5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9ENjM2OEExQ0NBNDM5OEFDMjQ1
RTgwOTZGRkYyRDlCRDUxNUQ0MkYzLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQTMwMEJDRjM3Q0M3RUIzQTMxOUU3QzkyQTNGODlCMjNDMkI2NUNFRTZF
MUYxNkFFMDdFRUQ3MTBDQ0M0MENGRS8wLzMyMzAzMDJlMzczMTJlMzEzOTM1MmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMDMwMzEzNS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMhHwzAN
BgkqhkiG9w0BAQsFAAOCAQEAFJi9mIJp3sdijKyhG50bcHJZMJ93okZByhj841tp
xeD32AVxrdtKoqYo2PNx/CTuXSsVHnw2vEQHXQ4dffKxck2Ot9Vge8A0/p/gM1AF
mrvO4MEwDXy0P4aVZbI1zWjkSRalVFRdejs7tOSzDI0tTlix0MiPehzu0KWtEVbe
8agx0SQ4SNcqVA3BpC1FRbprrthWpSnIKrUmP670eGwCljB5RFzE+qAFIexVxZsF
9xPCcK8z/Xo5pRkUEG4WVo3O5VFJIWmvDo+Rd8l01TRfNNXwENGCQVXhQHBDY/0r
H0+yTIh54ouXqx8OBS1sR/Q6+VQaRJVU5ZWU2micKhfAcA==
-----END CERTIFICATE-----