Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/A300BCF37CC7EB3A319E7C92A3F89B23C2B65CEE6E1F16AE07EED710CCC40CFE/0/3230302e37312e3230362e302f32342d3234203d3e203230303135.roa
File:                     3230302e37312e3230362e302f32342d3234203d3e203230303135.roa (raw, json)
Hash identifier:          mfFYNsQRWy4Vl8BrazjBS7hJKWvThOj0IMjTeAdwTAY=
Subject key identifier:   3A:0D:5C:5B:26:AD:92:56:8C:22:84:7F:74:BB:CD:DA:88:CA:D7:36
Certificate issuer:       /CN=D6368A1CCA4398AC245E8096FFF2D9BD515D42F3
Certificate serial:       7A4F038066C650B1D1E62ADC13FC1E9593CC30F3
Authority key identifier: D6:36:8A:1C:CA:43:98:AC:24:5E:80:96:FF:F2:D9:BD:51:5D:42:F3
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D6368A1CCA4398AC245E8096FFF2D9BD515D42F3.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/A300BCF37CC7EB3A319E7C92A3F89B23C2B65CEE6E1F16AE07EED710CCC40CFE/0/3230302e37312e3230362e302f32342d3234203d3e203230303135.roa
Signing time:             Tue 04 Feb 2025 18:52:19 +0000
ROA not before:           Tue 04 Feb 2025 18:47:19 +0000
ROA not after:            Tue 03 Feb 2026 18:52:19 +0000
asID:                     20015
IP address blocks:        200.71.206.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7a:4f:03:80:66:c6:50:b1:d1:e6:2a:dc:13:fc:1e:95:93:cc:30:f3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=D6368A1CCA4398AC245E8096FFF2D9BD515D42F3
        Validity
            Not Before: Feb  4 18:47:19 2025 GMT
            Not After : Feb  3 18:52:19 2026 GMT
        Subject: CN=3A0D5C5B26AD92568C22847F74BBCDDA88CAD736
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:bd:31:e9:41:de:c3:98:2f:2c:7f:20:54:ca:
                    8e:29:4e:b1:8d:9a:74:7c:86:1d:06:0b:c1:92:9e:
                    24:3e:6d:19:b4:cf:b8:25:f4:91:45:7f:90:f0:45:
                    b7:4d:cd:eb:9b:6c:72:21:e6:ac:18:66:74:ed:85:
                    73:7f:11:c9:90:16:21:40:a3:1a:2b:d6:2d:d0:41:
                    02:06:bd:cb:c0:ce:9e:6e:c8:d1:85:fe:11:b1:48:
                    67:23:c4:49:5d:6c:42:01:d3:e0:04:92:e2:dc:90:
                    34:09:6e:95:51:6b:e8:41:93:19:78:2f:6c:6a:da:
                    43:a4:8c:8f:9a:a7:db:bb:af:4d:d3:c0:a0:38:c4:
                    e4:52:1e:0e:eb:9a:bc:0e:34:47:62:fe:97:af:7c:
                    17:2b:60:87:e4:b2:63:12:57:d9:99:94:48:68:c5:
                    5f:22:70:3a:af:8c:ec:79:3a:b0:fd:40:f0:80:6b:
                    78:43:9a:b2:4f:da:c6:c1:f5:3d:cf:72:0b:5b:24:
                    c0:17:74:a5:2a:9a:bf:86:6d:90:9d:ba:18:bb:ec:
                    63:fc:fa:fb:b7:93:c6:fd:9e:d1:bb:07:43:8a:c0:
                    15:b5:ef:6f:1a:dc:c1:df:03:97:35:ef:8b:57:88:
                    3c:b0:66:62:33:0c:cd:00:0f:71:44:02:b1:26:a0:
                    eb:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3A:0D:5C:5B:26:AD:92:56:8C:22:84:7F:74:BB:CD:DA:88:CA:D7:36
            X509v3 Authority Key Identifier:
                keyid:D6:36:8A:1C:CA:43:98:AC:24:5E:80:96:FF:F2:D9:BD:51:5D:42:F3

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/A300BCF37CC7EB3A319E7C92A3F89B23C2B65CEE6E1F16AE07EED710CCC40CFE/0/D6368A1CCA4398AC245E8096FFF2D9BD515D42F3.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D6368A1CCA4398AC245E8096FFF2D9BD515D42F3.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/A300BCF37CC7EB3A319E7C92A3F89B23C2B65CEE6E1F16AE07EED710CCC40CFE/0/3230302e37312e3230362e302f32342d3234203d3e203230303135.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.71.206.0/24

    Signature Algorithm: sha256WithRSAEncryption
         97:ad:06:58:88:28:70:7b:31:4c:08:14:a0:fc:6a:16:53:e8:
         7d:28:db:07:e7:3b:7a:83:1c:62:30:a2:30:5c:01:31:4f:64:
         99:13:7f:9d:e1:82:c6:f7:d4:87:61:cd:a1:bd:a0:b2:eb:49:
         65:f8:b2:12:1d:6e:be:81:f7:63:39:01:b6:54:21:dc:22:52:
         3a:08:26:2d:2a:c5:34:43:66:0c:3c:5c:2d:6f:c6:50:d1:fa:
         ee:40:09:87:08:09:cb:59:c8:e7:ff:bc:39:0f:16:0e:6e:7b:
         1a:6c:13:2f:b1:9e:9a:b2:d8:dd:ee:a8:4d:f2:55:7f:26:6f:
         d0:a2:5c:85:c8:bb:30:dc:80:15:3a:96:b2:52:e7:b0:ac:51:
         9d:32:79:f2:56:2b:1c:2b:c4:93:aa:c3:cb:c3:94:f7:2a:9c:
         93:a1:70:01:4f:c0:af:eb:62:fa:31:cd:45:18:42:81:f6:80:
         54:30:cd:ba:be:61:88:6a:0d:fa:ea:38:7f:ac:a6:06:85:29:
         6d:26:44:ea:0c:3e:7c:e4:e6:3a:1c:32:0b:73:31:4f:e9:8d:
         33:fa:8f:f6:42:a1:7a:bd:7a:9e:e6:d0:2c:61:47:48:0a:3b:
         cf:bf:b7:f2:f3:41:6e:49:bb:bb:a3:c6:e5:b6:b1:d7:e1:9a:
         77:c0:fa:dd
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUek8DgGbGULHR5ircE/welZPMMPMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRDYzNjhBMUNDQTQzOThBQzI0NUU4MDk2RkZGMkQ5QkQ1
MTVENDJGMzAeFw0yNTAyMDQxODQ3MTlaFw0yNjAyMDMxODUyMTlaMDMxMTAvBgNV
BAMTKDNBMEQ1QzVCMjZBRDkyNTY4QzIyODQ3Rjc0QkJDRERBODhDQUQ3MzYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCavTHpQd7DmC8sfyBUyo4pTrGN
mnR8hh0GC8GSniQ+bRm0z7gl9JFFf5DwRbdNzeubbHIh5qwYZnTthXN/EcmQFiFA
oxor1i3QQQIGvcvAzp5uyNGF/hGxSGcjxEldbEIB0+AEkuLckDQJbpVRa+hBkxl4
L2xq2kOkjI+ap9u7r03TwKA4xORSHg7rmrwONEdi/pevfBcrYIfksmMSV9mZlEho
xV8icDqvjOx5OrD9QPCAa3hDmrJP2sbB9T3PcgtbJMAXdKUqmr+GbZCduhi77GP8
+vu3k8b9ntG7B0OKwBW1728a3MHfA5c174tXiDywZmIzDM0AD3FEArEmoOshAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUOg1cWyatklaMIoR/dLvN2ojK1zYwHwYDVR0j
BBgwFoAU1jaKHMpDmKwkXoCW//LZvVFdQvMwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9BMzAwQkNGMzdDQzdFQjNBMzE5RTdDOTJBM0Y4OUIyM0My
QjY1Q0VFNkUxRjE2QUUwN0VFRDcxMENDQzQwQ0ZFLzAvRDYzNjhBMUNDQTQzOThB
QzI0NUU4MDk2RkZGMkQ5QkQ1MTVENDJGMy5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9ENjM2OEExQ0NBNDM5OEFDMjQ1
RTgwOTZGRkYyRDlCRDUxNUQ0MkYzLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQTMwMEJDRjM3Q0M3RUIzQTMxOUU3QzkyQTNGODlCMjNDMkI2NUNFRTZF
MUYxNkFFMDdFRUQ3MTBDQ0M0MENGRS8wLzMyMzAzMDJlMzczMTJlMzIzMDM2MmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMDMwMzEzNS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMhHzjAN
BgkqhkiG9w0BAQsFAAOCAQEAl60GWIgocHsxTAgUoPxqFlPofSjbB+c7eoMcYjCi
MFwBMU9kmRN/neGCxvfUh2HNob2gsutJZfiyEh1uvoH3YzkBtlQh3CJSOggmLSrF
NENmDDxcLW/GUNH67kAJhwgJy1nI5/+8OQ8WDm57GmwTL7GemrLY3e6oTfJVfyZv
0KJchci7MNyAFTqWslLnsKxRnTJ58lYrHCvEk6rDy8OU9yqck6FwAU/Ar+ti+jHN
RRhCgfaAVDDNur5hiGoN+uo4f6ymBoUpbSZE6gw+fOTmOhwyC3MxT+mNM/qP9kKh
er16nubQLGFHSAo7z7+38vNBbkm7u6PG5bax1+Gad8D63Q==
-----END CERTIFICATE-----