Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/A300BCF37CC7EB3A319E7C92A3F89B23C2B65CEE6E1F16AE07EED710CCC40CFE/0/3230302e37312e3232302e302f32342d3234203d3e203230303135.roa
File:                     3230302e37312e3232302e302f32342d3234203d3e203230303135.roa (raw, json)
Hash identifier:          e4EOfwySsTS+bMsqhC1JBd5LMrYoIWPdyeYGWQHut+8=
Subject key identifier:   2A:8D:26:38:AD:3F:C2:D1:CE:E8:44:2D:83:7B:D6:46:89:92:91:A0
Certificate issuer:       /CN=D6368A1CCA4398AC245E8096FFF2D9BD515D42F3
Certificate serial:       2FE8D712607C9D51135F32A22E571B46AE751D8C
Authority key identifier: D6:36:8A:1C:CA:43:98:AC:24:5E:80:96:FF:F2:D9:BD:51:5D:42:F3
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D6368A1CCA4398AC245E8096FFF2D9BD515D42F3.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/A300BCF37CC7EB3A319E7C92A3F89B23C2B65CEE6E1F16AE07EED710CCC40CFE/0/3230302e37312e3232302e302f32342d3234203d3e203230303135.roa
Signing time:             Tue 04 Feb 2025 18:52:18 +0000
ROA not before:           Tue 04 Feb 2025 18:47:18 +0000
ROA not after:            Tue 03 Feb 2026 18:52:18 +0000
asID:                     20015
IP address blocks:        200.71.220.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2f:e8:d7:12:60:7c:9d:51:13:5f:32:a2:2e:57:1b:46:ae:75:1d:8c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=D6368A1CCA4398AC245E8096FFF2D9BD515D42F3
        Validity
            Not Before: Feb  4 18:47:18 2025 GMT
            Not After : Feb  3 18:52:18 2026 GMT
        Subject: CN=2A8D2638AD3FC2D1CEE8442D837BD646899291A0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e8:de:37:1d:ac:f9:9f:ba:1d:43:6f:fe:9d:d8:
                    eb:ae:eb:98:b2:bd:f4:be:0b:0d:a1:1d:ae:52:7c:
                    d7:90:22:a7:64:34:bc:a1:66:9e:fb:a0:bc:fe:f3:
                    78:17:80:a5:ee:22:49:18:5a:d2:c7:50:a5:09:1d:
                    c4:63:e5:32:06:90:b5:36:c9:13:5a:f2:61:ca:b7:
                    0b:ec:44:0e:5b:63:24:80:04:10:ff:4c:80:4b:68:
                    ef:a8:66:3d:f6:ed:65:a4:85:d4:a2:2c:86:83:ec:
                    c9:30:0c:26:92:9a:83:b1:95:e8:fa:e8:5e:f9:7f:
                    7f:05:d8:93:3c:fc:99:c5:ba:16:82:91:52:e9:fb:
                    34:09:d0:2e:79:90:02:64:ce:45:cb:b3:8d:9f:4c:
                    7a:da:35:e4:7e:9a:fb:61:63:f2:f8:44:4f:4e:15:
                    5b:4d:d7:5a:d6:65:20:9a:af:ab:32:70:c2:c1:f3:
                    85:a1:4a:6f:c8:07:d8:a1:79:a6:78:2b:1e:a2:a0:
                    5a:59:5d:bf:21:d7:f1:72:fe:f5:6d:71:0d:d0:49:
                    d0:5e:63:ed:ff:53:81:8e:1f:cd:e1:66:37:4f:cc:
                    2b:44:00:fc:c3:a8:58:b5:05:b2:b1:56:19:cd:d6:
                    be:1f:fe:be:68:7e:e6:d5:a3:b5:b5:36:a0:0a:98:
                    1f:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:8D:26:38:AD:3F:C2:D1:CE:E8:44:2D:83:7B:D6:46:89:92:91:A0
            X509v3 Authority Key Identifier:
                keyid:D6:36:8A:1C:CA:43:98:AC:24:5E:80:96:FF:F2:D9:BD:51:5D:42:F3

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/A300BCF37CC7EB3A319E7C92A3F89B23C2B65CEE6E1F16AE07EED710CCC40CFE/0/D6368A1CCA4398AC245E8096FFF2D9BD515D42F3.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D6368A1CCA4398AC245E8096FFF2D9BD515D42F3.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/A300BCF37CC7EB3A319E7C92A3F89B23C2B65CEE6E1F16AE07EED710CCC40CFE/0/3230302e37312e3232302e302f32342d3234203d3e203230303135.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.71.220.0/24

    Signature Algorithm: sha256WithRSAEncryption
         90:b3:38:24:31:cf:06:c4:7f:90:0b:6f:54:a5:74:ae:e3:74:
         97:d1:1d:47:cf:90:5c:c5:a7:c9:ba:c0:3d:e6:56:e1:6e:a0:
         46:75:3e:d1:7e:c4:f2:59:de:33:04:47:df:23:de:c1:d0:d5:
         06:b5:a3:aa:20:99:b7:52:19:67:6d:35:50:1e:49:3f:f1:74:
         65:f9:12:31:a0:b4:1d:a5:dd:97:84:63:fb:c3:58:c3:84:a6:
         2d:e1:fa:0a:40:69:ff:3a:5a:d2:76:b3:71:10:90:70:fd:f6:
         de:c0:bf:4c:ff:47:33:aa:18:c1:b3:a1:03:6d:3a:c7:ce:3e:
         f9:d0:6e:1c:4d:6a:4f:72:69:f1:ba:9e:cd:ad:9c:93:12:d4:
         99:66:65:20:45:9d:2c:5f:9c:9d:a9:d8:79:e3:b4:f7:b0:7d:
         55:1b:48:52:2d:ac:0b:15:f5:7d:e1:96:7c:69:78:8e:0a:a4:
         d8:5f:0b:d9:d7:63:8f:13:c6:f8:af:37:3a:c3:ae:7c:09:a9:
         d9:eb:8c:00:e4:2f:b4:28:6b:3e:79:03:d4:4b:41:46:28:eb:
         9b:2b:c4:75:47:29:49:dd:49:8f:05:9e:6c:ca:db:59:27:14:
         9a:5c:a4:5d:04:70:71:9d:fd:d6:56:70:ce:3a:35:98:f5:12:
         d9:9c:7d:79
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUL+jXEmB8nVETXzKiLlcbRq51HYwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRDYzNjhBMUNDQTQzOThBQzI0NUU4MDk2RkZGMkQ5QkQ1
MTVENDJGMzAeFw0yNTAyMDQxODQ3MThaFw0yNjAyMDMxODUyMThaMDMxMTAvBgNV
BAMTKDJBOEQyNjM4QUQzRkMyRDFDRUU4NDQyRDgzN0JENjQ2ODk5MjkxQTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDo3jcdrPmfuh1Db/6d2Ouu65iy
vfS+Cw2hHa5SfNeQIqdkNLyhZp77oLz+83gXgKXuIkkYWtLHUKUJHcRj5TIGkLU2
yRNa8mHKtwvsRA5bYySABBD/TIBLaO+oZj327WWkhdSiLIaD7MkwDCaSmoOxlej6
6F75f38F2JM8/JnFuhaCkVLp+zQJ0C55kAJkzkXLs42fTHraNeR+mvthY/L4RE9O
FVtN11rWZSCar6sycMLB84WhSm/IB9iheaZ4Kx6ioFpZXb8h1/Fy/vVtcQ3QSdBe
Y+3/U4GOH83hZjdPzCtEAPzDqFi1BbKxVhnN1r4f/r5ofubVo7W1NqAKmB+bAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUKo0mOK0/wtHO6EQtg3vWRomSkaAwHwYDVR0j
BBgwFoAU1jaKHMpDmKwkXoCW//LZvVFdQvMwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9BMzAwQkNGMzdDQzdFQjNBMzE5RTdDOTJBM0Y4OUIyM0My
QjY1Q0VFNkUxRjE2QUUwN0VFRDcxMENDQzQwQ0ZFLzAvRDYzNjhBMUNDQTQzOThB
QzI0NUU4MDk2RkZGMkQ5QkQ1MTVENDJGMy5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9ENjM2OEExQ0NBNDM5OEFDMjQ1
RTgwOTZGRkYyRDlCRDUxNUQ0MkYzLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQTMwMEJDRjM3Q0M3RUIzQTMxOUU3QzkyQTNGODlCMjNDMkI2NUNFRTZF
MUYxNkFFMDdFRUQ3MTBDQ0M0MENGRS8wLzMyMzAzMDJlMzczMTJlMzIzMjMwMmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMDMwMzEzNS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMhH3DAN
BgkqhkiG9w0BAQsFAAOCAQEAkLM4JDHPBsR/kAtvVKV0ruN0l9EdR8+QXMWnybrA
PeZW4W6gRnU+0X7E8lneMwRH3yPewdDVBrWjqiCZt1IZZ201UB5JP/F0ZfkSMaC0
HaXdl4Rj+8NYw4SmLeH6CkBp/zpa0nazcRCQcP323sC/TP9HM6oYwbOhA206x84+
+dBuHE1qT3Jp8bqeza2ckxLUmWZlIEWdLF+cnanYeeO097B9VRtIUi2sCxX1feGW
fGl4jgqk2F8L2ddjjxPG+K83OsOufAmp2euMAOQvtChrPnkD1EtBRijrmyvEdUcp
Sd1JjwWebMrbWScUmlykXQRwcZ391lZwzjo1mPUS2Zx9eQ==
-----END CERTIFICATE-----