Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/A4C89D43169664B9B0F42779749B8E27184BE1079D57C7A76A76D5D88108F80C/0/3230312e3138322e3135302e302f32332d3234203d3e203532343638.roa
File:                     3230312e3138322e3135302e302f32332d3234203d3e203532343638.roa (raw, json)
Hash identifier:          WSMOqdyoE1ic1M/wXhWBvVgxHsF2CSe6rHQv+9gKKQI=
Subject key identifier:   DA:0A:3A:8B:B5:6E:D3:B7:3D:EC:A3:E8:33:54:28:2F:4A:03:3B:85
Certificate issuer:       /CN=03862A9BFCB97EE6B62CE1DB077E3B6EAD5FE253
Certificate serial:       28A23996D247F138BE4DD52426F51797D2437AFF
Authority key identifier: 03:86:2A:9B:FC:B9:7E:E6:B6:2C:E1:DB:07:7E:3B:6E:AD:5F:E2:53
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/03862A9BFCB97EE6B62CE1DB077E3B6EAD5FE253.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/A4C89D43169664B9B0F42779749B8E27184BE1079D57C7A76A76D5D88108F80C/0/3230312e3138322e3135302e302f32332d3234203d3e203532343638.roa
Signing time:             Tue 04 Feb 2025 18:50:29 +0000
ROA not before:           Tue 04 Feb 2025 18:45:29 +0000
ROA not after:            Tue 03 Feb 2026 18:50:29 +0000
asID:                     52468
IP address blocks:        201.182.150.0/23 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            28:a2:39:96:d2:47:f1:38:be:4d:d5:24:26:f5:17:97:d2:43:7a:ff
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=03862A9BFCB97EE6B62CE1DB077E3B6EAD5FE253
        Validity
            Not Before: Feb  4 18:45:29 2025 GMT
            Not After : Feb  3 18:50:29 2026 GMT
        Subject: CN=DA0A3A8BB56ED3B73DECA3E83354282F4A033B85
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:05:01:0f:94:15:54:ce:bc:e3:46:15:57:b0:
                    65:06:70:aa:51:ed:e8:4b:7a:48:7c:7d:b6:ee:f0:
                    55:dc:34:8c:61:d1:c9:d1:46:e6:25:f6:64:e9:cf:
                    f1:34:2b:b1:93:3f:e1:56:5f:e6:2b:63:35:02:33:
                    07:b1:b6:e7:a5:71:e2:12:bc:1a:4a:0e:e1:ad:bf:
                    9d:88:75:9c:27:5c:37:28:7b:35:52:1f:2e:87:9e:
                    f7:b8:3d:40:fc:86:49:56:62:34:5e:b8:ef:f8:a6:
                    ee:66:0f:db:af:7c:d4:0f:16:04:6e:79:b6:df:21:
                    00:48:be:f9:b7:5b:65:8d:3a:48:d9:78:80:b7:83:
                    12:51:47:b9:5d:b8:6c:66:dd:c1:ca:48:f0:2c:48:
                    3f:a0:62:8a:f6:5c:52:b9:ee:f4:9e:27:5b:eb:4f:
                    d7:cf:78:1e:ec:9e:bf:05:8a:d7:0c:2d:dd:3a:64:
                    bb:bc:9b:89:2b:73:d8:b1:f6:e1:0e:2f:9d:8a:20:
                    e0:e2:7f:b7:4b:b5:fc:27:3e:dc:3b:7c:de:b6:50:
                    8e:95:dc:0c:b7:e2:d3:a4:a6:49:2d:6c:b1:69:53:
                    d5:e3:8a:d5:5b:4e:53:da:0a:10:d4:7b:55:8e:7a:
                    71:bc:1a:cf:e0:be:3c:0d:d2:45:df:10:21:d9:e6:
                    af:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DA:0A:3A:8B:B5:6E:D3:B7:3D:EC:A3:E8:33:54:28:2F:4A:03:3B:85
            X509v3 Authority Key Identifier:
                keyid:03:86:2A:9B:FC:B9:7E:E6:B6:2C:E1:DB:07:7E:3B:6E:AD:5F:E2:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/A4C89D43169664B9B0F42779749B8E27184BE1079D57C7A76A76D5D88108F80C/0/03862A9BFCB97EE6B62CE1DB077E3B6EAD5FE253.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/03862A9BFCB97EE6B62CE1DB077E3B6EAD5FE253.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/A4C89D43169664B9B0F42779749B8E27184BE1079D57C7A76A76D5D88108F80C/0/3230312e3138322e3135302e302f32332d3234203d3e203532343638.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  201.182.150.0/23

    Signature Algorithm: sha256WithRSAEncryption
         58:b2:a5:db:96:1a:c4:2a:c4:55:38:73:5b:96:a5:0e:7d:bd:
         0f:56:e3:a4:57:87:fe:d6:49:00:cb:88:40:01:e1:d6:62:ee:
         59:a2:69:90:15:4a:c8:99:09:d0:e5:8b:db:7a:17:7e:bc:8c:
         32:9b:f8:04:33:d3:60:fe:9b:6d:23:1d:37:fa:d0:2e:3d:c5:
         59:2e:02:74:80:2d:1e:4c:8c:12:40:09:5a:41:d9:c9:58:53:
         5d:c6:e4:d4:b9:a2:d9:90:84:f6:24:ec:bb:de:b0:5b:ba:a8:
         e8:89:25:14:be:98:75:1d:7d:c6:00:a9:08:32:a1:84:47:2b:
         41:a3:99:33:0b:9f:db:33:e0:28:ce:63:25:6d:4b:67:0a:ff:
         7a:1e:6d:cc:b1:a0:cf:22:ed:1c:16:11:e5:bd:60:a7:84:97:
         4c:6d:35:55:ff:84:ff:60:2d:5e:a0:a5:f8:44:35:e7:47:6c:
         b0:d7:35:26:c8:8c:4d:ec:74:8e:25:f4:b5:0f:5a:51:52:69:
         f8:73:56:d5:d6:52:9a:06:6d:01:1f:ff:36:f9:17:5d:ac:85:
         fe:ed:56:4e:61:83:7f:07:a1:e9:07:0e:05:f8:a8:41:f6:bc:
         3d:04:d9:05:db:40:0c:82:3e:5c:a0:67:cf:30:c4:7a:8e:cd:
         e4:fe:d2:e3
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUKKI5ltJH8Ti+TdUkJvUXl9JDev8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDM4NjJBOUJGQ0I5N0VFNkI2MkNFMURCMDc3RTNCNkVB
RDVGRTI1MzAeFw0yNTAyMDQxODQ1MjlaFw0yNjAyMDMxODUwMjlaMDMxMTAvBgNV
BAMTKERBMEEzQThCQjU2RUQzQjczREVDQTNFODMzNTQyODJGNEEwMzNCODUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKBQEPlBVUzrzjRhVXsGUGcKpR
7ehLekh8fbbu8FXcNIxh0cnRRuYl9mTpz/E0K7GTP+FWX+YrYzUCMwextuelceIS
vBpKDuGtv52IdZwnXDcoezVSHy6Hnve4PUD8hklWYjReuO/4pu5mD9uvfNQPFgRu
ebbfIQBIvvm3W2WNOkjZeIC3gxJRR7lduGxm3cHKSPAsSD+gYor2XFK57vSeJ1vr
T9fPeB7snr8FitcMLd06ZLu8m4krc9ix9uEOL52KIODif7dLtfwnPtw7fN62UI6V
3Ay34tOkpkktbLFpU9XjitVbTlPaChDUe1WOenG8Gs/gvjwN0kXfECHZ5q9TAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQU2go6i7Vu07c97KPoM1QoL0oDO4UwHwYDVR0j
BBgwFoAUA4Yqm/y5fua2LOHbB347bq1f4lMwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9BNEM4OUQ0MzE2OTY2NEI5QjBGNDI3Nzk3NDlCOEUyNzE4
NEJFMTA3OUQ1N0M3QTc2QTc2RDVEODgxMDhGODBDLzAvMDM4NjJBOUJGQ0I5N0VF
NkI2MkNFMURCMDc3RTNCNkVBRDVGRTI1My5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8wMzg2MkE5QkZDQjk3RUU2QjYy
Q0UxREIwNzdFM0I2RUFENUZFMjUzLmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQTRDODlENDMxNjk2NjRCOUIwRjQyNzc5NzQ5QjhFMjcxODRCRTEwNzlE
NTdDN0E3NkE3NkQ1RDg4MTA4RjgwQy8wLzMyMzAzMTJlMzEzODMyMmUzMTM1MzAy
ZTMwMmYzMjMzMmQzMjM0MjAzZDNlMjAzNTMyMzQzNjM4LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBybaW
MA0GCSqGSIb3DQEBCwUAA4IBAQBYsqXblhrEKsRVOHNblqUOfb0PVuOkV4f+1kkA
y4hAAeHWYu5ZommQFUrImQnQ5Yvbehd+vIwym/gEM9Ng/pttIx03+tAuPcVZLgJ0
gC0eTIwSQAlaQdnJWFNdxuTUuaLZkIT2JOy73rBbuqjoiSUUvph1HX3GAKkIMqGE
RytBo5kzC5/bM+AozmMlbUtnCv96Hm3MsaDPIu0cFhHlvWCnhJdMbTVV/4T/YC1e
oKX4RDXnR2yw1zUmyIxN7HSOJfS1D1pRUmn4c1bV1lKaBm0BH/82+RddrIX+7VZO
YYN/B6HpBw4F+KhB9rw9BNkF20AMgj5coGfPMMR6js3k/tLj
-----END CERTIFICATE-----