Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/B1E5D9D95853F845403A9492380D9E057A858D9BB180E3908B21A7E9BA70DD2E/0/3230302e33392e3133362e302f32322d3234203d3e20323730303234.roa
File:                     3230302e33392e3133362e302f32322d3234203d3e20323730303234.roa (raw, json)
Hash identifier:          Agu6Hbc8VZZPMRD112IdDIDjpG8TqJ1JMRTILkJoL20=
Subject key identifier:   84:69:AE:73:DC:7B:03:AC:3F:E2:C3:D0:CA:DC:9C:93:9B:87:CE:16
Certificate issuer:       /CN=1677287AF25B491C4AA930829379E3D700B7A8BF
Certificate serial:       497D79AF38AF885956A00D89B41AFD4AE1CF9818
Authority key identifier: 16:77:28:7A:F2:5B:49:1C:4A:A9:30:82:93:79:E3:D7:00:B7:A8:BF
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/1677287AF25B491C4AA930829379E3D700B7A8BF.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/B1E5D9D95853F845403A9492380D9E057A858D9BB180E3908B21A7E9BA70DD2E/0/3230302e33392e3133362e302f32322d3234203d3e20323730303234.roa
Signing time:             Tue 04 Feb 2025 18:29:41 +0000
ROA not before:           Tue 04 Feb 2025 18:24:41 +0000
ROA not after:            Tue 03 Feb 2026 18:29:41 +0000
asID:                     270024
IP address blocks:        200.39.136.0/22 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            49:7d:79:af:38:af:88:59:56:a0:0d:89:b4:1a:fd:4a:e1:cf:98:18
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1677287AF25B491C4AA930829379E3D700B7A8BF
        Validity
            Not Before: Feb  4 18:24:41 2025 GMT
            Not After : Feb  3 18:29:41 2026 GMT
        Subject: CN=8469AE73DC7B03AC3FE2C3D0CADC9C939B87CE16
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:93:92:52:76:bc:f2:82:45:61:4d:5f:0c:f0:
                    43:38:08:5a:85:75:c3:6b:4f:5d:c1:78:97:ec:96:
                    d2:dd:86:0e:3b:be:f4:16:38:00:87:55:07:bd:09:
                    8f:71:2e:4d:60:1d:91:2b:91:6a:f8:66:2f:1c:eb:
                    35:a1:ee:d8:81:7c:bc:e7:d7:5d:94:f5:61:09:05:
                    87:ca:e9:99:07:2e:e5:c8:cf:93:46:b0:9d:97:e4:
                    88:b5:43:39:17:7c:9e:54:fc:43:9a:dd:27:ca:57:
                    b4:f7:a9:23:63:4e:5f:2f:cf:5f:92:cd:cf:c8:b6:
                    4f:b0:88:af:e0:e3:82:c1:14:17:10:79:79:a8:ce:
                    4d:8d:b0:33:82:e7:22:f5:92:57:45:8f:91:16:8d:
                    bf:7c:84:8d:45:97:03:5f:d6:9d:86:18:6a:af:5b:
                    9f:be:5a:a2:25:ce:29:96:40:72:03:ac:9d:da:ad:
                    e1:37:ab:0d:36:57:e3:af:c5:64:de:24:5c:0e:43:
                    b0:53:97:bb:32:ad:a6:69:cb:64:06:ca:c1:43:19:
                    85:9a:d7:10:45:77:52:ab:45:c1:7f:6c:f2:37:1a:
                    ec:21:83:5e:0a:a6:48:35:b2:e8:ce:b1:52:62:ba:
                    ea:02:d4:c4:b7:d1:ea:c0:b4:1d:d1:28:dc:e2:e0:
                    0c:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:69:AE:73:DC:7B:03:AC:3F:E2:C3:D0:CA:DC:9C:93:9B:87:CE:16
            X509v3 Authority Key Identifier:
                keyid:16:77:28:7A:F2:5B:49:1C:4A:A9:30:82:93:79:E3:D7:00:B7:A8:BF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/B1E5D9D95853F845403A9492380D9E057A858D9BB180E3908B21A7E9BA70DD2E/0/1677287AF25B491C4AA930829379E3D700B7A8BF.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/1677287AF25B491C4AA930829379E3D700B7A8BF.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/B1E5D9D95853F845403A9492380D9E057A858D9BB180E3908B21A7E9BA70DD2E/0/3230302e33392e3133362e302f32322d3234203d3e20323730303234.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.39.136.0/22

    Signature Algorithm: sha256WithRSAEncryption
         9e:7e:44:46:b5:f7:79:39:f5:4d:64:34:2b:b4:77:3a:17:9d:
         d1:bf:3c:84:7d:c3:fc:4c:10:01:4a:f3:29:df:27:ef:3c:67:
         35:6c:49:a2:31:ee:e4:f6:36:4f:5c:04:e8:c2:c1:61:e7:3f:
         02:eb:d2:05:9a:b8:ae:5c:a1:26:95:0d:87:29:b0:a6:d8:29:
         84:8f:ad:25:3f:20:da:be:47:7b:c2:1c:5d:1a:2b:b5:43:50:
         73:0d:51:89:38:47:c9:c6:c2:54:af:e7:d6:56:86:63:2a:60:
         86:8e:fc:6c:6a:1a:cb:6e:af:70:ab:a0:86:88:83:ff:da:5b:
         d1:83:05:08:57:fd:a6:bd:ab:31:c2:95:98:b6:27:b3:4d:b8:
         93:9e:58:d9:3b:9a:90:2e:df:70:26:0c:72:f9:06:22:97:e5:
         fe:93:04:5e:e8:8a:47:57:7c:8c:1c:d5:2a:61:d0:38:33:62:
         34:54:b7:69:a4:e7:2f:09:9a:ce:5f:56:79:b5:7e:01:96:ff:
         5e:16:78:23:49:5d:5f:ff:91:92:e5:5f:e9:e7:72:78:18:07:
         9f:2d:11:f0:c8:f5:30:d3:af:99:ad:49:31:3f:05:5c:50:dc:
         2f:de:7d:cd:e6:50:d3:c6:e8:58:d6:bb:b0:13:90:f9:ce:df:
         8a:6a:b5:6a
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUSX15rziviFlWoA2JtBr9SuHPmBgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTY3NzI4N0FGMjVCNDkxQzRBQTkzMDgyOTM3OUUzRDcw
MEI3QThCRjAeFw0yNTAyMDQxODI0NDFaFw0yNjAyMDMxODI5NDFaMDMxMTAvBgNV
BAMTKDg0NjlBRTczREM3QjAzQUMzRkUyQzNEMENBREM5QzkzOUI4N0NFMTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDck5JSdrzygkVhTV8M8EM4CFqF
dcNrT13BeJfsltLdhg47vvQWOACHVQe9CY9xLk1gHZErkWr4Zi8c6zWh7tiBfLzn
112U9WEJBYfK6ZkHLuXIz5NGsJ2X5Ii1QzkXfJ5U/EOa3SfKV7T3qSNjTl8vz1+S
zc/Itk+wiK/g44LBFBcQeXmozk2NsDOC5yL1kldFj5EWjb98hI1FlwNf1p2GGGqv
W5++WqIlzimWQHIDrJ3areE3qw02V+OvxWTeJFwOQ7BTl7syraZpy2QGysFDGYWa
1xBFd1KrRcF/bPI3Guwhg14Kpkg1sujOsVJiuuoC1MS30erAtB3RKNzi4AwBAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUhGmuc9x7A6w/4sPQytyck5uHzhYwHwYDVR0j
BBgwFoAUFncoevJbSRxKqTCCk3nj1wC3qL8wDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9CMUU1RDlEOTU4NTNGODQ1NDAzQTk0OTIzODBEOUUwNTdB
ODU4RDlCQjE4MEUzOTA4QjIxQTdFOUJBNzBERDJFLzAvMTY3NzI4N0FGMjVCNDkx
QzRBQTkzMDgyOTM3OUUzRDcwMEI3QThCRi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8xNjc3Mjg3QUYyNUI0OTFDNEFB
OTMwODI5Mzc5RTNENzAwQjdBOEJGLmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQjFFNUQ5RDk1ODUzRjg0NTQwM0E5NDkyMzgwRDlFMDU3QTg1OEQ5QkIx
ODBFMzkwOEIyMUE3RTlCQTcwREQyRS8wLzMyMzAzMDJlMzMzOTJlMzEzMzM2MmUz
MDJmMzIzMjJkMzIzNDIwM2QzZTIwMzIzNzMwMzAzMjM0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCyCeI
MA0GCSqGSIb3DQEBCwUAA4IBAQCefkRGtfd5OfVNZDQrtHc6F53RvzyEfcP8TBAB
SvMp3yfvPGc1bEmiMe7k9jZPXATowsFh5z8C69IFmriuXKEmlQ2HKbCm2CmEj60l
PyDavkd7whxdGiu1Q1BzDVGJOEfJxsJUr+fWVoZjKmCGjvxsahrLbq9wq6CGiIP/
2lvRgwUIV/2mvasxwpWYtiezTbiTnljZO5qQLt9wJgxy+QYil+X+kwRe6IpHV3yM
HNUqYdA4M2I0VLdppOcvCZrOX1Z5tX4Blv9eFngjSV1f/5GS5V/p53J4GAefLRHw
yPUw06+ZrUkxPwVcUNwv3n3N5lDTxuhY1ruwE5D5zt+KarVq
-----END CERTIFICATE-----