Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/B288498F6AB7F4A3FEC2121B207C6A80CE250638BF6372C8552A90C7FCD8CB6B/0/3230302e312e3137312e302f32342d3332203d3e2033343936.roa
File:                     3230302e312e3137312e302f32342d3332203d3e2033343936.roa (raw, json)
Hash identifier:          ukRpZQq6BZircLhnAh4HZJ+Bh7i9hvdiZPHXkvowrAI=
Subject key identifier:   94:F0:01:C0:BF:A0:D7:2F:C9:1A:FF:D0:A5:8E:BF:B0:64:EE:8D:F4
Certificate issuer:       /CN=45A52877B9CBDAA4A2B69EF377AB572F9423ED6E
Certificate serial:       7BA0B8682E3305E34143B2323E2B8E51B03296E7
Authority key identifier: 45:A5:28:77:B9:CB:DA:A4:A2:B6:9E:F3:77:AB:57:2F:94:23:ED:6E
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/45A52877B9CBDAA4A2B69EF377AB572F9423ED6E.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/B288498F6AB7F4A3FEC2121B207C6A80CE250638BF6372C8552A90C7FCD8CB6B/0/3230302e312e3137312e302f32342d3332203d3e2033343936.roa
Signing time:             Tue 04 Feb 2025 18:07:10 +0000
ROA not before:           Tue 04 Feb 2025 18:02:10 +0000
ROA not after:            Tue 03 Feb 2026 18:07:10 +0000
asID:                     3496
IP address blocks:        200.1.171.0/24 maxlen: 32
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7b:a0:b8:68:2e:33:05:e3:41:43:b2:32:3e:2b:8e:51:b0:32:96:e7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=45A52877B9CBDAA4A2B69EF377AB572F9423ED6E
        Validity
            Not Before: Feb  4 18:02:10 2025 GMT
            Not After : Feb  3 18:07:10 2026 GMT
        Subject: CN=94F001C0BFA0D72FC91AFFD0A58EBFB064EE8DF4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:d2:88:bd:50:b3:77:66:12:67:75:1e:bf:6a:
                    e2:df:b2:d7:e7:db:59:6f:c5:6c:5d:24:db:77:11:
                    a4:62:a5:8d:eb:db:77:7b:de:1b:b3:ad:50:ff:8f:
                    5a:89:08:4a:a6:5e:b8:01:68:24:3d:24:02:83:26:
                    b7:e3:18:2a:e6:7e:58:4e:35:ee:dc:e4:e1:34:ba:
                    6a:2b:81:da:74:01:6b:70:9f:4a:ac:d2:24:a7:4f:
                    66:21:e3:93:ff:ec:25:93:02:2f:7a:06:ea:c3:dc:
                    4b:1c:79:0d:2c:e9:7e:6a:a3:d9:b5:f4:8c:30:bf:
                    30:39:89:c8:b8:9f:0e:ac:c3:1b:01:3a:0c:a5:58:
                    b3:88:a1:a7:fc:ee:34:7d:76:5f:e9:cb:34:e3:4d:
                    09:18:23:38:3a:46:b1:3c:33:37:60:8b:38:71:e6:
                    ad:c0:de:9b:07:8b:27:e4:e0:99:74:3c:94:6e:e6:
                    c3:c4:8c:b6:27:d5:13:31:01:5b:ea:b7:11:78:87:
                    87:cd:f6:d0:b4:4d:48:60:6b:03:6d:b0:60:f0:82:
                    40:c7:2b:e7:4a:7e:8e:00:02:c0:84:b1:87:dc:a0:
                    69:56:de:3a:59:d5:97:dc:9f:0c:2a:ea:88:d0:f1:
                    90:07:c8:ce:1b:5f:91:31:c0:06:09:ef:c1:a8:cb:
                    7d:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                94:F0:01:C0:BF:A0:D7:2F:C9:1A:FF:D0:A5:8E:BF:B0:64:EE:8D:F4
            X509v3 Authority Key Identifier:
                keyid:45:A5:28:77:B9:CB:DA:A4:A2:B6:9E:F3:77:AB:57:2F:94:23:ED:6E

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/B288498F6AB7F4A3FEC2121B207C6A80CE250638BF6372C8552A90C7FCD8CB6B/0/45A52877B9CBDAA4A2B69EF377AB572F9423ED6E.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/45A52877B9CBDAA4A2B69EF377AB572F9423ED6E.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/B288498F6AB7F4A3FEC2121B207C6A80CE250638BF6372C8552A90C7FCD8CB6B/0/3230302e312e3137312e302f32342d3332203d3e2033343936.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.1.171.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2c:fe:5e:bd:50:d8:b2:ac:cc:9b:12:b8:57:ce:32:d1:fe:4d:
         81:6b:40:8b:a4:54:01:5a:c7:b1:92:22:67:57:0e:b5:78:58:
         a5:2a:80:c1:ff:eb:f1:da:81:cb:f0:35:12:4f:ec:68:ab:61:
         5d:1f:f7:7b:15:31:94:50:3e:35:5a:fb:98:46:26:f3:f6:54:
         93:77:36:89:60:b1:35:fe:a4:b6:00:99:d1:a9:0e:6f:bb:47:
         4c:96:82:62:6d:95:1d:8f:27:7c:37:cc:24:63:c3:0f:23:4a:
         59:4e:32:cf:8a:28:a5:3f:e3:db:45:9a:a3:7a:eb:e8:cd:b3:
         b4:59:ed:1e:89:e7:1e:9c:07:24:af:d6:2e:e2:f6:b3:78:30:
         2c:5b:94:a0:01:f0:45:36:51:87:6c:c0:7a:b7:57:5a:2d:06:
         4d:0b:d1:f8:ec:2e:1f:77:4e:13:d1:09:52:5e:f0:88:a9:38:
         cb:6b:24:04:22:26:ab:b0:97:26:f3:93:72:bd:bd:d9:72:9c:
         c6:99:8b:dd:87:4e:3d:2e:b5:3d:ab:0e:13:37:a4:b9:4d:92:
         31:a5:84:ac:39:be:8d:13:d1:a8:11:65:c2:b2:72:cb:7b:c7:
         1a:67:8c:96:1b:15:54:fd:ac:5c:99:85:21:5e:7e:09:bf:32:
         82:e1:11:9b
-----BEGIN CERTIFICATE-----
MIIFujCCBKKgAwIBAgIUe6C4aC4zBeNBQ7IyPiuOUbAylucwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDVBNTI4NzdCOUNCREFBNEEyQjY5RUYzNzdBQjU3MkY5
NDIzRUQ2RTAeFw0yNTAyMDQxODAyMTBaFw0yNjAyMDMxODA3MTBaMDMxMTAvBgNV
BAMTKDk0RjAwMUMwQkZBMEQ3MkZDOTFBRkZEMEE1OEVCRkIwNjRFRThERjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCq0oi9ULN3ZhJndR6/auLfstfn
21lvxWxdJNt3EaRipY3r23d73huzrVD/j1qJCEqmXrgBaCQ9JAKDJrfjGCrmflhO
Ne7c5OE0umorgdp0AWtwn0qs0iSnT2Yh45P/7CWTAi96BurD3EsceQ0s6X5qo9m1
9IwwvzA5ici4nw6swxsBOgylWLOIoaf87jR9dl/pyzTjTQkYIzg6RrE8Mzdgizhx
5q3A3psHiyfk4Jl0PJRu5sPEjLYn1RMxAVvqtxF4h4fN9tC0TUhgawNtsGDwgkDH
K+dKfo4AAsCEsYfcoGlW3jpZ1Zfcnwwq6ojQ8ZAHyM4bX5ExwAYJ78Goy307AgMB
AAGjggLEMIICwDAdBgNVHQ4EFgQUlPABwL+g1y/JGv/QpY6/sGTujfQwHwYDVR0j
BBgwFoAURaUod7nL2qSitp7zd6tXL5Qj7W4wDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9CMjg4NDk4RjZBQjdGNEEzRkVDMjEyMUIyMDdDNkE4MENF
MjUwNjM4QkY2MzcyQzg1NTJBOTBDN0ZDRDhDQjZCLzAvNDVBNTI4NzdCOUNCREFB
NEEyQjY5RUYzNzdBQjU3MkY5NDIzRUQ2RS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC80NUE1Mjg3N0I5Q0JEQUE0QTJC
NjlFRjM3N0FCNTcyRjk0MjNFRDZFLmNlcjCBwwYIKwYBBQUHAQsEgbYwgbMwgbAG
CCsGAQUFBzALhoGjcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQjI4ODQ5OEY2QUI3RjRBM0ZFQzIxMjFCMjA3QzZBODBDRTI1MDYzOEJG
NjM3MkM4NTUyQTkwQzdGQ0Q4Q0I2Qi8wLzMyMzAzMDJlMzEyZTMxMzczMTJlMzAy
ZjMyMzQyZDMzMzIyMDNkM2UyMDMzMzQzOTM2LnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAyAGrMA0GCSqG
SIb3DQEBCwUAA4IBAQAs/l69UNiyrMybErhXzjLR/k2Ba0CLpFQBWsexkiJnVw61
eFilKoDB/+vx2oHL8DUST+xoq2FdH/d7FTGUUD41WvuYRibz9lSTdzaJYLE1/qS2
AJnRqQ5vu0dMloJibZUdjyd8N8wkY8MPI0pZTjLPiiilP+PbRZqjeuvozbO0We0e
iecenAckr9Yu4vazeDAsW5SgAfBFNlGHbMB6t1daLQZNC9H47C4fd04T0QlSXvCI
qTjLayQEIiarsJcm85Nyvb3ZcpzGmYvdh049LrU9qw4TN6S5TZIxpYSsOb6NE9Go
EWXCsnLLe8caZ4yWGxVU/axcmYUhXn4JvzKC4RGb
-----END CERTIFICATE-----