Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/BA4E20598674DC9DA80E176D835AD27168C6CB80289E64E21C1615B35E57A1C0/0/3230302e3132342e3137362e302f32312d3234203d3e203532333134.roa
File:                     3230302e3132342e3137362e302f32312d3234203d3e203532333134.roa (raw, json)
Hash identifier:          nvN/gmc3yvZp7f7+19vhy+DTuti2rBAcYhIc+nT4HHo=
Subject key identifier:   21:55:9B:B8:D4:97:50:33:E7:98:9C:AE:33:0C:D4:98:77:6C:CE:CC
Certificate issuer:       /CN=99A4B645BCE1A6FA746C89A3F6E22889F8F2088C
Certificate serial:       16094D813A293EBA22A8CCD463268CCEEBF410DC
Authority key identifier: 99:A4:B6:45:BC:E1:A6:FA:74:6C:89:A3:F6:E2:28:89:F8:F2:08:8C
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/99A4B645BCE1A6FA746C89A3F6E22889F8F2088C.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/BA4E20598674DC9DA80E176D835AD27168C6CB80289E64E21C1615B35E57A1C0/0/3230302e3132342e3137362e302f32312d3234203d3e203532333134.roa
Signing time:             Tue 04 Feb 2025 20:06:50 +0000
ROA not before:           Tue 04 Feb 2025 20:01:50 +0000
ROA not after:            Tue 03 Feb 2026 20:06:50 +0000
asID:                     52314
IP address blocks:        200.124.176.0/21 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            16:09:4d:81:3a:29:3e:ba:22:a8:cc:d4:63:26:8c:ce:eb:f4:10:dc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=99A4B645BCE1A6FA746C89A3F6E22889F8F2088C
        Validity
            Not Before: Feb  4 20:01:50 2025 GMT
            Not After : Feb  3 20:06:50 2026 GMT
        Subject: CN=21559BB8D4975033E7989CAE330CD498776CCECC
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:c1:3f:38:c1:81:68:e6:2f:1c:f4:47:01:d4:
                    7f:f9:3d:2d:06:81:5d:21:50:28:a1:3c:69:e2:ea:
                    29:01:ba:98:8d:c9:90:3c:c2:44:64:98:8d:46:9a:
                    60:de:7d:49:15:01:7a:92:0d:a3:0e:8a:4c:db:c1:
                    e3:25:6e:a8:4c:20:99:32:64:57:83:7b:46:5e:0f:
                    95:d3:71:cf:a9:d9:b6:49:b7:1d:04:6c:21:f1:ec:
                    b2:7f:dc:07:32:b2:d6:63:bd:09:0f:99:2a:b7:bc:
                    83:de:bb:dc:6c:57:a6:d1:f4:4e:a2:e1:48:cb:2e:
                    ca:78:eb:61:30:fb:31:4b:96:dc:21:89:a0:56:17:
                    d9:20:eb:73:91:6b:f5:57:cd:5a:90:50:2e:bc:ef:
                    c3:35:c4:bd:cd:b9:54:12:bc:82:ac:a2:57:84:2f:
                    9b:90:32:e4:9b:88:28:5e:b6:c2:7c:88:28:ff:bb:
                    5f:6e:c1:ef:dc:8c:5b:39:7a:9d:19:09:5d:63:f4:
                    17:6a:f4:e3:b0:20:2d:b9:69:5f:e9:02:fa:8b:1e:
                    fe:56:5d:34:f3:a9:92:ac:1b:59:28:c2:f1:c6:d3:
                    9a:bc:a4:83:aa:c4:78:9f:3a:63:6f:22:26:b3:a8:
                    0c:7b:80:01:70:3d:56:53:09:0d:7c:bf:56:27:c9:
                    37:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                21:55:9B:B8:D4:97:50:33:E7:98:9C:AE:33:0C:D4:98:77:6C:CE:CC
            X509v3 Authority Key Identifier:
                keyid:99:A4:B6:45:BC:E1:A6:FA:74:6C:89:A3:F6:E2:28:89:F8:F2:08:8C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/BA4E20598674DC9DA80E176D835AD27168C6CB80289E64E21C1615B35E57A1C0/0/99A4B645BCE1A6FA746C89A3F6E22889F8F2088C.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/99A4B645BCE1A6FA746C89A3F6E22889F8F2088C.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/BA4E20598674DC9DA80E176D835AD27168C6CB80289E64E21C1615B35E57A1C0/0/3230302e3132342e3137362e302f32312d3234203d3e203532333134.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.124.176.0/21

    Signature Algorithm: sha256WithRSAEncryption
         47:d2:94:a7:1e:40:44:f5:8e:3d:80:6b:b6:23:fc:6a:fa:66:
         11:b9:a4:bc:79:72:e3:8d:81:45:1d:c8:40:40:e3:69:41:be:
         87:73:29:ab:ff:52:eb:bf:42:d8:c5:0e:6e:33:e1:cb:d6:2f:
         73:df:c1:2e:6e:69:22:e8:9c:8c:a8:51:bd:a3:b3:41:62:2e:
         7c:b3:02:fc:40:3b:de:82:3a:21:5a:5b:d0:eb:7f:25:23:91:
         ad:27:71:43:02:84:b0:ca:51:13:48:68:d9:23:ba:02:fe:a9:
         cf:e6:b2:30:46:78:dc:53:1a:dd:b3:e6:45:d3:24:2a:87:ad:
         ac:74:f5:28:d4:2c:3d:89:c4:66:b5:34:fe:0c:e3:76:78:40:
         a3:bc:21:66:19:87:9f:5f:1f:ba:2d:ea:7a:f7:95:1d:2c:b0:
         21:85:bf:5c:a5:f4:4e:6d:6d:94:42:af:78:cd:df:ad:37:e8:
         8d:e0:5b:e2:12:a1:94:8c:20:f0:19:72:a3:18:ac:e8:b1:22:
         eb:57:15:db:25:b3:81:c5:3b:ac:38:73:4d:76:45:89:ba:cd:
         61:c1:61:c0:fe:37:74:9f:91:9e:de:e8:78:6c:b1:b6:b4:8f:
         05:65:dd:2e:60:cb:92:30:a3:ee:7e:e2:91:88:6a:fa:e4:3f:
         37:98:d2:d4
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUFglNgTopProiqMzUYyaMzuv0ENwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOTlBNEI2NDVCQ0UxQTZGQTc0NkM4OUEzRjZFMjI4ODlG
OEYyMDg4QzAeFw0yNTAyMDQyMDAxNTBaFw0yNjAyMDMyMDA2NTBaMDMxMTAvBgNV
BAMTKDIxNTU5QkI4RDQ5NzUwMzNFNzk4OUNBRTMzMENENDk4Nzc2Q0NFQ0MwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDRwT84wYFo5i8c9EcB1H/5PS0G
gV0hUCihPGni6ikBupiNyZA8wkRkmI1GmmDefUkVAXqSDaMOikzbweMlbqhMIJky
ZFeDe0ZeD5XTcc+p2bZJtx0EbCHx7LJ/3AcystZjvQkPmSq3vIPeu9xsV6bR9E6i
4UjLLsp462Ew+zFLltwhiaBWF9kg63ORa/VXzVqQUC6878M1xL3NuVQSvIKsoleE
L5uQMuSbiChetsJ8iCj/u19uwe/cjFs5ep0ZCV1j9Bdq9OOwIC25aV/pAvqLHv5W
XTTzqZKsG1kowvHG05q8pIOqxHifOmNvIiazqAx7gAFwPVZTCQ18v1YnyTevAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUIVWbuNSXUDPnmJyuMwzUmHdszswwHwYDVR0j
BBgwFoAUmaS2Rbzhpvp0bImj9uIoifjyCIwwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9CQTRFMjA1OTg2NzREQzlEQTgwRTE3NkQ4MzVBRDI3MTY4
QzZDQjgwMjg5RTY0RTIxQzE2MTVCMzVFNTdBMUMwLzAvOTlBNEI2NDVCQ0UxQTZG
QTc0NkM4OUEzRjZFMjI4ODlGOEYyMDg4Qy5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC85OUE0QjY0NUJDRTFBNkZBNzQ2
Qzg5QTNGNkUyMjg4OUY4RjIwODhDLmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQkE0RTIwNTk4Njc0REM5REE4MEUxNzZEODM1QUQyNzE2OEM2Q0I4MDI4
OUU2NEUyMUMxNjE1QjM1RTU3QTFDMC8wLzMyMzAzMDJlMzEzMjM0MmUzMTM3MzYy
ZTMwMmYzMjMxMmQzMjM0MjAzZDNlMjAzNTMyMzMzMTM0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDyHyw
MA0GCSqGSIb3DQEBCwUAA4IBAQBH0pSnHkBE9Y49gGu2I/xq+mYRuaS8eXLjjYFF
HchAQONpQb6Hcymr/1Lrv0LYxQ5uM+HL1i9z38Eubmki6JyMqFG9o7NBYi58swL8
QDvegjohWlvQ638lI5GtJ3FDAoSwylETSGjZI7oC/qnP5rIwRnjcUxrds+ZF0yQq
h62sdPUo1Cw9icRmtTT+DON2eECjvCFmGYefXx+6Lep695UdLLAhhb9cpfRObW2U
Qq94zd+tN+iN4FviEqGUjCDwGXKjGKzosSLrVxXbJbOBxTusOHNNdkWJus1hwWHA
/jd0n5Ge3uh4bLG2tI8FZd0uYMuSMKPufuKRiGr65D83mNLU
-----END CERTIFICATE-----