Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/C0628711B23CA72AF445EEAC587157FF997ED0A06D172B8A12CDDE399A05FE90/0/3230302e31362e31362e302f32302d3234203d3e203237373930.roa
File:                     3230302e31362e31362e302f32302d3234203d3e203237373930.roa (raw, json)
Hash identifier:          BHZFrSSk8DhLs+7FtR35L7X67opeX5LgCSmSizvdCEE=
Subject key identifier:   5A:0B:42:B7:A4:49:17:61:E5:4C:48:A2:6C:5D:28:3F:73:B9:99:D6
Certificate issuer:       /CN=9C0595683D0FFF0E900C6C19AF389CA806D73B88
Certificate serial:       4739526F3BEDC9B7991827BA2ECC16743EF85E3E
Authority key identifier: 9C:05:95:68:3D:0F:FF:0E:90:0C:6C:19:AF:38:9C:A8:06:D7:3B:88
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/9C0595683D0FFF0E900C6C19AF389CA806D73B88.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/C0628711B23CA72AF445EEAC587157FF997ED0A06D172B8A12CDDE399A05FE90/0/3230302e31362e31362e302f32302d3234203d3e203237373930.roa
Signing time:             Tue 04 Feb 2025 18:10:34 +0000
ROA not before:           Tue 04 Feb 2025 18:05:34 +0000
ROA not after:            Tue 03 Feb 2026 18:10:34 +0000
asID:                     27790
IP address blocks:        200.16.16.0/20 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            47:39:52:6f:3b:ed:c9:b7:99:18:27:ba:2e:cc:16:74:3e:f8:5e:3e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9C0595683D0FFF0E900C6C19AF389CA806D73B88
        Validity
            Not Before: Feb  4 18:05:34 2025 GMT
            Not After : Feb  3 18:10:34 2026 GMT
        Subject: CN=5A0B42B7A4491761E54C48A26C5D283F73B999D6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:56:46:c1:36:a4:70:a6:27:02:78:88:51:df:
                    7d:98:8c:63:52:e0:9c:63:6d:a3:89:01:90:c4:4d:
                    ac:8e:23:d8:6c:6c:ea:f1:a1:c0:4c:8e:6a:73:fb:
                    ef:ce:12:f4:73:b5:7e:00:d4:0d:ec:45:fe:77:4a:
                    75:b4:71:eb:2e:3f:5f:3a:64:53:c3:36:0c:cd:24:
                    ac:75:8c:89:22:de:e4:00:95:ad:b0:c8:a4:ff:09:
                    a6:18:4d:5b:9d:82:22:ad:55:9e:1c:60:ae:bc:a7:
                    20:6b:7a:1e:e1:26:bc:ee:9c:47:51:cc:4a:ae:81:
                    9d:9a:d4:9f:f6:14:ea:a9:c4:44:0a:b9:1e:d9:c6:
                    67:ed:a0:04:96:4f:ce:02:da:ac:7b:22:90:c1:c3:
                    6c:66:19:cd:71:cc:6d:84:b9:01:b1:98:b6:f2:90:
                    bb:a5:93:9a:80:a2:18:68:77:a9:5b:b1:7a:d4:08:
                    dd:a1:3f:9f:72:65:6f:74:c6:2a:43:1d:f5:20:ed:
                    51:eb:dd:9f:81:24:2c:02:97:81:66:0c:03:eb:c1:
                    2b:e6:de:f4:24:f2:d7:a9:b9:c1:95:06:25:81:0f:
                    40:39:21:8c:c9:cf:60:df:24:a7:4a:0c:7c:7b:84:
                    83:3e:a7:75:b8:32:77:87:92:e9:24:53:2d:de:27:
                    93:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5A:0B:42:B7:A4:49:17:61:E5:4C:48:A2:6C:5D:28:3F:73:B9:99:D6
            X509v3 Authority Key Identifier:
                keyid:9C:05:95:68:3D:0F:FF:0E:90:0C:6C:19:AF:38:9C:A8:06:D7:3B:88

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/C0628711B23CA72AF445EEAC587157FF997ED0A06D172B8A12CDDE399A05FE90/0/9C0595683D0FFF0E900C6C19AF389CA806D73B88.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/9C0595683D0FFF0E900C6C19AF389CA806D73B88.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/C0628711B23CA72AF445EEAC587157FF997ED0A06D172B8A12CDDE399A05FE90/0/3230302e31362e31362e302f32302d3234203d3e203237373930.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.16.16.0/20

    Signature Algorithm: sha256WithRSAEncryption
         8c:b6:55:d8:e9:9b:b7:f9:f6:74:8e:6b:92:76:4a:83:7f:f1:
         09:f7:e2:e4:51:9c:80:e7:60:bf:d8:1e:b5:03:af:85:c6:d3:
         0c:41:0e:88:2f:9e:30:09:9a:b2:6a:f3:0a:24:4b:72:56:75:
         d2:d0:f4:82:83:cb:08:c2:53:40:9b:46:52:60:06:e4:30:05:
         cb:41:d1:46:ae:f0:65:88:dc:e6:80:b1:ae:2d:61:cd:48:1c:
         40:c8:69:ac:e0:e1:f2:03:b1:eb:3a:2d:8a:74:8a:12:92:4f:
         3a:4e:fe:08:44:83:0d:71:fa:c3:a8:4a:26:72:fb:32:46:50:
         b2:b3:a8:31:9f:e4:a8:46:7a:c8:01:01:cf:ae:80:38:cc:fe:
         00:d4:49:f7:be:2d:bf:e8:77:9d:cd:b7:66:ad:d0:09:c4:ea:
         86:a8:cb:e5:7e:e7:aa:6e:ee:f6:18:ec:bd:d4:4f:91:82:c2:
         88:f2:e7:9a:c3:cb:ca:09:d6:c8:af:04:a8:71:d0:61:2f:01:
         67:f1:c2:66:85:f0:0d:b1:51:74:6f:77:e0:79:78:69:eb:61:
         0a:de:5a:44:fe:b4:70:1f:6f:71:b6:52:e6:08:e9:49:b3:d6:
         f1:65:a5:f6:02:16:9e:1f:c1:72:60:08:7b:aa:72:be:43:40:
         ea:a5:61:3e
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIURzlSbzvtybeZGCe6LswWdD74Xj4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOUMwNTk1NjgzRDBGRkYwRTkwMEM2QzE5QUYzODlDQTgw
NkQ3M0I4ODAeFw0yNTAyMDQxODA1MzRaFw0yNjAyMDMxODEwMzRaMDMxMTAvBgNV
BAMTKDVBMEI0MkI3QTQ0OTE3NjFFNTRDNDhBMjZDNUQyODNGNzNCOTk5RDYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDTVkbBNqRwpicCeIhR332YjGNS
4JxjbaOJAZDETayOI9hsbOrxocBMjmpz++/OEvRztX4A1A3sRf53SnW0cesuP186
ZFPDNgzNJKx1jIki3uQAla2wyKT/CaYYTVudgiKtVZ4cYK68pyBreh7hJrzunEdR
zEqugZ2a1J/2FOqpxEQKuR7ZxmftoASWT84C2qx7IpDBw2xmGc1xzG2EuQGxmLby
kLulk5qAohhod6lbsXrUCN2hP59yZW90xipDHfUg7VHr3Z+BJCwCl4FmDAPrwSvm
3vQk8tepucGVBiWBD0A5IYzJz2DfJKdKDHx7hIM+p3W4MneHkukkUy3eJ5OpAgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQUWgtCt6RJF2HlTEiibF0oP3O5mdYwHwYDVR0j
BBgwFoAUnAWVaD0P/w6QDGwZrzicqAbXO4gwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9DMDYyODcxMUIyM0NBNzJBRjQ0NUVFQUM1ODcxNTdGRjk5
N0VEMEEwNkQxNzJCOEExMkNEREUzOTlBMDVGRTkwLzAvOUMwNTk1NjgzRDBGRkYw
RTkwMEM2QzE5QUYzODlDQTgwNkQ3M0I4OC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC85QzA1OTU2ODNEMEZGRjBFOTAw
QzZDMTlBRjM4OUNBODA2RDczQjg4LmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQzA2Mjg3MTFCMjNDQTcyQUY0NDVFRUFDNTg3MTU3RkY5OTdFRDBBMDZE
MTcyQjhBMTJDRERFMzk5QTA1RkU5MC8wLzMyMzAzMDJlMzEzNjJlMzEzNjJlMzAy
ZjMyMzAyZDMyMzQyMDNkM2UyMDMyMzczNzM5MzAucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBATIEBAwDQYJ
KoZIhvcNAQELBQADggEBAIy2Vdjpm7f59nSOa5J2SoN/8Qn34uRRnIDnYL/YHrUD
r4XG0wxBDogvnjAJmrJq8wokS3JWddLQ9IKDywjCU0CbRlJgBuQwBctB0Uau8GWI
3OaAsa4tYc1IHEDIaazg4fIDses6LYp0ihKSTzpO/ghEgw1x+sOoSiZy+zJGULKz
qDGf5KhGesgBAc+ugDjM/gDUSfe+Lb/od53Nt2at0AnE6oaoy+V+56pu7vYY7L3U
T5GCwojy55rDy8oJ1sivBKhx0GEvAWfxwmaF8A2xUXRvd+B5eGnrYQreWkT+tHAf
b3G2UuYI6Umz1vFlpfYCFp4fwXJgCHuqcr5DQOqlYT4=
-----END CERTIFICATE-----