Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/C1382B1A4CCAB66DA618B1EF9AB4C63086EAAA18E7F0C95BD941803C46F5D567/0/3230302e36312e3138342e302f32342d3234203d3e203532333934.roa
File:                     3230302e36312e3138342e302f32342d3234203d3e203532333934.roa (raw, json)
Hash identifier:          AIebqISpmQWX6s8UG8XgGuiBj8vioUIdVqpVK8oWHXM=
Subject key identifier:   D9:C5:02:92:B8:92:04:39:DF:47:E7:97:CB:81:2F:30:F1:30:D3:A6
Certificate issuer:       /CN=171F14D5AEEC89F4AE4104C0F609DE277D1D3CD7
Certificate serial:       B4283D07218718631355DCA3669E7A20F7C60B
Authority key identifier: 17:1F:14:D5:AE:EC:89:F4:AE:41:04:C0:F6:09:DE:27:7D:1D:3C:D7
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/171F14D5AEEC89F4AE4104C0F609DE277D1D3CD7.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/C1382B1A4CCAB66DA618B1EF9AB4C63086EAAA18E7F0C95BD941803C46F5D567/0/3230302e36312e3138342e302f32342d3234203d3e203532333934.roa
Signing time:             Tue 04 Feb 2025 20:04:09 +0000
ROA not before:           Tue 04 Feb 2025 19:59:09 +0000
ROA not after:            Tue 03 Feb 2026 20:04:09 +0000
asID:                     52394
IP address blocks:        200.61.184.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            b4:28:3d:07:21:87:18:63:13:55:dc:a3:66:9e:7a:20:f7:c6:0b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=171F14D5AEEC89F4AE4104C0F609DE277D1D3CD7
        Validity
            Not Before: Feb  4 19:59:09 2025 GMT
            Not After : Feb  3 20:04:09 2026 GMT
        Subject: CN=D9C50292B8920439DF47E797CB812F30F130D3A6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:48:55:f6:4b:84:f3:20:48:e5:a5:d9:9f:aa:
                    ad:b2:84:6b:40:e5:bb:ae:35:86:fc:a5:c1:8d:7c:
                    2b:78:d4:bf:26:63:61:29:02:40:1c:f5:6a:16:f5:
                    da:64:d3:c1:20:2f:9d:0c:fc:d7:5f:80:35:5d:62:
                    bd:1f:d3:b8:7a:88:c5:ec:c8:f8:14:eb:cf:54:28:
                    87:be:b9:03:3c:de:88:f9:99:18:24:ee:c0:be:78:
                    fc:c7:8e:11:f4:24:96:ee:ac:ac:c0:42:1d:b7:b7:
                    db:06:2f:24:32:8e:c8:53:8c:40:38:ef:c9:f9:21:
                    14:89:a9:08:47:e7:e4:0e:db:f5:0e:ba:c4:c5:48:
                    24:90:93:f8:2b:ab:0c:ee:0d:85:fd:bd:c8:01:d3:
                    4b:9e:38:5d:98:4a:0d:55:27:0e:f9:9e:26:2f:dd:
                    00:2d:84:d1:12:67:f7:41:3d:74:77:d8:88:3b:ab:
                    f0:cb:3b:58:a5:21:1f:3d:04:e9:e3:1d:8b:9d:e4:
                    16:7e:cf:4f:ac:dc:fe:ee:1a:08:36:86:9d:4d:67:
                    5d:ea:c5:25:e2:74:5c:54:b5:b8:8c:5c:63:65:cc:
                    b6:56:f4:2c:9b:ee:1a:dc:31:75:c6:f4:ef:78:1e:
                    3d:ce:97:04:75:ef:23:f2:37:19:0c:08:1c:d9:1c:
                    d7:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D9:C5:02:92:B8:92:04:39:DF:47:E7:97:CB:81:2F:30:F1:30:D3:A6
            X509v3 Authority Key Identifier:
                keyid:17:1F:14:D5:AE:EC:89:F4:AE:41:04:C0:F6:09:DE:27:7D:1D:3C:D7

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/C1382B1A4CCAB66DA618B1EF9AB4C63086EAAA18E7F0C95BD941803C46F5D567/0/171F14D5AEEC89F4AE4104C0F609DE277D1D3CD7.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/171F14D5AEEC89F4AE4104C0F609DE277D1D3CD7.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/C1382B1A4CCAB66DA618B1EF9AB4C63086EAAA18E7F0C95BD941803C46F5D567/0/3230302e36312e3138342e302f32342d3234203d3e203532333934.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.61.184.0/24

    Signature Algorithm: sha256WithRSAEncryption
         62:8b:b5:93:f4:61:9d:9f:35:7a:3a:1e:9c:fb:89:12:dc:a8:
         6e:fe:40:11:10:d0:01:04:72:d4:a6:c9:45:67:aa:e2:52:89:
         60:cc:27:7c:d4:8c:a5:cc:b9:f7:cf:15:cf:d9:fa:e1:32:24:
         f9:e1:3a:05:e9:88:94:1f:54:fb:07:bc:86:7b:20:43:87:04:
         b5:ab:ff:dd:5a:2b:33:4f:8f:05:93:20:c0:bd:c5:b6:bb:0c:
         c9:e9:73:c4:86:dc:bc:34:57:f6:3f:06:e7:cc:1d:91:38:ab:
         bb:66:b9:d9:83:56:3e:c5:a6:5e:a9:9c:13:f6:e6:f3:6f:7e:
         b6:50:08:27:9e:56:5c:2e:b3:9b:62:d9:bd:d8:f7:40:d1:f4:
         04:0d:fb:2a:3c:d4:41:a9:fb:e0:a0:94:59:14:c4:ee:7b:73:
         d0:13:71:47:bd:22:a0:95:dc:22:da:7f:16:40:17:15:b6:6b:
         19:1e:af:4e:9a:5d:df:de:d1:af:b5:58:6a:1a:8e:85:ef:ec:
         45:6a:c7:8c:5e:84:e3:f0:e9:63:b5:70:85:29:1b:72:e8:dc:
         e2:46:09:95:65:49:7b:57:19:12:b5:86:3c:9e:ad:5d:c7:2f:
         8e:d5:a8:bf:db:51:f3:cd:a5:7c:ab:62:41:8f:54:6e:21:c3:
         b7:4e:fe:38
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUALQoPQchhxhjE1Xco2aeeiD3xgswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTcxRjE0RDVBRUVDODlGNEFFNDEwNEMwRjYwOURFMjc3
RDFEM0NENzAeFw0yNTAyMDQxOTU5MDlaFw0yNjAyMDMyMDA0MDlaMDMxMTAvBgNV
BAMTKEQ5QzUwMjkyQjg5MjA0MzlERjQ3RTc5N0NCODEyRjMwRjEzMEQzQTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDJSFX2S4TzIEjlpdmfqq2yhGtA
5buuNYb8pcGNfCt41L8mY2EpAkAc9WoW9dpk08EgL50M/NdfgDVdYr0f07h6iMXs
yPgU689UKIe+uQM83oj5mRgk7sC+ePzHjhH0JJburKzAQh23t9sGLyQyjshTjEA4
78n5IRSJqQhH5+QO2/UOusTFSCSQk/grqwzuDYX9vcgB00ueOF2YSg1VJw75niYv
3QAthNESZ/dBPXR32Ig7q/DLO1ilIR89BOnjHYud5BZ+z0+s3P7uGgg2hp1NZ13q
xSXidFxUtbiMXGNlzLZW9Cyb7hrcMXXG9O94Hj3OlwR17yPyNxkMCBzZHNfpAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQU2cUCkriSBDnfR+eXy4EvMPEw06YwHwYDVR0j
BBgwFoAUFx8U1a7sifSuQQTA9gneJ30dPNcwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9DMTM4MkIxQTRDQ0FCNjZEQTYxOEIxRUY5QUI0QzYzMDg2
RUFBQTE4RTdGMEM5NUJEOTQxODAzQzQ2RjVENTY3LzAvMTcxRjE0RDVBRUVDODlG
NEFFNDEwNEMwRjYwOURFMjc3RDFEM0NENy5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8xNzFGMTRENUFFRUM4OUY0QUU0
MTA0QzBGNjA5REUyNzdEMUQzQ0Q3LmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQzEzODJCMUE0Q0NBQjY2REE2MThCMUVGOUFCNEM2MzA4NkVBQUExOEU3
RjBDOTVCRDk0MTgwM0M0NkY1RDU2Ny8wLzMyMzAzMDJlMzYzMTJlMzEzODM0MmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzUzMjMzMzkzNC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMg9uDAN
BgkqhkiG9w0BAQsFAAOCAQEAYou1k/RhnZ81ejoenPuJEtyobv5AERDQAQRy1KbJ
RWeq4lKJYMwnfNSMpcy5988Vz9n64TIk+eE6BemIlB9U+we8hnsgQ4cEtav/3Vor
M0+PBZMgwL3FtrsMyelzxIbcvDRX9j8G58wdkTiru2a52YNWPsWmXqmcE/bm829+
tlAIJ55WXC6zm2LZvdj3QNH0BA37KjzUQan74KCUWRTE7ntz0BNxR70ioJXcItp/
FkAXFbZrGR6vTppd397Rr7VYahqOhe/sRWrHjF6E4/DpY7VwhSkbcujc4kYJlWVJ
e1cZErWGPJ6tXccvjtWov9tR882lfKtiQY9UbiHDt07+OA==
-----END CERTIFICATE-----