Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/C1382B1A4CCAB66DA618B1EF9AB4C63086EAAA18E7F0C95BD941803C46F5D567/0/3230312e3231362e3233302e302f32342d3234203d3e203230333231.roa
File:                     3230312e3231362e3233302e302f32342d3234203d3e203230333231.roa (raw, json)
Hash identifier:          8YMo6SUxZouwrvNeSJQ0O1RKvjCyTVtouTGEQtd+2uY=
Subject key identifier:   55:06:81:24:15:DC:EC:F8:BC:CF:FF:7A:D2:A8:8C:DA:5A:C7:C7:93
Certificate issuer:       /CN=171F14D5AEEC89F4AE4104C0F609DE277D1D3CD7
Certificate serial:       70352B5D083EB29A53D9F9B00A9E714DA44B35BC
Authority key identifier: 17:1F:14:D5:AE:EC:89:F4:AE:41:04:C0:F6:09:DE:27:7D:1D:3C:D7
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/171F14D5AEEC89F4AE4104C0F609DE277D1D3CD7.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/C1382B1A4CCAB66DA618B1EF9AB4C63086EAAA18E7F0C95BD941803C46F5D567/0/3230312e3231362e3233302e302f32342d3234203d3e203230333231.roa
Signing time:             Tue 04 Feb 2025 20:04:06 +0000
ROA not before:           Tue 04 Feb 2025 19:59:06 +0000
ROA not after:            Tue 03 Feb 2026 20:04:06 +0000
asID:                     20321
IP address blocks:        201.216.230.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            70:35:2b:5d:08:3e:b2:9a:53:d9:f9:b0:0a:9e:71:4d:a4:4b:35:bc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=171F14D5AEEC89F4AE4104C0F609DE277D1D3CD7
        Validity
            Not Before: Feb  4 19:59:06 2025 GMT
            Not After : Feb  3 20:04:06 2026 GMT
        Subject: CN=5506812415DCECF8BCCFFF7AD2A88CDA5AC7C793
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:db:f7:64:ba:88:70:fc:e2:64:87:d8:eb:ef:
                    c7:55:f2:6f:c4:ae:9f:3a:51:6d:7a:84:1a:bd:8d:
                    5c:43:64:7c:25:86:da:40:db:72:c4:2d:49:9a:ce:
                    0d:0c:96:09:ed:34:84:64:c8:33:a3:01:e7:d7:7e:
                    75:c7:c9:82:76:7c:82:36:d8:8f:e7:e1:a7:9d:a1:
                    57:b7:3c:b6:67:2d:0a:84:5e:ec:0d:cf:92:c0:7c:
                    2d:5b:0b:81:8f:06:95:f0:06:83:3b:84:95:aa:5a:
                    68:9f:4f:66:cc:03:95:54:af:82:df:a2:8b:31:bc:
                    d6:03:93:12:15:d1:70:ef:fd:e8:b1:f5:7e:3b:95:
                    44:59:8c:07:08:45:39:87:32:e3:f5:6e:89:fd:54:
                    60:3d:99:e7:33:ca:96:3a:ac:d0:09:11:10:e2:47:
                    86:d1:66:43:74:ef:77:09:93:82:67:7b:52:9a:b4:
                    cb:ba:6b:10:9d:8f:d0:c1:89:7f:cd:e5:5b:f1:1b:
                    56:5b:eb:8c:93:f5:7a:0d:37:e8:a2:e3:c8:17:5e:
                    5c:b0:07:6c:58:2a:9d:63:b4:7e:ca:ac:17:6d:9c:
                    1d:c6:aa:e2:f4:78:4a:a6:89:e2:d1:8b:d8:c5:87:
                    fe:b8:63:73:e4:73:73:ac:68:e0:52:32:32:2d:68:
                    5e:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                55:06:81:24:15:DC:EC:F8:BC:CF:FF:7A:D2:A8:8C:DA:5A:C7:C7:93
            X509v3 Authority Key Identifier:
                keyid:17:1F:14:D5:AE:EC:89:F4:AE:41:04:C0:F6:09:DE:27:7D:1D:3C:D7

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/C1382B1A4CCAB66DA618B1EF9AB4C63086EAAA18E7F0C95BD941803C46F5D567/0/171F14D5AEEC89F4AE4104C0F609DE277D1D3CD7.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/171F14D5AEEC89F4AE4104C0F609DE277D1D3CD7.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/C1382B1A4CCAB66DA618B1EF9AB4C63086EAAA18E7F0C95BD941803C46F5D567/0/3230312e3231362e3233302e302f32342d3234203d3e203230333231.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  201.216.230.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1c:65:d4:7f:f3:8a:93:e4:38:9f:23:de:be:bf:4b:c9:0c:5a:
         0b:08:30:61:76:f2:f5:43:78:19:b8:83:c3:05:99:da:e8:01:
         60:ac:fc:d9:93:1d:1e:b4:53:7e:1c:a8:16:25:8c:2c:47:09:
         f7:a7:8a:81:11:6b:61:c1:4a:6c:33:c4:64:7a:93:86:34:0b:
         b7:d7:21:7e:19:75:1e:b8:a4:7a:82:7a:ae:0a:cc:9a:f3:87:
         6f:66:1d:17:d8:c4:43:31:45:8e:c0:37:c7:40:5d:26:cd:68:
         ee:94:2d:f9:14:dd:a5:f9:3f:87:df:51:20:16:7b:33:11:eb:
         c7:2e:7e:85:93:7b:3e:3a:01:65:f3:1c:7d:37:d6:5b:a3:e2:
         b5:4b:0c:10:10:cc:bf:e1:ba:bd:f3:49:d9:d4:f2:4a:91:36:
         1c:57:b0:63:bb:ed:3d:94:13:f0:06:02:c1:f3:82:e5:a0:b9:
         76:e6:56:53:17:fe:5d:7b:08:12:ed:5b:27:d6:51:e5:dd:63:
         f8:4c:fd:12:d6:bc:18:49:3a:a1:f4:c0:41:1b:f9:1e:ab:46:
         e6:de:0a:af:6d:cd:9a:ea:1a:2b:6c:69:62:9c:01:bf:a5:c5:
         58:53:b3:db:7c:23:7d:e0:f1:01:a2:31:e7:aa:1e:b1:ef:84:
         45:1d:e6:04
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUcDUrXQg+sppT2fmwCp5xTaRLNbwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTcxRjE0RDVBRUVDODlGNEFFNDEwNEMwRjYwOURFMjc3
RDFEM0NENzAeFw0yNTAyMDQxOTU5MDZaFw0yNjAyMDMyMDA0MDZaMDMxMTAvBgNV
BAMTKDU1MDY4MTI0MTVEQ0VDRjhCQ0NGRkY3QUQyQTg4Q0RBNUFDN0M3OTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCh2/dkuohw/OJkh9jr78dV8m/E
rp86UW16hBq9jVxDZHwlhtpA23LELUmazg0MlgntNIRkyDOjAefXfnXHyYJ2fII2
2I/n4aedoVe3PLZnLQqEXuwNz5LAfC1bC4GPBpXwBoM7hJWqWmifT2bMA5VUr4Lf
oosxvNYDkxIV0XDv/eix9X47lURZjAcIRTmHMuP1bon9VGA9meczypY6rNAJERDi
R4bRZkN073cJk4Jne1KatMu6axCdj9DBiX/N5VvxG1Zb64yT9XoNN+ii48gXXlyw
B2xYKp1jtH7KrBdtnB3GquL0eEqmieLRi9jFh/64Y3Pkc3OsaOBSMjItaF69AgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUVQaBJBXc7Pi8z/960qiM2lrHx5MwHwYDVR0j
BBgwFoAUFx8U1a7sifSuQQTA9gneJ30dPNcwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9DMTM4MkIxQTRDQ0FCNjZEQTYxOEIxRUY5QUI0QzYzMDg2
RUFBQTE4RTdGMEM5NUJEOTQxODAzQzQ2RjVENTY3LzAvMTcxRjE0RDVBRUVDODlG
NEFFNDEwNEMwRjYwOURFMjc3RDFEM0NENy5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8xNzFGMTRENUFFRUM4OUY0QUU0
MTA0QzBGNjA5REUyNzdEMUQzQ0Q3LmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQzEzODJCMUE0Q0NBQjY2REE2MThCMUVGOUFCNEM2MzA4NkVBQUExOEU3
RjBDOTVCRDk0MTgwM0M0NkY1RDU2Ny8wLzMyMzAzMTJlMzIzMTM2MmUzMjMzMzAy
ZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzMzMjMxLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAydjm
MA0GCSqGSIb3DQEBCwUAA4IBAQAcZdR/84qT5DifI96+v0vJDFoLCDBhdvL1Q3gZ
uIPDBZna6AFgrPzZkx0etFN+HKgWJYwsRwn3p4qBEWthwUpsM8RkepOGNAu31yF+
GXUeuKR6gnquCsya84dvZh0X2MRDMUWOwDfHQF0mzWjulC35FN2l+T+H31EgFnsz
EevHLn6Fk3s+OgFl8xx9N9Zbo+K1SwwQEMy/4bq980nZ1PJKkTYcV7Bju+09lBPw
BgLB84LloLl25lZTF/5dewgS7Vsn1lHl3WP4TP0S1rwYSTqh9MBBG/keq0bm3gqv
bc2a6horbGlinAG/pcVYU7PbfCN94PEBojHnqh6x74RFHeYE
-----END CERTIFICATE-----