Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/C862C92FE79571CDCE834A609053002A1212C9B70796AFAD01C6193D7F0DAAAB/0/3230302e31312e36342e302f31392d3234203d3e203237363531.roa
File:                     3230302e31312e36342e302f31392d3234203d3e203237363531.roa (raw, json)
Hash identifier:          ovqlfNdikDlmX045AT21ONoSNJRXlVMZmnpn3bJJ0Qs=
Subject key identifier:   D2:B2:A5:8F:45:13:95:DC:E8:DA:6C:A8:4E:F6:2E:68:25:36:12:A0
Certificate issuer:       /CN=3FDB44D18BC16AB039C2B1B6BD3866AB29E122A7
Certificate serial:       5F387D05B86CE1032EC614C434A70BD48113E4C0
Authority key identifier: 3F:DB:44:D1:8B:C1:6A:B0:39:C2:B1:B6:BD:38:66:AB:29:E1:22:A7
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/3FDB44D18BC16AB039C2B1B6BD3866AB29E122A7.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/C862C92FE79571CDCE834A609053002A1212C9B70796AFAD01C6193D7F0DAAAB/0/3230302e31312e36342e302f31392d3234203d3e203237363531.roa
Signing time:             Tue 04 Feb 2025 19:56:34 +0000
ROA not before:           Tue 04 Feb 2025 19:51:34 +0000
ROA not after:            Tue 03 Feb 2026 19:56:34 +0000
asID:                     27651
IP address blocks:        200.11.64.0/19 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5f:38:7d:05:b8:6c:e1:03:2e:c6:14:c4:34:a7:0b:d4:81:13:e4:c0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3FDB44D18BC16AB039C2B1B6BD3866AB29E122A7
        Validity
            Not Before: Feb  4 19:51:34 2025 GMT
            Not After : Feb  3 19:56:34 2026 GMT
        Subject: CN=D2B2A58F451395DCE8DA6CA84EF62E68253612A0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:d8:a1:b5:1b:bb:be:15:b4:4d:0b:fe:be:d1:
                    98:3d:e1:64:37:a1:c6:56:e8:3c:65:c0:7d:9e:42:
                    08:eb:e1:cf:e9:df:15:b1:0f:8c:dd:a5:85:93:08:
                    83:10:29:ce:0d:c2:75:0c:a6:c8:78:11:1a:99:fd:
                    01:b5:25:17:40:b1:c4:57:a7:1f:1a:84:f1:6f:7d:
                    ec:d8:f1:e6:2c:8b:ea:60:c9:2c:86:7a:63:52:0d:
                    63:4f:bb:a6:96:45:d2:c0:dd:74:94:1e:32:e1:35:
                    c8:80:34:51:6b:e0:71:b1:95:f4:6c:2d:82:53:d6:
                    53:9e:7a:d7:bc:12:4f:7a:cc:ae:c2:24:b7:e8:28:
                    40:11:d5:b8:74:f8:61:69:9a:3c:24:79:3e:4d:30:
                    15:d9:08:26:24:25:95:1c:ba:60:16:fb:16:73:4d:
                    b7:36:65:1c:69:6f:d7:c8:47:3e:69:15:3c:5b:44:
                    c5:bc:fd:ef:9e:8d:54:7e:cf:ae:9e:53:5d:0c:0b:
                    4a:7b:83:01:7d:df:24:a5:e8:63:a0:b4:e2:8c:55:
                    97:ad:7d:5e:bb:1d:fe:35:03:43:1a:04:70:c5:f3:
                    7d:34:48:b9:b7:d4:47:28:e6:44:87:c0:66:d9:2d:
                    91:cb:ca:3e:83:87:91:37:f4:c5:33:13:a8:3d:2b:
                    83:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D2:B2:A5:8F:45:13:95:DC:E8:DA:6C:A8:4E:F6:2E:68:25:36:12:A0
            X509v3 Authority Key Identifier:
                keyid:3F:DB:44:D1:8B:C1:6A:B0:39:C2:B1:B6:BD:38:66:AB:29:E1:22:A7

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/C862C92FE79571CDCE834A609053002A1212C9B70796AFAD01C6193D7F0DAAAB/0/3FDB44D18BC16AB039C2B1B6BD3866AB29E122A7.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/3FDB44D18BC16AB039C2B1B6BD3866AB29E122A7.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/C862C92FE79571CDCE834A609053002A1212C9B70796AFAD01C6193D7F0DAAAB/0/3230302e31312e36342e302f31392d3234203d3e203237363531.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.11.64.0/19

    Signature Algorithm: sha256WithRSAEncryption
         6a:28:7f:42:b2:c2:e6:25:06:c4:80:13:27:60:bf:0d:b8:9c:
         86:27:9b:a5:8a:70:49:ee:45:db:ae:44:e0:ae:40:d0:58:d9:
         29:bd:74:26:5e:84:ba:fa:29:aa:7b:8f:90:1e:f5:28:e3:cb:
         56:62:a5:c0:a4:5d:d5:92:15:db:18:b8:f0:93:63:67:40:00:
         55:be:a2:65:b7:8f:63:6e:ba:91:53:7e:65:96:9a:c3:e9:11:
         46:9b:34:03:8e:e6:11:8c:c6:f8:3d:57:21:b0:16:29:bc:dd:
         8b:b3:ca:ea:0a:af:87:d2:9d:0b:d6:b4:92:cd:04:ae:ec:94:
         d9:1b:36:73:8d:61:e1:c2:5d:e6:7b:f2:1b:bb:65:0e:27:65:
         50:f3:0d:73:f1:62:0f:1b:e7:cb:8d:20:a5:dc:f8:a9:30:57:
         96:62:2d:91:f6:fa:b9:33:8f:2e:26:a7:3c:f8:9b:c4:39:e0:
         13:73:22:75:5d:fe:35:6b:9c:11:06:4e:96:cf:2a:58:c2:60:
         44:89:7b:12:5c:37:93:0a:4e:0d:bf:b9:27:5d:50:81:25:1b:
         65:f4:ad:cf:55:f6:c3:5f:b9:99:71:16:ae:87:dd:d1:84:f3:
         b3:95:95:91:85:1b:85:bd:c4:24:fc:85:90:c7:3c:69:05:dd:
         2c:da:62:ec
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIUXzh9Bbhs4QMuxhTENKcL1IET5MAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM0ZEQjQ0RDE4QkMxNkFCMDM5QzJCMUI2QkQzODY2QUIy
OUUxMjJBNzAeFw0yNTAyMDQxOTUxMzRaFw0yNjAyMDMxOTU2MzRaMDMxMTAvBgNV
BAMTKEQyQjJBNThGNDUxMzk1RENFOERBNkNBODRFRjYyRTY4MjUzNjEyQTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC12KG1G7u+FbRNC/6+0Zg94WQ3
ocZW6DxlwH2eQgjr4c/p3xWxD4zdpYWTCIMQKc4NwnUMpsh4ERqZ/QG1JRdAscRX
px8ahPFvfezY8eYsi+pgySyGemNSDWNPu6aWRdLA3XSUHjLhNciANFFr4HGxlfRs
LYJT1lOeete8Ek96zK7CJLfoKEAR1bh0+GFpmjwkeT5NMBXZCCYkJZUcumAW+xZz
Tbc2ZRxpb9fIRz5pFTxbRMW8/e+ejVR+z66eU10MC0p7gwF93ySl6GOgtOKMVZet
fV67Hf41A0MaBHDF8300SLm31Eco5kSHwGbZLZHLyj6Dh5E39MUzE6g9K4NNAgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQU0rKlj0UTldzo2myoTvYuaCU2EqAwHwYDVR0j
BBgwFoAUP9tE0YvBarA5wrG2vThmqynhIqcwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9DODYyQzkyRkU3OTU3MUNEQ0U4MzRBNjA5MDUzMDAyQTEy
MTJDOUI3MDc5NkFGQUQwMUM2MTkzRDdGMERBQUFCLzAvM0ZEQjQ0RDE4QkMxNkFC
MDM5QzJCMUI2QkQzODY2QUIyOUUxMjJBNy5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8zRkRCNDREMThCQzE2QUIwMzlD
MkIxQjZCRDM4NjZBQjI5RTEyMkE3LmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQzg2MkM5MkZFNzk1NzFDRENFODM0QTYwOTA1MzAwMkExMjEyQzlCNzA3
OTZBRkFEMDFDNjE5M0Q3RjBEQUFBQi8wLzMyMzAzMDJlMzEzMTJlMzYzNDJlMzAy
ZjMxMzkyZDMyMzQyMDNkM2UyMDMyMzczNjM1MzEucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAXIC0AwDQYJ
KoZIhvcNAQELBQADggEBAGoof0KywuYlBsSAEydgvw24nIYnm6WKcEnuRduuROCu
QNBY2Sm9dCZehLr6Kap7j5Ae9Sjjy1ZipcCkXdWSFdsYuPCTY2dAAFW+omW3j2Nu
upFTfmWWmsPpEUabNAOO5hGMxvg9VyGwFim83YuzyuoKr4fSnQvWtJLNBK7slNkb
NnONYeHCXeZ78hu7ZQ4nZVDzDXPxYg8b58uNIKXc+KkwV5ZiLZH2+rkzjy4mpzz4
m8Q54BNzInVd/jVrnBEGTpbPKljCYESJexJcN5MKTg2/uSddUIElG2X0rc9V9sNf
uZlxFq6H3dGE87OVlZGFG4W9xCT8hZDHPGkF3SzaYuw=
-----END CERTIFICATE-----