Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/C862C92FE79571CDCE834A609053002A1212C9B70796AFAD01C6193D7F0DAAAB/0/3230302e31312e36342e302f31392d3234203d3e2036343731.roa
File:                     3230302e31312e36342e302f31392d3234203d3e2036343731.roa (raw, json)
Hash identifier:          LPWf/SlAI2Ppi/EaiKNZt9KE7HpfgRDiz4ssCEQmPSM=
Subject key identifier:   70:D7:81:B2:43:7F:1E:EA:0E:05:10:52:FD:4D:B1:79:15:35:86:11
Certificate issuer:       /CN=3FDB44D18BC16AB039C2B1B6BD3866AB29E122A7
Certificate serial:       313B1056C321A14B4811CFC2A30668D734773D55
Authority key identifier: 3F:DB:44:D1:8B:C1:6A:B0:39:C2:B1:B6:BD:38:66:AB:29:E1:22:A7
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/3FDB44D18BC16AB039C2B1B6BD3866AB29E122A7.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/C862C92FE79571CDCE834A609053002A1212C9B70796AFAD01C6193D7F0DAAAB/0/3230302e31312e36342e302f31392d3234203d3e2036343731.roa
Signing time:             Tue 04 Feb 2025 19:56:32 +0000
ROA not before:           Tue 04 Feb 2025 19:51:32 +0000
ROA not after:            Tue 03 Feb 2026 19:56:32 +0000
asID:                     6471
IP address blocks:        200.11.64.0/19 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            31:3b:10:56:c3:21:a1:4b:48:11:cf:c2:a3:06:68:d7:34:77:3d:55
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3FDB44D18BC16AB039C2B1B6BD3866AB29E122A7
        Validity
            Not Before: Feb  4 19:51:32 2025 GMT
            Not After : Feb  3 19:56:32 2026 GMT
        Subject: CN=70D781B2437F1EEA0E051052FD4DB17915358611
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:c4:cd:29:77:a0:d5:bb:24:ca:f1:f3:55:a2:
                    11:99:ff:4d:17:1b:e2:57:01:46:9d:bf:7f:3e:f8:
                    86:b0:3e:c9:46:b6:7f:e5:d6:bb:5f:a3:7c:a6:06:
                    6c:c9:7f:10:05:82:7c:a0:b9:20:0d:6d:38:b0:6c:
                    00:cf:e2:bf:39:24:d5:97:a2:e8:dc:02:d6:d4:79:
                    fe:af:ca:4c:75:dc:aa:cd:65:30:b8:b6:8a:7a:de:
                    9d:0b:81:b5:3b:8c:c7:9a:34:70:18:ff:e0:f0:22:
                    76:a7:91:be:20:db:b3:92:76:83:3d:a0:28:fb:21:
                    f1:06:1e:e1:a6:a1:fb:8d:d4:9f:91:ee:83:c5:49:
                    cc:8a:a5:69:e4:33:20:69:71:bc:6b:a9:b4:6e:e5:
                    49:44:7a:67:c6:d5:e5:eb:8b:ff:99:8c:e5:d2:d3:
                    93:bb:0a:31:1b:14:75:7d:fc:40:38:3d:e4:59:85:
                    25:60:f0:c5:f7:34:a2:ee:25:e0:49:a9:c2:74:82:
                    84:d4:76:f5:b2:82:a5:de:be:be:4d:94:e1:35:fc:
                    c2:01:fb:3e:68:78:f2:29:f2:80:3e:2d:1f:7d:fa:
                    b3:6e:3b:26:85:18:83:a3:39:ce:1c:42:98:c6:16:
                    6b:8f:17:83:0d:a9:bf:31:a5:0f:de:27:a7:82:ae:
                    d8:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                70:D7:81:B2:43:7F:1E:EA:0E:05:10:52:FD:4D:B1:79:15:35:86:11
            X509v3 Authority Key Identifier:
                keyid:3F:DB:44:D1:8B:C1:6A:B0:39:C2:B1:B6:BD:38:66:AB:29:E1:22:A7

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/C862C92FE79571CDCE834A609053002A1212C9B70796AFAD01C6193D7F0DAAAB/0/3FDB44D18BC16AB039C2B1B6BD3866AB29E122A7.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/3FDB44D18BC16AB039C2B1B6BD3866AB29E122A7.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/C862C92FE79571CDCE834A609053002A1212C9B70796AFAD01C6193D7F0DAAAB/0/3230302e31312e36342e302f31392d3234203d3e2036343731.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.11.64.0/19

    Signature Algorithm: sha256WithRSAEncryption
         07:54:bb:fa:2c:c3:45:c6:9d:e7:57:61:17:eb:39:11:06:78:
         41:af:1f:9f:ae:ac:78:93:89:6a:3e:34:e6:f7:21:61:b3:a0:
         bd:31:ec:e2:6e:ad:19:0d:c2:30:6d:f7:2e:ff:49:53:b7:1c:
         3b:53:11:be:a3:9e:5d:bc:72:38:f2:4e:ca:30:06:5b:6b:1d:
         0d:46:02:12:f5:62:f7:70:19:8d:94:41:55:22:50:b6:56:e7:
         19:e5:2c:0b:19:dc:f8:65:45:44:f7:b5:dc:07:ee:3b:7b:2b:
         ed:9c:ea:e4:cb:5f:fa:84:5a:eb:58:e7:91:bf:7f:9d:10:12:
         05:02:6c:02:bd:d5:0c:a6:45:c8:8c:3e:62:07:29:55:20:1c:
         e1:d8:42:87:4f:01:cd:b3:f9:24:d5:0b:2c:10:3f:75:eb:dc:
         48:5e:12:bb:b8:ee:6d:45:cc:8d:e9:17:19:9b:38:32:0a:0f:
         07:99:bf:f1:65:d8:bd:3c:26:e3:e2:63:9e:d4:35:52:95:a8:
         75:66:11:ed:28:7e:0f:74:6b:23:b6:40:8d:4f:73:a6:bc:6e:
         9c:79:42:4f:0b:1b:4c:32:a0:81:7f:6f:45:32:4d:c4:a0:72:
         4d:c4:cc:20:9a:90:4b:1e:e1:a9:67:fe:d9:60:56:2b:dd:e7:
         16:b7:0b:56
-----BEGIN CERTIFICATE-----
MIIFujCCBKKgAwIBAgIUMTsQVsMhoUtIEc/CowZo1zR3PVUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM0ZEQjQ0RDE4QkMxNkFCMDM5QzJCMUI2QkQzODY2QUIy
OUUxMjJBNzAeFw0yNTAyMDQxOTUxMzJaFw0yNjAyMDMxOTU2MzJaMDMxMTAvBgNV
BAMTKDcwRDc4MUIyNDM3RjFFRUEwRTA1MTA1MkZENERCMTc5MTUzNTg2MTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQChxM0pd6DVuyTK8fNVohGZ/00X
G+JXAUadv38++IawPslGtn/l1rtfo3ymBmzJfxAFgnyguSANbTiwbADP4r85JNWX
oujcAtbUef6vykx13KrNZTC4top63p0LgbU7jMeaNHAY/+DwInankb4g27OSdoM9
oCj7IfEGHuGmofuN1J+R7oPFScyKpWnkMyBpcbxrqbRu5UlEemfG1eXri/+ZjOXS
05O7CjEbFHV9/EA4PeRZhSVg8MX3NKLuJeBJqcJ0goTUdvWygqXevr5NlOE1/MIB
+z5oePIp8oA+LR99+rNuOyaFGIOjOc4cQpjGFmuPF4MNqb8xpQ/eJ6eCrthVAgMB
AAGjggLEMIICwDAdBgNVHQ4EFgQUcNeBskN/HuoOBRBS/U2xeRU1hhEwHwYDVR0j
BBgwFoAUP9tE0YvBarA5wrG2vThmqynhIqcwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9DODYyQzkyRkU3OTU3MUNEQ0U4MzRBNjA5MDUzMDAyQTEy
MTJDOUI3MDc5NkFGQUQwMUM2MTkzRDdGMERBQUFCLzAvM0ZEQjQ0RDE4QkMxNkFC
MDM5QzJCMUI2QkQzODY2QUIyOUUxMjJBNy5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8zRkRCNDREMThCQzE2QUIwMzlD
MkIxQjZCRDM4NjZBQjI5RTEyMkE3LmNlcjCBwwYIKwYBBQUHAQsEgbYwgbMwgbAG
CCsGAQUFBzALhoGjcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQzg2MkM5MkZFNzk1NzFDRENFODM0QTYwOTA1MzAwMkExMjEyQzlCNzA3
OTZBRkFEMDFDNjE5M0Q3RjBEQUFBQi8wLzMyMzAzMDJlMzEzMTJlMzYzNDJlMzAy
ZjMxMzkyZDMyMzQyMDNkM2UyMDM2MzQzNzMxLnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFyAtAMA0GCSqG
SIb3DQEBCwUAA4IBAQAHVLv6LMNFxp3nV2EX6zkRBnhBrx+frqx4k4lqPjTm9yFh
s6C9Mezibq0ZDcIwbfcu/0lTtxw7UxG+o55dvHI48k7KMAZbax0NRgIS9WL3cBmN
lEFVIlC2VucZ5SwLGdz4ZUVE97XcB+47eyvtnOrky1/6hFrrWOeRv3+dEBIFAmwC
vdUMpkXIjD5iBylVIBzh2EKHTwHNs/kk1QssED9169xIXhK7uO5tRcyN6RcZmzgy
Cg8Hmb/xZdi9PCbj4mOe1DVSlah1ZhHtKH4PdGsjtkCNT3OmvG6ceUJPCxtMMqCB
f29FMk3EoHJNxMwgmpBLHuGpZ/7ZYFYr3ecWtwtW
-----END CERTIFICATE-----