Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/C862C92FE79571CDCE834A609053002A1212C9B70796AFAD01C6193D7F0DAAAB/0/3230302e3131312e302e302f31362d3234203d3e203237363531.roa
File:                     3230302e3131312e302e302f31362d3234203d3e203237363531.roa (raw, json)
Hash identifier:          IrQ0o/jV11TArVnJq3RPhbmcA/oOpI8eVv7fShosmCY=
Subject key identifier:   F0:4D:CE:07:A5:42:B4:22:B2:EA:3E:D2:2E:54:15:39:6F:44:A6:75
Certificate issuer:       /CN=3FDB44D18BC16AB039C2B1B6BD3866AB29E122A7
Certificate serial:       20C7AE562A297E365B8FE9C74318F2DEBC8826E2
Authority key identifier: 3F:DB:44:D1:8B:C1:6A:B0:39:C2:B1:B6:BD:38:66:AB:29:E1:22:A7
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/3FDB44D18BC16AB039C2B1B6BD3866AB29E122A7.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/C862C92FE79571CDCE834A609053002A1212C9B70796AFAD01C6193D7F0DAAAB/0/3230302e3131312e302e302f31362d3234203d3e203237363531.roa
Signing time:             Tue 04 Feb 2025 19:56:30 +0000
ROA not before:           Tue 04 Feb 2025 19:51:30 +0000
ROA not after:            Tue 03 Feb 2026 19:56:30 +0000
asID:                     27651
IP address blocks:        200.111.0.0/16 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            20:c7:ae:56:2a:29:7e:36:5b:8f:e9:c7:43:18:f2:de:bc:88:26:e2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3FDB44D18BC16AB039C2B1B6BD3866AB29E122A7
        Validity
            Not Before: Feb  4 19:51:30 2025 GMT
            Not After : Feb  3 19:56:30 2026 GMT
        Subject: CN=F04DCE07A542B422B2EA3ED22E5415396F44A675
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:45:6e:ab:21:a5:6b:b6:76:16:9c:fa:e2:f5:
                    c0:8e:98:ea:0d:b1:e2:d5:38:58:68:f2:d9:df:4a:
                    e8:a6:cc:d8:77:7f:2b:3c:88:9e:88:73:c9:b3:c2:
                    6f:f8:4c:34:f0:65:e8:28:4c:ae:58:51:73:ed:0b:
                    b0:93:5e:48:c6:2f:ab:2b:70:1a:1e:fb:85:5b:79:
                    d7:8d:80:da:e7:d2:f3:1a:d9:bd:65:3e:25:e4:ba:
                    55:46:d5:79:26:f3:26:12:be:85:91:ed:52:b0:4d:
                    2d:2e:cf:a0:e4:90:0c:29:e2:3e:09:e6:41:65:ca:
                    2f:ae:ac:de:01:75:d9:23:3b:50:a9:81:07:ed:f8:
                    d8:0f:79:23:89:64:fa:6d:5f:fc:c9:60:ac:62:02:
                    5b:06:7e:82:6e:ff:dc:72:2d:b4:13:61:9a:ed:a2:
                    50:fc:87:00:f6:89:88:17:36:19:9b:2d:0c:05:3f:
                    b8:5f:7c:3c:9e:83:60:b7:f0:c4:f7:c8:bf:f4:05:
                    85:34:4b:3b:28:43:71:8c:f4:f3:56:95:2c:2b:25:
                    19:8f:93:88:b6:58:97:05:0c:e1:42:a6:5d:df:99:
                    d6:d9:55:95:bb:64:3c:50:a9:0d:a1:f4:07:2b:e0:
                    31:48:e3:f2:0b:82:2b:d0:d1:b7:8e:75:bc:5a:04:
                    b1:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F0:4D:CE:07:A5:42:B4:22:B2:EA:3E:D2:2E:54:15:39:6F:44:A6:75
            X509v3 Authority Key Identifier:
                keyid:3F:DB:44:D1:8B:C1:6A:B0:39:C2:B1:B6:BD:38:66:AB:29:E1:22:A7

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/C862C92FE79571CDCE834A609053002A1212C9B70796AFAD01C6193D7F0DAAAB/0/3FDB44D18BC16AB039C2B1B6BD3866AB29E122A7.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/3FDB44D18BC16AB039C2B1B6BD3866AB29E122A7.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/C862C92FE79571CDCE834A609053002A1212C9B70796AFAD01C6193D7F0DAAAB/0/3230302e3131312e302e302f31362d3234203d3e203237363531.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.111.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         3d:2f:98:74:21:58:8a:46:44:d3:2a:44:27:6d:1f:78:5c:f8:
         b8:16:f5:0e:87:59:26:f4:83:b3:f3:76:e5:0b:af:07:5e:33:
         79:af:37:d1:df:2d:71:f4:7b:e9:3b:25:bd:63:1b:80:fa:3f:
         eb:45:f3:63:b6:fd:92:88:1d:c2:02:4d:ee:34:f0:ca:b2:0f:
         ca:f9:30:82:88:00:1e:56:0f:45:58:f1:6d:98:6e:91:3f:f2:
         9a:d2:a8:39:58:86:eb:ad:33:c6:a3:e1:6a:6a:63:41:89:c1:
         25:05:2d:dc:c3:5e:cb:e3:ac:3b:2a:17:eb:14:b5:2b:ce:8e:
         78:67:d3:06:c0:6a:85:ce:5d:a0:2a:51:3a:a0:09:63:8e:5e:
         a8:eb:17:68:fe:c5:8b:e7:60:c7:e4:a9:7e:ee:bc:d6:8a:93:
         a9:fd:83:29:35:8b:65:c3:5d:5b:c2:b3:47:c6:6c:38:b9:02:
         82:07:c3:65:73:2b:3c:d3:46:71:6b:be:f8:dd:f1:b6:7f:55:
         d4:ce:ee:2a:0c:8b:b1:19:98:9e:0d:08:66:89:c4:0f:77:ea:
         67:a5:86:f2:7d:e1:41:12:2f:00:09:30:16:33:0c:c2:a2:25:
         c7:ae:4c:96:45:08:8b:ce:e7:d0:7f:69:c6:5b:5d:b8:9f:96:
         0b:86:fb:38
-----BEGIN CERTIFICATE-----
MIIFuzCCBKOgAwIBAgIUIMeuViopfjZbj+nHQxjy3ryIJuIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM0ZEQjQ0RDE4QkMxNkFCMDM5QzJCMUI2QkQzODY2QUIy
OUUxMjJBNzAeFw0yNTAyMDQxOTUxMzBaFw0yNjAyMDMxOTU2MzBaMDMxMTAvBgNV
BAMTKEYwNERDRTA3QTU0MkI0MjJCMkVBM0VEMjJFNTQxNTM5NkY0NEE2NzUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4RW6rIaVrtnYWnPri9cCOmOoN
seLVOFho8tnfSuimzNh3fys8iJ6Ic8mzwm/4TDTwZegoTK5YUXPtC7CTXkjGL6sr
cBoe+4VbedeNgNrn0vMa2b1lPiXkulVG1Xkm8yYSvoWR7VKwTS0uz6DkkAwp4j4J
5kFlyi+urN4BddkjO1CpgQft+NgPeSOJZPptX/zJYKxiAlsGfoJu/9xyLbQTYZrt
olD8hwD2iYgXNhmbLQwFP7hffDyeg2C38MT3yL/0BYU0SzsoQ3GM9PNWlSwrJRmP
k4i2WJcFDOFCpl3fmdbZVZW7ZDxQqQ2h9Acr4DFI4/ILgivQ0beOdbxaBLEfAgMB
AAGjggLFMIICwTAdBgNVHQ4EFgQU8E3OB6VCtCKy6j7SLlQVOW9EpnUwHwYDVR0j
BBgwFoAUP9tE0YvBarA5wrG2vThmqynhIqcwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9DODYyQzkyRkU3OTU3MUNEQ0U4MzRBNjA5MDUzMDAyQTEy
MTJDOUI3MDc5NkFGQUQwMUM2MTkzRDdGMERBQUFCLzAvM0ZEQjQ0RDE4QkMxNkFC
MDM5QzJCMUI2QkQzODY2QUIyOUUxMjJBNy5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8zRkRCNDREMThCQzE2QUIwMzlD
MkIxQjZCRDM4NjZBQjI5RTEyMkE3LmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQzg2MkM5MkZFNzk1NzFDRENFODM0QTYwOTA1MzAwMkExMjEyQzlCNzA3
OTZBRkFEMDFDNjE5M0Q3RjBEQUFBQi8wLzMyMzAzMDJlMzEzMTMxMmUzMDJlMzAy
ZjMxMzYyZDMyMzQyMDNkM2UyMDMyMzczNjM1MzEucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUDAwDIbzANBgkq
hkiG9w0BAQsFAAOCAQEAPS+YdCFYikZE0ypEJ20feFz4uBb1DodZJvSDs/N25Quv
B14zea830d8tcfR76TslvWMbgPo/60XzY7b9kogdwgJN7jTwyrIPyvkwgogAHlYP
RVjxbZhukT/ymtKoOViG660zxqPhampjQYnBJQUt3MNey+OsOyoX6xS1K86OeGfT
BsBqhc5doCpROqAJY45eqOsXaP7Fi+dgx+Spfu681oqTqf2DKTWLZcNdW8KzR8Zs
OLkCggfDZXMrPNNGcWu++N3xtn9V1M7uKgyLsRmYng0IZonED3fqZ6WG8n3hQRIv
AAkwFjMMwqIlx65MlkUIi87n0H9pxltduJ+WC4b7OA==
-----END CERTIFICATE-----