Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/C862C92FE79571CDCE834A609053002A1212C9B70796AFAD01C6193D7F0DAAAB/0/3230302e372e31362e302f32302d3234203d3e2036343731.roa
File:                     3230302e372e31362e302f32302d3234203d3e2036343731.roa (raw, json)
Hash identifier:          ZjbfGOt6Tq0pS6iO5t4sCnt0PV85IO81YaTril3EBJo=
Subject key identifier:   60:74:EE:E6:2D:D0:F1:02:6B:04:E8:2C:B7:C2:AA:03:13:6E:3C:84
Certificate issuer:       /CN=3FDB44D18BC16AB039C2B1B6BD3866AB29E122A7
Certificate serial:       0320ABCA8D2846E64DF60D35BCE556D178FCC5FB
Authority key identifier: 3F:DB:44:D1:8B:C1:6A:B0:39:C2:B1:B6:BD:38:66:AB:29:E1:22:A7
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/3FDB44D18BC16AB039C2B1B6BD3866AB29E122A7.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/C862C92FE79571CDCE834A609053002A1212C9B70796AFAD01C6193D7F0DAAAB/0/3230302e372e31362e302f32302d3234203d3e2036343731.roa
Signing time:             Tue 04 Feb 2025 19:56:34 +0000
ROA not before:           Tue 04 Feb 2025 19:51:34 +0000
ROA not after:            Tue 03 Feb 2026 19:56:34 +0000
asID:                     6471
IP address blocks:        200.7.16.0/20 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            03:20:ab:ca:8d:28:46:e6:4d:f6:0d:35:bc:e5:56:d1:78:fc:c5:fb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3FDB44D18BC16AB039C2B1B6BD3866AB29E122A7
        Validity
            Not Before: Feb  4 19:51:34 2025 GMT
            Not After : Feb  3 19:56:34 2026 GMT
        Subject: CN=6074EEE62DD0F1026B04E82CB7C2AA03136E3C84
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:48:89:f1:da:b2:08:88:24:01:12:99:be:f5:
                    2c:11:f4:60:22:d3:2b:60:4e:8f:3d:5b:5b:f4:4d:
                    12:89:e7:26:d6:db:39:f1:5e:49:8e:bf:8e:b0:ff:
                    90:82:43:e9:0e:8e:f2:dc:0d:bd:d2:31:9e:6d:62:
                    d4:78:f3:79:af:07:d9:ee:7f:65:fb:0d:0c:6f:69:
                    39:75:31:73:76:c8:86:84:44:9b:c9:ef:5a:7a:03:
                    2d:d8:b1:ea:f4:ab:d3:87:5f:f0:39:47:a8:8d:9a:
                    3e:10:4c:1a:a1:85:64:92:71:c8:65:f9:9f:bf:ef:
                    a6:19:87:37:79:73:a9:ff:d6:1c:35:7e:e3:4a:11:
                    26:66:00:fc:55:6f:38:65:54:06:d6:52:71:72:ac:
                    6a:9b:7a:48:9d:54:e7:02:e5:58:a7:78:36:ce:c2:
                    c4:83:0a:e7:2c:d6:f1:2c:d5:29:dd:52:a6:c8:b7:
                    45:36:f7:19:4e:cb:ea:b5:a3:dd:df:51:16:a2:f2:
                    b4:06:5c:a7:c5:7f:10:b2:2d:f8:6b:fd:22:e7:67:
                    b7:6b:fc:35:70:48:34:3e:3d:ba:be:2d:98:5f:39:
                    91:af:ac:a8:60:3d:b9:92:23:35:50:a4:d6:18:42:
                    a5:b3:17:74:cb:41:24:5d:17:9b:5a:ec:87:18:9b:
                    51:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                60:74:EE:E6:2D:D0:F1:02:6B:04:E8:2C:B7:C2:AA:03:13:6E:3C:84
            X509v3 Authority Key Identifier:
                keyid:3F:DB:44:D1:8B:C1:6A:B0:39:C2:B1:B6:BD:38:66:AB:29:E1:22:A7

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/C862C92FE79571CDCE834A609053002A1212C9B70796AFAD01C6193D7F0DAAAB/0/3FDB44D18BC16AB039C2B1B6BD3866AB29E122A7.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/3FDB44D18BC16AB039C2B1B6BD3866AB29E122A7.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/C862C92FE79571CDCE834A609053002A1212C9B70796AFAD01C6193D7F0DAAAB/0/3230302e372e31362e302f32302d3234203d3e2036343731.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.7.16.0/20

    Signature Algorithm: sha256WithRSAEncryption
         8e:0e:d0:95:e5:a0:6d:0b:f0:59:4b:13:b7:15:f7:06:c1:8b:
         e2:2f:90:50:8a:87:e9:98:0e:27:99:01:97:ce:48:88:d1:11:
         df:89:dc:ff:d7:d2:29:f5:8a:05:65:f3:19:cf:df:8b:a2:7a:
         fe:d2:d0:5b:7c:e6:64:ca:f0:72:52:6e:41:36:dd:61:19:f7:
         e8:41:be:35:ec:a9:5f:37:e1:26:5a:1b:87:7f:7b:3c:ca:53:
         93:97:6b:f8:e6:1d:ce:03:f9:cf:f9:d9:78:d6:3f:4f:4f:fe:
         11:31:05:5a:99:cb:a9:0b:1b:61:e5:88:15:a7:29:87:db:44:
         f4:cb:26:bc:2e:fa:c7:19:fa:6b:d5:59:42:6e:d4:51:7b:a1:
         a9:13:bf:f2:63:31:1f:f7:d2:72:54:d9:5d:fa:de:3c:17:3e:
         3f:75:f1:67:24:7b:3a:4e:aa:e3:70:f9:f2:84:a2:9e:7a:15:
         de:ec:45:c8:56:6a:67:d1:54:e1:df:b9:8d:b1:13:58:cf:98:
         06:b7:0e:f9:12:31:4e:98:b9:73:1f:85:8b:dc:49:ce:02:b4:
         4e:34:35:b4:b9:5d:2f:ca:31:79:93:b8:8d:a4:c4:22:7b:ec:
         56:bc:1b:0f:8d:a5:19:15:6f:c6:57:c3:99:65:1d:fd:5e:3d:
         3c:ba:f3:11
-----BEGIN CERTIFICATE-----
MIIFuDCCBKCgAwIBAgIUAyCryo0oRuZN9g01vOVW0Xj8xfswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM0ZEQjQ0RDE4QkMxNkFCMDM5QzJCMUI2QkQzODY2QUIy
OUUxMjJBNzAeFw0yNTAyMDQxOTUxMzRaFw0yNjAyMDMxOTU2MzRaMDMxMTAvBgNV
BAMTKDYwNzRFRUU2MkREMEYxMDI2QjA0RTgyQ0I3QzJBQTAzMTM2RTNDODQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQChSInx2rIIiCQBEpm+9SwR9GAi
0ytgTo89W1v0TRKJ5ybW2znxXkmOv46w/5CCQ+kOjvLcDb3SMZ5tYtR483mvB9nu
f2X7DQxvaTl1MXN2yIaERJvJ71p6Ay3Yser0q9OHX/A5R6iNmj4QTBqhhWSScchl
+Z+/76YZhzd5c6n/1hw1fuNKESZmAPxVbzhlVAbWUnFyrGqbekidVOcC5VineDbO
wsSDCucs1vEs1SndUqbIt0U29xlOy+q1o93fURai8rQGXKfFfxCyLfhr/SLnZ7dr
/DVwSDQ+Pbq+LZhfOZGvrKhgPbmSIzVQpNYYQqWzF3TLQSRdF5ta7IcYm1FfAgMB
AAGjggLCMIICvjAdBgNVHQ4EFgQUYHTu5i3Q8QJrBOgst8KqAxNuPIQwHwYDVR0j
BBgwFoAUP9tE0YvBarA5wrG2vThmqynhIqcwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9DODYyQzkyRkU3OTU3MUNEQ0U4MzRBNjA5MDUzMDAyQTEy
MTJDOUI3MDc5NkFGQUQwMUM2MTkzRDdGMERBQUFCLzAvM0ZEQjQ0RDE4QkMxNkFC
MDM5QzJCMUI2QkQzODY2QUIyOUUxMjJBNy5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8zRkRCNDREMThCQzE2QUIwMzlD
MkIxQjZCRDM4NjZBQjI5RTEyMkE3LmNlcjCBwQYIKwYBBQUHAQsEgbQwgbEwga4G
CCsGAQUFBzALhoGhcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQzg2MkM5MkZFNzk1NzFDRENFODM0QTYwOTA1MzAwMkExMjEyQzlCNzA3
OTZBRkFEMDFDNjE5M0Q3RjBEQUFBQi8wLzMyMzAzMDJlMzcyZTMxMzYyZTMwMmYz
MjMwMmQzMjM0MjAzZDNlMjAzNjM0MzczMS5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBMgHEDANBgkqhkiG
9w0BAQsFAAOCAQEAjg7QleWgbQvwWUsTtxX3BsGL4i+QUIqH6ZgOJ5kBl85IiNER
34nc/9fSKfWKBWXzGc/fi6J6/tLQW3zmZMrwclJuQTbdYRn36EG+NeypXzfhJlob
h397PMpTk5dr+OYdzgP5z/nZeNY/T0/+ETEFWpnLqQsbYeWIFacph9tE9MsmvC76
xxn6a9VZQm7UUXuhqRO/8mMxH/fSclTZXfrePBc+P3XxZyR7Ok6q43D58oSinnoV
3uxFyFZqZ9FU4d+5jbETWM+YBrcO+RIxTpi5cx+Fi9xJzgK0TjQ1tLldL8oxeZO4
jaTEInvsVrwbD42lGRVvxlfDmWUd/V49PLrzEQ==
-----END CERTIFICATE-----