Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/CFC63211A8F9C6FF567972E914B866B7E4BD6F9E5612597420EE70B61A4C723F/0/3230302e33312e39362e302f31392d3234203d3e203139393035.roa
File:                     3230302e33312e39362e302f31392d3234203d3e203139393035.roa (raw, json)
Hash identifier:          2PspWGSPEV3EKz+R3Mb/jkg25zz8NTkw6PPLw7K+ZLs=
Subject key identifier:   F6:19:09:B9:76:43:87:20:CE:54:82:3C:FB:C6:0B:DD:1C:61:E8:3F
Certificate issuer:       /CN=2B1C1B7B81836005B455C4FF26DDAA1FB3A678E5
Certificate serial:       5F67B38791208F952895F7AA538B4E4D836B823B
Authority key identifier: 2B:1C:1B:7B:81:83:60:05:B4:55:C4:FF:26:DD:AA:1F:B3:A6:78:E5
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/2B1C1B7B81836005B455C4FF26DDAA1FB3A678E5.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/CFC63211A8F9C6FF567972E914B866B7E4BD6F9E5612597420EE70B61A4C723F/0/3230302e33312e39362e302f31392d3234203d3e203139393035.roa
Signing time:             Tue 04 Feb 2025 18:42:34 +0000
ROA not before:           Tue 04 Feb 2025 18:37:34 +0000
ROA not after:            Tue 03 Feb 2026 18:42:34 +0000
asID:                     19905
IP address blocks:        200.31.96.0/19 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5f:67:b3:87:91:20:8f:95:28:95:f7:aa:53:8b:4e:4d:83:6b:82:3b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2B1C1B7B81836005B455C4FF26DDAA1FB3A678E5
        Validity
            Not Before: Feb  4 18:37:34 2025 GMT
            Not After : Feb  3 18:42:34 2026 GMT
        Subject: CN=F61909B976438720CE54823CFBC60BDD1C61E83F
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:d1:0d:06:dc:51:13:0a:a0:c6:06:2a:b2:31:
                    af:a2:eb:4d:cb:4a:b8:48:72:9b:3c:9c:d3:03:7f:
                    1a:88:0f:c4:90:ad:5d:e4:c8:31:dd:52:be:b5:2a:
                    df:e5:04:6b:57:95:58:2f:82:11:bd:7b:7b:1c:82:
                    fa:a8:59:b5:3c:3a:79:f7:9f:16:67:74:67:6b:63:
                    f4:a6:14:6b:c0:b5:a9:e8:05:c9:4d:81:90:4f:8e:
                    d5:b8:df:45:70:e2:f3:65:71:db:f1:05:8c:6d:2e:
                    b7:e3:eb:e3:2a:95:2a:2c:a8:23:88:62:b1:8a:6c:
                    b0:a0:1b:8f:06:1f:00:65:db:10:37:43:3d:54:7a:
                    65:2b:22:c8:ed:9d:3f:7f:8d:6f:7a:49:79:bf:55:
                    3d:e3:56:0f:8a:a5:59:9f:b1:2a:db:95:4c:fc:12:
                    7a:df:12:a9:a7:30:5a:e6:4d:c6:6f:57:3e:3e:ed:
                    e6:2c:a2:a8:82:af:f1:e1:09:17:55:7f:55:12:59:
                    e4:72:62:5a:50:39:09:90:81:d1:07:18:1c:da:93:
                    bc:df:d7:51:fe:11:d6:3f:27:90:61:65:8f:fc:79:
                    f9:2e:71:4a:92:52:fa:e0:77:30:67:39:92:c5:7c:
                    54:8b:35:5e:2d:99:f2:f4:93:03:19:a1:b2:eb:9e:
                    8c:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F6:19:09:B9:76:43:87:20:CE:54:82:3C:FB:C6:0B:DD:1C:61:E8:3F
            X509v3 Authority Key Identifier:
                keyid:2B:1C:1B:7B:81:83:60:05:B4:55:C4:FF:26:DD:AA:1F:B3:A6:78:E5

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/CFC63211A8F9C6FF567972E914B866B7E4BD6F9E5612597420EE70B61A4C723F/0/2B1C1B7B81836005B455C4FF26DDAA1FB3A678E5.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/2B1C1B7B81836005B455C4FF26DDAA1FB3A678E5.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/CFC63211A8F9C6FF567972E914B866B7E4BD6F9E5612597420EE70B61A4C723F/0/3230302e33312e39362e302f31392d3234203d3e203139393035.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.31.96.0/19

    Signature Algorithm: sha256WithRSAEncryption
         79:a0:02:f6:84:ec:29:9b:c8:8f:31:26:cb:17:a5:5e:51:13:
         91:a5:ff:9f:52:84:e4:4a:65:cb:bf:33:4f:04:ab:05:9a:bc:
         28:bf:1b:59:98:5f:a2:06:31:8b:b6:c7:cc:6e:27:d9:fb:8c:
         e4:3e:cb:1d:a6:de:5e:c4:fa:97:3d:56:ec:db:98:2b:04:87:
         50:36:64:e3:66:c0:6c:53:d0:93:fb:0e:06:86:fc:45:3c:f7:
         73:bc:b7:ba:a7:ac:63:71:c8:14:72:c3:62:4e:1e:4b:f8:e7:
         cc:ef:10:72:75:f1:4b:ab:b9:df:4b:16:a1:bc:5b:50:dd:be:
         d5:57:bf:f3:3b:1e:26:bf:4e:9b:9e:3d:60:ac:82:35:cb:aa:
         b2:94:74:b5:42:84:b7:3d:69:f7:53:03:b6:27:c7:55:e4:d7:
         2c:9d:fe:4d:24:6c:d8:06:ec:c4:d7:3b:b5:74:9e:1d:4d:9d:
         17:43:da:59:ec:7f:e9:f9:97:0a:bf:dd:db:62:59:8e:5a:75:
         6c:7a:a6:e7:c9:47:4a:f5:47:58:0d:62:79:4c:64:40:2b:fb:
         36:9a:0b:66:4e:64:10:e2:e7:d8:87:aa:c1:b6:61:67:95:b5:
         61:88:ec:1b:29:87:ed:0d:d2:f1:c6:f3:f9:4a:be:e0:cf:99:
         a5:d8:c7:a7
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIUX2ezh5Egj5UolfeqU4tOTYNrgjswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMkIxQzFCN0I4MTgzNjAwNUI0NTVDNEZGMjZEREFBMUZC
M0E2NzhFNTAeFw0yNTAyMDQxODM3MzRaFw0yNjAyMDMxODQyMzRaMDMxMTAvBgNV
BAMTKEY2MTkwOUI5NzY0Mzg3MjBDRTU0ODIzQ0ZCQzYwQkREMUM2MUU4M0YwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCg0Q0G3FETCqDGBiqyMa+i603L
SrhIcps8nNMDfxqID8SQrV3kyDHdUr61Kt/lBGtXlVgvghG9e3scgvqoWbU8Onn3
nxZndGdrY/SmFGvAtanoBclNgZBPjtW430Vw4vNlcdvxBYxtLrfj6+MqlSosqCOI
YrGKbLCgG48GHwBl2xA3Qz1UemUrIsjtnT9/jW96SXm/VT3jVg+KpVmfsSrblUz8
EnrfEqmnMFrmTcZvVz4+7eYsoqiCr/HhCRdVf1USWeRyYlpQOQmQgdEHGBzak7zf
11H+EdY/J5BhZY/8efkucUqSUvrgdzBnOZLFfFSLNV4tmfL0kwMZobLrnox7AgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQU9hkJuXZDhyDOVII8+8YL3Rxh6D8wHwYDVR0j
BBgwFoAUKxwbe4GDYAW0VcT/Jt2qH7OmeOUwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9DRkM2MzIxMUE4RjlDNkZGNTY3OTcyRTkxNEI4NjZCN0U0
QkQ2RjlFNTYxMjU5NzQyMEVFNzBCNjFBNEM3MjNGLzAvMkIxQzFCN0I4MTgzNjAw
NUI0NTVDNEZGMjZEREFBMUZCM0E2NzhFNS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8yQjFDMUI3QjgxODM2MDA1QjQ1
NUM0RkYyNkREQUExRkIzQTY3OEU1LmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQ0ZDNjMyMTFBOEY5QzZGRjU2Nzk3MkU5MTRCODY2QjdFNEJENkY5RTU2
MTI1OTc0MjBFRTcwQjYxQTRDNzIzRi8wLzMyMzAzMDJlMzMzMTJlMzkzNjJlMzAy
ZjMxMzkyZDMyMzQyMDNkM2UyMDMxMzkzOTMwMzUucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAXIH2AwDQYJ
KoZIhvcNAQELBQADggEBAHmgAvaE7CmbyI8xJssXpV5RE5Gl/59ShORKZcu/M08E
qwWavCi/G1mYX6IGMYu2x8xuJ9n7jOQ+yx2m3l7E+pc9VuzbmCsEh1A2ZONmwGxT
0JP7DgaG/EU893O8t7qnrGNxyBRyw2JOHkv458zvEHJ18Uurud9LFqG8W1DdvtVX
v/M7Hia/TpuePWCsgjXLqrKUdLVChLc9afdTA7Ynx1Xk1yyd/k0kbNgG7MTXO7V0
nh1NnRdD2lnsf+n5lwq/3dtiWY5adWx6pufJR0r1R1gNYnlMZEAr+zaaC2ZOZBDi
59iHqsG2YWeVtWGI7Bsph+0N0vHG8/lKvuDPmaXYx6c=
-----END CERTIFICATE-----