Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/D0EB6D95615E36DCAD35164A699109792C3FCD3F861B8C7D1A60106AD33FFFE2/0/3230302e37372e3134342e302f32312d3232203d3e203237363732.roa
File:                     3230302e37372e3134342e302f32312d3232203d3e203237363732.roa (raw, json)
Hash identifier:          YvclnFa+5Gv67GYs/V0raKOjRNBCEqZ3jOxiKsb3h8s=
Subject key identifier:   C6:E0:C8:32:CE:EE:A1:F1:14:97:A2:2B:7A:63:5C:48:1A:ED:67:AD
Certificate issuer:       /CN=E9771B2D309B05BB8C2F0EA36FF17501E242A19E
Certificate serial:       68BF683DE16286587FF09CB0C32CD35C16F98D83
Authority key identifier: E9:77:1B:2D:30:9B:05:BB:8C:2F:0E:A3:6F:F1:75:01:E2:42:A1:9E
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/E9771B2D309B05BB8C2F0EA36FF17501E242A19E.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/D0EB6D95615E36DCAD35164A699109792C3FCD3F861B8C7D1A60106AD33FFFE2/0/3230302e37372e3134342e302f32312d3232203d3e203237363732.roa
Signing time:             Tue 13 Aug 2024 16:40:06 +0000
ROA not before:           Tue 13 Aug 2024 16:35:06 +0000
ROA not after:            Tue 12 Aug 2025 16:40:06 +0000
asID:                     27672
IP address blocks:        200.77.144.0/21 maxlen: 22
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            68:bf:68:3d:e1:62:86:58:7f:f0:9c:b0:c3:2c:d3:5c:16:f9:8d:83
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=E9771B2D309B05BB8C2F0EA36FF17501E242A19E
        Validity
            Not Before: Aug 13 16:35:06 2024 GMT
            Not After : Aug 12 16:40:06 2025 GMT
        Subject: CN=C6E0C832CEEEA1F11497A22B7A635C481AED67AD
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:32:b2:cf:88:f6:59:15:ad:8d:8f:3f:31:ff:
                    f3:4b:55:6c:e5:64:66:98:aa:70:82:d5:f7:66:26:
                    d9:12:fb:b5:24:4c:1d:1b:5a:61:55:54:5e:d0:3a:
                    d9:c2:e0:79:30:f3:45:21:f5:3c:71:5a:12:11:57:
                    d4:1f:de:88:a7:06:99:aa:7b:c1:c2:7b:f7:c9:5f:
                    e0:c4:86:63:21:53:50:ad:a0:43:74:84:05:51:30:
                    b0:e6:1f:5b:74:d5:ee:0c:37:9b:1a:8f:c9:23:a6:
                    5b:9d:66:e3:63:1b:ed:82:ae:f1:67:18:26:46:2b:
                    0c:16:ea:d1:72:46:19:fe:77:20:2c:86:3e:67:d6:
                    7f:ca:9e:d3:1c:f8:64:9a:cf:e4:70:ec:d6:d8:5e:
                    5e:f6:3e:d1:03:79:6a:d9:fc:1e:5c:7c:68:93:16:
                    7a:94:19:2e:ab:fc:f4:d6:3b:75:7b:2b:de:26:4e:
                    f8:ee:f7:de:20:3c:8f:40:1c:ae:07:54:e4:fd:55:
                    f3:0f:01:4b:fb:ea:60:7b:93:cb:58:00:d2:df:ad:
                    19:9b:ed:9c:ba:a8:6a:74:fb:40:6b:ae:18:de:37:
                    b2:1b:d1:76:56:71:a3:5b:68:3c:1a:c7:3b:b6:44:
                    9f:b4:85:ef:33:bf:00:c0:5e:88:52:b9:6a:17:8d:
                    7e:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C6:E0:C8:32:CE:EE:A1:F1:14:97:A2:2B:7A:63:5C:48:1A:ED:67:AD
            X509v3 Authority Key Identifier:
                keyid:E9:77:1B:2D:30:9B:05:BB:8C:2F:0E:A3:6F:F1:75:01:E2:42:A1:9E

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/D0EB6D95615E36DCAD35164A699109792C3FCD3F861B8C7D1A60106AD33FFFE2/0/E9771B2D309B05BB8C2F0EA36FF17501E242A19E.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/E9771B2D309B05BB8C2F0EA36FF17501E242A19E.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/D0EB6D95615E36DCAD35164A699109792C3FCD3F861B8C7D1A60106AD33FFFE2/0/3230302e37372e3134342e302f32312d3232203d3e203237363732.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.77.144.0/21

    Signature Algorithm: sha256WithRSAEncryption
         55:8d:85:c4:34:b3:3b:50:29:60:fa:33:9f:60:3e:5c:61:85:
         3e:6c:35:29:4b:ad:2c:cd:60:34:c9:3f:cb:c7:fe:9a:d1:a2:
         a1:d5:c8:42:93:97:c9:f4:7c:b8:57:e2:b5:a6:b9:74:2d:af:
         a9:d6:92:12:3f:85:b0:3b:93:a9:a4:2c:07:9b:d7:92:01:1a:
         ff:4d:b4:e9:54:e9:61:5b:50:bf:35:00:ac:8b:76:e9:d1:4a:
         e4:ca:98:4b:98:f5:66:3e:fa:d1:bd:36:1c:5e:3d:e5:31:8a:
         55:54:24:0d:62:a2:08:37:a1:cd:72:e0:4b:bc:b9:a4:a2:32:
         62:52:0a:8c:0d:0e:6d:5e:dd:c6:c4:6e:93:2a:19:e7:b0:04:
         ef:44:de:3d:6a:21:09:b5:64:d4:51:3c:c6:9d:cd:29:43:66:
         95:6f:c1:f4:9c:5a:c4:fa:c5:72:0e:17:0f:fb:41:24:65:e8:
         37:63:c0:20:e5:99:11:7d:4a:cb:02:94:6a:20:78:19:e7:28:
         62:87:54:a8:14:21:e3:d8:e1:01:68:4b:3f:e4:fa:a6:42:43:
         6d:33:55:0f:d4:73:70:65:bd:17:47:63:e9:6f:3f:48:4b:c0:
         d7:20:17:70:b5:5c:d7:1f:b7:a2:1a:c9:3c:4a:e1:ad:7f:f0:
         f8:7e:c0:50
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUaL9oPeFihlh/8JywwyzTXBb5jYMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRTk3NzFCMkQzMDlCMDVCQjhDMkYwRUEzNkZGMTc1MDFF
MjQyQTE5RTAeFw0yNDA4MTMxNjM1MDZaFw0yNTA4MTIxNjQwMDZaMDMxMTAvBgNV
BAMTKEM2RTBDODMyQ0VFRUExRjExNDk3QTIyQjdBNjM1QzQ4MUFFRDY3QUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/MrLPiPZZFa2Njz8x//NLVWzl
ZGaYqnCC1fdmJtkS+7UkTB0bWmFVVF7QOtnC4Hkw80Uh9TxxWhIRV9Qf3oinBpmq
e8HCe/fJX+DEhmMhU1CtoEN0hAVRMLDmH1t01e4MN5saj8kjpludZuNjG+2CrvFn
GCZGKwwW6tFyRhn+dyAshj5n1n/KntMc+GSaz+Rw7NbYXl72PtEDeWrZ/B5cfGiT
FnqUGS6r/PTWO3V7K94mTvju994gPI9AHK4HVOT9VfMPAUv76mB7k8tYANLfrRmb
7Zy6qGp0+0BrrhjeN7Ib0XZWcaNbaDwaxzu2RJ+0he8zvwDAXohSuWoXjX6jAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUxuDIMs7uofEUl6IremNcSBrtZ60wHwYDVR0j
BBgwFoAU6XcbLTCbBbuMLw6jb/F1AeJCoZ4wDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9EMEVCNkQ5NTYxNUUzNkRDQUQzNTE2NEE2OTkxMDk3OTJD
M0ZDRDNGODYxQjhDN0QxQTYwMTA2QUQzM0ZGRkUyLzAvRTk3NzFCMkQzMDlCMDVC
QjhDMkYwRUEzNkZGMTc1MDFFMjQyQTE5RS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9FOTc3MUIyRDMwOUIwNUJCOEMy
RjBFQTM2RkYxNzUwMUUyNDJBMTlFLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvRDBFQjZEOTU2MTVFMzZEQ0FEMzUxNjRBNjk5MTA5NzkyQzNGQ0QzRjg2
MUI4QzdEMUE2MDEwNkFEMzNGRkZFMi8wLzMyMzAzMDJlMzczNzJlMzEzNDM0MmUz
MDJmMzIzMTJkMzIzMjIwM2QzZTIwMzIzNzM2MzczMi5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA8hNkDAN
BgkqhkiG9w0BAQsFAAOCAQEAVY2FxDSzO1ApYPozn2A+XGGFPmw1KUutLM1gNMk/
y8f+mtGiodXIQpOXyfR8uFfitaa5dC2vqdaSEj+FsDuTqaQsB5vXkgEa/0206VTp
YVtQvzUArIt26dFK5MqYS5j1Zj760b02HF495TGKVVQkDWKiCDehzXLgS7y5pKIy
YlIKjA0ObV7dxsRukyoZ57AE70TePWohCbVk1FE8xp3NKUNmlW/B9JxaxPrFcg4X
D/tBJGXoN2PAIOWZEX1KywKUaiB4GecoYodUqBQh49jhAWhLP+T6pkJDbTNVD9Rz
cGW9F0dj6W8/SEvA1yAXcLVc1x+3ohrJPErhrX/w+H7AUA==
-----END CERTIFICATE-----