Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/D0EB6D95615E36DCAD35164A699109792C3FCD3F861B8C7D1A60106AD33FFFE2/0/3230302e39352e3232362e302f32332d3234203d3e203133393939.roa
File:                     3230302e39352e3232362e302f32332d3234203d3e203133393939.roa (raw, json)
Hash identifier:          bA9WeCtyq63Tym19d8H6XV2s43pAxdjudZBPZHNoxVA=
Subject key identifier:   F3:D4:7A:49:96:E2:E0:9B:93:17:35:30:BF:EA:4B:6E:35:90:B9:94
Certificate issuer:       /CN=E9771B2D309B05BB8C2F0EA36FF17501E242A19E
Certificate serial:       74E755BC712537986E29EDF1BEE0CF50AA5EEAAE
Authority key identifier: E9:77:1B:2D:30:9B:05:BB:8C:2F:0E:A3:6F:F1:75:01:E2:42:A1:9E
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/E9771B2D309B05BB8C2F0EA36FF17501E242A19E.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/D0EB6D95615E36DCAD35164A699109792C3FCD3F861B8C7D1A60106AD33FFFE2/0/3230302e39352e3232362e302f32332d3234203d3e203133393939.roa
Signing time:             Tue 13 Aug 2024 16:40:02 +0000
ROA not before:           Tue 13 Aug 2024 16:35:02 +0000
ROA not after:            Tue 12 Aug 2025 16:40:02 +0000
asID:                     13999
IP address blocks:        200.95.226.0/23 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            74:e7:55:bc:71:25:37:98:6e:29:ed:f1:be:e0:cf:50:aa:5e:ea:ae
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=E9771B2D309B05BB8C2F0EA36FF17501E242A19E
        Validity
            Not Before: Aug 13 16:35:02 2024 GMT
            Not After : Aug 12 16:40:02 2025 GMT
        Subject: CN=F3D47A4996E2E09B93173530BFEA4B6E3590B994
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:e2:ae:4e:31:5c:4c:9d:58:c6:e3:3a:a7:55:
                    97:c5:15:cd:fb:00:5b:0f:49:90:72:ab:a1:4a:d8:
                    a7:2c:c0:25:f4:90:d5:f6:b6:5f:84:7a:33:f7:10:
                    6d:51:9f:fc:fa:b2:6a:ca:af:5a:f0:e8:68:f4:dc:
                    e0:ae:9a:eb:36:c2:a1:ec:dd:ca:2e:80:9f:c0:a4:
                    c6:30:82:b3:75:10:89:aa:dd:ed:b7:b0:62:ba:00:
                    7e:11:ca:67:04:20:18:7b:7b:4d:b3:d0:35:a6:f2:
                    3c:05:f5:9c:43:f9:35:7f:bc:e2:06:69:f7:3e:9e:
                    f1:61:0a:57:11:65:81:ca:79:7d:16:5f:34:94:14:
                    db:14:6d:f5:98:92:99:d7:a5:81:0e:ef:07:72:14:
                    93:cc:0d:3d:06:55:27:d9:f6:d8:cb:43:1b:62:83:
                    06:14:4a:6d:2e:c3:7c:23:ab:bc:3e:31:50:1c:03:
                    66:8e:3e:60:8a:4a:b3:1c:a1:01:f1:91:02:b6:03:
                    3d:e6:61:e3:67:d5:91:3d:33:4f:c5:93:bc:b4:d3:
                    39:b6:23:73:ee:80:ff:fa:c8:33:c4:ff:e1:30:18:
                    db:39:d4:15:3d:f4:3e:ab:08:f5:bc:a5:f2:57:90:
                    e9:3b:81:cc:0c:74:54:2e:d7:58:1c:15:d9:a7:51:
                    93:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F3:D4:7A:49:96:E2:E0:9B:93:17:35:30:BF:EA:4B:6E:35:90:B9:94
            X509v3 Authority Key Identifier:
                keyid:E9:77:1B:2D:30:9B:05:BB:8C:2F:0E:A3:6F:F1:75:01:E2:42:A1:9E

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/D0EB6D95615E36DCAD35164A699109792C3FCD3F861B8C7D1A60106AD33FFFE2/0/E9771B2D309B05BB8C2F0EA36FF17501E242A19E.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/E9771B2D309B05BB8C2F0EA36FF17501E242A19E.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/D0EB6D95615E36DCAD35164A699109792C3FCD3F861B8C7D1A60106AD33FFFE2/0/3230302e39352e3232362e302f32332d3234203d3e203133393939.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.95.226.0/23

    Signature Algorithm: sha256WithRSAEncryption
         62:d6:37:4f:a9:c1:d8:28:da:14:65:55:77:a8:91:e3:b1:88:
         41:30:d4:07:ab:38:22:ee:76:8b:bb:d5:ff:89:42:1b:70:50:
         fb:49:a2:25:a8:9f:56:e0:0f:81:43:db:61:de:8e:5b:dc:7d:
         d7:0e:46:47:8b:72:20:8f:33:e0:37:63:b3:5a:57:95:d3:51:
         dc:fd:3c:23:96:37:1e:27:20:ec:d0:46:7c:14:d3:7e:d6:b8:
         ba:12:c6:20:cc:20:8b:46:73:ce:3a:a7:3f:67:18:2f:11:69:
         1f:c0:64:da:9b:90:19:5e:02:72:82:ae:c7:51:92:6e:58:69:
         ae:e1:d3:de:71:9b:a4:b6:f0:63:22:24:69:5b:11:14:ee:ab:
         cf:80:bb:6b:67:1d:53:d7:0b:b8:95:13:7c:45:e5:1e:8b:60:
         46:0f:cc:a3:a9:6f:66:c7:55:6c:cb:9c:da:2e:a5:8c:ea:38:
         23:1b:8d:9d:92:18:09:d2:db:21:ad:b1:6f:3b:7c:8b:cf:54:
         1f:cf:81:f7:98:ca:73:5f:34:52:03:78:39:ea:a1:1f:40:78:
         72:17:e2:5b:a1:b6:7d:5a:2b:15:e4:7c:ce:8b:cf:53:7d:05:
         01:a8:66:f4:4e:26:5e:dc:62:77:75:ea:02:74:2a:97:c0:1b:
         ea:0d:be:91
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUdOdVvHElN5huKe3xvuDPUKpe6q4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRTk3NzFCMkQzMDlCMDVCQjhDMkYwRUEzNkZGMTc1MDFF
MjQyQTE5RTAeFw0yNDA4MTMxNjM1MDJaFw0yNTA4MTIxNjQwMDJaMDMxMTAvBgNV
BAMTKEYzRDQ3QTQ5OTZFMkUwOUI5MzE3MzUzMEJGRUE0QjZFMzU5MEI5OTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC34q5OMVxMnVjG4zqnVZfFFc37
AFsPSZByq6FK2KcswCX0kNX2tl+EejP3EG1Rn/z6smrKr1rw6Gj03OCumus2wqHs
3cougJ/ApMYwgrN1EImq3e23sGK6AH4RymcEIBh7e02z0DWm8jwF9ZxD+TV/vOIG
afc+nvFhClcRZYHKeX0WXzSUFNsUbfWYkpnXpYEO7wdyFJPMDT0GVSfZ9tjLQxti
gwYUSm0uw3wjq7w+MVAcA2aOPmCKSrMcoQHxkQK2Az3mYeNn1ZE9M0/Fk7y00zm2
I3PugP/6yDPE/+EwGNs51BU99D6rCPW8pfJXkOk7gcwMdFQu11gcFdmnUZODAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQU89R6SZbi4JuTFzUwv+pLbjWQuZQwHwYDVR0j
BBgwFoAU6XcbLTCbBbuMLw6jb/F1AeJCoZ4wDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9EMEVCNkQ5NTYxNUUzNkRDQUQzNTE2NEE2OTkxMDk3OTJD
M0ZDRDNGODYxQjhDN0QxQTYwMTA2QUQzM0ZGRkUyLzAvRTk3NzFCMkQzMDlCMDVC
QjhDMkYwRUEzNkZGMTc1MDFFMjQyQTE5RS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9FOTc3MUIyRDMwOUIwNUJCOEMy
RjBFQTM2RkYxNzUwMUUyNDJBMTlFLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvRDBFQjZEOTU2MTVFMzZEQ0FEMzUxNjRBNjk5MTA5NzkyQzNGQ0QzRjg2
MUI4QzdEMUE2MDEwNkFEMzNGRkZFMi8wLzMyMzAzMDJlMzkzNTJlMzIzMjM2MmUz
MDJmMzIzMzJkMzIzNDIwM2QzZTIwMzEzMzM5MzkzOS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAchf4jAN
BgkqhkiG9w0BAQsFAAOCAQEAYtY3T6nB2CjaFGVVd6iR47GIQTDUB6s4Iu52i7vV
/4lCG3BQ+0miJaifVuAPgUPbYd6OW9x91w5GR4tyII8z4Ddjs1pXldNR3P08I5Y3
Hicg7NBGfBTTfta4uhLGIMwgi0ZzzjqnP2cYLxFpH8Bk2puQGV4CcoKux1GSblhp
ruHT3nGbpLbwYyIkaVsRFO6rz4C7a2cdU9cLuJUTfEXlHotgRg/Mo6lvZsdVbMuc
2i6ljOo4IxuNnZIYCdLbIa2xbzt8i89UH8+B95jKc180UgN4OeqhH0B4chfiW6G2
fVorFeR8zovPU30FAahm9E4mXtxid3XqAnQql8Ab6g2+kQ==
-----END CERTIFICATE-----