Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/D0EB6D95615E36DCAD35164A699109792C3FCD3F861B8C7D1A60106AD33FFFE2/0/3230302e39352e3233302e302f32332d3234203d3e20323632393136.roa
File:                     3230302e39352e3233302e302f32332d3234203d3e20323632393136.roa (raw, json)
Hash identifier:          aOVIGsMRoKNjCSoaUyUiIPWPxY6upW0G8Du7+df7O04=
Subject key identifier:   60:F5:AF:3A:6A:76:9B:86:62:B3:64:5A:51:FC:87:72:98:2A:D3:FC
Certificate issuer:       /CN=E9771B2D309B05BB8C2F0EA36FF17501E242A19E
Certificate serial:       407730DD0807B53ADA4B3171AB1635DE18EE5A24
Authority key identifier: E9:77:1B:2D:30:9B:05:BB:8C:2F:0E:A3:6F:F1:75:01:E2:42:A1:9E
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/E9771B2D309B05BB8C2F0EA36FF17501E242A19E.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/D0EB6D95615E36DCAD35164A699109792C3FCD3F861B8C7D1A60106AD33FFFE2/0/3230302e39352e3233302e302f32332d3234203d3e20323632393136.roa
Signing time:             Tue 13 Aug 2024 16:40:06 +0000
ROA not before:           Tue 13 Aug 2024 16:35:06 +0000
ROA not after:            Tue 12 Aug 2025 16:40:06 +0000
asID:                     262916
IP address blocks:        200.95.230.0/23 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            40:77:30:dd:08:07:b5:3a:da:4b:31:71:ab:16:35:de:18:ee:5a:24
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=E9771B2D309B05BB8C2F0EA36FF17501E242A19E
        Validity
            Not Before: Aug 13 16:35:06 2024 GMT
            Not After : Aug 12 16:40:06 2025 GMT
        Subject: CN=60F5AF3A6A769B8662B3645A51FC8772982AD3FC
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:00:ed:d5:94:01:2f:44:64:60:fc:94:2b:17:
                    3f:16:67:8f:51:e6:0b:e3:53:87:ce:9e:a4:de:8b:
                    7a:62:51:23:8d:f1:90:0e:8b:16:c6:08:ee:1b:e3:
                    92:cf:7c:9b:71:cc:a0:2c:f1:39:42:bd:41:e6:e4:
                    fa:8b:e9:00:bf:d2:94:b0:c0:69:51:41:91:2f:fa:
                    68:9d:d8:39:db:cc:7d:e5:e5:16:c4:a1:18:11:64:
                    37:7a:5a:5f:02:6d:8a:e8:48:52:7c:bf:a7:3b:1f:
                    17:cd:69:d3:47:87:8d:0c:5a:9e:5d:f8:a2:e7:00:
                    11:34:00:0f:fb:1e:e5:07:d5:b3:9f:6f:75:ba:e7:
                    7a:e0:03:5d:aa:fd:26:c2:48:70:9b:af:2b:b9:9a:
                    48:7f:22:0e:1e:aa:cb:1b:23:00:ed:4b:ff:ee:bc:
                    4d:0e:ac:f8:e7:b5:f5:20:26:90:96:9f:47:3b:2b:
                    ce:cf:fe:e4:34:42:5d:9c:3b:e9:a1:d9:30:c8:da:
                    c2:74:f8:a5:e0:9f:a6:09:a2:eb:1a:86:34:e2:89:
                    83:50:bf:35:59:43:b3:b9:fb:3a:b2:45:23:27:65:
                    e2:8f:a2:a0:21:a3:7f:27:1d:d0:b8:ef:72:cb:26:
                    e1:ed:f7:67:ed:66:a5:da:6c:f4:67:c2:26:43:da:
                    17:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                60:F5:AF:3A:6A:76:9B:86:62:B3:64:5A:51:FC:87:72:98:2A:D3:FC
            X509v3 Authority Key Identifier:
                keyid:E9:77:1B:2D:30:9B:05:BB:8C:2F:0E:A3:6F:F1:75:01:E2:42:A1:9E

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/D0EB6D95615E36DCAD35164A699109792C3FCD3F861B8C7D1A60106AD33FFFE2/0/E9771B2D309B05BB8C2F0EA36FF17501E242A19E.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/E9771B2D309B05BB8C2F0EA36FF17501E242A19E.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/D0EB6D95615E36DCAD35164A699109792C3FCD3F861B8C7D1A60106AD33FFFE2/0/3230302e39352e3233302e302f32332d3234203d3e20323632393136.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.95.230.0/23

    Signature Algorithm: sha256WithRSAEncryption
         92:4f:e3:90:49:0d:4e:32:93:91:20:2c:2a:7a:72:a6:ae:86:
         46:29:58:6a:ff:7b:b3:a0:be:ed:68:9a:30:99:e7:fb:47:e0:
         5c:07:1d:df:01:0c:54:b1:c9:92:e8:e6:71:5f:e6:59:44:ec:
         ec:61:04:af:1d:c7:08:dc:06:4a:c6:7b:88:d4:c7:50:c8:a8:
         8f:38:7b:0d:8b:0e:ed:40:93:a1:88:5f:9b:a9:f4:bc:c7:7d:
         94:e5:34:6a:27:1f:67:23:29:0d:ca:4d:80:f1:ab:ea:1d:b2:
         f7:6d:63:05:23:f9:02:74:dc:a7:1e:02:fa:0a:d0:d3:a5:77:
         aa:eb:b5:a6:8d:3a:50:a9:fd:9b:e7:1d:2b:16:c8:4b:d7:ee:
         d8:89:6e:2b:56:81:22:7f:ad:7f:d1:94:d6:b1:dc:1e:37:45:
         b7:86:68:76:5c:9b:c9:ef:0a:e9:61:f0:6a:b5:30:86:2f:71:
         cf:6a:fb:71:90:91:ff:12:5c:61:2c:85:75:0a:30:07:aa:1a:
         9a:62:dd:5d:21:71:89:e6:a0:ec:b6:2f:74:66:50:8c:ac:e8:
         52:98:6c:8f:fa:23:20:97:b7:85:65:6c:4f:f5:85:49:d3:e8:
         26:94:71:8f:b5:d0:72:70:81:c8:1d:59:6e:06:89:25:3d:58:
         41:2b:1f:3e
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUQHcw3QgHtTraSzFxqxY13hjuWiQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRTk3NzFCMkQzMDlCMDVCQjhDMkYwRUEzNkZGMTc1MDFF
MjQyQTE5RTAeFw0yNDA4MTMxNjM1MDZaFw0yNTA4MTIxNjQwMDZaMDMxMTAvBgNV
BAMTKDYwRjVBRjNBNkE3NjlCODY2MkIzNjQ1QTUxRkM4NzcyOTgyQUQzRkMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFAO3VlAEvRGRg/JQrFz8WZ49R
5gvjU4fOnqTei3piUSON8ZAOixbGCO4b45LPfJtxzKAs8TlCvUHm5PqL6QC/0pSw
wGlRQZEv+mid2DnbzH3l5RbEoRgRZDd6Wl8CbYroSFJ8v6c7HxfNadNHh40MWp5d
+KLnABE0AA/7HuUH1bOfb3W653rgA12q/SbCSHCbryu5mkh/Ig4eqssbIwDtS//u
vE0OrPjntfUgJpCWn0c7K87P/uQ0Ql2cO+mh2TDI2sJ0+KXgn6YJousahjTiiYNQ
vzVZQ7O5+zqyRSMnZeKPoqAho38nHdC473LLJuHt92ftZqXabPRnwiZD2hdbAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUYPWvOmp2m4Zis2RaUfyHcpgq0/wwHwYDVR0j
BBgwFoAU6XcbLTCbBbuMLw6jb/F1AeJCoZ4wDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9EMEVCNkQ5NTYxNUUzNkRDQUQzNTE2NEE2OTkxMDk3OTJD
M0ZDRDNGODYxQjhDN0QxQTYwMTA2QUQzM0ZGRkUyLzAvRTk3NzFCMkQzMDlCMDVC
QjhDMkYwRUEzNkZGMTc1MDFFMjQyQTE5RS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9FOTc3MUIyRDMwOUIwNUJCOEMy
RjBFQTM2RkYxNzUwMUUyNDJBMTlFLmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvRDBFQjZEOTU2MTVFMzZEQ0FEMzUxNjRBNjk5MTA5NzkyQzNGQ0QzRjg2
MUI4QzdEMUE2MDEwNkFEMzNGRkZFMi8wLzMyMzAzMDJlMzkzNTJlMzIzMzMwMmUz
MDJmMzIzMzJkMzIzNDIwM2QzZTIwMzIzNjMyMzkzMTM2LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQByF/m
MA0GCSqGSIb3DQEBCwUAA4IBAQCST+OQSQ1OMpORICwqenKmroZGKVhq/3uzoL7t
aJowmef7R+BcBx3fAQxUscmS6OZxX+ZZROzsYQSvHccI3AZKxnuI1MdQyKiPOHsN
iw7tQJOhiF+bqfS8x32U5TRqJx9nIykNyk2A8avqHbL3bWMFI/kCdNynHgL6CtDT
pXeq67WmjTpQqf2b5x0rFshL1+7YiW4rVoEif61/0ZTWsdweN0W3hmh2XJvJ7wrp
YfBqtTCGL3HPavtxkJH/ElxhLIV1CjAHqhqaYt1dIXGJ5qDsti90ZlCMrOhSmGyP
+iMgl7eFZWxP9YVJ0+gmlHGPtdBycIHIHVluBoklPVhBKx8+
-----END CERTIFICATE-----