Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/D12029F6374506785F391111F104E6560701A9A4D27BD36FCFFF816C0FE626D8/0/3230302e33352e3133322e302f32332d3234203d3e203238303839.roa
File:                     3230302e33352e3133322e302f32332d3234203d3e203238303839.roa (raw, json)
Hash identifier:          0/9fnZ/cqI5YkuDqB2HbJ+Zw5z/ScpaXzNb2pQ9omQs=
Subject key identifier:   E0:02:92:A2:D9:DA:EA:FB:CC:F0:E6:C0:BE:5B:C1:C8:2D:65:41:0B
Certificate issuer:       /CN=829CA7BB4382A648332FD377689E040166C505B5
Certificate serial:       142BD86CB6A7183C2019CA33D41E13D44C974497
Authority key identifier: 82:9C:A7:BB:43:82:A6:48:33:2F:D3:77:68:9E:04:01:66:C5:05:B5
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/829CA7BB4382A648332FD377689E040166C505B5.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/D12029F6374506785F391111F104E6560701A9A4D27BD36FCFFF816C0FE626D8/0/3230302e33352e3133322e302f32332d3234203d3e203238303839.roa
Signing time:             Tue 04 Feb 2025 18:44:29 +0000
ROA not before:           Tue 04 Feb 2025 18:39:29 +0000
ROA not after:            Tue 03 Feb 2026 18:44:29 +0000
asID:                     28089
IP address blocks:        200.35.132.0/23 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            14:2b:d8:6c:b6:a7:18:3c:20:19:ca:33:d4:1e:13:d4:4c:97:44:97
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=829CA7BB4382A648332FD377689E040166C505B5
        Validity
            Not Before: Feb  4 18:39:29 2025 GMT
            Not After : Feb  3 18:44:29 2026 GMT
        Subject: CN=E00292A2D9DAEAFBCCF0E6C0BE5BC1C82D65410B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:6b:51:3f:4d:3f:05:5f:dc:01:e5:bc:e0:9d:
                    b2:be:26:26:56:1c:c0:cc:1a:d9:c8:2c:46:72:7a:
                    33:36:03:6a:c9:78:35:7e:cc:a3:60:10:de:9d:06:
                    ec:d7:40:a8:52:03:96:95:1a:7c:22:31:ce:53:ba:
                    61:30:a9:1a:dc:5a:e9:be:9a:b6:75:9a:54:7e:8b:
                    8f:6c:70:5f:3b:e3:d4:a6:93:4c:cd:be:98:ee:65:
                    67:01:6d:75:a4:18:67:84:27:da:c4:9b:e8:5c:14:
                    4b:4a:af:4c:91:84:e0:c0:b7:a3:ef:25:e3:84:25:
                    7f:36:fc:2d:17:3a:cb:c3:98:07:5e:ad:bd:71:56:
                    1b:76:38:cc:b5:eb:00:c0:47:55:fc:10:9d:8c:fa:
                    d9:71:ce:1e:a3:6f:ec:63:94:a0:9d:27:e1:de:71:
                    9c:da:1b:cd:85:0f:97:b0:47:cd:b3:3d:7c:1b:d6:
                    9f:26:ea:45:d5:59:b0:af:51:96:8d:38:28:c3:8a:
                    56:b5:28:55:4d:84:8c:f1:59:5c:52:7d:5d:6c:f6:
                    45:c1:6e:d6:92:d2:b5:22:c3:ae:9a:16:c5:26:dc:
                    50:d6:6a:22:30:24:a9:f8:ee:b9:9d:0d:9b:c1:56:
                    1d:39:32:ed:90:02:ec:3c:36:fc:7d:cb:56:72:68:
                    90:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E0:02:92:A2:D9:DA:EA:FB:CC:F0:E6:C0:BE:5B:C1:C8:2D:65:41:0B
            X509v3 Authority Key Identifier:
                keyid:82:9C:A7:BB:43:82:A6:48:33:2F:D3:77:68:9E:04:01:66:C5:05:B5

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/D12029F6374506785F391111F104E6560701A9A4D27BD36FCFFF816C0FE626D8/0/829CA7BB4382A648332FD377689E040166C505B5.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/829CA7BB4382A648332FD377689E040166C505B5.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/D12029F6374506785F391111F104E6560701A9A4D27BD36FCFFF816C0FE626D8/0/3230302e33352e3133322e302f32332d3234203d3e203238303839.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.35.132.0/23

    Signature Algorithm: sha256WithRSAEncryption
         ad:a4:a5:b4:f8:89:cb:ee:53:2a:f8:9f:d0:c7:1d:7b:08:3c:
         3c:e0:75:32:41:c7:83:3a:85:3a:fa:f7:25:20:ff:6d:e3:99:
         91:3a:80:94:bf:b0:8a:8d:bd:03:b1:cc:6c:55:10:21:65:a2:
         2c:52:92:da:3c:c6:9c:04:1a:b1:9c:c9:95:fb:1b:e2:39:91:
         1f:7f:90:4d:fc:e9:9e:ed:4b:85:ce:bc:6c:90:53:23:aa:53:
         5c:9e:76:f5:e3:17:c6:6d:9d:b2:b6:96:b9:fd:3b:a7:cc:e6:
         2f:f5:83:c7:fe:e3:8e:48:11:88:fb:26:d8:0a:b4:0c:2a:f9:
         86:92:11:2c:63:d3:76:4d:4a:2f:b1:1e:ac:a4:ce:8a:52:ee:
         5a:28:ad:80:12:48:c2:02:e8:79:6d:14:99:22:8f:36:3f:27:
         32:f5:c1:4a:58:0f:8b:c7:66:58:84:91:0a:85:a8:05:02:23:
         7e:3b:0b:fa:ac:4a:85:00:a0:7e:2c:c1:2f:34:ee:8e:68:fb:
         b4:b6:c1:32:19:c8:f6:33:29:0a:b7:b6:66:1b:f5:4c:07:37:
         a2:71:ee:04:f5:9b:f2:11:19:40:ee:c7:55:eb:7d:ba:47:38:
         7b:e0:a5:e3:ac:4b:fa:f1:b0:8b:0b:6a:8b:6f:ac:d9:ce:68:
         ac:a5:f8:7b
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUFCvYbLanGDwgGcoz1B4T1EyXRJcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODI5Q0E3QkI0MzgyQTY0ODMzMkZEMzc3Njg5RTA0MDE2
NkM1MDVCNTAeFw0yNTAyMDQxODM5MjlaFw0yNjAyMDMxODQ0MjlaMDMxMTAvBgNV
BAMTKEUwMDI5MkEyRDlEQUVBRkJDQ0YwRTZDMEJFNUJDMUM4MkQ2NTQxMEIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCoa1E/TT8FX9wB5bzgnbK+JiZW
HMDMGtnILEZyejM2A2rJeDV+zKNgEN6dBuzXQKhSA5aVGnwiMc5TumEwqRrcWum+
mrZ1mlR+i49scF8749Smk0zNvpjuZWcBbXWkGGeEJ9rEm+hcFEtKr0yRhODAt6Pv
JeOEJX82/C0XOsvDmAderb1xVht2OMy16wDAR1X8EJ2M+tlxzh6jb+xjlKCdJ+He
cZzaG82FD5ewR82zPXwb1p8m6kXVWbCvUZaNOCjDila1KFVNhIzxWVxSfV1s9kXB
btaS0rUiw66aFsUm3FDWaiIwJKn47rmdDZvBVh05Mu2QAuw8Nvx9y1ZyaJDjAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQU4AKSotna6vvM8ObAvlvByC1lQQswHwYDVR0j
BBgwFoAUgpynu0OCpkgzL9N3aJ4EAWbFBbUwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9EMTIwMjlGNjM3NDUwNjc4NUYzOTExMTFGMTA0RTY1NjA3
MDFBOUE0RDI3QkQzNkZDRkZGODE2QzBGRTYyNkQ4LzAvODI5Q0E3QkI0MzgyQTY0
ODMzMkZEMzc3Njg5RTA0MDE2NkM1MDVCNS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC84MjlDQTdCQjQzODJBNjQ4MzMy
RkQzNzc2ODlFMDQwMTY2QzUwNUI1LmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvRDEyMDI5RjYzNzQ1MDY3ODVGMzkxMTExRjEwNEU2NTYwNzAxQTlBNEQy
N0JEMzZGQ0ZGRjgxNkMwRkU2MjZEOC8wLzMyMzAzMDJlMzMzNTJlMzEzMzMyMmUz
MDJmMzIzMzJkMzIzNDIwM2QzZTIwMzIzODMwMzgzOS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAcgjhDAN
BgkqhkiG9w0BAQsFAAOCAQEAraSltPiJy+5TKvif0Mcdewg8POB1MkHHgzqFOvr3
JSD/beOZkTqAlL+wio29A7HMbFUQIWWiLFKS2jzGnAQasZzJlfsb4jmRH3+QTfzp
nu1Lhc68bJBTI6pTXJ529eMXxm2dsraWuf07p8zmL/WDx/7jjkgRiPsm2Aq0DCr5
hpIRLGPTdk1KL7EerKTOilLuWiitgBJIwgLoeW0UmSKPNj8nMvXBSlgPi8dmWISR
CoWoBQIjfjsL+qxKhQCgfizBLzTujmj7tLbBMhnI9jMpCre2Zhv1TAc3onHuBPWb
8hEZQO7HVet9ukc4e+Cl46xL+vGwiwtqi2+s2c5orKX4ew==
-----END CERTIFICATE-----