Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/D12029F6374506785F391111F104E6560701A9A4D27BD36FCFFF816C0FE626D8/0/3230302e33352e3133362e302f32322d3234203d3e2038303438.roa
File:                     3230302e33352e3133362e302f32322d3234203d3e2038303438.roa (raw, json)
Hash identifier:          swFWuP6YmRhZvoZs91I4fB9zE6xx4592oj2/UPwXnwE=
Subject key identifier:   AA:B1:BD:FE:70:3C:09:EA:BF:05:C7:F0:A1:D4:2D:1F:1D:4C:84:C8
Certificate issuer:       /CN=829CA7BB4382A648332FD377689E040166C505B5
Certificate serial:       498E0D1EE82EAFA00E0F77F1727C7D0C19AEDDF7
Authority key identifier: 82:9C:A7:BB:43:82:A6:48:33:2F:D3:77:68:9E:04:01:66:C5:05:B5
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/829CA7BB4382A648332FD377689E040166C505B5.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/D12029F6374506785F391111F104E6560701A9A4D27BD36FCFFF816C0FE626D8/0/3230302e33352e3133362e302f32322d3234203d3e2038303438.roa
Signing time:             Tue 04 Feb 2025 18:44:31 +0000
ROA not before:           Tue 04 Feb 2025 18:39:31 +0000
ROA not after:            Tue 03 Feb 2026 18:44:31 +0000
asID:                     8048
IP address blocks:        200.35.136.0/22 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            49:8e:0d:1e:e8:2e:af:a0:0e:0f:77:f1:72:7c:7d:0c:19:ae:dd:f7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=829CA7BB4382A648332FD377689E040166C505B5
        Validity
            Not Before: Feb  4 18:39:31 2025 GMT
            Not After : Feb  3 18:44:31 2026 GMT
        Subject: CN=AAB1BDFE703C09EABF05C7F0A1D42D1F1D4C84C8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:9d:f9:75:d9:e0:2f:91:e5:64:a7:82:37:ea:
                    a2:34:30:39:0d:2f:59:7a:18:91:49:52:a1:25:ff:
                    84:03:f3:98:11:4f:0b:31:c7:07:4c:e5:67:17:c3:
                    b2:c2:ca:81:c5:20:93:44:b4:40:36:bc:a3:d5:fc:
                    df:64:01:53:d4:f5:07:2b:8a:9b:58:20:88:a0:d1:
                    95:e0:66:a1:1b:9e:5c:6f:e5:17:1f:2f:fe:bc:95:
                    c9:fb:28:2a:dc:cb:a3:75:c1:b9:1c:af:af:28:ff:
                    00:2f:7b:26:2a:6a:ba:60:96:98:94:90:1f:99:c7:
                    b5:cd:f2:c5:dc:53:08:f8:1d:13:da:94:19:97:06:
                    d4:4c:9a:a8:e5:a1:2c:b1:1f:87:8c:f9:4f:78:88:
                    a0:60:11:ca:47:63:10:ba:fa:2d:8e:b9:e7:80:fd:
                    2f:10:1e:ec:bf:52:7d:49:89:26:0e:ca:1d:e8:75:
                    fa:0c:9f:e3:49:3f:32:e0:ad:7b:44:48:4f:80:8e:
                    74:60:4e:c4:db:0b:60:98:ec:60:ca:fe:33:e1:ad:
                    88:4e:17:90:7d:46:86:ee:6a:aa:2c:46:5c:37:15:
                    07:db:88:cf:ec:c5:31:c0:c8:bb:a1:02:84:a2:8a:
                    a4:cb:a0:17:35:9b:43:b5:64:c3:56:70:78:b0:7f:
                    82:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AA:B1:BD:FE:70:3C:09:EA:BF:05:C7:F0:A1:D4:2D:1F:1D:4C:84:C8
            X509v3 Authority Key Identifier:
                keyid:82:9C:A7:BB:43:82:A6:48:33:2F:D3:77:68:9E:04:01:66:C5:05:B5

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/D12029F6374506785F391111F104E6560701A9A4D27BD36FCFFF816C0FE626D8/0/829CA7BB4382A648332FD377689E040166C505B5.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/829CA7BB4382A648332FD377689E040166C505B5.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/D12029F6374506785F391111F104E6560701A9A4D27BD36FCFFF816C0FE626D8/0/3230302e33352e3133362e302f32322d3234203d3e2038303438.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.35.136.0/22

    Signature Algorithm: sha256WithRSAEncryption
         69:ad:30:1e:28:cc:de:22:8d:96:86:9c:81:6d:49:63:2b:0a:
         ab:6c:f0:93:a6:34:13:fc:01:3b:3c:95:b2:fb:28:4a:dd:2e:
         28:64:ea:bd:2e:e9:20:46:5f:96:2e:73:5f:ae:08:95:d4:91:
         cb:45:31:42:9b:52:75:aa:6f:f0:b8:96:53:11:f1:20:f2:c7:
         92:ff:7c:58:80:6a:7c:14:c1:e9:78:0c:3d:ad:9c:3f:34:ec:
         d6:a2:01:ff:2b:0e:08:db:07:18:e0:71:2d:57:7f:75:41:4c:
         15:67:ae:1a:97:af:51:1e:69:cb:6b:d4:4d:04:84:cf:4d:cc:
         1a:47:d2:6e:38:1f:cc:6a:f3:64:12:f9:66:a1:df:7b:6a:c6:
         d4:91:af:52:0a:d5:07:36:7f:2e:4b:34:73:d9:4f:7a:37:b3:
         ad:65:98:bd:38:90:f1:fd:b4:ab:47:67:6f:4e:71:7f:9a:85:
         19:0d:17:79:0a:b1:cc:58:39:8e:fb:df:82:f7:10:b5:5c:29:
         cc:3a:6c:e4:d1:38:e7:df:ec:d4:5c:4f:fc:df:89:ae:c3:d8:
         3f:07:72:be:db:51:73:b2:b5:06:25:8b:bc:17:51:f9:8c:82:
         92:1f:2e:4e:31:93:4b:48:ad:f3:0d:43:d8:57:e5:31:49:11:
         98:cf:45:e9
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIUSY4NHugur6AOD3fxcnx9DBmu3fcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODI5Q0E3QkI0MzgyQTY0ODMzMkZEMzc3Njg5RTA0MDE2
NkM1MDVCNTAeFw0yNTAyMDQxODM5MzFaFw0yNjAyMDMxODQ0MzFaMDMxMTAvBgNV
BAMTKEFBQjFCREZFNzAzQzA5RUFCRjA1QzdGMEExRDQyRDFGMUQ0Qzg0QzgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5nfl12eAvkeVkp4I36qI0MDkN
L1l6GJFJUqEl/4QD85gRTwsxxwdM5WcXw7LCyoHFIJNEtEA2vKPV/N9kAVPU9Qcr
iptYIIig0ZXgZqEbnlxv5RcfL/68lcn7KCrcy6N1wbkcr68o/wAveyYqarpglpiU
kB+Zx7XN8sXcUwj4HRPalBmXBtRMmqjloSyxH4eM+U94iKBgEcpHYxC6+i2OueeA
/S8QHuy/Un1JiSYOyh3odfoMn+NJPzLgrXtESE+AjnRgTsTbC2CY7GDK/jPhrYhO
F5B9RobuaqosRlw3FQfbiM/sxTHAyLuhAoSiiqTLoBc1m0O1ZMNWcHiwf4KfAgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQUqrG9/nA8Ceq/BcfwodQtHx1MhMgwHwYDVR0j
BBgwFoAUgpynu0OCpkgzL9N3aJ4EAWbFBbUwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9EMTIwMjlGNjM3NDUwNjc4NUYzOTExMTFGMTA0RTY1NjA3
MDFBOUE0RDI3QkQzNkZDRkZGODE2QzBGRTYyNkQ4LzAvODI5Q0E3QkI0MzgyQTY0
ODMzMkZEMzc3Njg5RTA0MDE2NkM1MDVCNS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC84MjlDQTdCQjQzODJBNjQ4MzMy
RkQzNzc2ODlFMDQwMTY2QzUwNUI1LmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvRDEyMDI5RjYzNzQ1MDY3ODVGMzkxMTExRjEwNEU2NTYwNzAxQTlBNEQy
N0JEMzZGQ0ZGRjgxNkMwRkU2MjZEOC8wLzMyMzAzMDJlMzMzNTJlMzEzMzM2MmUz
MDJmMzIzMjJkMzIzNDIwM2QzZTIwMzgzMDM0Mzgucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBALII4gwDQYJ
KoZIhvcNAQELBQADggEBAGmtMB4ozN4ijZaGnIFtSWMrCqts8JOmNBP8ATs8lbL7
KErdLihk6r0u6SBGX5Yuc1+uCJXUkctFMUKbUnWqb/C4llMR8SDyx5L/fFiAanwU
wel4DD2tnD807NaiAf8rDgjbBxjgcS1Xf3VBTBVnrhqXr1Eeactr1E0EhM9NzBpH
0m44H8xq82QS+Wah33tqxtSRr1IK1Qc2fy5LNHPZT3o3s61lmL04kPH9tKtHZ29O
cX+ahRkNF3kKscxYOY7734L3ELVcKcw6bOTROOff7NRcT/zfia7D2D8Hcr7bUXOy
tQYli7wXUfmMgpIfLk4xk0tIrfMNQ9hX5TFJEZjPRek=
-----END CERTIFICATE-----