Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/D26354B8ED4F12AEA07DCFE68B70B9F342373AE1317FA544AD8058F4679906AD/0/3230312e3231372e3234342e302f32322d3234203d3e203532333733.roa
File:                     3230312e3231372e3234342e302f32322d3234203d3e203532333733.roa (raw, json)
Hash identifier:          Xf876SX2p0hgYLnoW4YjPz94RaMujfoXKvo04aiXhuA=
Subject key identifier:   8B:9E:C6:92:19:0F:1E:1C:94:CB:CD:5E:66:DB:34:BC:7A:51:73:6B
Certificate issuer:       /CN=EA1CEEBDE0D9E5EEAD92FAF224468580A4C6F16D
Certificate serial:       41DA727F90EF20F2DFC051C79A59371A99E795EE
Authority key identifier: EA:1C:EE:BD:E0:D9:E5:EE:AD:92:FA:F2:24:46:85:80:A4:C6:F1:6D
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/EA1CEEBDE0D9E5EEAD92FAF224468580A4C6F16D.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/D26354B8ED4F12AEA07DCFE68B70B9F342373AE1317FA544AD8058F4679906AD/0/3230312e3231372e3234342e302f32322d3234203d3e203532333733.roa
Signing time:             Tue 04 Feb 2025 20:06:16 +0000
ROA not before:           Tue 04 Feb 2025 20:01:16 +0000
ROA not after:            Tue 03 Feb 2026 20:06:16 +0000
asID:                     52373
IP address blocks:        201.217.244.0/22 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            41:da:72:7f:90:ef:20:f2:df:c0:51:c7:9a:59:37:1a:99:e7:95:ee
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=EA1CEEBDE0D9E5EEAD92FAF224468580A4C6F16D
        Validity
            Not Before: Feb  4 20:01:16 2025 GMT
            Not After : Feb  3 20:06:16 2026 GMT
        Subject: CN=8B9EC692190F1E1C94CBCD5E66DB34BC7A51736B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:ed:3d:9f:e4:d6:02:92:dc:53:87:d9:7d:de:
                    4a:d7:76:1a:f0:e4:0f:a4:91:1c:fc:c5:4f:bd:a6:
                    26:df:14:6a:ab:c3:a2:90:a9:5f:6a:29:a5:8e:7e:
                    9a:15:ce:d6:d3:5e:1c:7c:ac:f9:60:6b:4d:7e:d4:
                    26:b0:be:b5:6c:02:93:41:bf:56:c3:8b:33:3b:0a:
                    0b:1d:69:88:8a:2b:63:42:45:00:34:76:d2:f9:9a:
                    04:2c:71:f3:a3:46:b5:29:88:a4:ee:79:cd:14:fe:
                    15:02:39:1b:b3:e8:f1:ed:34:58:2f:fb:e6:9c:22:
                    a1:f0:16:42:28:0f:54:62:44:fe:45:4f:f4:ca:c4:
                    1e:45:40:e4:71:fd:ed:a7:0f:31:5a:cd:ba:7b:11:
                    f3:3e:52:86:3c:ed:88:d2:82:33:e4:2b:2d:83:7c:
                    0b:8e:f0:48:08:c1:12:7f:7f:59:a5:f5:bf:09:e9:
                    28:fd:e5:e9:ac:78:77:0f:c8:75:d8:68:44:29:ed:
                    12:c2:ca:9d:bb:fc:2d:8b:e7:5b:67:cc:84:b1:b8:
                    12:05:cf:be:41:70:02:c0:03:7d:9c:17:d1:78:1b:
                    3e:b2:b3:80:71:82:c1:7e:51:8f:43:f2:e2:da:26:
                    ff:99:3e:e5:5b:c8:f5:0d:f8:30:b1:7a:d3:d0:19:
                    1c:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8B:9E:C6:92:19:0F:1E:1C:94:CB:CD:5E:66:DB:34:BC:7A:51:73:6B
            X509v3 Authority Key Identifier:
                keyid:EA:1C:EE:BD:E0:D9:E5:EE:AD:92:FA:F2:24:46:85:80:A4:C6:F1:6D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/D26354B8ED4F12AEA07DCFE68B70B9F342373AE1317FA544AD8058F4679906AD/0/EA1CEEBDE0D9E5EEAD92FAF224468580A4C6F16D.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/EA1CEEBDE0D9E5EEAD92FAF224468580A4C6F16D.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/D26354B8ED4F12AEA07DCFE68B70B9F342373AE1317FA544AD8058F4679906AD/0/3230312e3231372e3234342e302f32322d3234203d3e203532333733.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  201.217.244.0/22

    Signature Algorithm: sha256WithRSAEncryption
         8f:46:b2:08:40:56:76:35:fc:16:43:4a:78:80:f7:45:0a:84:
         07:1c:74:44:50:bc:be:e6:f6:e4:30:96:92:44:f8:e2:e4:f0:
         4f:5c:12:6e:ed:9e:8c:a7:ed:bb:52:c1:86:d8:c2:60:f3:d3:
         25:d7:b7:f4:cc:7c:55:9a:ed:3c:35:a8:4e:d9:43:67:ed:08:
         d2:d6:b1:2c:04:6d:ce:dd:44:39:be:5a:9c:36:79:77:8f:e6:
         1c:7c:25:b7:4d:cb:88:07:29:79:1c:c0:83:65:c7:16:92:32:
         e9:65:a8:5f:8b:97:ca:77:b9:c1:7c:c4:09:43:b9:4b:85:8c:
         15:bc:09:4c:c1:fa:8f:3d:93:e9:98:5a:52:a9:3c:e7:9e:79:
         b2:44:63:07:36:60:1f:ed:60:3a:79:10:8e:44:b2:65:be:be:
         44:6f:d8:65:1c:8a:18:0a:1c:a9:f5:0f:08:b1:9c:71:a1:60:
         ed:43:b0:29:cd:26:b4:c1:ad:e1:32:e4:a4:02:9a:3f:cf:a9:
         b2:13:15:6a:07:85:0c:ee:49:bf:f3:66:48:db:c5:0c:e9:86:
         e1:34:45:1a:62:3f:11:d7:f5:4a:da:e5:5f:9f:0a:f9:f9:c8:
         7f:6c:59:14:1a:bc:74:a8:e0:56:3e:07:3b:9e:1f:92:0f:04:
         22:02:50:39
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUQdpyf5DvIPLfwFHHmlk3Gpnnle4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRUExQ0VFQkRFMEQ5RTVFRUFEOTJGQUYyMjQ0Njg1ODBB
NEM2RjE2RDAeFw0yNTAyMDQyMDAxMTZaFw0yNjAyMDMyMDA2MTZaMDMxMTAvBgNV
BAMTKDhCOUVDNjkyMTkwRjFFMUM5NENCQ0Q1RTY2REIzNEJDN0E1MTczNkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDQ7T2f5NYCktxTh9l93krXdhrw
5A+kkRz8xU+9pibfFGqrw6KQqV9qKaWOfpoVztbTXhx8rPlga01+1CawvrVsApNB
v1bDizM7CgsdaYiKK2NCRQA0dtL5mgQscfOjRrUpiKTuec0U/hUCORuz6PHtNFgv
++acIqHwFkIoD1RiRP5FT/TKxB5FQORx/e2nDzFazbp7EfM+UoY87YjSgjPkKy2D
fAuO8EgIwRJ/f1ml9b8J6Sj95emseHcPyHXYaEQp7RLCyp27/C2L51tnzISxuBIF
z75BcALAA32cF9F4Gz6ys4BxgsF+UY9D8uLaJv+ZPuVbyPUN+DCxetPQGRwjAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUi57GkhkPHhyUy81eZts0vHpRc2swHwYDVR0j
BBgwFoAU6hzuveDZ5e6tkvryJEaFgKTG8W0wDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9EMjYzNTRCOEVENEYxMkFFQTA3RENGRTY4QjcwQjlGMzQy
MzczQUUxMzE3RkE1NDRBRDgwNThGNDY3OTkwNkFELzAvRUExQ0VFQkRFMEQ5RTVF
RUFEOTJGQUYyMjQ0Njg1ODBBNEM2RjE2RC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9FQTFDRUVCREUwRDlFNUVFQUQ5
MkZBRjIyNDQ2ODU4MEE0QzZGMTZELmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvRDI2MzU0QjhFRDRGMTJBRUEwN0RDRkU2OEI3MEI5RjM0MjM3M0FFMTMx
N0ZBNTQ0QUQ4MDU4RjQ2Nzk5MDZBRC8wLzMyMzAzMTJlMzIzMTM3MmUzMjM0MzQy
ZTMwMmYzMjMyMmQzMjM0MjAzZDNlMjAzNTMyMzMzNzMzLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCydn0
MA0GCSqGSIb3DQEBCwUAA4IBAQCPRrIIQFZ2NfwWQ0p4gPdFCoQHHHREULy+5vbk
MJaSRPji5PBPXBJu7Z6Mp+27UsGG2MJg89Ml17f0zHxVmu08NahO2UNn7QjS1rEs
BG3O3UQ5vlqcNnl3j+YcfCW3TcuIByl5HMCDZccWkjLpZahfi5fKd7nBfMQJQ7lL
hYwVvAlMwfqPPZPpmFpSqTznnnmyRGMHNmAf7WA6eRCORLJlvr5Eb9hlHIoYChyp
9Q8IsZxxoWDtQ7ApzSa0wa3hMuSkApo/z6myExVqB4UM7km/82ZI28UM6YbhNEUa
Yj8R1/VK2uVfnwr5+ch/bFkUGrx0qOBWPgc7nh+SDwQiAlA5
-----END CERTIFICATE-----