Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/D3C33E53E8DD36FFDB0B0DE536D0A71ED8152EFD26967C0011855899D2863138/0/3230312e3232312e302e302f31392d3234203d3e203230323535.roa
File:                     3230312e3232312e302e302f31392d3234203d3e203230323535.roa (raw, json)
Hash identifier:          50f+Ldze2GoPL7zZGuZxK6pYK48eSsYiwzyHJKEqyIc=
Subject key identifier:   54:72:A7:61:C0:5B:C1:B2:7E:6D:35:D4:29:41:FC:D5:56:71:E2:D4
Certificate issuer:       /CN=6356DD151F9758D7C94E8D79EE84C65352BF10D1
Certificate serial:       759891E589AE0AB9D56F852A8489C53F4C9BBA80
Authority key identifier: 63:56:DD:15:1F:97:58:D7:C9:4E:8D:79:EE:84:C6:53:52:BF:10:D1
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/6356DD151F9758D7C94E8D79EE84C65352BF10D1.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/D3C33E53E8DD36FFDB0B0DE536D0A71ED8152EFD26967C0011855899D2863138/0/3230312e3232312e302e302f31392d3234203d3e203230323535.roa
Signing time:             Tue 04 Feb 2025 18:00:20 +0000
ROA not before:           Tue 04 Feb 2025 17:55:20 +0000
ROA not after:            Tue 03 Feb 2026 18:00:20 +0000
asID:                     20255
IP address blocks:        201.221.0.0/19 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            75:98:91:e5:89:ae:0a:b9:d5:6f:85:2a:84:89:c5:3f:4c:9b:ba:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6356DD151F9758D7C94E8D79EE84C65352BF10D1
        Validity
            Not Before: Feb  4 17:55:20 2025 GMT
            Not After : Feb  3 18:00:20 2026 GMT
        Subject: CN=5472A761C05BC1B27E6D35D42941FCD55671E2D4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:42:cc:4f:20:48:00:4d:56:10:a1:78:b3:8a:
                    3f:74:b8:19:71:35:57:dc:4e:f0:b4:03:31:73:65:
                    d9:47:fb:3c:77:10:9c:97:64:e4:5f:ed:96:62:01:
                    58:5e:c0:01:f4:c9:dc:f1:cb:c5:62:ff:c5:38:29:
                    47:08:9a:e3:e8:6d:36:83:b2:8e:f7:c0:cb:50:3b:
                    26:44:63:ea:d7:6c:e2:c6:6f:5b:67:05:ef:cd:e2:
                    ea:1f:ab:e0:65:ed:be:4d:02:1c:44:4e:1b:93:33:
                    6e:d8:a9:b9:cc:15:ab:a0:86:bb:1d:1c:3d:a9:5e:
                    3e:01:b9:0d:3c:59:20:b3:37:15:8d:a1:d6:a4:da:
                    cf:16:ad:1e:0b:3a:f2:ca:c5:88:42:4d:21:ae:ca:
                    dc:ea:b4:45:94:d5:df:1e:e9:ba:f5:24:65:bd:62:
                    18:f0:73:5f:a9:0b:e3:3f:c8:b1:8c:40:08:9d:c3:
                    a6:22:e6:20:04:23:d1:ab:5a:2e:bd:7b:7d:82:c2:
                    e2:6d:98:e7:55:1f:f0:90:c8:e2:f0:30:6f:19:48:
                    6c:5c:ba:fa:59:25:78:43:1b:73:d4:e0:d3:d0:ff:
                    8f:e5:f3:36:87:3d:84:46:ed:69:c8:5b:b3:8d:3a:
                    5c:15:a1:11:5d:4c:86:ba:35:7a:dc:4c:08:22:d4:
                    34:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                54:72:A7:61:C0:5B:C1:B2:7E:6D:35:D4:29:41:FC:D5:56:71:E2:D4
            X509v3 Authority Key Identifier:
                keyid:63:56:DD:15:1F:97:58:D7:C9:4E:8D:79:EE:84:C6:53:52:BF:10:D1

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/D3C33E53E8DD36FFDB0B0DE536D0A71ED8152EFD26967C0011855899D2863138/0/6356DD151F9758D7C94E8D79EE84C65352BF10D1.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/6356DD151F9758D7C94E8D79EE84C65352BF10D1.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/D3C33E53E8DD36FFDB0B0DE536D0A71ED8152EFD26967C0011855899D2863138/0/3230312e3232312e302e302f31392d3234203d3e203230323535.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  201.221.0.0/19

    Signature Algorithm: sha256WithRSAEncryption
         66:c3:5f:b2:4c:74:68:1e:f8:72:2d:d7:82:e6:02:27:34:3e:
         47:dc:96:3f:48:aa:3a:06:8b:46:78:d6:cb:6b:7c:d3:6c:06:
         00:21:70:8e:5e:c1:b3:4a:e2:13:a8:dd:58:b6:ea:36:49:5d:
         0f:6b:39:74:31:fc:cc:7b:75:e8:c2:dd:df:c8:cf:5f:2e:39:
         1e:26:f8:59:a9:2f:03:8b:32:5a:af:28:2d:c2:c4:b7:47:53:
         9c:65:b5:01:74:57:4d:10:5c:95:a7:ad:68:4d:aa:66:56:01:
         1a:b5:6a:c2:c2:55:2c:4a:c3:2e:4d:21:de:33:0a:b0:88:bc:
         8a:0d:e9:52:99:1e:81:e7:57:ee:39:cd:fd:6b:13:2e:d9:a4:
         f7:23:7c:dd:77:4d:7b:88:1a:45:93:3f:79:cf:d4:7d:1d:4f:
         2d:0c:54:96:1e:ab:c4:6d:50:1d:24:46:49:ba:62:8d:ef:8e:
         97:c2:55:f1:ac:b3:b5:84:cc:4f:28:a7:96:d0:ee:2b:0a:b4:
         22:d2:5f:9c:55:53:51:fe:b4:dd:f0:47:01:8e:ef:e4:5d:41:
         dd:5b:59:ef:62:72:34:4d:f8:ae:b6:e2:1a:a4:91:61:8f:7c:
         35:4f:eb:11:0b:1f:db:2c:af:4c:ea:47:bc:4e:51:90:71:33:
         f1:34:79:f5
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIUdZiR5YmuCrnVb4UqhInFP0ybuoAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjM1NkREMTUxRjk3NThEN0M5NEU4RDc5RUU4NEM2NTM1
MkJGMTBEMTAeFw0yNTAyMDQxNzU1MjBaFw0yNjAyMDMxODAwMjBaMDMxMTAvBgNV
BAMTKDU0NzJBNzYxQzA1QkMxQjI3RTZEMzVENDI5NDFGQ0Q1NTY3MUUyRDQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+QsxPIEgATVYQoXizij90uBlx
NVfcTvC0AzFzZdlH+zx3EJyXZORf7ZZiAVhewAH0ydzxy8Vi/8U4KUcImuPobTaD
so73wMtQOyZEY+rXbOLGb1tnBe/N4uofq+Bl7b5NAhxEThuTM27YqbnMFaughrsd
HD2pXj4BuQ08WSCzNxWNodak2s8WrR4LOvLKxYhCTSGuytzqtEWU1d8e6br1JGW9
Yhjwc1+pC+M/yLGMQAidw6Yi5iAEI9GrWi69e32CwuJtmOdVH/CQyOLwMG8ZSGxc
uvpZJXhDG3PU4NPQ/4/l8zaHPYRG7WnIW7ONOlwVoRFdTIa6NXrcTAgi1DRXAgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQUVHKnYcBbwbJ+bTXUKUH81VZx4tQwHwYDVR0j
BBgwFoAUY1bdFR+XWNfJTo157oTGU1K/ENEwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9EM0MzM0U1M0U4REQzNkZGREIwQjBERTUzNkQwQTcxRUQ4
MTUyRUZEMjY5NjdDMDAxMTg1NTg5OUQyODYzMTM4LzAvNjM1NkREMTUxRjk3NThE
N0M5NEU4RDc5RUU4NEM2NTM1MkJGMTBEMS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC82MzU2REQxNTFGOTc1OEQ3Qzk0
RThENzlFRTg0QzY1MzUyQkYxMEQxLmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvRDNDMzNFNTNFOEREMzZGRkRCMEIwREU1MzZEMEE3MUVEODE1MkVGRDI2
OTY3QzAwMTE4NTU4OTlEMjg2MzEzOC8wLzMyMzAzMTJlMzIzMjMxMmUzMDJlMzAy
ZjMxMzkyZDMyMzQyMDNkM2UyMDMyMzAzMjM1MzUucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAXJ3QAwDQYJ
KoZIhvcNAQELBQADggEBAGbDX7JMdGge+HIt14LmAic0Pkfclj9IqjoGi0Z41str
fNNsBgAhcI5ewbNK4hOo3Vi26jZJXQ9rOXQx/Mx7dejC3d/Iz18uOR4m+FmpLwOL
MlqvKC3CxLdHU5xltQF0V00QXJWnrWhNqmZWARq1asLCVSxKwy5NId4zCrCIvIoN
6VKZHoHnV+45zf1rEy7ZpPcjfN13TXuIGkWTP3nP1H0dTy0MVJYeq8RtUB0kRkm6
Yo3vjpfCVfGss7WEzE8op5bQ7isKtCLSX5xVU1H+tN3wRwGO7+RdQd1bWe9icjRN
+K624hqkkWGPfDVP6xELH9ssr0zqR7xOUZBxM/E0efU=
-----END CERTIFICATE-----