Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/D90725055620C1A52F09E9DBBABEB3B012803B7C253881FC4A6C3942F15EC407/0/3230302e35382e3234302e302f32312d3234203d3e20323635373231.roa
File:                     3230302e35382e3234302e302f32312d3234203d3e20323635373231.roa (raw, json)
Hash identifier:          7HolFbVvC5bEDrcK4sqhAfqq4tuDbBqg/QFGwBgl2ro=
Subject key identifier:   45:7F:EC:CF:FE:88:54:96:35:3E:28:96:D4:DF:BE:57:48:1D:64:9F
Certificate issuer:       /CN=2F8C3680D6F88B72EC06F1326CAA0A348AE4FAA9
Certificate serial:       328B09EA994EF2649A3E2C783C6DD708738F0894
Authority key identifier: 2F:8C:36:80:D6:F8:8B:72:EC:06:F1:32:6C:AA:0A:34:8A:E4:FA:A9
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/2F8C3680D6F88B72EC06F1326CAA0A348AE4FAA9.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/D90725055620C1A52F09E9DBBABEB3B012803B7C253881FC4A6C3942F15EC407/0/3230302e35382e3234302e302f32312d3234203d3e20323635373231.roa
Signing time:             Tue 04 Feb 2025 18:31:37 +0000
ROA not before:           Tue 04 Feb 2025 18:26:37 +0000
ROA not after:            Tue 03 Feb 2026 18:31:37 +0000
asID:                     265721
IP address blocks:        200.58.240.0/21 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            32:8b:09:ea:99:4e:f2:64:9a:3e:2c:78:3c:6d:d7:08:73:8f:08:94
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2F8C3680D6F88B72EC06F1326CAA0A348AE4FAA9
        Validity
            Not Before: Feb  4 18:26:37 2025 GMT
            Not After : Feb  3 18:31:37 2026 GMT
        Subject: CN=457FECCFFE885496353E2896D4DFBE57481D649F
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:b3:d4:82:4d:d0:20:72:c7:dd:b0:e5:ea:cc:
                    07:c1:9c:b7:f7:fd:4f:41:d8:a0:66:83:7b:0c:a8:
                    7f:83:26:48:42:e2:cc:64:fe:a4:f9:69:3f:6c:cf:
                    b3:f1:3a:3d:6f:cd:96:b7:37:f4:18:bc:db:59:0e:
                    d2:54:00:d5:5b:60:81:7c:be:79:b1:c3:c2:2f:a1:
                    f3:ca:0c:b6:50:82:07:40:e2:27:5e:5e:3e:74:b2:
                    ef:7e:b7:fb:32:43:34:37:43:f8:90:50:4f:33:2c:
                    db:b3:b8:37:81:b4:01:8a:75:32:5a:52:64:0d:2e:
                    32:9f:45:62:20:fa:93:6c:5f:30:32:75:53:f9:4e:
                    c6:27:2a:5c:35:55:5e:1b:6d:0d:4e:ab:51:17:92:
                    62:06:dc:02:8e:22:8f:a4:2a:09:2a:2e:e7:7d:7f:
                    9b:0b:65:5a:31:db:be:39:5c:8e:6b:5a:7a:8b:32:
                    ae:e3:5d:32:b1:f3:fc:0a:75:9e:7e:8d:7f:4c:ae:
                    09:79:ad:16:b8:1d:82:21:06:b8:69:77:84:90:9a:
                    df:95:65:4c:5b:08:2d:ec:44:1c:df:88:3d:7d:80:
                    a9:a5:be:6a:1d:50:3c:2e:07:d1:d1:b6:8f:52:fd:
                    4e:a1:e4:ea:db:eb:18:ee:f4:df:68:8a:5f:03:5d:
                    7a:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                45:7F:EC:CF:FE:88:54:96:35:3E:28:96:D4:DF:BE:57:48:1D:64:9F
            X509v3 Authority Key Identifier:
                keyid:2F:8C:36:80:D6:F8:8B:72:EC:06:F1:32:6C:AA:0A:34:8A:E4:FA:A9

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/D90725055620C1A52F09E9DBBABEB3B012803B7C253881FC4A6C3942F15EC407/0/2F8C3680D6F88B72EC06F1326CAA0A348AE4FAA9.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/2F8C3680D6F88B72EC06F1326CAA0A348AE4FAA9.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/D90725055620C1A52F09E9DBBABEB3B012803B7C253881FC4A6C3942F15EC407/0/3230302e35382e3234302e302f32312d3234203d3e20323635373231.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.58.240.0/21

    Signature Algorithm: sha256WithRSAEncryption
         1f:89:ca:b7:98:59:5e:f9:35:fc:3d:d3:39:75:c6:44:b8:b1:
         77:30:94:2e:1d:21:7c:1e:3b:5e:76:cc:0e:96:24:05:b9:a7:
         8d:dc:f8:80:03:6e:21:64:87:b3:fe:55:71:90:ea:b6:72:1b:
         93:d4:e2:2f:2f:98:d8:78:91:4f:ac:74:57:62:36:3b:42:f0:
         17:2a:53:8b:4e:ef:67:cc:3f:0a:69:84:3a:09:e2:31:a5:ae:
         78:fd:08:78:35:92:b9:95:77:3e:8e:f1:47:71:00:14:a6:98:
         2b:d6:03:01:d4:2b:8b:dd:9a:2b:06:c7:13:53:35:07:e7:25:
         2b:87:fa:1c:cc:bd:1f:ba:c7:92:dc:cc:51:26:f7:a3:ee:8b:
         c2:f3:02:d2:78:88:f0:06:b1:4e:9f:ae:d6:09:e6:7f:b8:e4:
         d6:8a:24:05:28:79:07:65:31:18:44:f3:d6:2f:2b:42:e6:4a:
         98:a4:6a:d8:eb:0f:c4:85:cb:27:b5:2b:a5:d9:69:67:0e:79:
         6d:37:e5:52:1c:2c:c6:1c:5e:b3:80:e8:08:67:e3:70:44:d4:
         c5:d9:be:c6:3f:a5:09:7c:90:3f:69:72:40:96:bd:dc:96:18:
         26:b4:8c:32:4d:59:65:4d:34:32:4b:d7:fe:b4:ef:22:70:1d:
         ea:51:85:3d
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUMosJ6plO8mSaPix4PG3XCHOPCJQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMkY4QzM2ODBENkY4OEI3MkVDMDZGMTMyNkNBQTBBMzQ4
QUU0RkFBOTAeFw0yNTAyMDQxODI2MzdaFw0yNjAyMDMxODMxMzdaMDMxMTAvBgNV
BAMTKDQ1N0ZFQ0NGRkU4ODU0OTYzNTNFMjg5NkQ0REZCRTU3NDgxRDY0OUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4s9SCTdAgcsfdsOXqzAfBnLf3
/U9B2KBmg3sMqH+DJkhC4sxk/qT5aT9sz7PxOj1vzZa3N/QYvNtZDtJUANVbYIF8
vnmxw8IvofPKDLZQggdA4ideXj50su9+t/syQzQ3Q/iQUE8zLNuzuDeBtAGKdTJa
UmQNLjKfRWIg+pNsXzAydVP5TsYnKlw1VV4bbQ1Oq1EXkmIG3AKOIo+kKgkqLud9
f5sLZVox2745XI5rWnqLMq7jXTKx8/wKdZ5+jX9Mrgl5rRa4HYIhBrhpd4SQmt+V
ZUxbCC3sRBzfiD19gKmlvmodUDwuB9HRto9S/U6h5Orb6xju9N9oil8DXXrHAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQURX/sz/6IVJY1PiiW1N++V0gdZJ8wHwYDVR0j
BBgwFoAUL4w2gNb4i3LsBvEybKoKNIrk+qkwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9EOTA3MjUwNTU2MjBDMUE1MkYwOUU5REJCQUJFQjNCMDEy
ODAzQjdDMjUzODgxRkM0QTZDMzk0MkYxNUVDNDA3LzAvMkY4QzM2ODBENkY4OEI3
MkVDMDZGMTMyNkNBQTBBMzQ4QUU0RkFBOS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8yRjhDMzY4MEQ2Rjg4QjcyRUMw
NkYxMzI2Q0FBMEEzNDhBRTRGQUE5LmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvRDkwNzI1MDU1NjIwQzFBNTJGMDlFOURCQkFCRUIzQjAxMjgwM0I3QzI1
Mzg4MUZDNEE2QzM5NDJGMTVFQzQwNy8wLzMyMzAzMDJlMzUzODJlMzIzNDMwMmUz
MDJmMzIzMTJkMzIzNDIwM2QzZTIwMzIzNjM1MzczMjMxLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDyDrw
MA0GCSqGSIb3DQEBCwUAA4IBAQAficq3mFle+TX8PdM5dcZEuLF3MJQuHSF8Hjte
dswOliQFuaeN3PiAA24hZIez/lVxkOq2chuT1OIvL5jYeJFPrHRXYjY7QvAXKlOL
Tu9nzD8KaYQ6CeIxpa54/Qh4NZK5lXc+jvFHcQAUppgr1gMB1CuL3ZorBscTUzUH
5yUrh/oczL0fuseS3MxRJvej7ovC8wLSeIjwBrFOn67WCeZ/uOTWiiQFKHkHZTEY
RPPWLytC5kqYpGrY6w/EhcsntSul2WlnDnltN+VSHCzGHF6zgOgIZ+NwRNTF2b7G
P6UJfJA/aXJAlr3clhgmtIwyTVllTTQyS9f+tO8icB3qUYU9
-----END CERTIFICATE-----