Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/D952BACB6D27E48267036F7CBD6CC4ADEE60BA1D1CFF5EF59481A90BA2071DD7/0/3230302e31302e3232362e302f32342d3234203d3e2037343138.roa
File:                     3230302e31302e3232362e302f32342d3234203d3e2037343138.roa (raw, json)
Hash identifier:          8I8pY+nQnFjRC4FBW4ceDEU0MUJZsEEulgekwfRepp8=
Subject key identifier:   E9:76:88:6A:0C:65:0F:89:BA:86:79:EE:17:FC:32:EE:F5:67:D6:6A
Certificate issuer:       /CN=25CD6A4FBC8BEE34A2DC371793A09E274E0E3661
Certificate serial:       12B8BFF842B788700360417F50364BDA3F394046
Authority key identifier: 25:CD:6A:4F:BC:8B:EE:34:A2:DC:37:17:93:A0:9E:27:4E:0E:36:61
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/25CD6A4FBC8BEE34A2DC371793A09E274E0E3661.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/D952BACB6D27E48267036F7CBD6CC4ADEE60BA1D1CFF5EF59481A90BA2071DD7/0/3230302e31302e3232362e302f32342d3234203d3e2037343138.roa
Signing time:             Tue 04 Feb 2025 18:29:46 +0000
ROA not before:           Tue 04 Feb 2025 18:24:46 +0000
ROA not after:            Tue 03 Feb 2026 18:29:46 +0000
asID:                     7418
IP address blocks:        200.10.226.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            12:b8:bf:f8:42:b7:88:70:03:60:41:7f:50:36:4b:da:3f:39:40:46
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=25CD6A4FBC8BEE34A2DC371793A09E274E0E3661
        Validity
            Not Before: Feb  4 18:24:46 2025 GMT
            Not After : Feb  3 18:29:46 2026 GMT
        Subject: CN=E976886A0C650F89BA8679EE17FC32EEF567D66A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:c5:b7:b4:05:7f:b0:87:72:dc:54:35:4b:30:
                    fe:6c:71:d0:a7:64:de:da:c2:90:79:70:39:71:0e:
                    eb:d9:28:1b:9f:60:e8:88:be:33:8a:98:b1:3c:c9:
                    9f:f5:0c:7f:b7:5d:96:50:c3:90:a8:f1:eb:53:50:
                    bf:77:4d:e1:9d:dd:69:39:aa:9c:7b:29:21:40:b7:
                    14:a8:e6:bf:f7:11:da:05:00:3e:e7:62:63:c2:0b:
                    88:9e:78:ea:a0:13:3e:a5:59:dc:9c:d8:1b:7f:57:
                    83:68:fc:2c:32:56:85:f5:09:ed:a9:4d:47:25:7c:
                    78:61:58:d3:d1:77:57:bb:f8:04:e5:c2:fd:59:d8:
                    26:4c:ab:53:37:c4:00:98:f6:41:39:91:24:8c:af:
                    2b:9e:be:4c:29:d8:7c:fe:44:c6:46:1d:88:82:8d:
                    8f:af:30:8e:70:41:47:81:b4:99:12:fb:9e:61:56:
                    be:67:73:f5:9e:85:81:5a:d7:7c:2c:95:ed:10:bb:
                    48:fc:ba:61:ed:52:75:d1:95:23:a5:8b:8b:38:ce:
                    93:d3:ec:fa:3a:e5:79:48:ed:09:1f:1e:0f:87:2b:
                    81:ea:77:a7:cd:1f:e2:86:ba:21:da:d8:c8:01:72:
                    4a:8e:b2:26:b9:f6:68:5f:53:7c:0a:24:37:57:c3:
                    dd:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E9:76:88:6A:0C:65:0F:89:BA:86:79:EE:17:FC:32:EE:F5:67:D6:6A
            X509v3 Authority Key Identifier:
                keyid:25:CD:6A:4F:BC:8B:EE:34:A2:DC:37:17:93:A0:9E:27:4E:0E:36:61

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/D952BACB6D27E48267036F7CBD6CC4ADEE60BA1D1CFF5EF59481A90BA2071DD7/0/25CD6A4FBC8BEE34A2DC371793A09E274E0E3661.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/25CD6A4FBC8BEE34A2DC371793A09E274E0E3661.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/D952BACB6D27E48267036F7CBD6CC4ADEE60BA1D1CFF5EF59481A90BA2071DD7/0/3230302e31302e3232362e302f32342d3234203d3e2037343138.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.10.226.0/24

    Signature Algorithm: sha256WithRSAEncryption
         76:45:71:61:70:c4:44:67:ec:0b:78:b7:45:65:fd:6e:72:18:
         b6:42:af:8b:0f:17:1d:3f:1c:ff:6b:66:1e:d7:f3:e6:3f:e9:
         06:77:88:03:a8:b7:0e:5e:eb:cc:6c:61:fc:bd:d5:bf:62:2e:
         75:cb:95:41:4c:6c:d0:06:27:c2:e1:1a:a0:61:4d:61:dc:15:
         93:a1:d1:0a:69:10:ea:cc:36:dc:13:5c:b0:d8:f3:1d:b8:a7:
         da:6e:dc:1c:ed:9b:a3:c9:0a:1f:dc:32:77:e1:b7:a9:b9:7d:
         a6:56:b1:d9:2c:ed:6d:9e:dd:bc:83:f3:79:61:da:de:c8:af:
         fa:66:65:09:ec:ba:24:b9:44:ab:94:d0:ff:86:f2:49:01:fb:
         9b:39:a1:b2:b4:6d:8e:11:c3:64:71:b5:7c:c1:01:c0:67:85:
         ad:dd:f1:13:09:c3:b4:d7:fb:12:a7:98:05:f1:be:dd:01:1f:
         ba:95:1b:b8:13:fd:c0:60:6b:07:b7:5d:ae:fc:eb:bd:8a:16:
         df:00:01:a3:eb:7a:c7:f4:14:d3:27:16:74:c3:4a:0b:d5:df:
         e5:7d:91:89:ff:16:f2:b0:ec:61:2e:fc:d2:f4:52:f8:05:f3:
         bd:d1:6a:82:dc:ea:53:f4:00:96:33:a7:ca:4d:72:50:e3:c7:
         f7:00:3b:a5
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIUEri/+EK3iHADYEF/UDZL2j85QEYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjVDRDZBNEZCQzhCRUUzNEEyREMzNzE3OTNBMDlFMjc0
RTBFMzY2MTAeFw0yNTAyMDQxODI0NDZaFw0yNjAyMDMxODI5NDZaMDMxMTAvBgNV
BAMTKEU5NzY4ODZBMEM2NTBGODlCQTg2NzlFRTE3RkMzMkVFRjU2N0Q2NkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCtxbe0BX+wh3LcVDVLMP5scdCn
ZN7awpB5cDlxDuvZKBufYOiIvjOKmLE8yZ/1DH+3XZZQw5Co8etTUL93TeGd3Wk5
qpx7KSFAtxSo5r/3EdoFAD7nYmPCC4ieeOqgEz6lWdyc2Bt/V4No/CwyVoX1Ce2p
TUclfHhhWNPRd1e7+ATlwv1Z2CZMq1M3xACY9kE5kSSMryuevkwp2Hz+RMZGHYiC
jY+vMI5wQUeBtJkS+55hVr5nc/WehYFa13wsle0Qu0j8umHtUnXRlSOli4s4zpPT
7Po65XlI7QkfHg+HK4Hqd6fNH+KGuiHa2MgBckqOsia59mhfU3wKJDdXw93xAgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQU6XaIagxlD4m6hnnuF/wy7vVn1mowHwYDVR0j
BBgwFoAUJc1qT7yL7jSi3DcXk6CeJ04ONmEwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9EOTUyQkFDQjZEMjdFNDgyNjcwMzZGN0NCRDZDQzRBREVF
NjBCQTFEMUNGRjVFRjU5NDgxQTkwQkEyMDcxREQ3LzAvMjVDRDZBNEZCQzhCRUUz
NEEyREMzNzE3OTNBMDlFMjc0RTBFMzY2MS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8yNUNENkE0RkJDOEJFRTM0QTJE
QzM3MTc5M0EwOUUyNzRFMEUzNjYxLmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvRDk1MkJBQ0I2RDI3RTQ4MjY3MDM2RjdDQkQ2Q0M0QURFRTYwQkExRDFD
RkY1RUY1OTQ4MUE5MEJBMjA3MURENy8wLzMyMzAzMDJlMzEzMDJlMzIzMjM2MmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzczNDMxMzgucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADICuIwDQYJ
KoZIhvcNAQELBQADggEBAHZFcWFwxERn7At4t0Vl/W5yGLZCr4sPFx0/HP9rZh7X
8+Y/6QZ3iAOotw5e68xsYfy91b9iLnXLlUFMbNAGJ8LhGqBhTWHcFZOh0QppEOrM
NtwTXLDY8x24p9pu3Bztm6PJCh/cMnfht6m5faZWsdks7W2e3byD83lh2t7Ir/pm
ZQnsuiS5RKuU0P+G8kkB+5s5obK0bY4Rw2RxtXzBAcBnha3d8RMJw7TX+xKnmAXx
vt0BH7qVG7gT/cBgawe3Xa78672KFt8AAaPresf0FNMnFnTDSgvV3+V9kYn/FvKw
7GEu/NL0UvgF873RaoLc6lP0AJYzp8pNclDjx/cAO6U=
-----END CERTIFICATE-----