Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/D999D3A68842F99FBB597F38B2C3EBFAEE804D61D600863CE6797F253484C45B/0/3230302e32332e3137302e302f32342d3234203d3e203332303938.roa
File:                     3230302e32332e3137302e302f32342d3234203d3e203332303938.roa (raw, json)
Hash identifier:          2Y5qv9vzGbN4YZIbTnFYPImAVRjqLq7wZzi3BR29ykk=
Subject key identifier:   00:25:66:E1:DA:11:65:BE:9B:20:6F:A4:74:23:8A:C8:94:A3:4C:D6
Certificate issuer:       /CN=DA9CE332EEAB17EF6270B269990D948099DD5049
Certificate serial:       7EB08A2EA5DE1FAFE6B521CB0C0C06E81E07CDFB
Authority key identifier: DA:9C:E3:32:EE:AB:17:EF:62:70:B2:69:99:0D:94:80:99:DD:50:49
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/DA9CE332EEAB17EF6270B269990D948099DD5049.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/D999D3A68842F99FBB597F38B2C3EBFAEE804D61D600863CE6797F253484C45B/0/3230302e32332e3137302e302f32342d3234203d3e203332303938.roa
Signing time:             Tue 04 Feb 2025 18:10:15 +0000
ROA not before:           Tue 04 Feb 2025 18:05:15 +0000
ROA not after:            Tue 03 Feb 2026 18:10:15 +0000
asID:                     32098
IP address blocks:        200.23.170.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7e:b0:8a:2e:a5:de:1f:af:e6:b5:21:cb:0c:0c:06:e8:1e:07:cd:fb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=DA9CE332EEAB17EF6270B269990D948099DD5049
        Validity
            Not Before: Feb  4 18:05:15 2025 GMT
            Not After : Feb  3 18:10:15 2026 GMT
        Subject: CN=002566E1DA1165BE9B206FA474238AC894A34CD6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:e1:ab:66:8a:ae:2a:22:29:c1:5e:13:fc:b7:
                    52:38:0a:6d:90:e1:1e:17:20:43:e9:c4:29:80:1d:
                    91:2c:4f:9d:9c:41:27:b1:04:d3:b4:fe:51:5f:2a:
                    c7:b5:f5:41:42:37:47:0c:6a:fe:72:cf:1e:24:54:
                    bf:68:08:16:ed:36:9c:56:7f:2c:36:79:64:31:aa:
                    f6:5a:e4:a6:1c:ff:79:8a:4c:2f:c1:5b:05:32:8a:
                    b2:f9:c9:68:eb:bc:7f:e5:94:8d:10:54:d6:2d:5c:
                    d8:69:94:86:70:ea:8b:0b:49:9e:87:86:0e:b3:cb:
                    c2:7d:c4:d7:95:2c:bc:98:f6:54:92:14:df:34:70:
                    00:ed:8b:a3:94:d4:c4:ae:36:42:e9:a1:1a:05:46:
                    06:39:c6:d1:b8:b1:2a:7f:e7:59:eb:61:2f:c4:ee:
                    e0:99:50:c5:1b:a2:2c:af:b1:19:4e:ca:02:22:3b:
                    bc:9d:fe:5d:d7:ec:aa:dc:a5:4b:7e:63:db:f7:f0:
                    d3:31:19:02:91:62:2d:cc:09:b7:68:d9:49:e1:8e:
                    05:04:5c:71:ec:64:55:af:94:ef:48:b2:c0:cf:33:
                    49:b6:c8:de:75:67:cf:16:3c:16:6c:cb:b3:92:c4:
                    b9:7a:5c:9e:64:16:29:42:81:ec:dc:68:24:b2:3e:
                    de:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                00:25:66:E1:DA:11:65:BE:9B:20:6F:A4:74:23:8A:C8:94:A3:4C:D6
            X509v3 Authority Key Identifier:
                keyid:DA:9C:E3:32:EE:AB:17:EF:62:70:B2:69:99:0D:94:80:99:DD:50:49

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/D999D3A68842F99FBB597F38B2C3EBFAEE804D61D600863CE6797F253484C45B/0/DA9CE332EEAB17EF6270B269990D948099DD5049.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/DA9CE332EEAB17EF6270B269990D948099DD5049.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/D999D3A68842F99FBB597F38B2C3EBFAEE804D61D600863CE6797F253484C45B/0/3230302e32332e3137302e302f32342d3234203d3e203332303938.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.23.170.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7b:1b:90:91:c6:c1:01:c5:91:d9:0f:3a:a8:32:d9:8b:94:a1:
         31:33:63:31:e7:0a:7a:cd:56:b9:a3:6e:33:24:ee:11:fa:18:
         a4:b7:28:6b:a5:e5:56:d9:ca:33:39:29:c9:0d:cf:c8:d0:e1:
         df:73:5b:60:ab:34:d6:28:78:a2:eb:4a:90:f4:1d:ca:8c:ab:
         b9:6b:6c:b1:5d:ef:2e:c1:8b:70:09:89:91:9e:76:97:a3:5a:
         93:2b:55:5c:56:9f:6f:b5:9a:63:63:66:3e:47:5d:72:55:e6:
         19:09:72:74:18:92:88:e3:4f:11:1a:d3:9f:fc:8e:61:f5:bb:
         a1:43:03:05:d6:88:d1:8b:21:ac:f5:aa:2e:3f:a0:2e:14:60:
         ad:38:3a:7d:60:ed:28:f6:4c:61:e5:cd:ad:fd:94:3c:0c:19:
         6d:53:ee:57:17:d9:bf:d2:d6:b6:77:94:05:d8:4d:74:21:dc:
         96:2e:dc:a9:3c:f2:ab:af:18:92:c9:19:85:70:af:f0:b3:16:
         03:cf:42:38:22:64:13:0a:fa:5a:60:bf:61:5d:9e:53:a2:0c:
         20:1e:39:7e:00:4e:fe:a8:a5:f3:57:39:cb:e9:74:03:43:04:
         8a:86:e9:9b:22:6c:57:c8:19:aa:d2:c0:87:11:01:7d:3a:8b:
         ae:ff:81:17
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUfrCKLqXeH6/mtSHLDAwG6B4HzfswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoREE5Q0UzMzJFRUFCMTdFRjYyNzBCMjY5OTkwRDk0ODA5
OURENTA0OTAeFw0yNTAyMDQxODA1MTVaFw0yNjAyMDMxODEwMTVaMDMxMTAvBgNV
BAMTKDAwMjU2NkUxREExMTY1QkU5QjIwNkZBNDc0MjM4QUM4OTRBMzRDRDYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDN4atmiq4qIinBXhP8t1I4Cm2Q
4R4XIEPpxCmAHZEsT52cQSexBNO0/lFfKse19UFCN0cMav5yzx4kVL9oCBbtNpxW
fyw2eWQxqvZa5KYc/3mKTC/BWwUyirL5yWjrvH/llI0QVNYtXNhplIZw6osLSZ6H
hg6zy8J9xNeVLLyY9lSSFN80cADti6OU1MSuNkLpoRoFRgY5xtG4sSp/51nrYS/E
7uCZUMUboiyvsRlOygIiO7yd/l3X7KrcpUt+Y9v38NMxGQKRYi3MCbdo2UnhjgUE
XHHsZFWvlO9IssDPM0m2yN51Z88WPBZsy7OSxLl6XJ5kFilCgezcaCSyPt6HAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUACVm4doRZb6bIG+kdCOKyJSjTNYwHwYDVR0j
BBgwFoAU2pzjMu6rF+9icLJpmQ2UgJndUEkwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9EOTk5RDNBNjg4NDJGOTlGQkI1OTdGMzhCMkMzRUJGQUVF
ODA0RDYxRDYwMDg2M0NFNjc5N0YyNTM0ODRDNDVCLzAvREE5Q0UzMzJFRUFCMTdF
RjYyNzBCMjY5OTkwRDk0ODA5OURENTA0OS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9EQTlDRTMzMkVFQUIxN0VGNjI3
MEIyNjk5OTBEOTQ4MDk5REQ1MDQ5LmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvRDk5OUQzQTY4ODQyRjk5RkJCNTk3RjM4QjJDM0VCRkFFRTgwNEQ2MUQ2
MDA4NjNDRTY3OTdGMjUzNDg0QzQ1Qi8wLzMyMzAzMDJlMzIzMzJlMzEzNzMwMmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzMzMjMwMzkzOC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMgXqjAN
BgkqhkiG9w0BAQsFAAOCAQEAexuQkcbBAcWR2Q86qDLZi5ShMTNjMecKes1WuaNu
MyTuEfoYpLcoa6XlVtnKMzkpyQ3PyNDh33NbYKs01ih4outKkPQdyoyruWtssV3v
LsGLcAmJkZ52l6NakytVXFafb7WaY2NmPkddclXmGQlydBiSiONPERrTn/yOYfW7
oUMDBdaI0YshrPWqLj+gLhRgrTg6fWDtKPZMYeXNrf2UPAwZbVPuVxfZv9LWtneU
BdhNdCHcli7cqTzyq68YkskZhXCv8LMWA89COCJkEwr6WmC/YV2eU6IMIB45fgBO
/qil81c5y+l0A0MEiobpmyJsV8gZqtLAhxEBfTqLrv+BFw==
-----END CERTIFICATE-----