Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/DDDA5FFC7CC01E56FBC5E47819B35AEDB7CBC1F3332E5452803F1A87B501816A/0/3230302e31332e3134342e302f32312d3231203d3e203237373235.roa
File:                     3230302e31332e3134342e302f32312d3231203d3e203237373235.roa (raw, json)
Hash identifier:          /dbiZJpgpuUBlQS7WHQLEJJ/dD0rri1eoXp1LoA2b5Q=
Subject key identifier:   9B:11:05:0F:6D:26:46:EA:9F:91:03:C7:B8:5B:7E:15:B9:AD:0E:9B
Certificate issuer:       /CN=F61921851FAF179EC5A5784ECA91704DCD1B66C7
Certificate serial:       54B80D5FAC1E66C078BD8600A41C4522346E0582
Authority key identifier: F6:19:21:85:1F:AF:17:9E:C5:A5:78:4E:CA:91:70:4D:CD:1B:66:C7
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/F61921851FAF179EC5A5784ECA91704DCD1B66C7.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/DDDA5FFC7CC01E56FBC5E47819B35AEDB7CBC1F3332E5452803F1A87B501816A/0/3230302e31332e3134342e302f32312d3231203d3e203237373235.roa
Signing time:             Tue 04 Feb 2025 18:45:59 +0000
ROA not before:           Tue 04 Feb 2025 18:40:59 +0000
ROA not after:            Tue 03 Feb 2026 18:45:59 +0000
asID:                     27725
IP address blocks:        200.13.144.0/21 maxlen: 21
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            54:b8:0d:5f:ac:1e:66:c0:78:bd:86:00:a4:1c:45:22:34:6e:05:82
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F61921851FAF179EC5A5784ECA91704DCD1B66C7
        Validity
            Not Before: Feb  4 18:40:59 2025 GMT
            Not After : Feb  3 18:45:59 2026 GMT
        Subject: CN=9B11050F6D2646EA9F9103C7B85B7E15B9AD0E9B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f2:b4:36:5b:16:93:7e:d6:d1:d5:3b:28:10:15:
                    d9:ff:e3:40:e3:75:44:80:31:57:7d:d7:e0:db:a2:
                    75:6b:82:ff:35:fe:7f:ca:28:29:e3:73:61:1b:94:
                    51:73:01:18:c1:50:a4:55:80:59:46:a7:be:99:7d:
                    fd:13:5d:52:43:e5:4f:37:44:55:c2:86:57:ff:22:
                    de:a2:5d:e3:af:cf:a0:9c:f3:73:15:09:18:7e:ae:
                    1b:1e:89:a1:65:2b:8e:40:a2:6e:4d:5c:87:e8:ec:
                    70:5c:44:bf:93:f4:e0:82:2c:a5:15:e9:aa:f6:4d:
                    b5:b4:23:19:61:a0:45:47:a3:72:14:ca:d9:25:8c:
                    52:57:7e:de:4a:c4:02:81:0a:a4:3f:c9:ea:4e:c8:
                    ed:a8:3a:e1:04:bb:72:45:b7:ad:a6:35:1f:9e:0a:
                    40:79:2e:14:71:9c:7a:8f:6a:26:a1:3b:f4:62:b9:
                    0c:7e:36:86:af:4e:92:5c:b8:4c:0f:fe:39:60:f9:
                    88:a5:29:02:d2:90:0c:78:79:87:19:df:8b:d4:ed:
                    84:cf:c6:2b:f3:04:72:33:53:fd:11:2d:9c:bf:e2:
                    08:21:46:93:12:e2:97:f4:59:9a:4f:01:71:00:da:
                    31:24:6d:6d:33:26:4d:66:cc:bb:3d:92:8b:52:29:
                    b9:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9B:11:05:0F:6D:26:46:EA:9F:91:03:C7:B8:5B:7E:15:B9:AD:0E:9B
            X509v3 Authority Key Identifier:
                keyid:F6:19:21:85:1F:AF:17:9E:C5:A5:78:4E:CA:91:70:4D:CD:1B:66:C7

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/DDDA5FFC7CC01E56FBC5E47819B35AEDB7CBC1F3332E5452803F1A87B501816A/0/F61921851FAF179EC5A5784ECA91704DCD1B66C7.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/F61921851FAF179EC5A5784ECA91704DCD1B66C7.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/DDDA5FFC7CC01E56FBC5E47819B35AEDB7CBC1F3332E5452803F1A87B501816A/0/3230302e31332e3134342e302f32312d3231203d3e203237373235.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.13.144.0/21

    Signature Algorithm: sha256WithRSAEncryption
         9f:0f:a5:44:50:fb:b3:3f:0c:8a:3b:d4:42:97:d3:d4:d1:a5:
         e1:50:85:c1:20:4c:0e:47:03:db:a1:ad:88:1a:df:74:d0:7c:
         6e:91:3e:6e:92:13:f5:ad:52:cb:14:97:6b:c1:8f:90:55:8c:
         6c:00:b6:3d:9e:92:34:91:67:4b:d2:44:e4:bb:e8:60:1c:03:
         f4:fa:1d:9c:77:de:34:d7:28:42:c5:a7:e1:3e:9e:6d:7a:cd:
         37:33:1d:3e:8c:a6:ee:59:63:60:43:d9:cc:57:02:47:b6:fe:
         91:2c:5a:29:55:68:e3:14:b7:b9:d3:4e:b7:d1:e7:af:76:88:
         09:32:a5:fd:e4:8a:54:0c:fd:ec:70:e4:70:a6:3a:33:70:16:
         f4:97:29:af:9c:40:70:af:f3:b4:53:de:85:f4:29:0a:66:a2:
         5f:97:9a:18:a8:67:fe:8f:f2:51:a3:7d:b1:6a:a4:23:83:cf:
         34:ce:d9:5f:6d:f6:e6:fe:14:06:89:3c:4a:bd:6a:d1:e7:05:
         b0:a0:6e:ee:3d:b5:ef:c8:3c:4c:5c:8c:e0:e1:0e:97:3e:d2:
         91:fa:a4:0a:2f:8e:58:22:69:77:d3:53:7c:cb:be:4a:32:67:
         dd:15:2b:b9:05:44:0e:53:53:5a:6f:08:fc:eb:65:61:8b:71:
         04:0a:7a:a5
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUVLgNX6weZsB4vYYApBxFIjRuBYIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRjYxOTIxODUxRkFGMTc5RUM1QTU3ODRFQ0E5MTcwNERD
RDFCNjZDNzAeFw0yNTAyMDQxODQwNTlaFw0yNjAyMDMxODQ1NTlaMDMxMTAvBgNV
BAMTKDlCMTEwNTBGNkQyNjQ2RUE5RjkxMDNDN0I4NUI3RTE1QjlBRDBFOUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDytDZbFpN+1tHVOygQFdn/40Dj
dUSAMVd91+DbonVrgv81/n/KKCnjc2EblFFzARjBUKRVgFlGp76Zff0TXVJD5U83
RFXChlf/It6iXeOvz6Cc83MVCRh+rhseiaFlK45Aom5NXIfo7HBcRL+T9OCCLKUV
6ar2TbW0IxlhoEVHo3IUytkljFJXft5KxAKBCqQ/yepOyO2oOuEEu3JFt62mNR+e
CkB5LhRxnHqPaiahO/RiuQx+NoavTpJcuEwP/jlg+YilKQLSkAx4eYcZ34vU7YTP
xivzBHIzU/0RLZy/4gghRpMS4pf0WZpPAXEA2jEkbW0zJk1mzLs9kotSKbkvAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUmxEFD20mRuqfkQPHuFt+FbmtDpswHwYDVR0j
BBgwFoAU9hkhhR+vF57FpXhOypFwTc0bZscwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9ERERBNUZGQzdDQzAxRTU2RkJDNUU0NzgxOUIzNUFFREI3
Q0JDMUYzMzMyRTU0NTI4MDNGMUE4N0I1MDE4MTZBLzAvRjYxOTIxODUxRkFGMTc5
RUM1QTU3ODRFQ0E5MTcwNERDRDFCNjZDNy5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9GNjE5MjE4NTFGQUYxNzlFQzVB
NTc4NEVDQTkxNzA0RENEMUI2NkM3LmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvREREQTVGRkM3Q0MwMUU1NkZCQzVFNDc4MTlCMzVBRURCN0NCQzFGMzMz
MkU1NDUyODAzRjFBODdCNTAxODE2QS8wLzMyMzAzMDJlMzEzMzJlMzEzNDM0MmUz
MDJmMzIzMTJkMzIzMTIwM2QzZTIwMzIzNzM3MzIzNS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA8gNkDAN
BgkqhkiG9w0BAQsFAAOCAQEAnw+lRFD7sz8MijvUQpfT1NGl4VCFwSBMDkcD26Gt
iBrfdNB8bpE+bpIT9a1SyxSXa8GPkFWMbAC2PZ6SNJFnS9JE5LvoYBwD9PodnHfe
NNcoQsWn4T6ebXrNNzMdPoym7lljYEPZzFcCR7b+kSxaKVVo4xS3udNOt9Hnr3aI
CTKl/eSKVAz97HDkcKY6M3AW9Jcpr5xAcK/ztFPehfQpCmaiX5eaGKhn/o/yUaN9
sWqkI4PPNM7ZX2325v4UBok8Sr1q0ecFsKBu7j2178g8TFyM4OEOlz7SkfqkCi+O
WCJpd9NTfMu+SjJn3RUruQVEDlNTWm8I/OtlYYtxBAp6pQ==
-----END CERTIFICATE-----