Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/DE7FD55F74A24073A48267D14A4A5B732ECA0B5B8219FE20E0EFE4805426AC1F/0/3230372e3234382e3130382e302f32322d3234203d3e20323633313237.roa
File:                     3230372e3234382e3130382e302f32322d3234203d3e20323633313237.roa (raw, json)
Hash identifier:          izIhLs+w8LXUI5ULPROuGJfGWhzWFqysf59WlUxGQVE=
Subject key identifier:   FA:72:8F:CD:C0:10:C4:0E:5C:4D:E8:D1:12:79:C4:81:8C:0D:BE:6C
Certificate issuer:       /CN=C0BE5885AF2AD2A48DA19528787A4E1FC13F6E19
Certificate serial:       02440CE47C0BFE246B289510C60ED8F291E6E229
Authority key identifier: C0:BE:58:85:AF:2A:D2:A4:8D:A1:95:28:78:7A:4E:1F:C1:3F:6E:19
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C0BE5885AF2AD2A48DA19528787A4E1FC13F6E19.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/DE7FD55F74A24073A48267D14A4A5B732ECA0B5B8219FE20E0EFE4805426AC1F/0/3230372e3234382e3130382e302f32322d3234203d3e20323633313237.roa
Signing time:             Tue 04 Feb 2025 20:07:40 +0000
ROA not before:           Tue 04 Feb 2025 20:02:40 +0000
ROA not after:            Tue 03 Feb 2026 20:07:40 +0000
asID:                     263127
IP address blocks:        207.248.108.0/22 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            02:44:0c:e4:7c:0b:fe:24:6b:28:95:10:c6:0e:d8:f2:91:e6:e2:29
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=C0BE5885AF2AD2A48DA19528787A4E1FC13F6E19
        Validity
            Not Before: Feb  4 20:02:40 2025 GMT
            Not After : Feb  3 20:07:40 2026 GMT
        Subject: CN=FA728FCDC010C40E5C4DE8D11279C4818C0DBE6C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:04:c5:9b:4d:39:d7:52:db:83:a7:cd:d3:39:
                    7f:6c:45:5d:a8:79:1d:c5:ec:0b:6c:95:87:09:3c:
                    c5:ea:03:72:04:4f:13:f9:c6:06:66:3c:80:1d:57:
                    b6:50:02:e2:78:5b:6a:39:3d:d1:9f:07:c5:06:ec:
                    14:1f:e0:d6:7e:df:03:ef:71:65:83:4f:cd:03:6a:
                    3d:89:48:76:4f:cb:ba:2e:59:53:53:f8:3a:19:41:
                    f7:15:d6:cf:d9:84:af:78:de:6f:1c:ca:2d:ef:be:
                    c5:26:31:d0:b7:e4:c3:09:58:32:dc:d6:28:63:44:
                    68:bb:08:c9:54:c8:45:c4:c8:23:7d:17:30:f2:b9:
                    21:07:bc:55:23:29:18:0b:57:fe:20:95:f1:82:39:
                    92:e2:11:78:22:da:c5:ef:fc:ea:da:ec:e3:26:bb:
                    1a:cd:97:04:e3:eb:cc:64:59:b3:29:2b:41:18:c2:
                    e7:26:23:ae:7c:27:ae:5e:be:ec:1f:b5:17:b3:7f:
                    4f:7d:fe:6c:bf:a4:bb:35:a9:1a:48:de:29:fc:b2:
                    b4:01:6e:5e:88:db:a9:63:9e:31:c8:f1:a0:0d:77:
                    79:67:d0:e0:2f:27:fb:96:b6:59:56:07:19:30:d4:
                    ad:8f:39:5a:77:5b:20:d2:9e:ff:2f:b5:5c:d8:87:
                    cb:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FA:72:8F:CD:C0:10:C4:0E:5C:4D:E8:D1:12:79:C4:81:8C:0D:BE:6C
            X509v3 Authority Key Identifier:
                keyid:C0:BE:58:85:AF:2A:D2:A4:8D:A1:95:28:78:7A:4E:1F:C1:3F:6E:19

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/DE7FD55F74A24073A48267D14A4A5B732ECA0B5B8219FE20E0EFE4805426AC1F/0/C0BE5885AF2AD2A48DA19528787A4E1FC13F6E19.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C0BE5885AF2AD2A48DA19528787A4E1FC13F6E19.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/DE7FD55F74A24073A48267D14A4A5B732ECA0B5B8219FE20E0EFE4805426AC1F/0/3230372e3234382e3130382e302f32322d3234203d3e20323633313237.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  207.248.108.0/22

    Signature Algorithm: sha256WithRSAEncryption
         8f:93:d5:f3:52:78:09:b3:51:cd:10:a8:8e:2d:b2:a2:e2:8a:
         2a:2d:51:15:af:e8:c8:0e:b1:79:ed:9a:36:5e:62:81:88:43:
         f5:c7:24:2a:b0:2d:ec:68:20:94:ff:b3:b4:7c:3f:72:8a:ae:
         c5:fa:2e:3d:c6:01:21:7b:19:ab:40:93:b6:7a:ea:ca:3d:5a:
         ae:70:09:c7:35:ba:f9:85:5b:24:ae:ff:03:e9:ee:ed:7c:c3:
         cb:4b:f3:05:99:ff:16:7d:dc:80:76:8f:0e:41:4a:24:16:ea:
         3a:c3:0b:e8:6d:57:60:11:92:6f:f6:ff:7d:19:52:19:92:c8:
         8d:8e:49:90:c3:c5:37:0d:9b:4a:b4:23:d4:f6:8e:42:60:6a:
         90:31:f4:bd:25:69:b6:dd:49:80:5e:45:cd:37:8e:be:4a:87:
         e7:8b:57:f1:bf:1c:90:d2:c9:4e:b1:7d:e2:15:54:ff:0a:1c:
         5a:9f:ff:fd:b6:4f:23:56:73:c2:8b:45:10:7f:bc:27:2d:3a:
         aa:1a:63:91:43:fc:cf:fd:13:53:a0:ab:ea:3c:c8:ea:26:c2:
         cf:0b:43:5b:80:be:ae:56:1f:80:6e:d8:06:93:db:cf:b8:e2:
         14:51:27:96:64:ca:17:6d:a8:c4:a0:01:b1:f3:ee:c2:eb:24:
         6e:dc:38:40
-----BEGIN CERTIFICATE-----
MIIFwjCCBKqgAwIBAgIUAkQM5HwL/iRrKJUQxg7Y8pHm4ikwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQzBCRTU4ODVBRjJBRDJBNDhEQTE5NTI4Nzg3QTRFMUZD
MTNGNkUxOTAeFw0yNTAyMDQyMDAyNDBaFw0yNjAyMDMyMDA3NDBaMDMxMTAvBgNV
BAMTKEZBNzI4RkNEQzAxMEM0MEU1QzRERThEMTEyNzlDNDgxOEMwREJFNkMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+BMWbTTnXUtuDp83TOX9sRV2o
eR3F7AtslYcJPMXqA3IETxP5xgZmPIAdV7ZQAuJ4W2o5PdGfB8UG7BQf4NZ+3wPv
cWWDT80Daj2JSHZPy7ouWVNT+DoZQfcV1s/ZhK943m8cyi3vvsUmMdC35MMJWDLc
1ihjRGi7CMlUyEXEyCN9FzDyuSEHvFUjKRgLV/4glfGCOZLiEXgi2sXv/Ora7OMm
uxrNlwTj68xkWbMpK0EYwucmI658J65evuwftRezf099/my/pLs1qRpI3in8srQB
bl6I26ljnjHI8aANd3ln0OAvJ/uWtllWBxkw1K2POVp3WyDSnv8vtVzYh8uLAgMB
AAGjggLMMIICyDAdBgNVHQ4EFgQU+nKPzcAQxA5cTejREnnEgYwNvmwwHwYDVR0j
BBgwFoAUwL5Yha8q0qSNoZUoeHpOH8E/bhkwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9ERTdGRDU1Rjc0QTI0MDczQTQ4MjY3RDE0QTRBNUI3MzJF
Q0EwQjVCODIxOUZFMjBFMEVGRTQ4MDU0MjZBQzFGLzAvQzBCRTU4ODVBRjJBRDJB
NDhEQTE5NTI4Nzg3QTRFMUZDMTNGNkUxOS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9DMEJFNTg4NUFGMkFEMkE0OERB
MTk1Mjg3ODdBNEUxRkMxM0Y2RTE5LmNlcjCBywYIKwYBBQUHAQsEgb4wgbswgbgG
CCsGAQUFBzALhoGrcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvREU3RkQ1NUY3NEEyNDA3M0E0ODI2N0QxNEE0QTVCNzMyRUNBMEI1Qjgy
MTlGRTIwRTBFRkU0ODA1NDI2QUMxRi8wLzMyMzAzNzJlMzIzNDM4MmUzMTMwMzgy
ZTMwMmYzMjMyMmQzMjM0MjAzZDNlMjAzMjM2MzMzMTMyMzcucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBALP
+GwwDQYJKoZIhvcNAQELBQADggEBAI+T1fNSeAmzUc0QqI4tsqLiiiotURWv6MgO
sXntmjZeYoGIQ/XHJCqwLexoIJT/s7R8P3KKrsX6Lj3GASF7GatAk7Z66so9Wq5w
Ccc1uvmFWySu/wPp7u18w8tL8wWZ/xZ93IB2jw5BSiQW6jrDC+htV2ARkm/2/30Z
UhmSyI2OSZDDxTcNm0q0I9T2jkJgapAx9L0labbdSYBeRc03jr5Kh+eLV/G/HJDS
yU6xfeIVVP8KHFqf//22TyNWc8KLRRB/vCctOqoaY5FD/M/9E1Ogq+o8yOomws8L
Q1uAvq5WH4Bu2AaT28+44hRRJ5ZkyhdtqMSgAbHz7sLrJG7cOEA=
-----END CERTIFICATE-----