Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/E308336EA40C71279221408A5564CCAC3B8E8AC5D627B96EE6993AB792966F3B/0/3230302e392e3138332e302f32342d3234203d3e203238333936.roa
File:                     3230302e392e3138332e302f32342d3234203d3e203238333936.roa (raw, json)
Hash identifier:          QebVaObbaweWBZZ30QP18cXtFB9bEumwqpTrNsyZPuI=
Subject key identifier:   A8:5C:38:28:9A:18:FE:41:83:D9:D1:EB:59:2B:D7:6C:7C:70:9B:DA
Certificate issuer:       /CN=4757544F4D08DF62C9ADCBFE6BA8FED1F550A69C
Certificate serial:       79F4C275309888C49385C79A8C79BBC8EA171AFA
Authority key identifier: 47:57:54:4F:4D:08:DF:62:C9:AD:CB:FE:6B:A8:FE:D1:F5:50:A6:9C
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/4757544F4D08DF62C9ADCBFE6BA8FED1F550A69C.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/E308336EA40C71279221408A5564CCAC3B8E8AC5D627B96EE6993AB792966F3B/0/3230302e392e3138332e302f32342d3234203d3e203238333936.roa
Signing time:             Tue 04 Feb 2025 19:56:41 +0000
ROA not before:           Tue 04 Feb 2025 19:51:41 +0000
ROA not after:            Tue 03 Feb 2026 19:56:41 +0000
asID:                     28396
IP address blocks:        200.9.183.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            79:f4:c2:75:30:98:88:c4:93:85:c7:9a:8c:79:bb:c8:ea:17:1a:fa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4757544F4D08DF62C9ADCBFE6BA8FED1F550A69C
        Validity
            Not Before: Feb  4 19:51:41 2025 GMT
            Not After : Feb  3 19:56:41 2026 GMT
        Subject: CN=A85C38289A18FE4183D9D1EB592BD76C7C709BDA
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:6a:6c:95:56:89:43:d6:07:c4:aa:f8:10:0f:
                    b2:e0:7c:0e:dd:09:38:3a:6e:69:49:62:3c:eb:80:
                    e6:73:2d:b3:c7:45:41:9f:29:5a:e3:b6:92:76:a5:
                    ac:be:08:2e:75:4a:c6:23:ac:d6:77:60:78:d9:48:
                    36:bc:4b:5a:02:32:55:38:0f:51:50:b1:6f:f5:87:
                    f3:71:9e:0d:f3:bc:f6:8b:53:bb:2b:05:40:8a:af:
                    b7:6f:4f:78:b2:3e:10:5c:69:4e:49:e0:db:f5:85:
                    59:37:64:aa:f9:3b:48:b4:ac:4b:b6:2f:29:c8:d3:
                    c8:9f:00:7b:eb:67:48:c7:df:5e:9d:e7:cb:6f:9a:
                    bf:56:0e:9f:52:d9:da:ab:7a:ee:68:ca:63:f5:9b:
                    e2:e3:8e:4d:8e:b3:f2:14:e8:ac:39:28:90:35:d6:
                    d0:09:8c:ed:c3:0a:f9:70:0e:ae:28:df:d2:b2:77:
                    b5:9c:24:17:9a:e2:09:32:ba:d9:51:d3:16:5e:a3:
                    ca:7e:a4:7f:ab:bf:2a:3f:40:10:cd:f9:ef:14:60:
                    1b:d3:cb:d0:54:c5:f4:81:4a:98:aa:3d:f2:27:67:
                    99:99:35:08:ef:87:9c:1f:e0:99:dd:2e:39:b0:55:
                    de:02:2c:06:51:27:25:e1:54:33:0b:0b:71:e5:ab:
                    4e:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A8:5C:38:28:9A:18:FE:41:83:D9:D1:EB:59:2B:D7:6C:7C:70:9B:DA
            X509v3 Authority Key Identifier:
                keyid:47:57:54:4F:4D:08:DF:62:C9:AD:CB:FE:6B:A8:FE:D1:F5:50:A6:9C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/E308336EA40C71279221408A5564CCAC3B8E8AC5D627B96EE6993AB792966F3B/0/4757544F4D08DF62C9ADCBFE6BA8FED1F550A69C.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/4757544F4D08DF62C9ADCBFE6BA8FED1F550A69C.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/E308336EA40C71279221408A5564CCAC3B8E8AC5D627B96EE6993AB792966F3B/0/3230302e392e3138332e302f32342d3234203d3e203238333936.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.9.183.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5a:4f:2c:01:2a:48:4d:7b:84:de:00:3d:ef:ad:d0:60:3c:2a:
         26:ed:e4:29:cc:fc:65:e7:45:2c:02:59:90:d5:db:30:ee:d3:
         46:a1:0a:96:6f:f0:72:23:4d:9b:6b:e2:4f:a0:5a:98:39:d3:
         3e:53:24:25:b5:df:e8:88:f9:b3:f0:35:e6:09:8a:86:23:76:
         92:3f:9f:10:7f:f9:eb:11:af:8f:f8:95:3d:78:a4:4d:11:47:
         f5:21:1f:4c:31:b9:91:09:61:ab:41:66:79:f5:77:23:8a:85:
         f3:f9:15:ae:fe:d1:9a:55:e9:c1:af:e1:f0:7e:df:96:ba:e8:
         50:36:bb:86:dd:d0:f2:46:a3:40:8e:a1:f3:59:a2:d0:f7:0d:
         39:25:e9:4e:e5:fa:8c:31:f1:60:d7:4d:68:3c:38:76:69:5e:
         fc:95:3e:b5:44:72:15:b8:aa:1a:4f:67:88:83:c9:59:ca:56:
         02:0a:4d:cd:00:e3:15:2c:5b:1e:89:df:d1:07:e8:3f:f4:49:
         38:ac:e0:af:f7:33:9b:76:d4:35:33:dd:f9:51:00:29:c3:7e:
         1c:ad:66:80:76:fa:5b:66:3f:1d:bf:89:de:da:f8:b5:4b:e7:
         db:11:3e:94:98:08:13:29:6d:5f:85:5e:87:cc:6f:05:4f:25:
         a6:cf:42:9d
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIUefTCdTCYiMSThceajHm7yOoXGvowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDc1NzU0NEY0RDA4REY2MkM5QURDQkZFNkJBOEZFRDFG
NTUwQTY5QzAeFw0yNTAyMDQxOTUxNDFaFw0yNjAyMDMxOTU2NDFaMDMxMTAvBgNV
BAMTKEE4NUMzODI4OUExOEZFNDE4M0Q5RDFFQjU5MkJENzZDN0M3MDlCREEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCOamyVVolD1gfEqvgQD7LgfA7d
CTg6bmlJYjzrgOZzLbPHRUGfKVrjtpJ2pay+CC51SsYjrNZ3YHjZSDa8S1oCMlU4
D1FQsW/1h/Nxng3zvPaLU7srBUCKr7dvT3iyPhBcaU5J4Nv1hVk3ZKr5O0i0rEu2
LynI08ifAHvrZ0jH316d58tvmr9WDp9S2dqreu5oymP1m+Ljjk2Os/IU6Kw5KJA1
1tAJjO3DCvlwDq4o39Kyd7WcJBea4gkyutlR0xZeo8p+pH+rvyo/QBDN+e8UYBvT
y9BUxfSBSpiqPfInZ5mZNQjvh5wf4JndLjmwVd4CLAZRJyXhVDMLC3Hlq06dAgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQUqFw4KJoY/kGD2dHrWSvXbHxwm9owHwYDVR0j
BBgwFoAUR1dUT00I32LJrcv+a6j+0fVQppwwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9FMzA4MzM2RUE0MEM3MTI3OTIyMTQwOEE1NTY0Q0NBQzNC
OEU4QUM1RDYyN0I5NkVFNjk5M0FCNzkyOTY2RjNCLzAvNDc1NzU0NEY0RDA4REY2
MkM5QURDQkZFNkJBOEZFRDFGNTUwQTY5Qy5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC80NzU3NTQ0RjREMDhERjYyQzlB
RENCRkU2QkE4RkVEMUY1NTBBNjlDLmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvRTMwODMzNkVBNDBDNzEyNzkyMjE0MDhBNTU2NENDQUMzQjhFOEFDNUQ2
MjdCOTZFRTY5OTNBQjc5Mjk2NkYzQi8wLzMyMzAzMDJlMzkyZTMxMzgzMzJlMzAy
ZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzgzMzM5MzYucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADICbcwDQYJ
KoZIhvcNAQELBQADggEBAFpPLAEqSE17hN4APe+t0GA8Kibt5CnM/GXnRSwCWZDV
2zDu00ahCpZv8HIjTZtr4k+gWpg50z5TJCW13+iI+bPwNeYJioYjdpI/nxB/+esR
r4/4lT14pE0RR/UhH0wxuZEJYatBZnn1dyOKhfP5Fa7+0ZpV6cGv4fB+35a66FA2
u4bd0PJGo0COofNZotD3DTkl6U7l+owx8WDXTWg8OHZpXvyVPrVEchW4qhpPZ4iD
yVnKVgIKTc0A4xUsWx6J39EH6D/0STis4K/3M5t21DUz3flRACnDfhytZoB2+ltm
Px2/id7a+LVL59sRPpSYCBMpbV+FXofMbwVPJabPQp0=
-----END CERTIFICATE-----