Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/F060645F94748832A65DAB54A01A729A0208E4446C8232A17BA6FE073CD465C5/0/3230312e3232312e3133362e302f32322d3234203d3e203232333638.roa
File:                     3230312e3232312e3133362e302f32322d3234203d3e203232333638.roa (raw, json)
Hash identifier:          p/WJwfmugRdbeH+lIoYwNUycuzG+ayw4qFT+92phS3I=
Subject key identifier:   DE:5A:8D:AA:36:5D:2C:A0:C8:AF:EB:5A:FE:7E:22:6E:03:DA:3E:15
Certificate issuer:       /CN=DA5A371FC01989AA596FE268CE70A3C4DCAA7A9B
Certificate serial:       7792D4AD6A06B383C73667913944FE380232677A
Authority key identifier: DA:5A:37:1F:C0:19:89:AA:59:6F:E2:68:CE:70:A3:C4:DC:AA:7A:9B
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/DA5A371FC01989AA596FE268CE70A3C4DCAA7A9B.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/F060645F94748832A65DAB54A01A729A0208E4446C8232A17BA6FE073CD465C5/0/3230312e3232312e3133362e302f32322d3234203d3e203232333638.roa
Signing time:             Tue 04 Feb 2025 18:22:16 +0000
ROA not before:           Tue 04 Feb 2025 18:17:16 +0000
ROA not after:            Tue 03 Feb 2026 18:22:16 +0000
asID:                     22368
IP address blocks:        201.221.136.0/22 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            77:92:d4:ad:6a:06:b3:83:c7:36:67:91:39:44:fe:38:02:32:67:7a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=DA5A371FC01989AA596FE268CE70A3C4DCAA7A9B
        Validity
            Not Before: Feb  4 18:17:16 2025 GMT
            Not After : Feb  3 18:22:16 2026 GMT
        Subject: CN=DE5A8DAA365D2CA0C8AFEB5AFE7E226E03DA3E15
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:14:80:21:5b:4d:e8:32:d8:b1:1b:22:d4:d9:
                    35:88:60:af:2b:ff:f4:6e:33:2e:d6:3b:98:7f:52:
                    70:10:5d:14:11:e9:71:b9:3c:37:8c:0a:5b:63:e4:
                    3e:61:55:e9:cf:a0:1f:e4:dc:07:9b:0a:a5:21:3b:
                    b3:f8:58:f3:2f:7d:72:3a:40:88:85:13:08:62:bd:
                    f9:04:f8:25:a7:f5:76:33:33:bf:9a:77:50:56:e7:
                    cc:fd:29:63:ba:4d:9b:fd:6a:96:e0:cf:bf:4d:07:
                    5a:14:b5:73:dc:af:b8:d9:d8:3c:b8:fb:d4:30:50:
                    2e:a4:de:a0:4d:0e:c2:db:e8:59:9c:2a:0b:31:49:
                    9d:f0:dc:60:93:e4:d7:38:24:57:67:5b:d4:3b:42:
                    86:0a:8f:15:c4:82:3b:3c:d2:b1:a9:2e:5b:9e:30:
                    96:e3:58:cd:af:6a:7b:53:d8:2c:22:34:91:83:21:
                    ad:2a:b1:de:be:6e:09:a0:94:31:19:77:6e:dd:04:
                    8a:03:7e:e0:31:8b:8f:1f:67:2d:71:80:2e:7a:48:
                    dc:1d:fe:fe:c6:cc:9c:c8:20:13:d0:60:3a:c1:69:
                    94:75:d9:4b:a7:ae:a3:2c:e1:15:17:2f:26:97:92:
                    1e:c7:88:20:40:00:27:b2:e0:a8:a6:c4:22:b8:a5:
                    d4:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DE:5A:8D:AA:36:5D:2C:A0:C8:AF:EB:5A:FE:7E:22:6E:03:DA:3E:15
            X509v3 Authority Key Identifier:
                keyid:DA:5A:37:1F:C0:19:89:AA:59:6F:E2:68:CE:70:A3:C4:DC:AA:7A:9B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/F060645F94748832A65DAB54A01A729A0208E4446C8232A17BA6FE073CD465C5/0/DA5A371FC01989AA596FE268CE70A3C4DCAA7A9B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/DA5A371FC01989AA596FE268CE70A3C4DCAA7A9B.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/F060645F94748832A65DAB54A01A729A0208E4446C8232A17BA6FE073CD465C5/0/3230312e3232312e3133362e302f32322d3234203d3e203232333638.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  201.221.136.0/22

    Signature Algorithm: sha256WithRSAEncryption
         75:ff:ce:39:34:bd:63:b4:65:fd:fc:ff:34:96:b1:1c:68:c2:
         ce:41:8b:97:f5:0c:32:4b:99:fe:18:1d:0f:2c:c8:24:92:95:
         e3:e7:22:b0:ce:6b:2c:40:ec:b6:95:fe:3e:c6:2e:a4:e3:77:
         49:0d:13:4c:55:31:79:26:55:94:55:6b:91:c2:7d:fc:47:28:
         b6:dd:86:47:c5:73:c7:ee:7a:6c:ce:9c:88:2f:18:79:14:3e:
         e9:27:0d:d1:4b:eb:0e:eb:7d:cb:fb:24:4d:c9:0f:c8:ba:b2:
         1d:2d:56:35:d5:05:c3:37:60:35:f9:fd:a6:90:9c:a4:15:a8:
         60:1d:b5:c0:63:23:f1:1d:19:fa:7a:8f:d8:2c:bf:89:a3:e2:
         b3:59:1a:25:73:a1:a7:91:c1:1f:9c:6d:5a:5f:b2:a2:9f:7f:
         9c:cd:e0:13:48:8c:a5:40:d9:a5:27:a7:f7:cc:95:3f:9c:26:
         7c:16:c2:53:b2:49:b5:8d:ee:ea:11:4c:53:fd:92:b3:dc:22:
         cb:0c:9a:78:2b:4f:ff:f9:03:d0:4a:9f:c7:8a:06:77:9d:30:
         b1:1a:02:15:89:14:cd:33:d4:4d:75:ba:8e:12:89:64:cd:92:
         34:8d:60:0f:68:44:29:aa:88:fc:7b:d0:3a:9c:fb:ff:dc:a5:
         04:67:28:4d
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUd5LUrWoGs4PHNmeROUT+OAIyZ3owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoREE1QTM3MUZDMDE5ODlBQTU5NkZFMjY4Q0U3MEEzQzRE
Q0FBN0E5QjAeFw0yNTAyMDQxODE3MTZaFw0yNjAyMDMxODIyMTZaMDMxMTAvBgNV
BAMTKERFNUE4REFBMzY1RDJDQTBDOEFGRUI1QUZFN0UyMjZFMDNEQTNFMTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/FIAhW03oMtixGyLU2TWIYK8r
//RuMy7WO5h/UnAQXRQR6XG5PDeMCltj5D5hVenPoB/k3AebCqUhO7P4WPMvfXI6
QIiFEwhivfkE+CWn9XYzM7+ad1BW58z9KWO6TZv9apbgz79NB1oUtXPcr7jZ2Dy4
+9QwUC6k3qBNDsLb6FmcKgsxSZ3w3GCT5Nc4JFdnW9Q7QoYKjxXEgjs80rGpLlue
MJbjWM2vantT2CwiNJGDIa0qsd6+bgmglDEZd27dBIoDfuAxi48fZy1xgC56SNwd
/v7GzJzIIBPQYDrBaZR12UunrqMs4RUXLyaXkh7HiCBAACey4KimxCK4pdT5AgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQU3lqNqjZdLKDIr+ta/n4ibgPaPhUwHwYDVR0j
BBgwFoAU2lo3H8AZiapZb+JoznCjxNyqepswDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9GMDYwNjQ1Rjk0NzQ4ODMyQTY1REFCNTRBMDFBNzI5QTAy
MDhFNDQ0NkM4MjMyQTE3QkE2RkUwNzNDRDQ2NUM1LzAvREE1QTM3MUZDMDE5ODlB
QTU5NkZFMjY4Q0U3MEEzQzREQ0FBN0E5Qi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9EQTVBMzcxRkMwMTk4OUFBNTk2
RkUyNjhDRTcwQTNDNERDQUE3QTlCLmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvRjA2MDY0NUY5NDc0ODgzMkE2NURBQjU0QTAxQTcyOUEwMjA4RTQ0NDZD
ODIzMkExN0JBNkZFMDczQ0Q0NjVDNS8wLzMyMzAzMTJlMzIzMjMxMmUzMTMzMzYy
ZTMwMmYzMjMyMmQzMjM0MjAzZDNlMjAzMjMyMzMzNjM4LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCyd2I
MA0GCSqGSIb3DQEBCwUAA4IBAQB1/845NL1jtGX9/P80lrEcaMLOQYuX9QwyS5n+
GB0PLMgkkpXj5yKwzmssQOy2lf4+xi6k43dJDRNMVTF5JlWUVWuRwn38Ryi23YZH
xXPH7npszpyILxh5FD7pJw3RS+sO633L+yRNyQ/IurIdLVY11QXDN2A1+f2mkJyk
FahgHbXAYyPxHRn6eo/YLL+Jo+KzWRolc6GnkcEfnG1aX7Kin3+czeATSIylQNml
J6f3zJU/nCZ8FsJTskm1je7qEUxT/ZKz3CLLDJp4K0//+QPQSp/HigZ3nTCxGgIV
iRTNM9RNdbqOEolkzZI0jWAPaEQpqoj8e9A6nPv/3KUEZyhN
-----END CERTIFICATE-----