Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/F157BD59DABCB6D961AC0F2D00BA596759FAC82A0EAEDE7D129DF241CBEFBF19/0/3230302e37332e39362e302f32312d3234203d3e203237383832.roa
File:                     3230302e37332e39362e302f32312d3234203d3e203237383832.roa (raw, json)
Hash identifier:          J0UC6LwK0gY6VHLIlIY8uFmm6+apGxKy4kloSheqqkA=
Subject key identifier:   C3:10:21:37:E1:DA:F8:70:1E:11:22:99:CA:C1:6F:85:45:A1:EF:8A
Certificate issuer:       /CN=B3866813178FF550E6FCABCD492387DD1D0E08A5
Certificate serial:       1FEFF30B0E0BC0AD641DE8FCCE2FE22D8C14EA09
Authority key identifier: B3:86:68:13:17:8F:F5:50:E6:FC:AB:CD:49:23:87:DD:1D:0E:08:A5
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/B3866813178FF550E6FCABCD492387DD1D0E08A5.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/F157BD59DABCB6D961AC0F2D00BA596759FAC82A0EAEDE7D129DF241CBEFBF19/0/3230302e37332e39362e302f32312d3234203d3e203237383832.roa
Signing time:             Tue 04 Feb 2025 20:05:36 +0000
ROA not before:           Tue 04 Feb 2025 20:00:36 +0000
ROA not after:            Tue 03 Feb 2026 20:05:36 +0000
asID:                     27882
IP address blocks:        200.73.96.0/21 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1f:ef:f3:0b:0e:0b:c0:ad:64:1d:e8:fc:ce:2f:e2:2d:8c:14:ea:09
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=B3866813178FF550E6FCABCD492387DD1D0E08A5
        Validity
            Not Before: Feb  4 20:00:36 2025 GMT
            Not After : Feb  3 20:05:36 2026 GMT
        Subject: CN=C3102137E1DAF8701E112299CAC16F8545A1EF8A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f1:05:06:dd:db:5c:80:b1:f2:fe:0d:20:a1:62:
                    b6:2d:06:d5:a3:c3:ab:da:99:cd:3c:2b:f8:7c:01:
                    64:cb:cd:f1:d3:53:46:81:71:b1:ff:ab:eb:83:73:
                    3c:de:f9:4f:ca:f9:08:30:9d:1d:34:0b:33:7e:da:
                    c8:a7:b9:d4:e8:6b:23:75:9b:dd:df:6d:dd:9c:f4:
                    3c:78:9c:ee:70:08:7a:1f:9d:e1:e8:31:8e:44:d0:
                    00:ba:a3:e3:87:42:d8:5c:12:57:6e:fb:ef:51:b8:
                    8f:7f:6a:bd:9d:ea:11:9d:34:83:3e:0b:29:b9:73:
                    fa:e8:7d:d6:50:62:d9:cc:a2:95:ce:d2:88:29:d2:
                    02:fe:c2:eb:95:82:4b:a3:4d:2a:c2:67:3d:c0:92:
                    e0:9a:57:be:bd:14:99:cf:d6:aa:b1:0f:44:e4:95:
                    c4:19:ce:5a:3a:2c:bd:ad:3f:41:ff:7a:6f:5a:9c:
                    fd:93:26:c2:be:a2:c2:99:19:e0:8b:7f:b8:d9:7c:
                    df:2d:95:73:f1:f6:78:5b:9f:01:7d:1c:86:07:af:
                    52:f5:42:28:05:cd:4b:a0:f8:34:b6:7d:90:ab:97:
                    6e:54:08:ce:1e:2f:04:3b:28:1d:03:bb:de:d7:88:
                    23:c3:56:88:91:9b:14:ee:c8:75:f7:ef:df:6e:07:
                    1f:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C3:10:21:37:E1:DA:F8:70:1E:11:22:99:CA:C1:6F:85:45:A1:EF:8A
            X509v3 Authority Key Identifier:
                keyid:B3:86:68:13:17:8F:F5:50:E6:FC:AB:CD:49:23:87:DD:1D:0E:08:A5

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/F157BD59DABCB6D961AC0F2D00BA596759FAC82A0EAEDE7D129DF241CBEFBF19/0/B3866813178FF550E6FCABCD492387DD1D0E08A5.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/B3866813178FF550E6FCABCD492387DD1D0E08A5.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/F157BD59DABCB6D961AC0F2D00BA596759FAC82A0EAEDE7D129DF241CBEFBF19/0/3230302e37332e39362e302f32312d3234203d3e203237383832.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.73.96.0/21

    Signature Algorithm: sha256WithRSAEncryption
         25:76:0a:26:4a:7c:9d:e0:82:d6:7e:95:c5:55:e6:1d:e9:51:
         12:35:a9:f3:d6:5b:89:d9:12:ca:fe:5d:ac:a3:8e:3a:45:64:
         e0:5f:87:5b:bd:f0:85:7d:bf:50:75:f9:23:78:e5:dc:a6:92:
         52:60:9b:70:83:25:ed:50:b4:a6:b7:c1:b2:4a:d0:f9:35:a2:
         18:3e:f4:c8:0f:ae:fb:a6:20:80:d0:4e:28:da:87:29:1f:9e:
         ad:73:6e:8c:73:52:cc:2a:06:20:93:94:4f:a1:ca:b7:04:5f:
         56:d0:2e:3b:00:84:c5:9b:22:39:c6:c5:62:22:ad:1c:1e:3f:
         99:02:79:7f:ae:0c:4b:90:87:34:fc:e2:ed:b8:d4:0d:2e:bd:
         e4:7a:a1:20:6e:20:09:05:42:97:c0:ea:9f:e7:58:28:b0:2f:
         6a:71:f9:e5:03:6e:fc:7d:01:82:65:33:b6:26:50:5a:8b:3a:
         66:90:a0:0c:91:5c:2c:ad:df:19:47:67:8f:78:d2:44:15:7b:
         49:c2:17:67:29:56:33:82:20:ec:52:cd:f9:46:3c:c6:6b:ce:
         fd:a8:d7:e7:d7:36:37:b9:5d:af:c9:43:b5:c9:f2:35:a3:d2:
         4e:37:0a:80:ce:8d:c8:f2:3b:a1:61:d4:2b:d0:22:f2:e9:32:
         0f:7d:d8:03
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIUH+/zCw4LwK1kHej8zi/iLYwU6gkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQjM4NjY4MTMxNzhGRjU1MEU2RkNBQkNENDkyMzg3REQx
RDBFMDhBNTAeFw0yNTAyMDQyMDAwMzZaFw0yNjAyMDMyMDA1MzZaMDMxMTAvBgNV
BAMTKEMzMTAyMTM3RTFEQUY4NzAxRTExMjI5OUNBQzE2Rjg1NDVBMUVGOEEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDxBQbd21yAsfL+DSChYrYtBtWj
w6vamc08K/h8AWTLzfHTU0aBcbH/q+uDczze+U/K+QgwnR00CzN+2sinudToayN1
m93fbd2c9Dx4nO5wCHofneHoMY5E0AC6o+OHQthcEldu++9RuI9/ar2d6hGdNIM+
Cym5c/rofdZQYtnMopXO0ogp0gL+wuuVgkujTSrCZz3AkuCaV769FJnP1qqxD0Tk
lcQZzlo6LL2tP0H/em9anP2TJsK+osKZGeCLf7jZfN8tlXPx9nhbnwF9HIYHr1L1
QigFzUug+DS2fZCrl25UCM4eLwQ7KB0Du97XiCPDVoiRmxTuyHX3799uBx/9AgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQUwxAhN+Ha+HAeESKZysFvhUWh74owHwYDVR0j
BBgwFoAUs4ZoExeP9VDm/KvNSSOH3R0OCKUwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9GMTU3QkQ1OURBQkNCNkQ5NjFBQzBGMkQwMEJBNTk2NzU5
RkFDODJBMEVBRURFN0QxMjlERjI0MUNCRUZCRjE5LzAvQjM4NjY4MTMxNzhGRjU1
MEU2RkNBQkNENDkyMzg3REQxRDBFMDhBNS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9CMzg2NjgxMzE3OEZGNTUwRTZG
Q0FCQ0Q0OTIzODdERDFEMEUwOEE1LmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvRjE1N0JENTlEQUJDQjZEOTYxQUMwRjJEMDBCQTU5Njc1OUZBQzgyQTBF
QUVERTdEMTI5REYyNDFDQkVGQkYxOS8wLzMyMzAzMDJlMzczMzJlMzkzNjJlMzAy
ZjMyMzEyZDMyMzQyMDNkM2UyMDMyMzczODM4MzIucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAPISWAwDQYJ
KoZIhvcNAQELBQADggEBACV2CiZKfJ3ggtZ+lcVV5h3pURI1qfPWW4nZEsr+Xayj
jjpFZOBfh1u98IV9v1B1+SN45dymklJgm3CDJe1QtKa3wbJK0Pk1ohg+9MgPrvum
IIDQTijahykfnq1zboxzUswqBiCTlE+hyrcEX1bQLjsAhMWbIjnGxWIirRweP5kC
eX+uDEuQhzT84u241A0uveR6oSBuIAkFQpfA6p/nWCiwL2px+eUDbvx9AYJlM7Ym
UFqLOmaQoAyRXCyt3xlHZ4940kQVe0nCF2cpVjOCIOxSzflGPMZrzv2o1+fXNje5
Xa/JQ7XJ8jWj0k43CoDOjcjyO6Fh1CvQIvLpMg992AM=
-----END CERTIFICATE-----