Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/F1E455A8856EBE988678C42ED507B7A512471267D2BC55323C8A63D00ECC1B5B/0/3230302e33362e3135322e302f32322d3234203d3e20323731383830.roa
File:                     3230302e33362e3135322e302f32322d3234203d3e20323731383830.roa (raw, json)
Hash identifier:          BidIAD5DQjkqrSm4k34XZUVZF3H4xsucxXDfP3lILhM=
Subject key identifier:   1B:83:7E:79:57:14:9B:67:58:D1:32:21:21:BB:59:89:D1:F9:9E:ED
Certificate issuer:       /CN=8347DC9E5654CC82255D4755095070F888947093
Certificate serial:       35E80ABD31061F971F448FA404313979E64DFC52
Authority key identifier: 83:47:DC:9E:56:54:CC:82:25:5D:47:55:09:50:70:F8:88:94:70:93
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/8347DC9E5654CC82255D4755095070F888947093.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/F1E455A8856EBE988678C42ED507B7A512471267D2BC55323C8A63D00ECC1B5B/0/3230302e33362e3135322e302f32322d3234203d3e20323731383830.roa
Signing time:             Tue 04 Feb 2025 18:26:48 +0000
ROA not before:           Tue 04 Feb 2025 18:21:48 +0000
ROA not after:            Tue 03 Feb 2026 18:26:48 +0000
asID:                     271880
IP address blocks:        200.36.152.0/22 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            35:e8:0a:bd:31:06:1f:97:1f:44:8f:a4:04:31:39:79:e6:4d:fc:52
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8347DC9E5654CC82255D4755095070F888947093
        Validity
            Not Before: Feb  4 18:21:48 2025 GMT
            Not After : Feb  3 18:26:48 2026 GMT
        Subject: CN=1B837E7957149B6758D1322121BB5989D1F99EED
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:08:3a:19:8f:98:85:ae:c3:cb:ae:48:ba:5d:
                    03:4e:60:62:73:64:1a:29:98:70:3b:a8:eb:6f:56:
                    1f:c5:a4:13:bb:fc:f1:a9:bd:e6:f0:9f:8b:90:20:
                    ae:18:f4:61:e4:9b:f4:1f:dc:c3:5c:52:b4:10:d7:
                    0a:a2:a9:9c:cd:80:32:a7:61:4e:d6:c4:49:35:c8:
                    5a:46:f4:28:83:9b:d8:be:b4:e0:ec:2b:3b:18:5f:
                    fe:f6:67:c0:57:da:2e:c5:9d:98:9c:34:98:6a:a8:
                    0c:4e:4a:58:71:7d:d6:c5:62:c8:a3:5d:9b:15:43:
                    7d:bb:2e:78:92:79:70:2c:9e:58:bc:99:ad:72:cd:
                    8f:b7:37:86:c5:c7:5b:20:fc:8a:80:08:57:90:cf:
                    dc:6f:2b:ab:3e:be:83:64:2f:1b:98:1e:1b:a5:83:
                    9d:63:19:1d:e3:61:62:89:ef:c3:c0:7b:bd:46:c1:
                    84:15:b1:16:e2:43:fd:75:33:4d:36:30:47:38:bc:
                    08:35:92:4e:58:be:e0:d0:b2:f0:23:6c:00:53:bc:
                    c3:cd:83:37:46:44:e7:e9:06:6f:84:00:01:61:58:
                    1f:59:40:8e:ae:a8:ef:af:ba:64:d1:6b:23:c0:1b:
                    1e:b4:ad:b9:ff:a8:f9:b7:93:b2:4d:d4:15:c0:52:
                    2f:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1B:83:7E:79:57:14:9B:67:58:D1:32:21:21:BB:59:89:D1:F9:9E:ED
            X509v3 Authority Key Identifier:
                keyid:83:47:DC:9E:56:54:CC:82:25:5D:47:55:09:50:70:F8:88:94:70:93

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/F1E455A8856EBE988678C42ED507B7A512471267D2BC55323C8A63D00ECC1B5B/0/8347DC9E5654CC82255D4755095070F888947093.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/8347DC9E5654CC82255D4755095070F888947093.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/F1E455A8856EBE988678C42ED507B7A512471267D2BC55323C8A63D00ECC1B5B/0/3230302e33362e3135322e302f32322d3234203d3e20323731383830.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.36.152.0/22

    Signature Algorithm: sha256WithRSAEncryption
         63:94:b5:26:fc:c1:f6:40:25:c2:fa:7e:ca:9d:90:ac:65:6f:
         95:bd:e0:09:75:db:28:23:1a:53:88:f8:a9:88:fd:72:97:80:
         aa:e1:e2:92:f3:35:dd:5f:b6:63:db:c2:c7:ec:85:42:15:45:
         55:c9:76:8a:a3:17:8b:e7:a7:8d:9e:34:f7:31:de:81:5c:c3:
         d8:3f:d5:c6:8e:ad:fa:6b:b8:05:b3:23:02:2a:b7:1f:63:af:
         a8:e1:8e:08:84:56:aa:8c:34:b5:36:6b:4b:2d:52:cb:5a:08:
         88:56:bf:ef:97:42:40:bd:5d:87:5e:de:8f:1c:b4:c2:76:10:
         ab:65:27:90:e5:72:95:07:60:d6:56:85:1b:47:7f:2d:c6:fb:
         e3:bb:37:6b:a2:8a:d6:a3:25:cf:3c:8c:a2:e1:3f:fe:18:0a:
         34:81:09:a8:45:45:07:44:70:c3:b2:84:51:a3:9d:79:dd:85:
         a7:1d:e4:69:f2:e3:31:41:3d:64:1f:57:88:f0:74:d9:7b:a1:
         56:ad:83:2f:cd:a8:2c:b2:c3:39:6f:17:a8:f3:4d:27:f7:7b:
         01:a2:ee:9a:82:52:05:8c:fa:32:ab:19:70:4b:ae:2a:23:e1:
         61:97:a2:aa:3e:94:e1:25:14:33:4f:af:b9:35:f5:be:f5:01:
         3a:6f:76:17
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUNegKvTEGH5cfRI+kBDE5eeZN/FIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODM0N0RDOUU1NjU0Q0M4MjI1NUQ0NzU1MDk1MDcwRjg4
ODk0NzA5MzAeFw0yNTAyMDQxODIxNDhaFw0yNjAyMDMxODI2NDhaMDMxMTAvBgNV
BAMTKDFCODM3RTc5NTcxNDlCNjc1OEQxMzIyMTIxQkI1OTg5RDFGOTlFRUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFCDoZj5iFrsPLrki6XQNOYGJz
ZBopmHA7qOtvVh/FpBO7/PGpvebwn4uQIK4Y9GHkm/Qf3MNcUrQQ1wqiqZzNgDKn
YU7WxEk1yFpG9CiDm9i+tODsKzsYX/72Z8BX2i7FnZicNJhqqAxOSlhxfdbFYsij
XZsVQ327LniSeXAsnli8ma1yzY+3N4bFx1sg/IqACFeQz9xvK6s+voNkLxuYHhul
g51jGR3jYWKJ78PAe71GwYQVsRbiQ/11M002MEc4vAg1kk5YvuDQsvAjbABTvMPN
gzdGROfpBm+EAAFhWB9ZQI6uqO+vumTRayPAGx60rbn/qPm3k7JN1BXAUi8dAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUG4N+eVcUm2dY0TIhIbtZidH5nu0wHwYDVR0j
BBgwFoAUg0fcnlZUzIIlXUdVCVBw+IiUcJMwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9GMUU0NTVBODg1NkVCRTk4ODY3OEM0MkVENTA3QjdBNTEy
NDcxMjY3RDJCQzU1MzIzQzhBNjNEMDBFQ0MxQjVCLzAvODM0N0RDOUU1NjU0Q0M4
MjI1NUQ0NzU1MDk1MDcwRjg4ODk0NzA5My5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC84MzQ3REM5RTU2NTRDQzgyMjU1
RDQ3NTUwOTUwNzBGODg4OTQ3MDkzLmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvRjFFNDU1QTg4NTZFQkU5ODg2NzhDNDJFRDUwN0I3QTUxMjQ3MTI2N0Qy
QkM1NTMyM0M4QTYzRDAwRUNDMUI1Qi8wLzMyMzAzMDJlMzMzNjJlMzEzNTMyMmUz
MDJmMzIzMjJkMzIzNDIwM2QzZTIwMzIzNzMxMzgzODMwLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCyCSY
MA0GCSqGSIb3DQEBCwUAA4IBAQBjlLUm/MH2QCXC+n7KnZCsZW+VveAJddsoIxpT
iPipiP1yl4Cq4eKS8zXdX7Zj28LH7IVCFUVVyXaKoxeL56eNnjT3Md6BXMPYP9XG
jq36a7gFsyMCKrcfY6+o4Y4IhFaqjDS1NmtLLVLLWgiIVr/vl0JAvV2HXt6PHLTC
dhCrZSeQ5XKVB2DWVoUbR38txvvjuzdroorWoyXPPIyi4T/+GAo0gQmoRUUHRHDD
soRRo5153YWnHeRp8uMxQT1kH1eI8HTZe6FWrYMvzagsssM5bxeo800n93sBou6a
glIFjPoyqxlwS64qI+Fhl6KqPpThJRQzT6+5NfW+9QE6b3YX
-----END CERTIFICATE-----