Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/07F5458804AC01560C7B2FAC95BC071138C1BA21D3E073D16DBE32F097CDEC75/0/323830333a633138303a3a2f33322d3438203d3e203532333431.roa
File:                     323830333a633138303a3a2f33322d3438203d3e203532333431.roa (raw, json)
Hash identifier:          GWwxBvTnWhpfGM9BTV1NWmBVDHKZpD0o2ByWUJ4Hgk8=
Subject key identifier:   08:4B:1B:9D:79:D9:3A:16:A7:17:83:A5:77:CD:43:F3:3B:B4:77:FC
Certificate issuer:       /CN=AAC427B2B3F66FD0421C36F9D8A4A625ECE850FC
Certificate serial:       7D788CFCA8E8116A487CE6E9C6B46B0B27749CB7
Authority key identifier: AA:C4:27:B2:B3:F6:6F:D0:42:1C:36:F9:D8:A4:A6:25:EC:E8:50:FC
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/AAC427B2B3F66FD0421C36F9D8A4A625ECE850FC.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/07F5458804AC01560C7B2FAC95BC071138C1BA21D3E073D16DBE32F097CDEC75/0/323830333a633138303a3a2f33322d3438203d3e203532333431.roa
Signing time:             Tue 04 Feb 2025 18:43:26 +0000
ROA not before:           Tue 04 Feb 2025 18:38:26 +0000
ROA not after:            Tue 03 Feb 2026 18:43:26 +0000
asID:                     52341
IP address blocks:        2803:c180::/32 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7d:78:8c:fc:a8:e8:11:6a:48:7c:e6:e9:c6:b4:6b:0b:27:74:9c:b7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AAC427B2B3F66FD0421C36F9D8A4A625ECE850FC
        Validity
            Not Before: Feb  4 18:38:26 2025 GMT
            Not After : Feb  3 18:43:26 2026 GMT
        Subject: CN=084B1B9D79D93A16A71783A577CD43F33BB477FC
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:55:f4:7e:a2:50:d3:74:d5:77:93:bf:4a:b9:
                    af:c2:a2:7d:b3:26:f3:f1:d4:42:23:88:b4:ba:b0:
                    87:1f:d8:f6:4d:d3:ba:f5:4e:a9:15:6d:0a:65:ea:
                    24:ef:43:4e:63:1b:85:29:fd:0d:dc:38:16:7d:a0:
                    c6:7a:3e:01:c4:ae:52:2e:ca:cd:35:bc:f8:23:e0:
                    8d:73:bd:ac:0e:4e:85:72:cf:e7:3a:1f:12:25:79:
                    eb:c3:f9:9c:cf:84:16:8f:ee:f5:31:bc:15:02:fc:
                    0c:c0:d9:4d:e7:32:66:b8:86:da:b2:cf:07:07:16:
                    c3:a0:f4:58:3e:d1:66:40:41:bf:9a:2b:c4:c6:0f:
                    17:74:21:6f:6d:4d:a7:6e:35:c2:f5:75:f0:eb:4c:
                    5b:f0:76:82:90:91:6f:a8:ae:5e:b8:99:c2:5a:9b:
                    68:38:16:82:f8:9b:c8:c8:c5:c7:0b:1b:70:56:d7:
                    88:31:a5:d0:59:5a:e5:6d:54:de:bd:f3:c3:d9:9b:
                    4f:35:0e:eb:9e:8e:c7:1c:26:dc:0e:e1:4f:71:1c:
                    26:cc:e7:2d:18:c4:b7:d7:fd:ed:78:40:67:c9:b9:
                    46:a8:88:9c:37:13:18:57:7e:17:3e:6a:26:c5:48:
                    03:78:a9:5e:c8:0a:eb:18:10:29:5a:01:57:4e:0c:
                    d2:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                08:4B:1B:9D:79:D9:3A:16:A7:17:83:A5:77:CD:43:F3:3B:B4:77:FC
            X509v3 Authority Key Identifier:
                keyid:AA:C4:27:B2:B3:F6:6F:D0:42:1C:36:F9:D8:A4:A6:25:EC:E8:50:FC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/07F5458804AC01560C7B2FAC95BC071138C1BA21D3E073D16DBE32F097CDEC75/0/AAC427B2B3F66FD0421C36F9D8A4A625ECE850FC.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/AAC427B2B3F66FD0421C36F9D8A4A625ECE850FC.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/07F5458804AC01560C7B2FAC95BC071138C1BA21D3E073D16DBE32F097CDEC75/0/323830333a633138303a3a2f33322d3438203d3e203532333431.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2803:c180::/32

    Signature Algorithm: sha256WithRSAEncryption
         4e:a7:9b:1a:e7:38:7c:71:6b:2d:17:eb:b0:37:49:72:7f:8f:
         f4:32:43:10:0d:79:a1:be:23:eb:bd:e7:cc:d5:22:e0:16:05:
         a7:00:c7:96:c5:8d:94:7c:85:c5:bb:04:a8:00:59:2f:2e:97:
         fa:74:57:e2:21:c8:87:97:75:69:50:52:a2:54:8b:16:ed:dd:
         95:e2:8c:3c:99:3c:b8:5b:ed:84:5c:69:93:25:69:20:e6:39:
         e9:e1:a6:d3:b5:47:bf:5c:62:d0:f5:f1:b4:69:a9:83:b3:b4:
         36:0f:89:ab:d3:63:4e:4e:af:e3:d8:eb:3e:e0:0f:3e:eb:d8:
         55:fb:9b:94:14:44:cc:ee:9a:80:8e:26:8a:07:53:1a:89:76:
         5d:7a:d3:ed:af:64:d5:fd:e5:23:ba:c8:e5:da:f6:21:a1:be:
         0b:51:dc:50:33:88:1e:12:5c:57:83:fa:15:37:48:4a:85:14:
         0c:4c:4e:a1:a8:15:40:1d:a6:f4:02:67:e6:74:37:6c:4d:bd:
         7e:8c:d9:ee:27:5d:2c:19:32:04:bd:4c:35:cd:13:ed:c2:8b:
         e2:49:7d:51:02:38:87:1d:35:68:b7:a4:13:aa:9d:ba:db:91:
         c9:41:53:f0:1f:f0:cc:31:d9:e2:db:25:4a:70:cb:9c:e7:e4:
         07:92:8f:14
-----BEGIN CERTIFICATE-----
MIIFvTCCBKWgAwIBAgIUfXiM/KjoEWpIfObpxrRrCyd0nLcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQUFDNDI3QjJCM0Y2NkZEMDQyMUMzNkY5RDhBNEE2MjVF
Q0U4NTBGQzAeFw0yNTAyMDQxODM4MjZaFw0yNjAyMDMxODQzMjZaMDMxMTAvBgNV
BAMTKDA4NEIxQjlENzlEOTNBMTZBNzE3ODNBNTc3Q0Q0M0YzM0JCNDc3RkMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDHVfR+olDTdNV3k79Kua/Con2z
JvPx1EIjiLS6sIcf2PZN07r1TqkVbQpl6iTvQ05jG4Up/Q3cOBZ9oMZ6PgHErlIu
ys01vPgj4I1zvawOToVyz+c6HxIleevD+ZzPhBaP7vUxvBUC/AzA2U3nMma4htqy
zwcHFsOg9Fg+0WZAQb+aK8TGDxd0IW9tTaduNcL1dfDrTFvwdoKQkW+orl64mcJa
m2g4FoL4m8jIxccLG3BW14gxpdBZWuVtVN6988PZm081DuuejsccJtwO4U9xHCbM
5y0YxLfX/e14QGfJuUaoiJw3ExhXfhc+aibFSAN4qV7ICusYEClaAVdODNKrAgMB
AAGjggLHMIICwzAdBgNVHQ4EFgQUCEsbnXnZOhanF4Old81D8zu0d/wwHwYDVR0j
BBgwFoAUqsQnsrP2b9BCHDb52KSmJezoUPwwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8wN0Y1NDU4ODA0QUMwMTU2MEM3QjJGQUM5NUJDMDcxMTM4
QzFCQTIxRDNFMDczRDE2REJFMzJGMDk3Q0RFQzc1LzAvQUFDNDI3QjJCM0Y2NkZE
MDQyMUMzNkY5RDhBNEE2MjVFQ0U4NTBGQy5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9BQUM0MjdCMkIzRjY2RkQwNDIx
QzM2RjlEOEE0QTYyNUVDRTg1MEZDLmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMDdGNTQ1ODgwNEFDMDE1NjBDN0IyRkFDOTVCQzA3MTEzOEMxQkEyMUQz
RTA3M0QxNkRCRTMyRjA5N0NERUM3NS8wLzMyMzgzMDMzM2E2MzMxMzgzMDNhM2Ey
ZjMzMzIyZDM0MzgyMDNkM2UyMDM1MzIzMzM0MzEucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAoA8GAMA0G
CSqGSIb3DQEBCwUAA4IBAQBOp5sa5zh8cWstF+uwN0lyf4/0MkMQDXmhviPrvefM
1SLgFgWnAMeWxY2UfIXFuwSoAFkvLpf6dFfiIciHl3VpUFKiVIsW7d2V4ow8mTy4
W+2EXGmTJWkg5jnp4abTtUe/XGLQ9fG0aamDs7Q2D4mr02NOTq/j2Os+4A8+69hV
+5uUFETM7pqAjiaKB1MaiXZdetPtr2TV/eUjusjl2vYhob4LUdxQM4geElxXg/oV
N0hKhRQMTE6hqBVAHab0AmfmdDdsTb1+jNnuJ10sGTIEvUw1zRPtwoviSX1RAjiH
HTVot6QTqp2625HJQVPwH/DMMdni2yVKcMuc5+QHko8U
-----END CERTIFICATE-----