Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/0D4D4DFD1832BAAA0C1FDF3BB278AF5760E8DC8AFF4A5CFA5A0764D423B55981/0/323830313a31653a633830303a3a2f36342d3634203d3e203139343239.roa
File:                     323830313a31653a633830303a3a2f36342d3634203d3e203139343239.roa (raw, json)
Hash identifier:          mv6PEhzVEWhR5Eu+zCxtfFppGnkmxsq7cr0OMG227H4=
Subject key identifier:   0A:79:2B:B5:EE:9F:A2:38:DE:A4:D6:5C:1E:81:83:47:85:B0:D3:B6
Certificate issuer:       /CN=D17A3829AD924E36C68D46B4C17B189D22C8B741
Certificate serial:       75355B672019D385CA7F5A10CF5764DFA99F1048
Authority key identifier: D1:7A:38:29:AD:92:4E:36:C6:8D:46:B4:C1:7B:18:9D:22:C8:B7:41
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D17A3829AD924E36C68D46B4C17B189D22C8B741.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/0D4D4DFD1832BAAA0C1FDF3BB278AF5760E8DC8AFF4A5CFA5A0764D423B55981/0/323830313a31653a633830303a3a2f36342d3634203d3e203139343239.roa
Signing time:             Tue 04 Feb 2025 20:01:31 +0000
ROA not before:           Tue 04 Feb 2025 19:56:31 +0000
ROA not after:            Tue 03 Feb 2026 20:01:31 +0000
asID:                     19429
IP address blocks:        2801:1e:c800::/64 maxlen: 64
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            75:35:5b:67:20:19:d3:85:ca:7f:5a:10:cf:57:64:df:a9:9f:10:48
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=D17A3829AD924E36C68D46B4C17B189D22C8B741
        Validity
            Not Before: Feb  4 19:56:31 2025 GMT
            Not After : Feb  3 20:01:31 2026 GMT
        Subject: CN=0A792BB5EE9FA238DEA4D65C1E81834785B0D3B6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:5b:98:9e:68:bb:f3:48:b9:24:00:6f:c5:a8:
                    b3:6a:c9:fa:77:30:71:14:ea:c8:54:15:c2:49:14:
                    d8:60:3f:a0:a6:72:c6:44:42:dd:45:de:8d:54:00:
                    fd:8d:72:25:5a:58:50:ae:56:bd:33:6e:70:e8:46:
                    23:77:c4:7b:37:27:55:49:d9:d5:87:34:3d:4a:15:
                    6f:ed:3c:9b:51:ad:83:91:9b:f8:6b:85:28:3f:91:
                    b2:55:0d:f4:6e:51:b3:5a:44:6f:db:b5:1d:21:e9:
                    31:9c:13:b4:d1:c7:ae:2f:eb:2d:f2:f5:cf:9b:34:
                    d0:f2:3d:75:f9:db:62:58:70:a5:d4:b5:31:b6:ff:
                    cf:1b:bb:15:9f:a9:cb:c2:01:0a:00:44:69:a6:98:
                    ee:30:61:24:b0:26:05:b2:85:97:43:bb:e2:66:a5:
                    0c:66:7a:7c:4a:0d:0b:eb:03:fe:cc:77:bd:4d:ee:
                    c9:90:38:2f:16:bf:23:7a:93:ba:9c:b9:62:8e:e3:
                    0d:ee:5d:84:be:fe:3a:c6:20:02:44:53:aa:3e:98:
                    69:24:1c:93:2e:59:92:6c:36:00:fd:cf:27:7e:d3:
                    7b:59:79:0d:ba:80:d7:99:c7:0b:3a:26:33:6f:ab:
                    a0:70:c0:ba:e5:32:bf:68:aa:f4:66:3c:0d:c3:69:
                    f5:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0A:79:2B:B5:EE:9F:A2:38:DE:A4:D6:5C:1E:81:83:47:85:B0:D3:B6
            X509v3 Authority Key Identifier:
                keyid:D1:7A:38:29:AD:92:4E:36:C6:8D:46:B4:C1:7B:18:9D:22:C8:B7:41

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/0D4D4DFD1832BAAA0C1FDF3BB278AF5760E8DC8AFF4A5CFA5A0764D423B55981/0/D17A3829AD924E36C68D46B4C17B189D22C8B741.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D17A3829AD924E36C68D46B4C17B189D22C8B741.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/0D4D4DFD1832BAAA0C1FDF3BB278AF5760E8DC8AFF4A5CFA5A0764D423B55981/0/323830313a31653a633830303a3a2f36342d3634203d3e203139343239.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2801:1e:c800::/64

    Signature Algorithm: sha256WithRSAEncryption
         18:81:8f:14:6b:2c:c0:7c:81:71:78:9d:e9:0c:13:39:d1:66:
         f3:12:2a:0d:d6:6d:c9:0f:dd:6c:c3:20:c7:25:88:6b:a7:f1:
         00:d0:04:fb:c1:7a:ec:a5:a5:74:c5:99:fe:f0:75:73:ba:82:
         e1:ac:75:c4:44:52:84:10:ce:90:ab:93:22:cc:2c:36:75:18:
         50:50:42:c9:62:43:8a:6d:d6:db:df:52:0a:f6:b8:73:93:d3:
         7e:2d:75:d9:16:ba:2b:76:f7:97:53:2f:e6:33:94:6a:bc:1f:
         61:eb:d6:16:b7:37:2e:68:8c:4d:9e:9b:65:9d:98:f9:27:32:
         82:84:e9:89:a8:40:e5:8a:36:ea:32:85:ac:58:01:b9:ea:23:
         e1:b0:af:70:8d:f3:6c:9f:5c:e3:ed:88:8a:47:23:89:ee:82:
         dc:78:f5:a3:08:09:ce:23:22:bf:c8:af:63:b5:33:35:eb:6e:
         a1:3b:7b:99:8c:7d:9d:c4:5d:bb:37:eb:7d:b8:44:d5:41:50:
         ca:3a:9b:06:0f:f6:63:8e:57:55:60:f3:48:4c:be:b4:87:ae:
         b5:87:81:4d:a6:ea:8d:eb:3f:48:ab:0e:2f:5d:21:56:ef:29:
         d8:da:7e:b9:fa:be:0e:32:aa:02:2f:60:6b:30:b5:41:29:82:
         81:7a:93:66
-----BEGIN CERTIFICATE-----
MIIFxzCCBK+gAwIBAgIUdTVbZyAZ04XKf1oQz1dk36mfEEgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRDE3QTM4MjlBRDkyNEUzNkM2OEQ0NkI0QzE3QjE4OUQy
MkM4Qjc0MTAeFw0yNTAyMDQxOTU2MzFaFw0yNjAyMDMyMDAxMzFaMDMxMTAvBgNV
BAMTKDBBNzkyQkI1RUU5RkEyMzhERUE0RDY1QzFFODE4MzQ3ODVCMEQzQjYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDiW5ieaLvzSLkkAG/FqLNqyfp3
MHEU6shUFcJJFNhgP6CmcsZEQt1F3o1UAP2NciVaWFCuVr0zbnDoRiN3xHs3J1VJ
2dWHND1KFW/tPJtRrYORm/hrhSg/kbJVDfRuUbNaRG/btR0h6TGcE7TRx64v6y3y
9c+bNNDyPXX522JYcKXUtTG2/88buxWfqcvCAQoARGmmmO4wYSSwJgWyhZdDu+Jm
pQxmenxKDQvrA/7Md71N7smQOC8WvyN6k7qcuWKO4w3uXYS+/jrGIAJEU6o+mGkk
HJMuWZJsNgD9zyd+03tZeQ26gNeZxws6JjNvq6BwwLrlMr9oqvRmPA3DafWzAgMB
AAGjggLRMIICzTAdBgNVHQ4EFgQUCnkrte6fojjepNZcHoGDR4Ww07YwHwYDVR0j
BBgwFoAU0Xo4Ka2STjbGjUa0wXsYnSLIt0EwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8wRDRENERGRDE4MzJCQUFBMEMxRkRGM0JCMjc4QUY1NzYw
RThEQzhBRkY0QTVDRkE1QTA3NjRENDIzQjU1OTgxLzAvRDE3QTM4MjlBRDkyNEUz
NkM2OEQ0NkI0QzE3QjE4OUQyMkM4Qjc0MS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9EMTdBMzgyOUFEOTI0RTM2QzY4
RDQ2QjRDMTdCMTg5RDIyQzhCNzQxLmNlcjCBywYIKwYBBQUHAQsEgb4wgbswgbgG
CCsGAQUFBzALhoGrcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMEQ0RDRERkQxODMyQkFBQTBDMUZERjNCQjI3OEFGNTc2MEU4REM4QUZG
NEE1Q0ZBNUEwNzY0RDQyM0I1NTk4MS8wLzMyMzgzMDMxM2EzMTY1M2E2MzM4MzAz
MDNhM2EyZjM2MzQyZDM2MzQyMDNkM2UyMDMxMzkzNDMyMzkucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwJAYIKwYBBQUHAQcBAf8EFTATMBEEAgACMAsDCQAo
AQAeyAAAADANBgkqhkiG9w0BAQsFAAOCAQEAGIGPFGsswHyBcXid6QwTOdFm8xIq
DdZtyQ/dbMMgxyWIa6fxANAE+8F67KWldMWZ/vB1c7qC4ax1xERShBDOkKuTIsws
NnUYUFBCyWJDim3W299SCva4c5PTfi112Ra6K3b3l1Mv5jOUarwfYevWFrc3LmiM
TZ6bZZ2Y+ScygoTpiahA5Yo26jKFrFgBueoj4bCvcI3zbJ9c4+2Iikcjie6C3Hj1
owgJziMiv8ivY7UzNetuoTt7mYx9ncRduzfrfbhE1UFQyjqbBg/2Y45XVWDzSEy+
tIeutYeBTabqjes/SKsOL10hVu8p2Np+ufq+DjKqAi9gazC1QSmCgXqTZg==
-----END CERTIFICATE-----