Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/0D8350773BDE0C40341E49D287A064E75C032D109E5275E16243D2E9F82DBC7C/0/323830333a623536303a3a2f33322d3332203d3e203532343638.roa
File:                     323830333a623536303a3a2f33322d3332203d3e203532343638.roa (raw, json)
Hash identifier:          /XnPWU8TN21UwONbR3guY36ahmD93W3hsdLPKNH4mQ8=
Subject key identifier:   97:71:8F:17:D7:E0:66:92:83:5E:43:48:62:6A:06:42:24:A2:1F:0F
Certificate issuer:       /CN=24CA8C9C613F74DE73C0153A83A206D0476833FF
Certificate serial:       0DE748367503784D203B13E5BBB23F02A64BE01D
Authority key identifier: 24:CA:8C:9C:61:3F:74:DE:73:C0:15:3A:83:A2:06:D0:47:68:33:FF
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/24CA8C9C613F74DE73C0153A83A206D0476833FF.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/0D8350773BDE0C40341E49D287A064E75C032D109E5275E16243D2E9F82DBC7C/0/323830333a623536303a3a2f33322d3332203d3e203532343638.roa
Signing time:             Tue 04 Feb 2025 18:45:35 +0000
ROA not before:           Tue 04 Feb 2025 18:40:35 +0000
ROA not after:            Tue 03 Feb 2026 18:45:35 +0000
asID:                     52468
IP address blocks:        2803:b560::/32 maxlen: 32
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0d:e7:48:36:75:03:78:4d:20:3b:13:e5:bb:b2:3f:02:a6:4b:e0:1d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=24CA8C9C613F74DE73C0153A83A206D0476833FF
        Validity
            Not Before: Feb  4 18:40:35 2025 GMT
            Not After : Feb  3 18:45:35 2026 GMT
        Subject: CN=97718F17D7E06692835E4348626A064224A21F0F
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:b5:7b:ac:2c:54:4f:da:af:8c:55:41:8d:af:
                    25:06:4d:dc:0d:84:1e:60:85:c9:54:e1:cd:57:80:
                    af:70:35:0e:cc:66:f6:1d:de:7d:20:48:0f:f9:29:
                    67:e0:3e:79:0a:18:41:5a:93:1f:03:56:ec:01:29:
                    4a:e8:ee:eb:ab:64:be:9e:3b:f1:36:27:94:8f:8f:
                    96:67:72:a8:ee:3c:f7:4e:66:7f:63:fd:36:21:73:
                    5a:d2:1d:90:ef:ee:5c:4c:c8:b5:78:39:51:b1:13:
                    f8:8f:17:5e:eb:bc:ee:62:c5:5e:7b:e8:14:c6:0b:
                    07:25:65:06:13:1b:b3:16:e1:2a:93:62:94:f2:2a:
                    1f:34:6c:08:ef:3f:76:fd:eb:65:bb:97:c6:02:09:
                    fa:f4:b9:1b:ec:da:ae:0d:1c:d0:6d:11:b6:51:f3:
                    72:11:e5:a7:e2:7a:ea:56:e2:4e:35:50:c3:13:08:
                    54:26:c0:6f:ab:71:06:ac:81:d1:5a:cf:00:13:fb:
                    95:df:8c:d7:5b:d3:78:3d:bf:28:fe:ba:c4:7c:42:
                    e8:b4:fa:37:3a:60:3d:01:4c:29:c7:dc:ab:1e:63:
                    c6:d6:ed:f0:40:ca:95:d0:e7:7b:6b:2d:5d:9e:c7:
                    7b:6f:64:97:de:2e:fe:22:c6:a1:29:22:6f:a8:57:
                    35:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                97:71:8F:17:D7:E0:66:92:83:5E:43:48:62:6A:06:42:24:A2:1F:0F
            X509v3 Authority Key Identifier:
                keyid:24:CA:8C:9C:61:3F:74:DE:73:C0:15:3A:83:A2:06:D0:47:68:33:FF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/0D8350773BDE0C40341E49D287A064E75C032D109E5275E16243D2E9F82DBC7C/0/24CA8C9C613F74DE73C0153A83A206D0476833FF.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/24CA8C9C613F74DE73C0153A83A206D0476833FF.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/0D8350773BDE0C40341E49D287A064E75C032D109E5275E16243D2E9F82DBC7C/0/323830333a623536303a3a2f33322d3332203d3e203532343638.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2803:b560::/32

    Signature Algorithm: sha256WithRSAEncryption
         87:f9:2a:58:fb:a8:af:4a:a3:2e:9c:19:ff:73:3d:24:0b:99:
         c8:a1:b2:9f:3f:63:a1:a6:c9:72:e1:cd:44:7d:0d:5b:20:eb:
         a4:f0:96:d1:e5:3d:71:3b:46:30:e1:c0:74:3b:43:d9:94:2a:
         b9:6f:92:6d:62:c3:66:31:38:2f:c1:32:f9:3e:47:ac:3d:a1:
         03:fb:a2:20:e6:19:37:1d:e5:bc:d6:de:f6:04:8c:df:ff:4a:
         53:d8:71:f2:6b:b2:f8:a0:eb:39:b6:32:8a:8d:02:2c:23:1f:
         fd:0b:d7:73:43:27:85:59:b8:f7:b6:d8:35:1d:ec:70:c7:1d:
         38:d3:11:f4:6f:84:6c:99:e2:cd:d4:19:c7:1d:59:4e:49:fb:
         42:39:ae:57:04:2b:18:4d:c3:7c:df:78:37:bd:9c:33:52:4f:
         31:f6:50:d4:15:10:f4:8e:f3:31:64:1f:f2:b6:00:0f:f5:67:
         51:49:2f:c3:8d:8d:db:cc:56:5c:f6:ef:d0:07:89:c3:c5:ac:
         02:ea:3c:36:9f:11:88:e6:29:af:57:09:64:b4:34:5c:1c:4d:
         a0:dc:d2:ff:91:88:4a:3e:8c:aa:f6:83:75:97:76:22:b8:01:
         df:b7:7e:c7:09:db:80:d1:51:f7:15:68:eb:66:43:03:69:f4:
         74:1c:d5:86
-----BEGIN CERTIFICATE-----
MIIFvTCCBKWgAwIBAgIUDedINnUDeE0gOxPlu7I/AqZL4B0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjRDQThDOUM2MTNGNzRERTczQzAxNTNBODNBMjA2RDA0
NzY4MzNGRjAeFw0yNTAyMDQxODQwMzVaFw0yNjAyMDMxODQ1MzVaMDMxMTAvBgNV
BAMTKDk3NzE4RjE3RDdFMDY2OTI4MzVFNDM0ODYyNkEwNjQyMjRBMjFGMEYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCotXusLFRP2q+MVUGNryUGTdwN
hB5ghclU4c1XgK9wNQ7MZvYd3n0gSA/5KWfgPnkKGEFakx8DVuwBKUro7uurZL6e
O/E2J5SPj5ZncqjuPPdOZn9j/TYhc1rSHZDv7lxMyLV4OVGxE/iPF17rvO5ixV57
6BTGCwclZQYTG7MW4SqTYpTyKh80bAjvP3b962W7l8YCCfr0uRvs2q4NHNBtEbZR
83IR5afieupW4k41UMMTCFQmwG+rcQasgdFazwAT+5XfjNdb03g9vyj+usR8Qui0
+jc6YD0BTCnH3KseY8bW7fBAypXQ53trLV2ex3tvZJfeLv4ixqEpIm+oVzXTAgMB
AAGjggLHMIICwzAdBgNVHQ4EFgQUl3GPF9fgZpKDXkNIYmoGQiSiHw8wHwYDVR0j
BBgwFoAUJMqMnGE/dN5zwBU6g6IG0EdoM/8wDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8wRDgzNTA3NzNCREUwQzQwMzQxRTQ5RDI4N0EwNjRFNzVD
MDMyRDEwOUU1Mjc1RTE2MjQzRDJFOUY4MkRCQzdDLzAvMjRDQThDOUM2MTNGNzRE
RTczQzAxNTNBODNBMjA2RDA0NzY4MzNGRi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8yNENBOEM5QzYxM0Y3NERFNzND
MDE1M0E4M0EyMDZEMDQ3NjgzM0ZGLmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMEQ4MzUwNzczQkRFMEM0MDM0MUU0OUQyODdBMDY0RTc1QzAzMkQxMDlF
NTI3NUUxNjI0M0QyRTlGODJEQkM3Qy8wLzMyMzgzMDMzM2E2MjM1MzYzMDNhM2Ey
ZjMzMzIyZDMzMzIyMDNkM2UyMDM1MzIzNDM2Mzgucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAoA7VgMA0G
CSqGSIb3DQEBCwUAA4IBAQCH+SpY+6ivSqMunBn/cz0kC5nIobKfP2Ohpsly4c1E
fQ1bIOuk8JbR5T1xO0Yw4cB0O0PZlCq5b5JtYsNmMTgvwTL5PkesPaED+6Ig5hk3
HeW81t72BIzf/0pT2HHya7L4oOs5tjKKjQIsIx/9C9dzQyeFWbj3ttg1Hexwxx04
0xH0b4RsmeLN1BnHHVlOSftCOa5XBCsYTcN833g3vZwzUk8x9lDUFRD0jvMxZB/y
tgAP9WdRSS/DjY3bzFZc9u/QB4nDxawC6jw2nxGI5imvVwlktDRcHE2g3NL/kYhK
Poyq9oN1l3YiuAHft37HCduA0VH3FWjrZkMDafR0HNWG
-----END CERTIFICATE-----