Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/117E0F28D7B109643382134A928ADB7D8C131972702EA42A048C2764C80DC7C1/0/323830333a623263303a3a2f33322d3430203d3e2033353439.roa
File:                     323830333a623263303a3a2f33322d3430203d3e2033353439.roa (raw, json)
Hash identifier:          OHazFAKL7lVks8hx1YQfTr0f1g0PtvCkynMUmxkOMSs=
Subject key identifier:   9E:7A:00:3D:29:18:A6:53:27:72:28:83:D2:ED:CA:00:09:6A:59:62
Certificate issuer:       /CN=CBE72B8D815E9A3D3D87C10B39ED4169A84AB68F
Certificate serial:       78C3D6CEC65B2335CF1CDEAEF0035304EAE94BCA
Authority key identifier: CB:E7:2B:8D:81:5E:9A:3D:3D:87:C1:0B:39:ED:41:69:A8:4A:B6:8F
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/CBE72B8D815E9A3D3D87C10B39ED4169A84AB68F.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/117E0F28D7B109643382134A928ADB7D8C131972702EA42A048C2764C80DC7C1/0/323830333a623263303a3a2f33322d3430203d3e2033353439.roa
Signing time:             Tue 04 Feb 2025 18:16:48 +0000
ROA not before:           Tue 04 Feb 2025 18:11:48 +0000
ROA not after:            Tue 03 Feb 2026 18:16:48 +0000
asID:                     3549
IP address blocks:        2803:b2c0::/32 maxlen: 40
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            78:c3:d6:ce:c6:5b:23:35:cf:1c:de:ae:f0:03:53:04:ea:e9:4b:ca
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=CBE72B8D815E9A3D3D87C10B39ED4169A84AB68F
        Validity
            Not Before: Feb  4 18:11:48 2025 GMT
            Not After : Feb  3 18:16:48 2026 GMT
        Subject: CN=9E7A003D2918A65327722883D2EDCA00096A5962
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:f9:73:cf:a0:cc:d3:7c:0a:93:2b:32:bb:84:
                    bc:82:07:2b:d0:51:f7:fc:b2:6b:45:47:1c:16:05:
                    a3:86:f5:30:4e:95:ec:51:96:1b:85:3a:37:33:58:
                    53:71:20:94:c7:76:93:91:11:94:4b:9b:1d:62:44:
                    7b:63:2a:24:c5:37:95:d8:a2:83:e4:fc:41:b4:72:
                    8f:89:e4:aa:ea:5d:9f:4e:94:21:a9:6a:db:2b:79:
                    b4:4b:68:b2:2c:5a:bf:26:d7:76:8d:11:aa:c1:9a:
                    1a:3e:d6:f1:57:d6:48:ba:14:4f:f5:af:cb:f2:aa:
                    85:23:19:78:53:4d:a5:01:3a:42:72:5e:83:3b:2b:
                    54:3f:de:7f:74:b9:20:2a:7c:a6:e7:da:f6:e2:08:
                    9d:d1:82:8a:74:5e:10:a5:b8:52:26:c3:42:29:a8:
                    a3:b1:ca:4f:2b:db:00:2a:b9:37:23:1a:95:68:b0:
                    94:53:56:2a:92:a4:c4:f7:ae:c6:7c:4e:09:27:e7:
                    43:33:48:a2:70:77:b8:8b:18:51:b4:eb:56:17:79:
                    f9:f6:6b:50:06:19:15:77:1c:ec:85:e1:98:6a:5f:
                    2e:40:15:e3:9d:d4:1f:21:f7:86:67:86:5c:2a:b2:
                    96:99:15:01:a7:2d:ac:74:ee:81:15:08:d8:10:ba:
                    4c:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9E:7A:00:3D:29:18:A6:53:27:72:28:83:D2:ED:CA:00:09:6A:59:62
            X509v3 Authority Key Identifier:
                keyid:CB:E7:2B:8D:81:5E:9A:3D:3D:87:C1:0B:39:ED:41:69:A8:4A:B6:8F

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/117E0F28D7B109643382134A928ADB7D8C131972702EA42A048C2764C80DC7C1/0/CBE72B8D815E9A3D3D87C10B39ED4169A84AB68F.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/CBE72B8D815E9A3D3D87C10B39ED4169A84AB68F.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/117E0F28D7B109643382134A928ADB7D8C131972702EA42A048C2764C80DC7C1/0/323830333a623263303a3a2f33322d3430203d3e2033353439.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2803:b2c0::/32

    Signature Algorithm: sha256WithRSAEncryption
         53:0d:ec:7e:e1:53:13:a4:d1:58:ad:d4:a5:6c:1d:c6:59:b4:
         3a:2a:a2:9a:dd:13:0e:7a:cb:37:21:c7:7d:15:e3:84:e6:28:
         36:ff:ff:03:f2:f1:69:42:bf:78:f2:3e:76:87:0a:38:49:10:
         65:a0:32:a1:18:27:66:58:fd:41:d1:da:72:3d:7e:6c:ff:7b:
         e6:ce:14:d3:67:d4:da:18:0c:e9:2d:f2:13:c5:9f:e7:93:cc:
         86:37:36:57:6f:e4:11:b9:c6:b3:20:46:41:25:6f:d5:c2:c4:
         8e:42:db:f3:65:43:92:95:88:23:2a:80:23:70:53:23:60:51:
         44:de:38:16:29:bc:12:b9:99:49:3b:3f:c9:c8:c1:49:9f:03:
         d3:de:1e:5d:dd:d8:7c:71:4c:64:ef:fb:d0:3c:ef:91:ed:d1:
         b8:f1:f6:fa:0a:29:61:bb:ed:eb:a5:ac:f7:60:05:f7:02:45:
         2c:9d:69:bc:b5:85:51:9d:58:a6:60:46:1d:c2:f5:18:d4:ae:
         f4:66:03:c8:c3:81:01:3b:52:84:6c:ae:ae:a6:b4:8f:a5:e9:
         27:9d:6e:7b:2b:48:4d:4b:2f:ee:c9:45:ae:40:9f:a1:e5:98:
         a6:fa:48:32:b1:f1:94:09:71:b7:e4:4c:b2:1c:00:18:0e:93:
         3f:85:b6:90
-----BEGIN CERTIFICATE-----
MIIFuzCCBKOgAwIBAgIUeMPWzsZbIzXPHN6u8ANTBOrpS8owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQ0JFNzJCOEQ4MTVFOUEzRDNEODdDMTBCMzlFRDQxNjlB
ODRBQjY4RjAeFw0yNTAyMDQxODExNDhaFw0yNjAyMDMxODE2NDhaMDMxMTAvBgNV
BAMTKDlFN0EwMDNEMjkxOEE2NTMyNzcyMjg4M0QyRURDQTAwMDk2QTU5NjIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCx+XPPoMzTfAqTKzK7hLyCByvQ
Uff8smtFRxwWBaOG9TBOlexRlhuFOjczWFNxIJTHdpOREZRLmx1iRHtjKiTFN5XY
ooPk/EG0co+J5KrqXZ9OlCGpatsrebRLaLIsWr8m13aNEarBmho+1vFX1ki6FE/1
r8vyqoUjGXhTTaUBOkJyXoM7K1Q/3n90uSAqfKbn2vbiCJ3Rgop0XhCluFImw0Ip
qKOxyk8r2wAquTcjGpVosJRTViqSpMT3rsZ8Tgkn50MzSKJwd7iLGFG061YXefn2
a1AGGRV3HOyF4ZhqXy5AFeOd1B8h94ZnhlwqspaZFQGnLax07oEVCNgQukyfAgMB
AAGjggLFMIICwTAdBgNVHQ4EFgQUnnoAPSkYplMnciiD0u3KAAlqWWIwHwYDVR0j
BBgwFoAUy+crjYFemj09h8ELOe1BaahKto8wDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8xMTdFMEYyOEQ3QjEwOTY0MzM4MjEzNEE5MjhBREI3RDhD
MTMxOTcyNzAyRUE0MkEwNDhDMjc2NEM4MERDN0MxLzAvQ0JFNzJCOEQ4MTVFOUEz
RDNEODdDMTBCMzlFRDQxNjlBODRBQjY4Ri5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9DQkU3MkI4RDgxNUU5QTNEM0Q4
N0MxMEIzOUVENDE2OUE4NEFCNjhGLmNlcjCBwwYIKwYBBQUHAQsEgbYwgbMwgbAG
CCsGAQUFBzALhoGjcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMTE3RTBGMjhEN0IxMDk2NDMzODIxMzRBOTI4QURCN0Q4QzEzMTk3Mjcw
MkVBNDJBMDQ4QzI3NjRDODBEQzdDMS8wLzMyMzgzMDMzM2E2MjMyNjMzMDNhM2Ey
ZjMzMzIyZDM0MzAyMDNkM2UyMDMzMzUzNDM5LnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKAOywDANBgkq
hkiG9w0BAQsFAAOCAQEAUw3sfuFTE6TRWK3UpWwdxlm0Oiqimt0TDnrLNyHHfRXj
hOYoNv//A/LxaUK/ePI+docKOEkQZaAyoRgnZlj9QdHacj1+bP975s4U02fU2hgM
6S3yE8Wf55PMhjc2V2/kEbnGsyBGQSVv1cLEjkLb82VDkpWIIyqAI3BTI2BRRN44
Fim8ErmZSTs/ycjBSZ8D094eXd3YfHFMZO/70Dzvke3RuPH2+gopYbvt66Ws92AF
9wJFLJ1pvLWFUZ1YpmBGHcL1GNSu9GYDyMOBATtShGyurqa0j6XpJ51ueytITUsv
7slFrkCfoeWYpvpIMrHxlAlxt+RMshwAGA6TP4W2kA==
-----END CERTIFICATE-----