Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/1AD7261C7FD1E4EFECEBE6F362FCD0C75697E06B41474BEA8CABC706F79ECF3D/0/323830303a6237303a31383a3a2f34382d3438203d3e20323632313931.roa
File:                     323830303a6237303a31383a3a2f34382d3438203d3e20323632313931.roa (raw, json)
Hash identifier:          EBiGEwtXMeXhcZQgnLd5VrWYsH/xH/WkfsldP4SgSqI=
Subject key identifier:   B2:D3:F6:CE:1B:B4:C1:A4:7D:BA:C0:2C:30:DE:BF:A2:5A:0D:0F:49
Certificate issuer:       /CN=85D9E7D9BEEFED0B9E188DB7E8CC3B6489066DCD
Certificate serial:       367EC23DBA1B941CF3A40568151E334C816564B2
Authority key identifier: 85:D9:E7:D9:BE:EF:ED:0B:9E:18:8D:B7:E8:CC:3B:64:89:06:6D:CD
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/85D9E7D9BEEFED0B9E188DB7E8CC3B6489066DCD.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/1AD7261C7FD1E4EFECEBE6F362FCD0C75697E06B41474BEA8CABC706F79ECF3D/0/323830303a6237303a31383a3a2f34382d3438203d3e20323632313931.roa
Signing time:             Tue 04 Feb 2025 20:04:33 +0000
ROA not before:           Tue 04 Feb 2025 19:59:33 +0000
ROA not after:            Tue 03 Feb 2026 20:04:33 +0000
asID:                     262191
IP address blocks:        2800:b70:18::/48 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            36:7e:c2:3d:ba:1b:94:1c:f3:a4:05:68:15:1e:33:4c:81:65:64:b2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=85D9E7D9BEEFED0B9E188DB7E8CC3B6489066DCD
        Validity
            Not Before: Feb  4 19:59:33 2025 GMT
            Not After : Feb  3 20:04:33 2026 GMT
        Subject: CN=B2D3F6CE1BB4C1A47DBAC02C30DEBFA25A0D0F49
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:e2:30:3d:02:8f:44:7f:35:3a:22:af:f0:3d:
                    b8:43:9e:5f:a0:5b:cf:93:09:d7:f3:27:52:df:55:
                    fa:d1:29:4f:33:10:c6:84:86:36:b1:b6:91:7b:cb:
                    b3:fd:30:a9:9b:4e:31:bf:09:9d:1d:2f:3b:d4:4a:
                    5c:25:cd:94:7a:ef:7c:b2:d5:ba:4c:99:26:db:2a:
                    fb:5f:3e:87:d4:9c:9f:65:5a:c3:e1:3a:e0:d0:05:
                    9d:2d:04:ed:8d:47:9c:ae:e9:dd:bc:20:a0:d8:16:
                    0b:2a:f1:72:c2:9d:a1:c4:da:92:86:e0:57:12:b8:
                    b0:84:e8:e6:0a:cf:dc:97:94:af:2f:36:d0:21:01:
                    d5:83:9e:bc:6c:46:19:0c:0e:89:a2:04:2e:39:69:
                    91:08:0e:3d:47:41:88:b6:c9:00:67:32:ef:19:f2:
                    da:2e:06:41:17:c6:46:3b:5f:a5:52:63:d5:49:14:
                    75:22:4f:e3:81:9a:30:48:38:59:3c:4d:26:ef:78:
                    dd:bb:01:5c:37:2a:ce:98:8d:00:03:00:fd:4b:f9:
                    c1:2b:cd:f1:34:0c:4a:d7:7b:23:86:0d:1c:a3:c1:
                    9b:e5:d7:ba:d4:bd:04:d1:61:63:3f:ce:a7:46:40:
                    19:10:1a:ec:49:f4:91:5b:8a:f4:d5:9e:71:47:62:
                    d0:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B2:D3:F6:CE:1B:B4:C1:A4:7D:BA:C0:2C:30:DE:BF:A2:5A:0D:0F:49
            X509v3 Authority Key Identifier:
                keyid:85:D9:E7:D9:BE:EF:ED:0B:9E:18:8D:B7:E8:CC:3B:64:89:06:6D:CD

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/1AD7261C7FD1E4EFECEBE6F362FCD0C75697E06B41474BEA8CABC706F79ECF3D/0/85D9E7D9BEEFED0B9E188DB7E8CC3B6489066DCD.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/85D9E7D9BEEFED0B9E188DB7E8CC3B6489066DCD.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/1AD7261C7FD1E4EFECEBE6F362FCD0C75697E06B41474BEA8CABC706F79ECF3D/0/323830303a6237303a31383a3a2f34382d3438203d3e20323632313931.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2800:b70:18::/48

    Signature Algorithm: sha256WithRSAEncryption
         8f:2c:11:77:fc:a0:26:af:b6:60:f8:9e:b6:28:06:ac:27:f2:
         34:5a:cd:7f:0d:df:6f:41:3d:38:a4:31:54:0f:ae:2a:9b:6c:
         5e:6c:b4:53:4b:8b:87:a3:06:6d:93:58:f6:37:ce:87:ce:0d:
         0a:9c:0d:36:2e:4b:60:6e:6c:70:cc:96:1f:ac:8d:97:6f:fc:
         21:cf:09:33:98:00:8f:23:6b:5a:7d:c0:7d:47:91:bb:36:ea:
         3b:4b:f1:6e:fe:24:a7:d7:c0:4d:87:35:2c:ed:32:38:10:f9:
         4c:7e:96:fa:97:72:f6:31:a3:93:2c:df:58:e3:96:6f:35:7b:
         73:1e:01:e7:dc:7d:a2:8f:07:4f:7e:58:df:95:ab:e9:71:ca:
         fc:6a:e4:4b:33:8c:75:68:b5:02:a8:07:6e:27:9b:71:7c:e4:
         00:89:37:b9:e6:a2:c1:88:c7:3e:c7:db:c3:00:2f:97:74:5c:
         d5:a3:35:c0:e7:d6:64:4a:26:db:41:49:06:1a:65:ab:09:23:
         6d:6b:3e:ae:b9:ba:a4:fb:96:46:dd:55:8c:56:98:c9:a0:01:
         3b:98:22:6d:75:4e:16:a2:ed:28:38:da:5b:5b:cb:c3:12:56:
         fb:01:4e:d0:e1:ff:89:0a:10:d6:37:a3:75:14:ee:82:1e:d2:
         03:5a:53:2f
-----BEGIN CERTIFICATE-----
MIIFxTCCBK2gAwIBAgIUNn7CPboblBzzpAVoFR4zTIFlZLIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODVEOUU3RDlCRUVGRUQwQjlFMTg4REI3RThDQzNCNjQ4
OTA2NkRDRDAeFw0yNTAyMDQxOTU5MzNaFw0yNjAyMDMyMDA0MzNaMDMxMTAvBgNV
BAMTKEIyRDNGNkNFMUJCNEMxQTQ3REJBQzAyQzMwREVCRkEyNUEwRDBGNDkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDR4jA9Ao9EfzU6Iq/wPbhDnl+g
W8+TCdfzJ1LfVfrRKU8zEMaEhjaxtpF7y7P9MKmbTjG/CZ0dLzvUSlwlzZR673yy
1bpMmSbbKvtfPofUnJ9lWsPhOuDQBZ0tBO2NR5yu6d28IKDYFgsq8XLCnaHE2pKG
4FcSuLCE6OYKz9yXlK8vNtAhAdWDnrxsRhkMDomiBC45aZEIDj1HQYi2yQBnMu8Z
8touBkEXxkY7X6VSY9VJFHUiT+OBmjBIOFk8TSbveN27AVw3Ks6YjQADAP1L+cEr
zfE0DErXeyOGDRyjwZvl17rUvQTRYWM/zqdGQBkQGuxJ9JFbivTVnnFHYtA5AgMB
AAGjggLPMIICyzAdBgNVHQ4EFgQUstP2zhu0waR9usAsMN6/oloND0kwHwYDVR0j
BBgwFoAUhdnn2b7v7QueGI236Mw7ZIkGbc0wDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8xQUQ3MjYxQzdGRDFFNEVGRUNFQkU2RjM2MkZDRDBDNzU2
OTdFMDZCNDE0NzRCRUE4Q0FCQzcwNkY3OUVDRjNELzAvODVEOUU3RDlCRUVGRUQw
QjlFMTg4REI3RThDQzNCNjQ4OTA2NkRDRC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC84NUQ5RTdEOUJFRUZFRDBCOUUx
ODhEQjdFOENDM0I2NDg5MDY2RENELmNlcjCBywYIKwYBBQUHAQsEgb4wgbswgbgG
CCsGAQUFBzALhoGrcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMUFENzI2MUM3RkQxRTRFRkVDRUJFNkYzNjJGQ0QwQzc1Njk3RTA2QjQx
NDc0QkVBOENBQkM3MDZGNzlFQ0YzRC8wLzMyMzgzMDMwM2E2MjM3MzAzYTMxMzgz
YTNhMmYzNDM4MmQzNDM4MjAzZDNlMjAzMjM2MzIzMTM5MzEucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAo
AAtwABgwDQYJKoZIhvcNAQELBQADggEBAI8sEXf8oCavtmD4nrYoBqwn8jRazX8N
329BPTikMVQPriqbbF5stFNLi4ejBm2TWPY3zofODQqcDTYuS2BubHDMlh+sjZdv
/CHPCTOYAI8ja1p9wH1Hkbs26jtL8W7+JKfXwE2HNSztMjgQ+Ux+lvqXcvYxo5Ms
31jjlm81e3MeAefcfaKPB09+WN+Vq+lxyvxq5EszjHVotQKoB24nm3F85ACJN7nm
osGIxz7H28MAL5d0XNWjNcDn1mRKJttBSQYaZasJI21rPq65uqT7lkbdVYxWmMmg
ATuYIm11Thai7Sg42ltby8MSVvsBTtDh/4kKENY3o3UU7oIe0gNaUy8=
-----END CERTIFICATE-----