Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/1AD7261C7FD1E4EFECEBE6F362FCD0C75697E06B41474BEA8CABC706F79ECF3D/0/323830303a6237303a31613a3a2f34382d3438203d3e20323632313931.roa
File:                     323830303a6237303a31613a3a2f34382d3438203d3e20323632313931.roa (raw, json)
Hash identifier:          l3TEUZ/fWK04djg0G8xLs0K5SR4BmeAMA9i9EjnF9Ds=
Subject key identifier:   09:9F:71:62:79:BD:06:71:9E:3D:22:5E:3C:5E:12:B2:13:28:E1:BB
Certificate issuer:       /CN=85D9E7D9BEEFED0B9E188DB7E8CC3B6489066DCD
Certificate serial:       55EEC52A9F9D8C9F8259E1CE6842824DB4D3FB34
Authority key identifier: 85:D9:E7:D9:BE:EF:ED:0B:9E:18:8D:B7:E8:CC:3B:64:89:06:6D:CD
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/85D9E7D9BEEFED0B9E188DB7E8CC3B6489066DCD.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/1AD7261C7FD1E4EFECEBE6F362FCD0C75697E06B41474BEA8CABC706F79ECF3D/0/323830303a6237303a31613a3a2f34382d3438203d3e20323632313931.roa
Signing time:             Tue 04 Feb 2025 20:04:32 +0000
ROA not before:           Tue 04 Feb 2025 19:59:32 +0000
ROA not after:            Tue 03 Feb 2026 20:04:32 +0000
asID:                     262191
IP address blocks:        2800:b70:1a::/48 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            55:ee:c5:2a:9f:9d:8c:9f:82:59:e1:ce:68:42:82:4d:b4:d3:fb:34
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=85D9E7D9BEEFED0B9E188DB7E8CC3B6489066DCD
        Validity
            Not Before: Feb  4 19:59:32 2025 GMT
            Not After : Feb  3 20:04:32 2026 GMT
        Subject: CN=099F716279BD06719E3D225E3C5E12B21328E1BB
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:03:b4:29:2d:95:33:5e:45:21:c2:56:32:87:
                    6e:76:bc:22:ae:65:3d:53:64:83:77:70:1b:cd:fd:
                    63:ff:87:6d:01:91:dd:0d:04:db:44:92:70:0d:bd:
                    aa:72:11:38:93:c4:31:e5:f5:b6:69:1a:a5:28:ab:
                    ac:0a:ae:a9:03:50:fa:82:35:8f:57:98:14:87:85:
                    b4:cb:6a:c3:5a:ca:f5:ba:47:14:fe:b7:cd:9d:f4:
                    00:71:77:3b:ea:80:76:9e:64:40:7e:b7:90:24:c0:
                    43:1e:24:f3:cf:a0:80:05:63:97:b0:46:31:ca:89:
                    17:dd:2b:ba:35:15:3b:85:1a:6b:ac:98:56:98:c9:
                    e3:a9:49:da:8b:62:25:1b:72:d4:91:82:e4:15:36:
                    1e:70:db:77:d6:e5:8d:5f:81:4c:55:8a:fd:3d:95:
                    f5:e8:40:b7:92:78:20:45:9a:4d:78:38:7e:83:e2:
                    c9:0b:4f:4f:fc:da:af:e7:29:cb:51:d9:c3:66:e2:
                    d9:29:c0:43:c5:f6:9d:52:58:73:2a:8b:35:dc:90:
                    03:01:f9:38:6a:0d:89:d6:fd:93:bf:e6:36:5d:ad:
                    3c:64:38:38:a1:96:15:69:0f:ec:f5:2f:10:ae:d4:
                    99:b5:7b:d4:c0:16:73:76:99:fa:b1:52:f0:ca:49:
                    03:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                09:9F:71:62:79:BD:06:71:9E:3D:22:5E:3C:5E:12:B2:13:28:E1:BB
            X509v3 Authority Key Identifier:
                keyid:85:D9:E7:D9:BE:EF:ED:0B:9E:18:8D:B7:E8:CC:3B:64:89:06:6D:CD

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/1AD7261C7FD1E4EFECEBE6F362FCD0C75697E06B41474BEA8CABC706F79ECF3D/0/85D9E7D9BEEFED0B9E188DB7E8CC3B6489066DCD.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/85D9E7D9BEEFED0B9E188DB7E8CC3B6489066DCD.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/1AD7261C7FD1E4EFECEBE6F362FCD0C75697E06B41474BEA8CABC706F79ECF3D/0/323830303a6237303a31613a3a2f34382d3438203d3e20323632313931.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2800:b70:1a::/48

    Signature Algorithm: sha256WithRSAEncryption
         ad:43:d5:b9:16:9b:ea:6d:b7:1a:10:08:92:45:cf:ff:c2:31:
         81:08:dc:f2:d3:2c:13:a4:b9:48:69:5c:42:12:03:e3:d8:ae:
         b5:cd:b9:52:1b:cb:ac:fb:27:1f:2a:45:b2:bb:7b:c1:48:55:
         ab:e9:09:dc:d0:a0:87:13:40:28:7c:e6:fb:b8:b1:41:b5:ac:
         8a:f4:6b:7b:e0:e4:3a:38:11:1b:d5:12:80:51:fd:c7:5e:d0:
         40:b4:a1:6b:3d:cf:87:ea:a6:97:9c:d2:57:5d:02:c0:db:a6:
         2a:88:4e:74:6d:c8:d4:8f:ea:79:74:e2:0c:df:3f:3b:39:e8:
         6c:c5:62:b9:bc:f1:fa:bc:2b:7f:ec:ed:c0:3d:ad:ee:fd:de:
         ae:47:10:7d:cc:56:30:12:c4:e9:d4:c1:fd:25:9e:87:0e:5b:
         96:39:4f:e3:a1:b2:0d:c8:ba:32:6b:0d:d2:79:fa:bb:ee:b2:
         17:64:9b:39:b5:91:c7:53:6e:d8:dd:18:98:03:ab:22:80:37:
         eb:9b:b1:39:93:b9:3b:18:f7:da:aa:37:3c:e7:09:37:7c:c5:
         db:04:85:a2:02:a9:f0:8b:a8:9e:20:f9:a1:80:96:7a:36:36:
         12:6b:3c:d0:38:03:f4:9e:cb:bb:d1:aa:45:31:c8:7d:e7:a1:
         15:6e:97:b4
-----BEGIN CERTIFICATE-----
MIIFxTCCBK2gAwIBAgIUVe7FKp+djJ+CWeHOaEKCTbTT+zQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODVEOUU3RDlCRUVGRUQwQjlFMTg4REI3RThDQzNCNjQ4
OTA2NkRDRDAeFw0yNTAyMDQxOTU5MzJaFw0yNjAyMDMyMDA0MzJaMDMxMTAvBgNV
BAMTKDA5OUY3MTYyNzlCRDA2NzE5RTNEMjI1RTNDNUUxMkIyMTMyOEUxQkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDVA7QpLZUzXkUhwlYyh252vCKu
ZT1TZIN3cBvN/WP/h20Bkd0NBNtEknANvapyETiTxDHl9bZpGqUoq6wKrqkDUPqC
NY9XmBSHhbTLasNayvW6RxT+t82d9ABxdzvqgHaeZEB+t5AkwEMeJPPPoIAFY5ew
RjHKiRfdK7o1FTuFGmusmFaYyeOpSdqLYiUbctSRguQVNh5w23fW5Y1fgUxViv09
lfXoQLeSeCBFmk14OH6D4skLT0/82q/nKctR2cNm4tkpwEPF9p1SWHMqizXckAMB
+ThqDYnW/ZO/5jZdrTxkODihlhVpD+z1LxCu1Jm1e9TAFnN2mfqxUvDKSQPdAgMB
AAGjggLPMIICyzAdBgNVHQ4EFgQUCZ9xYnm9BnGePSJePF4SshMo4bswHwYDVR0j
BBgwFoAUhdnn2b7v7QueGI236Mw7ZIkGbc0wDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8xQUQ3MjYxQzdGRDFFNEVGRUNFQkU2RjM2MkZDRDBDNzU2
OTdFMDZCNDE0NzRCRUE4Q0FCQzcwNkY3OUVDRjNELzAvODVEOUU3RDlCRUVGRUQw
QjlFMTg4REI3RThDQzNCNjQ4OTA2NkRDRC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC84NUQ5RTdEOUJFRUZFRDBCOUUx
ODhEQjdFOENDM0I2NDg5MDY2RENELmNlcjCBywYIKwYBBQUHAQsEgb4wgbswgbgG
CCsGAQUFBzALhoGrcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMUFENzI2MUM3RkQxRTRFRkVDRUJFNkYzNjJGQ0QwQzc1Njk3RTA2QjQx
NDc0QkVBOENBQkM3MDZGNzlFQ0YzRC8wLzMyMzgzMDMwM2E2MjM3MzAzYTMxNjEz
YTNhMmYzNDM4MmQzNDM4MjAzZDNlMjAzMjM2MzIzMTM5MzEucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAo
AAtwABowDQYJKoZIhvcNAQELBQADggEBAK1D1bkWm+pttxoQCJJFz//CMYEI3PLT
LBOkuUhpXEISA+PYrrXNuVIby6z7Jx8qRbK7e8FIVavpCdzQoIcTQCh85vu4sUG1
rIr0a3vg5Do4ERvVEoBR/cde0EC0oWs9z4fqppec0lddAsDbpiqITnRtyNSP6nl0
4gzfPzs56GzFYrm88fq8K3/s7cA9re793q5HEH3MVjASxOnUwf0lnocOW5Y5T+Oh
sg3IujJrDdJ5+rvushdkmzm1kcdTbtjdGJgDqyKAN+ubsTmTuTsY99qqNzznCTd8
xdsEhaICqfCLqJ4g+aGAlno2NhJrPNA4A/Sey7vRqkUxyH3noRVul7Q=
-----END CERTIFICATE-----