Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/1AD7261C7FD1E4EFECEBE6F362FCD0C75697E06B41474BEA8CABC706F79ECF3D/0/323830303a6237303a31663a3a2f34382d3438203d3e20323632313931.roa
File:                     323830303a6237303a31663a3a2f34382d3438203d3e20323632313931.roa (raw, json)
Hash identifier:          UskFySY4V0oE6ng38NUb505vaDQuN07T2WuYEpFIHfs=
Subject key identifier:   7A:D1:5C:E6:C9:35:E5:B9:66:1A:30:6B:21:CF:B7:43:AB:0E:EF:38
Certificate issuer:       /CN=85D9E7D9BEEFED0B9E188DB7E8CC3B6489066DCD
Certificate serial:       649A7789A8A8F4F918CF32700F2C3BB492B76F77
Authority key identifier: 85:D9:E7:D9:BE:EF:ED:0B:9E:18:8D:B7:E8:CC:3B:64:89:06:6D:CD
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/85D9E7D9BEEFED0B9E188DB7E8CC3B6489066DCD.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/1AD7261C7FD1E4EFECEBE6F362FCD0C75697E06B41474BEA8CABC706F79ECF3D/0/323830303a6237303a31663a3a2f34382d3438203d3e20323632313931.roa
Signing time:             Tue 04 Feb 2025 20:04:38 +0000
ROA not before:           Tue 04 Feb 2025 19:59:38 +0000
ROA not after:            Tue 03 Feb 2026 20:04:38 +0000
asID:                     262191
IP address blocks:        2800:b70:1f::/48 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            64:9a:77:89:a8:a8:f4:f9:18:cf:32:70:0f:2c:3b:b4:92:b7:6f:77
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=85D9E7D9BEEFED0B9E188DB7E8CC3B6489066DCD
        Validity
            Not Before: Feb  4 19:59:38 2025 GMT
            Not After : Feb  3 20:04:38 2026 GMT
        Subject: CN=7AD15CE6C935E5B9661A306B21CFB743AB0EEF38
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e8:dc:e4:7b:37:70:f1:72:8b:00:5f:72:5f:59:
                    90:c9:e3:54:de:3d:24:50:a8:44:93:95:0a:f1:03:
                    9a:20:e3:56:af:02:b9:45:c6:ce:ad:96:05:63:6d:
                    6a:e9:5f:3f:91:19:e1:29:05:4f:b6:76:b8:6e:4d:
                    2d:71:f7:1f:bf:af:c8:2e:29:fa:5a:c2:fa:53:7e:
                    37:cf:e3:45:52:2c:ff:c7:9e:d8:89:1e:4a:2a:36:
                    96:3b:b2:68:6d:33:67:e5:35:79:ce:f7:b0:1a:48:
                    17:64:8b:22:1e:5a:ab:7f:22:c6:a6:ff:df:1a:68:
                    fe:1c:db:c1:53:8b:0b:c7:b0:48:3f:44:f2:2d:ed:
                    8d:25:60:58:1b:84:fa:78:cc:b6:3b:f9:5d:6f:cc:
                    33:14:26:76:57:dc:b5:e2:82:42:6e:e0:51:ca:32:
                    1e:6d:14:3d:2c:b8:9b:3a:c2:53:ef:f7:4c:60:c5:
                    7a:c0:23:42:f4:2c:28:0f:81:0a:19:27:8a:cf:bd:
                    52:34:68:4d:eb:4d:19:51:63:00:a7:a3:95:c3:eb:
                    26:82:7b:fc:81:da:39:27:4f:cd:51:a8:b0:55:9a:
                    83:ea:33:ab:58:78:2f:b5:ea:e3:a3:3d:96:15:26:
                    dd:25:67:e3:bb:16:39:88:0c:96:d6:ca:47:26:8a:
                    73:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7A:D1:5C:E6:C9:35:E5:B9:66:1A:30:6B:21:CF:B7:43:AB:0E:EF:38
            X509v3 Authority Key Identifier:
                keyid:85:D9:E7:D9:BE:EF:ED:0B:9E:18:8D:B7:E8:CC:3B:64:89:06:6D:CD

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/1AD7261C7FD1E4EFECEBE6F362FCD0C75697E06B41474BEA8CABC706F79ECF3D/0/85D9E7D9BEEFED0B9E188DB7E8CC3B6489066DCD.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/85D9E7D9BEEFED0B9E188DB7E8CC3B6489066DCD.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/1AD7261C7FD1E4EFECEBE6F362FCD0C75697E06B41474BEA8CABC706F79ECF3D/0/323830303a6237303a31663a3a2f34382d3438203d3e20323632313931.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2800:b70:1f::/48

    Signature Algorithm: sha256WithRSAEncryption
         53:39:45:e9:c7:1b:2b:74:40:d7:c6:64:a3:db:49:e4:88:2a:
         4a:4e:6e:95:20:ab:e5:b9:77:c1:86:09:3d:f7:ce:e6:b2:90:
         4d:da:fb:ff:3d:28:71:1f:d9:c3:89:35:99:f7:fb:59:88:aa:
         17:8d:87:9f:b2:85:ab:28:cd:1c:d7:fc:15:6e:76:e6:fc:91:
         e0:49:32:fc:31:6b:d0:05:c2:ee:4d:11:50:ad:06:dd:df:e5:
         af:4e:2c:db:ce:aa:9f:fc:fa:5b:5e:14:a6:a3:c0:69:4f:0d:
         dd:b1:fe:e4:1e:eb:2a:71:c4:a0:48:95:27:4b:56:ad:76:20:
         65:90:b5:bb:bc:bc:08:a3:1f:e9:68:0a:01:f3:4b:ae:9a:84:
         93:46:88:aa:42:03:ee:6f:ca:92:d8:6a:5f:13:c1:05:1d:b3:
         45:1d:cc:87:95:45:36:d1:cc:59:5d:73:7e:e8:7f:5c:cf:fb:
         43:6c:42:51:f3:a2:67:49:2b:b1:b7:7b:ee:4a:c2:8e:e3:4e:
         47:42:8d:22:b6:5e:9c:2b:1b:dd:ea:27:35:41:93:f5:47:36:
         90:e1:ff:20:d9:fb:cc:e0:7a:55:39:2a:80:d1:e0:16:de:3d:
         a0:59:7f:14:4d:ca:12:20:d8:4f:bd:52:13:bf:91:bb:81:32:
         d7:2e:21:1d
-----BEGIN CERTIFICATE-----
MIIFxTCCBK2gAwIBAgIUZJp3iaio9PkYzzJwDyw7tJK3b3cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODVEOUU3RDlCRUVGRUQwQjlFMTg4REI3RThDQzNCNjQ4
OTA2NkRDRDAeFw0yNTAyMDQxOTU5MzhaFw0yNjAyMDMyMDA0MzhaMDMxMTAvBgNV
BAMTKDdBRDE1Q0U2QzkzNUU1Qjk2NjFBMzA2QjIxQ0ZCNzQzQUIwRUVGMzgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDo3OR7N3DxcosAX3JfWZDJ41Te
PSRQqESTlQrxA5og41avArlFxs6tlgVjbWrpXz+RGeEpBU+2drhuTS1x9x+/r8gu
KfpawvpTfjfP40VSLP/HntiJHkoqNpY7smhtM2flNXnO97AaSBdkiyIeWqt/Isam
/98aaP4c28FTiwvHsEg/RPIt7Y0lYFgbhPp4zLY7+V1vzDMUJnZX3LXigkJu4FHK
Mh5tFD0suJs6wlPv90xgxXrAI0L0LCgPgQoZJ4rPvVI0aE3rTRlRYwCno5XD6yaC
e/yB2jknT81RqLBVmoPqM6tYeC+16uOjPZYVJt0lZ+O7FjmIDJbWykcminNBAgMB
AAGjggLPMIICyzAdBgNVHQ4EFgQUetFc5sk15blmGjBrIc+3Q6sO7zgwHwYDVR0j
BBgwFoAUhdnn2b7v7QueGI236Mw7ZIkGbc0wDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8xQUQ3MjYxQzdGRDFFNEVGRUNFQkU2RjM2MkZDRDBDNzU2
OTdFMDZCNDE0NzRCRUE4Q0FCQzcwNkY3OUVDRjNELzAvODVEOUU3RDlCRUVGRUQw
QjlFMTg4REI3RThDQzNCNjQ4OTA2NkRDRC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC84NUQ5RTdEOUJFRUZFRDBCOUUx
ODhEQjdFOENDM0I2NDg5MDY2RENELmNlcjCBywYIKwYBBQUHAQsEgb4wgbswgbgG
CCsGAQUFBzALhoGrcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMUFENzI2MUM3RkQxRTRFRkVDRUJFNkYzNjJGQ0QwQzc1Njk3RTA2QjQx
NDc0QkVBOENBQkM3MDZGNzlFQ0YzRC8wLzMyMzgzMDMwM2E2MjM3MzAzYTMxNjYz
YTNhMmYzNDM4MmQzNDM4MjAzZDNlMjAzMjM2MzIzMTM5MzEucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAo
AAtwAB8wDQYJKoZIhvcNAQELBQADggEBAFM5RenHGyt0QNfGZKPbSeSIKkpObpUg
q+W5d8GGCT33zuaykE3a+/89KHEf2cOJNZn3+1mIqheNh5+yhasozRzX/BVudub8
keBJMvwxa9AFwu5NEVCtBt3f5a9OLNvOqp/8+lteFKajwGlPDd2x/uQe6ypxxKBI
lSdLVq12IGWQtbu8vAijH+loCgHzS66ahJNGiKpCA+5vypLYal8TwQUds0UdzIeV
RTbRzFldc37of1zP+0NsQlHzomdJK7G3e+5Kwo7jTkdCjSK2XpwrG93qJzVBk/VH
NpDh/yDZ+8zgelU5KoDR4BbePaBZfxRNyhIg2E+9UhO/kbuBMtcuIR0=
-----END CERTIFICATE-----