Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/1AD7261C7FD1E4EFECEBE6F362FCD0C75697E06B41474BEA8CABC706F79ECF3D/0/323830303a6237303a32313a3a2f34382d3438203d3e20323632313931.roa
File:                     323830303a6237303a32313a3a2f34382d3438203d3e20323632313931.roa (raw, json)
Hash identifier:          dX8cxvKySlQnBpgL+F+0GJzxQ7r6X1ECt5A0DO07P68=
Subject key identifier:   F8:5C:3B:D6:03:CB:85:42:43:F2:F2:9E:FE:9A:C1:67:65:9A:EF:73
Certificate issuer:       /CN=85D9E7D9BEEFED0B9E188DB7E8CC3B6489066DCD
Certificate serial:       1B337150298F15F5F0315096A48CC2514FB72CA0
Authority key identifier: 85:D9:E7:D9:BE:EF:ED:0B:9E:18:8D:B7:E8:CC:3B:64:89:06:6D:CD
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/85D9E7D9BEEFED0B9E188DB7E8CC3B6489066DCD.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/1AD7261C7FD1E4EFECEBE6F362FCD0C75697E06B41474BEA8CABC706F79ECF3D/0/323830303a6237303a32313a3a2f34382d3438203d3e20323632313931.roa
Signing time:             Tue 04 Feb 2025 20:04:43 +0000
ROA not before:           Tue 04 Feb 2025 19:59:43 +0000
ROA not after:            Tue 03 Feb 2026 20:04:43 +0000
asID:                     262191
IP address blocks:        2800:b70:21::/48 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1b:33:71:50:29:8f:15:f5:f0:31:50:96:a4:8c:c2:51:4f:b7:2c:a0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=85D9E7D9BEEFED0B9E188DB7E8CC3B6489066DCD
        Validity
            Not Before: Feb  4 19:59:43 2025 GMT
            Not After : Feb  3 20:04:43 2026 GMT
        Subject: CN=F85C3BD603CB854243F2F29EFE9AC167659AEF73
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:0f:ee:0e:38:cb:4a:03:dd:8e:22:cb:ab:ad:
                    b4:ea:0b:3d:c7:37:60:21:97:46:30:87:14:d6:72:
                    1e:fd:0c:14:14:2f:c3:20:95:30:4d:4b:23:75:f7:
                    42:3d:54:db:a8:e0:ea:84:81:c1:a4:4a:36:ad:17:
                    15:94:85:29:c8:e2:54:5d:fd:73:7b:67:c1:a5:7d:
                    42:16:32:dc:3d:2d:01:11:5b:65:97:aa:30:fd:0a:
                    84:ef:6d:40:76:35:a0:f3:1b:0a:a5:01:74:72:3b:
                    ec:85:14:c2:d0:cf:fe:62:cc:7e:17:9d:54:4c:04:
                    c3:38:c2:9e:22:71:f2:6d:5b:e8:bc:23:d2:53:80:
                    b9:3f:6c:e0:5d:a4:8c:66:41:61:a4:e6:51:32:34:
                    98:6b:c6:e7:c6:84:df:d8:ff:3d:ff:41:4e:78:5d:
                    73:38:3e:89:8e:84:19:41:1a:27:90:7e:98:ab:97:
                    e5:30:ef:5f:ec:64:b3:55:7b:17:dc:9e:93:47:61:
                    ab:e3:7a:8f:da:f0:f9:40:19:40:0f:c6:57:1d:be:
                    e9:e6:14:50:99:c7:12:a0:2c:0e:85:e9:3b:85:1e:
                    ff:8b:fe:50:af:f1:2a:b6:75:fa:c9:52:25:84:a5:
                    76:9c:b1:4e:de:ec:46:69:07:d3:7d:a6:ee:2c:f1:
                    ca:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F8:5C:3B:D6:03:CB:85:42:43:F2:F2:9E:FE:9A:C1:67:65:9A:EF:73
            X509v3 Authority Key Identifier:
                keyid:85:D9:E7:D9:BE:EF:ED:0B:9E:18:8D:B7:E8:CC:3B:64:89:06:6D:CD

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/1AD7261C7FD1E4EFECEBE6F362FCD0C75697E06B41474BEA8CABC706F79ECF3D/0/85D9E7D9BEEFED0B9E188DB7E8CC3B6489066DCD.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/85D9E7D9BEEFED0B9E188DB7E8CC3B6489066DCD.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/1AD7261C7FD1E4EFECEBE6F362FCD0C75697E06B41474BEA8CABC706F79ECF3D/0/323830303a6237303a32313a3a2f34382d3438203d3e20323632313931.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2800:b70:21::/48

    Signature Algorithm: sha256WithRSAEncryption
         9e:09:0f:03:4f:5b:1a:f5:55:19:bf:6f:51:c4:bc:e5:72:48:
         ee:38:1f:a5:0e:4a:ef:27:2d:f4:d5:0d:c3:97:4c:c7:4f:c5:
         e4:ee:68:6f:03:a3:e5:74:da:bd:bb:4d:9d:91:f3:19:28:f5:
         fb:b2:97:46:f3:cd:16:38:33:ba:4f:a9:ac:2e:79:69:fc:14:
         4f:c0:fe:23:e8:5b:e9:77:fc:ce:b7:f4:44:60:98:07:10:20:
         7d:f2:0e:bc:41:84:13:51:7d:7e:a2:4a:70:77:c4:63:b9:1d:
         9e:b5:4a:26:6a:0d:ae:a2:57:0e:37:17:4e:1f:f8:4f:05:15:
         67:1f:ea:42:04:21:08:20:0d:1e:0d:70:8b:e2:a4:2a:93:e1:
         04:12:f3:6b:a6:8e:5f:c1:6a:c7:16:aa:5b:9e:f2:4d:ff:a2:
         a2:0e:01:90:96:73:c4:40:f6:9c:4a:a4:d1:c8:fb:6d:f2:1a:
         95:bc:01:10:05:cc:d7:f3:a7:5b:29:76:a7:df:9b:3a:20:49:
         90:c6:7f:dd:94:bd:7c:4f:49:01:b6:11:1b:3e:f8:99:7b:65:
         4a:de:e4:95:54:f8:7c:57:c0:0a:da:a1:43:92:47:3f:c1:65:
         39:87:c6:4f:d4:fa:c5:11:3c:b6:43:09:94:e0:12:85:b5:56:
         e8:eb:b7:76
-----BEGIN CERTIFICATE-----
MIIFxTCCBK2gAwIBAgIUGzNxUCmPFfXwMVCWpIzCUU+3LKAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODVEOUU3RDlCRUVGRUQwQjlFMTg4REI3RThDQzNCNjQ4
OTA2NkRDRDAeFw0yNTAyMDQxOTU5NDNaFw0yNjAyMDMyMDA0NDNaMDMxMTAvBgNV
BAMTKEY4NUMzQkQ2MDNDQjg1NDI0M0YyRjI5RUZFOUFDMTY3NjU5QUVGNzMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDUD+4OOMtKA92OIsurrbTqCz3H
N2Ahl0YwhxTWch79DBQUL8MglTBNSyN190I9VNuo4OqEgcGkSjatFxWUhSnI4lRd
/XN7Z8GlfUIWMtw9LQERW2WXqjD9CoTvbUB2NaDzGwqlAXRyO+yFFMLQz/5izH4X
nVRMBMM4wp4icfJtW+i8I9JTgLk/bOBdpIxmQWGk5lEyNJhrxufGhN/Y/z3/QU54
XXM4PomOhBlBGieQfpirl+Uw71/sZLNVexfcnpNHYavjeo/a8PlAGUAPxlcdvunm
FFCZxxKgLA6F6TuFHv+L/lCv8Sq2dfrJUiWEpXacsU7e7EZpB9N9pu4s8cqtAgMB
AAGjggLPMIICyzAdBgNVHQ4EFgQU+Fw71gPLhUJD8vKe/prBZ2Wa73MwHwYDVR0j
BBgwFoAUhdnn2b7v7QueGI236Mw7ZIkGbc0wDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8xQUQ3MjYxQzdGRDFFNEVGRUNFQkU2RjM2MkZDRDBDNzU2
OTdFMDZCNDE0NzRCRUE4Q0FCQzcwNkY3OUVDRjNELzAvODVEOUU3RDlCRUVGRUQw
QjlFMTg4REI3RThDQzNCNjQ4OTA2NkRDRC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC84NUQ5RTdEOUJFRUZFRDBCOUUx
ODhEQjdFOENDM0I2NDg5MDY2RENELmNlcjCBywYIKwYBBQUHAQsEgb4wgbswgbgG
CCsGAQUFBzALhoGrcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMUFENzI2MUM3RkQxRTRFRkVDRUJFNkYzNjJGQ0QwQzc1Njk3RTA2QjQx
NDc0QkVBOENBQkM3MDZGNzlFQ0YzRC8wLzMyMzgzMDMwM2E2MjM3MzAzYTMyMzEz
YTNhMmYzNDM4MmQzNDM4MjAzZDNlMjAzMjM2MzIzMTM5MzEucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAo
AAtwACEwDQYJKoZIhvcNAQELBQADggEBAJ4JDwNPWxr1VRm/b1HEvOVySO44H6UO
Su8nLfTVDcOXTMdPxeTuaG8Do+V02r27TZ2R8xko9fuyl0bzzRY4M7pPqawueWn8
FE/A/iPoW+l3/M639ERgmAcQIH3yDrxBhBNRfX6iSnB3xGO5HZ61SiZqDa6iVw43
F04f+E8FFWcf6kIEIQggDR4NcIvipCqT4QQS82umjl/BascWqlue8k3/oqIOAZCW
c8RA9pxKpNHI+23yGpW8ARAFzNfzp1spdqffmzogSZDGf92UvXxPSQG2ERs++Jl7
ZUre5JVU+HxXwAraoUOSRz/BZTmHxk/U+sURPLZDCZTgEoW1Vujrt3Y=
-----END CERTIFICATE-----