Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/1AD7261C7FD1E4EFECEBE6F362FCD0C75697E06B41474BEA8CABC706F79ECF3D/0/323830303a6237303a32323a3a2f34382d3438203d3e20323632313931.roa
File:                     323830303a6237303a32323a3a2f34382d3438203d3e20323632313931.roa (raw, json)
Hash identifier:          7GViFHzQOr9OtAMxWPwXhrcHWRPdyEUq3tNvibmI6sE=
Subject key identifier:   D5:4C:38:6E:13:B8:47:3B:94:45:C6:A2:1F:B4:71:DC:18:FA:E3:54
Certificate issuer:       /CN=85D9E7D9BEEFED0B9E188DB7E8CC3B6489066DCD
Certificate serial:       7E685B638E49DE751953E6D2FF09BF257C09A844
Authority key identifier: 85:D9:E7:D9:BE:EF:ED:0B:9E:18:8D:B7:E8:CC:3B:64:89:06:6D:CD
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/85D9E7D9BEEFED0B9E188DB7E8CC3B6489066DCD.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/1AD7261C7FD1E4EFECEBE6F362FCD0C75697E06B41474BEA8CABC706F79ECF3D/0/323830303a6237303a32323a3a2f34382d3438203d3e20323632313931.roa
Signing time:             Tue 04 Feb 2025 20:04:42 +0000
ROA not before:           Tue 04 Feb 2025 19:59:42 +0000
ROA not after:            Tue 03 Feb 2026 20:04:42 +0000
asID:                     262191
IP address blocks:        2800:b70:22::/48 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7e:68:5b:63:8e:49:de:75:19:53:e6:d2:ff:09:bf:25:7c:09:a8:44
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=85D9E7D9BEEFED0B9E188DB7E8CC3B6489066DCD
        Validity
            Not Before: Feb  4 19:59:42 2025 GMT
            Not After : Feb  3 20:04:42 2026 GMT
        Subject: CN=D54C386E13B8473B9445C6A21FB471DC18FAE354
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:f9:9c:1a:ce:f3:d5:f6:cf:28:f1:5a:2f:1a:
                    1c:d3:8b:92:48:9f:da:db:20:03:9b:ee:2f:7d:17:
                    17:ac:6b:36:53:5e:cc:db:1b:86:cb:44:14:02:ff:
                    78:cd:4f:22:bf:36:65:e4:b1:3f:55:cd:54:c4:fc:
                    c6:a3:0f:93:c5:1f:db:e2:5d:24:cf:25:75:86:de:
                    b3:30:90:a8:13:01:ef:73:90:ec:fe:fd:0e:16:f8:
                    bb:a4:d2:91:46:31:59:74:7f:b8:ba:6d:d6:67:59:
                    8d:68:53:88:b4:8d:64:ef:71:10:92:2c:18:c6:24:
                    a5:65:70:2a:1f:34:46:a4:fd:1d:47:3a:80:6c:9f:
                    0f:d1:04:75:b2:4e:6f:1c:73:d9:7a:6c:7c:ae:31:
                    98:84:c1:6e:6e:33:3a:40:29:b9:66:b5:a6:4b:d2:
                    6d:9d:08:12:d7:80:6a:c7:db:19:8d:e2:89:d8:02:
                    01:91:67:dd:54:fb:8b:14:f4:49:81:d2:82:43:9d:
                    13:cf:11:7d:0c:ab:d1:c3:0c:20:9d:a5:c5:eb:b0:
                    a1:6a:f7:ec:f0:80:b1:ec:ad:55:ba:78:e8:9b:cd:
                    ec:7e:b8:c5:73:c3:77:94:5f:e8:4f:1b:c9:94:27:
                    0e:84:04:64:d9:01:d9:47:0d:24:3d:e0:22:e0:6c:
                    c1:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D5:4C:38:6E:13:B8:47:3B:94:45:C6:A2:1F:B4:71:DC:18:FA:E3:54
            X509v3 Authority Key Identifier:
                keyid:85:D9:E7:D9:BE:EF:ED:0B:9E:18:8D:B7:E8:CC:3B:64:89:06:6D:CD

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/1AD7261C7FD1E4EFECEBE6F362FCD0C75697E06B41474BEA8CABC706F79ECF3D/0/85D9E7D9BEEFED0B9E188DB7E8CC3B6489066DCD.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/85D9E7D9BEEFED0B9E188DB7E8CC3B6489066DCD.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/1AD7261C7FD1E4EFECEBE6F362FCD0C75697E06B41474BEA8CABC706F79ECF3D/0/323830303a6237303a32323a3a2f34382d3438203d3e20323632313931.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2800:b70:22::/48

    Signature Algorithm: sha256WithRSAEncryption
         a9:1b:7e:c9:dd:e1:bf:d3:2f:89:ee:da:4a:3c:f4:4f:ce:60:
         3e:03:3c:8e:76:f0:49:53:27:c4:90:08:51:08:d3:a7:07:d7:
         19:6c:d3:fa:98:76:c0:f4:15:c0:cc:6a:93:69:de:c5:83:c4:
         b3:90:23:16:72:f1:7f:a0:83:eb:d6:97:ac:20:cc:48:75:5b:
         16:af:a6:97:44:ff:15:8b:11:9b:2a:3e:fc:68:3b:ca:36:be:
         9d:26:e1:b0:e4:3d:3c:64:1d:ba:39:16:e6:8a:6a:61:71:49:
         34:5c:7c:cd:41:e1:52:83:1c:90:8d:f6:1c:a7:ea:8a:29:58:
         f3:02:87:f1:11:13:b6:30:13:cf:f6:d6:0c:ab:23:18:d3:74:
         84:7d:ad:f9:41:10:07:8b:23:89:fe:71:b1:5b:88:65:27:ac:
         37:6b:c1:0a:07:c5:7c:6a:95:26:ae:1c:db:d3:d1:a3:61:0c:
         b9:5f:16:9d:9a:94:79:ce:f5:ac:c7:0e:cd:e1:99:06:12:d9:
         d2:5d:b9:a4:30:eb:72:25:9c:92:76:8b:86:c8:71:42:b2:01:
         e9:20:22:fc:3e:c4:ca:a5:bc:52:35:94:ae:38:e2:26:8f:4b:
         fe:55:0f:3a:3c:ef:48:ca:91:7b:45:42:d3:ad:90:f1:c6:c1:
         ff:3e:5d:00
-----BEGIN CERTIFICATE-----
MIIFxTCCBK2gAwIBAgIUfmhbY45J3nUZU+bS/wm/JXwJqEQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODVEOUU3RDlCRUVGRUQwQjlFMTg4REI3RThDQzNCNjQ4
OTA2NkRDRDAeFw0yNTAyMDQxOTU5NDJaFw0yNjAyMDMyMDA0NDJaMDMxMTAvBgNV
BAMTKEQ1NEMzODZFMTNCODQ3M0I5NDQ1QzZBMjFGQjQ3MURDMThGQUUzNTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCO+ZwazvPV9s8o8VovGhzTi5JI
n9rbIAOb7i99FxesazZTXszbG4bLRBQC/3jNTyK/NmXksT9VzVTE/MajD5PFH9vi
XSTPJXWG3rMwkKgTAe9zkOz+/Q4W+Luk0pFGMVl0f7i6bdZnWY1oU4i0jWTvcRCS
LBjGJKVlcCofNEak/R1HOoBsnw/RBHWyTm8cc9l6bHyuMZiEwW5uMzpAKblmtaZL
0m2dCBLXgGrH2xmN4onYAgGRZ91U+4sU9EmB0oJDnRPPEX0Mq9HDDCCdpcXrsKFq
9+zwgLHsrVW6eOibzex+uMVzw3eUX+hPG8mUJw6EBGTZAdlHDSQ94CLgbMFPAgMB
AAGjggLPMIICyzAdBgNVHQ4EFgQU1Uw4bhO4RzuURcaiH7Rx3Bj641QwHwYDVR0j
BBgwFoAUhdnn2b7v7QueGI236Mw7ZIkGbc0wDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8xQUQ3MjYxQzdGRDFFNEVGRUNFQkU2RjM2MkZDRDBDNzU2
OTdFMDZCNDE0NzRCRUE4Q0FCQzcwNkY3OUVDRjNELzAvODVEOUU3RDlCRUVGRUQw
QjlFMTg4REI3RThDQzNCNjQ4OTA2NkRDRC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC84NUQ5RTdEOUJFRUZFRDBCOUUx
ODhEQjdFOENDM0I2NDg5MDY2RENELmNlcjCBywYIKwYBBQUHAQsEgb4wgbswgbgG
CCsGAQUFBzALhoGrcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMUFENzI2MUM3RkQxRTRFRkVDRUJFNkYzNjJGQ0QwQzc1Njk3RTA2QjQx
NDc0QkVBOENBQkM3MDZGNzlFQ0YzRC8wLzMyMzgzMDMwM2E2MjM3MzAzYTMyMzIz
YTNhMmYzNDM4MmQzNDM4MjAzZDNlMjAzMjM2MzIzMTM5MzEucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAo
AAtwACIwDQYJKoZIhvcNAQELBQADggEBAKkbfsnd4b/TL4nu2ko89E/OYD4DPI52
8ElTJ8SQCFEI06cH1xls0/qYdsD0FcDMapNp3sWDxLOQIxZy8X+gg+vWl6wgzEh1
WxavppdE/xWLEZsqPvxoO8o2vp0m4bDkPTxkHbo5FuaKamFxSTRcfM1B4VKDHJCN
9hyn6oopWPMCh/ERE7YwE8/21gyrIxjTdIR9rflBEAeLI4n+cbFbiGUnrDdrwQoH
xXxqlSauHNvT0aNhDLlfFp2alHnO9azHDs3hmQYS2dJduaQw63IlnJJ2i4bIcUKy
AekgIvw+xMqlvFI1lK444iaPS/5VDzo870jKkXtFQtOtkPHGwf8+XQA=
-----END CERTIFICATE-----