Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/1AD7261C7FD1E4EFECEBE6F362FCD0C75697E06B41474BEA8CABC706F79ECF3D/0/323830303a6237303a32343a3a2f34382d3438203d3e20323632313931.roa
File:                     323830303a6237303a32343a3a2f34382d3438203d3e20323632313931.roa (raw, json)
Hash identifier:          AJBrYuRu2XeZJTrUh6DF9fnmph9WujpQ6ss9E66yIzk=
Subject key identifier:   58:6B:F3:80:F3:E1:F1:C0:6C:EB:5F:C4:45:BC:5E:41:32:0A:84:CE
Certificate issuer:       /CN=85D9E7D9BEEFED0B9E188DB7E8CC3B6489066DCD
Certificate serial:       25242789E2A8D2F5FD6A71B27B5B38A004446DF4
Authority key identifier: 85:D9:E7:D9:BE:EF:ED:0B:9E:18:8D:B7:E8:CC:3B:64:89:06:6D:CD
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/85D9E7D9BEEFED0B9E188DB7E8CC3B6489066DCD.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/1AD7261C7FD1E4EFECEBE6F362FCD0C75697E06B41474BEA8CABC706F79ECF3D/0/323830303a6237303a32343a3a2f34382d3438203d3e20323632313931.roa
Signing time:             Thu 27 Jun 2024 14:10:00 +0000
ROA not before:           Thu 27 Jun 2024 14:05:00 +0000
ROA not after:            Thu 26 Jun 2025 14:10:00 +0000
asID:                     262191
IP address blocks:        2800:b70:24::/48 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            25:24:27:89:e2:a8:d2:f5:fd:6a:71:b2:7b:5b:38:a0:04:44:6d:f4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=85D9E7D9BEEFED0B9E188DB7E8CC3B6489066DCD
        Validity
            Not Before: Jun 27 14:05:00 2024 GMT
            Not After : Jun 26 14:10:00 2025 GMT
        Subject: CN=586BF380F3E1F1C06CEB5FC445BC5E41320A84CE
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:b4:f4:c1:44:0e:e9:b8:58:ff:eb:01:53:22:
                    c6:42:3d:ce:1f:fb:73:77:22:6a:b7:cd:af:50:76:
                    99:39:e0:e0:c1:99:9b:ee:01:a3:96:9b:2b:ad:fc:
                    5f:4c:12:80:86:92:7f:0a:1f:8b:80:2d:1a:fb:f5:
                    ff:83:f5:2b:02:50:45:a1:59:26:89:12:5d:68:a0:
                    52:4f:a2:84:6e:e6:df:38:c9:87:3b:a5:e5:1b:de:
                    5c:3f:5d:7b:e6:53:e9:da:a6:98:90:9f:80:9d:e7:
                    da:ac:02:91:b8:f6:e5:b4:37:e4:73:b2:84:08:1e:
                    a1:79:60:ef:52:00:69:25:07:e5:82:3e:37:2b:8e:
                    f0:07:46:3f:90:f6:f1:0a:c3:2a:3b:31:6d:52:3f:
                    a3:4c:ff:26:f4:5f:fe:ad:35:54:28:1f:38:2f:6c:
                    09:a1:41:c5:de:b1:64:81:1a:c7:76:13:bc:09:0e:
                    cc:01:ba:2c:40:bc:9b:22:23:30:75:56:c3:66:bb:
                    46:17:5b:08:b6:15:3e:8b:2d:47:2b:14:7f:1d:82:
                    a3:28:53:7a:79:ab:38:78:85:59:4a:97:1d:03:5e:
                    6e:3d:bd:98:c8:cd:01:d5:52:a3:65:1a:e0:10:c6:
                    2f:f5:74:f0:cb:6d:b1:5b:65:2a:22:a1:49:a9:cc:
                    9d:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                58:6B:F3:80:F3:E1:F1:C0:6C:EB:5F:C4:45:BC:5E:41:32:0A:84:CE
            X509v3 Authority Key Identifier:
                keyid:85:D9:E7:D9:BE:EF:ED:0B:9E:18:8D:B7:E8:CC:3B:64:89:06:6D:CD

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/1AD7261C7FD1E4EFECEBE6F362FCD0C75697E06B41474BEA8CABC706F79ECF3D/0/85D9E7D9BEEFED0B9E188DB7E8CC3B6489066DCD.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/85D9E7D9BEEFED0B9E188DB7E8CC3B6489066DCD.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/1AD7261C7FD1E4EFECEBE6F362FCD0C75697E06B41474BEA8CABC706F79ECF3D/0/323830303a6237303a32343a3a2f34382d3438203d3e20323632313931.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2800:b70:24::/48

    Signature Algorithm: sha256WithRSAEncryption
         69:f1:a1:90:12:58:70:c1:4e:24:0e:77:17:87:4c:e2:cc:38:
         c8:4c:a4:08:71:bd:59:d3:b4:c5:3b:14:c7:03:e7:38:b2:ca:
         51:d0:dc:f7:ac:a1:14:f4:fc:65:63:17:3b:12:0b:17:b8:93:
         96:e2:aa:eb:dd:97:ca:61:cb:ff:4c:ef:1a:e2:af:aa:08:f3:
         6f:40:d2:1d:90:1c:96:6e:b3:00:e1:e9:06:4d:1d:5b:6a:39:
         03:84:3f:41:68:4c:8a:25:49:45:0a:9a:2c:ef:bd:91:dc:b9:
         c9:65:04:31:7b:fd:55:24:89:c3:23:44:0d:06:f7:ae:84:60:
         55:f7:53:73:00:d3:29:af:73:25:94:de:28:8f:d9:47:15:33:
         0a:e4:a6:5f:a9:fd:11:6b:fa:8d:4f:d9:20:7e:fc:c7:c0:22:
         73:9f:93:da:14:62:9c:c7:eb:ca:bb:fc:4c:e3:3e:73:b8:36:
         c5:3c:fb:cb:9c:b1:d1:0a:90:d1:00:4b:56:06:c5:ce:bd:1e:
         3a:d2:e4:6e:98:4c:db:21:e5:9a:0b:06:f9:b4:38:8a:fe:04:
         73:45:5a:b0:60:f3:0d:a7:f0:9c:f9:7c:60:aa:2e:ff:3a:32:
         31:24:5e:ac:a9:16:af:43:45:78:1d:dc:59:e5:07:5b:1b:ce:
         aa:1b:c5:a4
-----BEGIN CERTIFICATE-----
MIIFxTCCBK2gAwIBAgIUJSQnieKo0vX9anGye1s4oAREbfQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODVEOUU3RDlCRUVGRUQwQjlFMTg4REI3RThDQzNCNjQ4
OTA2NkRDRDAeFw0yNDA2MjcxNDA1MDBaFw0yNTA2MjYxNDEwMDBaMDMxMTAvBgNV
BAMTKDU4NkJGMzgwRjNFMUYxQzA2Q0VCNUZDNDQ1QkM1RTQxMzIwQTg0Q0UwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCctPTBRA7puFj/6wFTIsZCPc4f
+3N3Imq3za9Qdpk54ODBmZvuAaOWmyut/F9MEoCGkn8KH4uALRr79f+D9SsCUEWh
WSaJEl1ooFJPooRu5t84yYc7peUb3lw/XXvmU+nappiQn4Cd59qsApG49uW0N+Rz
soQIHqF5YO9SAGklB+WCPjcrjvAHRj+Q9vEKwyo7MW1SP6NM/yb0X/6tNVQoHzgv
bAmhQcXesWSBGsd2E7wJDswBuixAvJsiIzB1VsNmu0YXWwi2FT6LLUcrFH8dgqMo
U3p5qzh4hVlKlx0DXm49vZjIzQHVUqNlGuAQxi/1dPDLbbFbZSoioUmpzJ2nAgMB
AAGjggLPMIICyzAdBgNVHQ4EFgQUWGvzgPPh8cBs61/ERbxeQTIKhM4wHwYDVR0j
BBgwFoAUhdnn2b7v7QueGI236Mw7ZIkGbc0wDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8xQUQ3MjYxQzdGRDFFNEVGRUNFQkU2RjM2MkZDRDBDNzU2
OTdFMDZCNDE0NzRCRUE4Q0FCQzcwNkY3OUVDRjNELzAvODVEOUU3RDlCRUVGRUQw
QjlFMTg4REI3RThDQzNCNjQ4OTA2NkRDRC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC84NUQ5RTdEOUJFRUZFRDBCOUUx
ODhEQjdFOENDM0I2NDg5MDY2RENELmNlcjCBywYIKwYBBQUHAQsEgb4wgbswgbgG
CCsGAQUFBzALhoGrcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMUFENzI2MUM3RkQxRTRFRkVDRUJFNkYzNjJGQ0QwQzc1Njk3RTA2QjQx
NDc0QkVBOENBQkM3MDZGNzlFQ0YzRC8wLzMyMzgzMDMwM2E2MjM3MzAzYTMyMzQz
YTNhMmYzNDM4MmQzNDM4MjAzZDNlMjAzMjM2MzIzMTM5MzEucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAo
AAtwACQwDQYJKoZIhvcNAQELBQADggEBAGnxoZASWHDBTiQOdxeHTOLMOMhMpAhx
vVnTtMU7FMcD5ziyylHQ3PesoRT0/GVjFzsSCxe4k5biquvdl8phy/9M7xrir6oI
829A0h2QHJZuswDh6QZNHVtqOQOEP0FoTIolSUUKmizvvZHcucllBDF7/VUkicMj
RA0G966EYFX3U3MA0ymvcyWU3iiP2UcVMwrkpl+p/RFr+o1P2SB+/MfAInOfk9oU
YpzH68q7/EzjPnO4NsU8+8ucsdEKkNEAS1YGxc69HjrS5G6YTNsh5ZoLBvm0OIr+
BHNFWrBg8w2n8Jz5fGCqLv86MjEkXqypFq9DRXgd3FnlB1sbzqobxaQ=
-----END CERTIFICATE-----