Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/1C3413E6505BD22DEA01430EC2D965A29ACA1D6BFEF2449341C48A72BD4EB4F1/0/323830333a653034303a3a2f33322d3332203d3e203238313030.roa
File:                     323830333a653034303a3a2f33322d3332203d3e203238313030.roa (raw, json)
Hash identifier:          Xmcg9na2zPYnEP04KwXb0ZAcJAqdN+FzOt5chec7fqs=
Subject key identifier:   D5:11:E8:0A:DD:C1:DE:63:6D:B7:FE:54:45:AA:45:58:F9:1D:D9:DC
Certificate issuer:       /CN=CBB7CEC6B251591295CC04EA4274140F6FB652E0
Certificate serial:       08C7A209A2DE052435F70A863D04D8283889FCBF
Authority key identifier: CB:B7:CE:C6:B2:51:59:12:95:CC:04:EA:42:74:14:0F:6F:B6:52:E0
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/CBB7CEC6B251591295CC04EA4274140F6FB652E0.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/1C3413E6505BD22DEA01430EC2D965A29ACA1D6BFEF2449341C48A72BD4EB4F1/0/323830333a653034303a3a2f33322d3332203d3e203238313030.roa
Signing time:             Tue 04 Feb 2025 18:43:43 +0000
ROA not before:           Tue 04 Feb 2025 18:38:43 +0000
ROA not after:            Tue 03 Feb 2026 18:43:43 +0000
asID:                     28100
IP address blocks:        2803:e040::/32 maxlen: 32
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            08:c7:a2:09:a2:de:05:24:35:f7:0a:86:3d:04:d8:28:38:89:fc:bf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=CBB7CEC6B251591295CC04EA4274140F6FB652E0
        Validity
            Not Before: Feb  4 18:38:43 2025 GMT
            Not After : Feb  3 18:43:43 2026 GMT
        Subject: CN=D511E80ADDC1DE636DB7FE5445AA4558F91DD9DC
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:9a:a6:dc:fb:d6:a9:fb:31:f4:9f:6f:e3:14:
                    4e:c4:ce:12:eb:81:d4:37:17:2d:21:7f:08:33:22:
                    33:3e:0d:55:04:80:f8:3e:c6:11:67:c8:fa:10:b1:
                    93:0d:3a:74:27:00:3e:11:60:ab:2c:bb:4e:d3:ac:
                    3c:4e:ac:28:90:44:0b:74:16:76:69:13:1b:65:73:
                    54:df:20:63:69:39:61:c7:45:40:08:9d:e2:df:eb:
                    f4:cd:13:fd:e7:73:c5:ae:41:4c:11:d7:53:6b:49:
                    4b:a7:30:ca:8c:be:0c:fd:03:e5:ed:f3:3d:73:35:
                    ed:d9:91:ab:d9:67:68:9b:d2:4d:31:6c:9e:1f:2d:
                    57:48:74:29:82:21:11:3e:a1:a4:ae:16:82:1e:55:
                    2d:50:07:cf:ae:8d:e6:47:a3:1b:01:df:d0:53:b2:
                    43:e3:5f:56:40:c6:5e:60:5e:e8:ea:02:2b:62:4c:
                    60:98:56:bd:52:28:e9:e1:f0:05:30:f2:53:fd:8a:
                    f9:32:ca:71:60:d8:21:29:1f:bd:30:42:0c:fa:ed:
                    dc:91:bc:c2:d2:2d:a8:d4:5c:c8:dc:a4:7e:91:87:
                    f5:19:df:e8:5f:7f:50:75:9a:ec:ae:13:c7:34:24:
                    74:d7:48:e9:6b:52:55:9c:a6:74:f0:1b:e3:5d:d9:
                    e8:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D5:11:E8:0A:DD:C1:DE:63:6D:B7:FE:54:45:AA:45:58:F9:1D:D9:DC
            X509v3 Authority Key Identifier:
                keyid:CB:B7:CE:C6:B2:51:59:12:95:CC:04:EA:42:74:14:0F:6F:B6:52:E0

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/1C3413E6505BD22DEA01430EC2D965A29ACA1D6BFEF2449341C48A72BD4EB4F1/0/CBB7CEC6B251591295CC04EA4274140F6FB652E0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/CBB7CEC6B251591295CC04EA4274140F6FB652E0.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/1C3413E6505BD22DEA01430EC2D965A29ACA1D6BFEF2449341C48A72BD4EB4F1/0/323830333a653034303a3a2f33322d3332203d3e203238313030.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2803:e040::/32

    Signature Algorithm: sha256WithRSAEncryption
         5e:12:b9:b2:6c:65:49:a0:51:18:9e:f0:be:e9:85:58:4a:f8:
         6f:d6:8e:f9:07:b0:88:8d:41:41:a7:77:bf:e3:25:0e:74:72:
         66:9e:68:6c:4b:dd:da:8d:c2:a2:7f:84:34:e9:84:00:3c:d5:
         b8:47:f6:db:2d:82:8b:c5:7e:cd:14:1f:42:a3:08:2f:3e:28:
         5d:f8:f5:f3:3c:ad:52:cf:79:0e:14:fc:11:0d:63:04:5a:6d:
         ef:2a:17:da:a0:1f:ab:dc:f3:44:01:58:0d:d9:d7:63:ff:74:
         8c:99:99:78:45:75:c8:51:b9:c3:dc:22:ca:17:5a:6a:5e:41:
         38:2c:97:b5:76:f4:1a:66:de:be:7b:43:ae:f7:52:d5:11:21:
         e5:a0:31:e8:ba:16:a4:55:20:82:e9:76:a0:7c:f0:c3:79:e2:
         15:69:29:f9:5c:9f:87:9a:b4:ba:12:d0:15:21:19:36:78:66:
         a2:d4:79:9a:94:23:66:24:cb:fc:1e:60:87:ab:20:41:4f:07:
         c2:24:df:0e:35:f9:9d:3a:fe:aa:1b:bf:63:f8:be:51:c0:36:
         b2:8b:e5:e2:b7:5c:4e:b0:e5:22:79:a7:2a:01:99:5c:41:70:
         73:35:ac:2a:c9:a7:c5:13:e8:f3:4b:ea:ce:0c:77:2f:1b:d5:
         99:50:cb:61
-----BEGIN CERTIFICATE-----
MIIFvTCCBKWgAwIBAgIUCMeiCaLeBSQ19wqGPQTYKDiJ/L8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQ0JCN0NFQzZCMjUxNTkxMjk1Q0MwNEVBNDI3NDE0MEY2
RkI2NTJFMDAeFw0yNTAyMDQxODM4NDNaFw0yNjAyMDMxODQzNDNaMDMxMTAvBgNV
BAMTKEQ1MTFFODBBRERDMURFNjM2REI3RkU1NDQ1QUE0NTU4RjkxREQ5REMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDSmqbc+9ap+zH0n2/jFE7EzhLr
gdQ3Fy0hfwgzIjM+DVUEgPg+xhFnyPoQsZMNOnQnAD4RYKssu07TrDxOrCiQRAt0
FnZpExtlc1TfIGNpOWHHRUAIneLf6/TNE/3nc8WuQUwR11NrSUunMMqMvgz9A+Xt
8z1zNe3ZkavZZ2ib0k0xbJ4fLVdIdCmCIRE+oaSuFoIeVS1QB8+ujeZHoxsB39BT
skPjX1ZAxl5gXujqAitiTGCYVr1SKOnh8AUw8lP9ivkyynFg2CEpH70wQgz67dyR
vMLSLajUXMjcpH6Rh/UZ3+hff1B1muyuE8c0JHTXSOlrUlWcpnTwG+Nd2ehFAgMB
AAGjggLHMIICwzAdBgNVHQ4EFgQU1RHoCt3B3mNtt/5URapFWPkd2dwwHwYDVR0j
BBgwFoAUy7fOxrJRWRKVzATqQnQUD2+2UuAwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8xQzM0MTNFNjUwNUJEMjJERUEwMTQzMEVDMkQ5NjVBMjlB
Q0ExRDZCRkVGMjQ0OTM0MUM0OEE3MkJENEVCNEYxLzAvQ0JCN0NFQzZCMjUxNTkx
Mjk1Q0MwNEVBNDI3NDE0MEY2RkI2NTJFMC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9DQkI3Q0VDNkIyNTE1OTEyOTVD
QzA0RUE0Mjc0MTQwRjZGQjY1MkUwLmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMUMzNDEzRTY1MDVCRDIyREVBMDE0MzBFQzJEOTY1QTI5QUNBMUQ2QkZF
RjI0NDkzNDFDNDhBNzJCRDRFQjRGMS8wLzMyMzgzMDMzM2E2NTMwMzQzMDNhM2Ey
ZjMzMzIyZDMzMzIyMDNkM2UyMDMyMzgzMTMwMzAucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAoA+BAMA0G
CSqGSIb3DQEBCwUAA4IBAQBeErmybGVJoFEYnvC+6YVYSvhv1o75B7CIjUFBp3e/
4yUOdHJmnmhsS93ajcKif4Q06YQAPNW4R/bbLYKLxX7NFB9CowgvPihd+PXzPK1S
z3kOFPwRDWMEWm3vKhfaoB+r3PNEAVgN2ddj/3SMmZl4RXXIUbnD3CLKF1pqXkE4
LJe1dvQaZt6+e0Ou91LVESHloDHouhakVSCC6XagfPDDeeIVaSn5XJ+HmrS6EtAV
IRk2eGai1HmalCNmJMv8HmCHqyBBTwfCJN8ONfmdOv6qG79j+L5RwDayi+Xit1xO
sOUieacqAZlcQXBzNawqyafFE+jzS+rODHcvG9WZUMth
-----END CERTIFICATE-----