Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/21BDDA317AA5DF9D576425534068A2B336CEB5CD7B5DCF255EADC3946F3C8250/0/323830333a626138303a3a2f33322d3634203d3e20323632393332.roa
File:                     323830333a626138303a3a2f33322d3634203d3e20323632393332.roa (raw, json)
Hash identifier:          UxpSUdmfAiB3jZVXZ8+WzGX+9hMfhqHatLQHkEAcSvQ=
Subject key identifier:   7C:79:FC:FD:EE:4F:27:26:3B:63:F8:EE:33:64:D9:06:09:22:D6:2C
Certificate issuer:       /CN=591291A5B3618648A8E1B8E7D3149BC8D25D71BD
Certificate serial:       43759A7269ADC4FD483AEFA85788B9BFA37B4508
Authority key identifier: 59:12:91:A5:B3:61:86:48:A8:E1:B8:E7:D3:14:9B:C8:D2:5D:71:BD
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/591291A5B3618648A8E1B8E7D3149BC8D25D71BD.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/21BDDA317AA5DF9D576425534068A2B336CEB5CD7B5DCF255EADC3946F3C8250/0/323830333a626138303a3a2f33322d3634203d3e20323632393332.roa
Signing time:             Tue 04 Feb 2025 20:03:45 +0000
ROA not before:           Tue 04 Feb 2025 19:58:45 +0000
ROA not after:            Tue 03 Feb 2026 20:03:45 +0000
asID:                     262932
IP address blocks:        2803:ba80::/32 maxlen: 64
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            43:75:9a:72:69:ad:c4:fd:48:3a:ef:a8:57:88:b9:bf:a3:7b:45:08
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=591291A5B3618648A8E1B8E7D3149BC8D25D71BD
        Validity
            Not Before: Feb  4 19:58:45 2025 GMT
            Not After : Feb  3 20:03:45 2026 GMT
        Subject: CN=7C79FCFDEE4F27263B63F8EE3364D9060922D62C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:d0:f3:cb:35:a6:5f:8a:96:39:64:64:6b:5d:
                    1b:08:7b:82:ac:95:25:c3:2a:15:d5:a7:9e:a6:da:
                    8d:75:dd:d4:35:d7:61:1b:6c:41:c9:56:06:d6:04:
                    d3:89:70:41:a7:e4:55:ec:7c:3d:a1:60:31:df:e9:
                    4f:79:78:84:68:bc:17:4b:84:09:91:5e:56:aa:87:
                    64:54:6d:8c:9b:78:bf:9e:9f:d9:ec:6d:e0:e1:66:
                    ed:b0:48:70:07:00:eb:f2:5e:39:42:1e:12:93:dd:
                    58:f2:e5:52:8d:1a:98:b1:71:ac:ce:9f:e6:50:85:
                    3d:c3:92:f7:45:bb:e7:ad:75:22:da:5a:81:23:07:
                    7c:70:82:04:eb:c6:70:ed:26:88:fb:97:56:81:1e:
                    9d:0c:e4:72:d3:82:2c:67:bb:c1:34:95:2b:54:f6:
                    12:8d:b5:38:2a:cb:43:ba:a0:d7:91:80:6a:6e:13:
                    e0:7b:65:64:5f:1c:08:59:8e:a5:c1:37:0c:8e:1d:
                    ba:28:78:bc:fd:81:d5:f8:ad:ca:2a:ce:a0:57:56:
                    79:58:69:4f:49:eb:12:5a:55:09:e9:37:61:a1:69:
                    c3:92:87:b1:0d:b9:e1:8c:4f:79:b6:60:c5:99:a2:
                    34:5b:77:85:de:cd:c6:af:e0:1c:95:cd:0f:13:a5:
                    e8:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7C:79:FC:FD:EE:4F:27:26:3B:63:F8:EE:33:64:D9:06:09:22:D6:2C
            X509v3 Authority Key Identifier:
                keyid:59:12:91:A5:B3:61:86:48:A8:E1:B8:E7:D3:14:9B:C8:D2:5D:71:BD

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/21BDDA317AA5DF9D576425534068A2B336CEB5CD7B5DCF255EADC3946F3C8250/0/591291A5B3618648A8E1B8E7D3149BC8D25D71BD.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/591291A5B3618648A8E1B8E7D3149BC8D25D71BD.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/21BDDA317AA5DF9D576425534068A2B336CEB5CD7B5DCF255EADC3946F3C8250/0/323830333a626138303a3a2f33322d3634203d3e20323632393332.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2803:ba80::/32

    Signature Algorithm: sha256WithRSAEncryption
         52:f4:05:ae:95:ee:19:6e:e9:91:8a:ed:f4:3d:43:af:14:68:
         1d:4a:56:e4:e0:41:37:77:a6:c5:8b:b8:9e:e7:72:81:b5:12:
         09:eb:5d:9c:64:53:d7:42:c1:a6:a9:0d:3e:59:d6:40:10:3a:
         92:f4:14:03:04:37:01:b1:ab:e6:59:5d:03:5b:92:54:3d:54:
         a9:6b:34:ed:51:2e:2e:11:19:07:68:2f:c0:90:02:e2:af:01:
         31:9e:e6:38:b9:f6:75:3c:be:49:23:18:1b:96:d5:99:f3:19:
         01:8b:0b:8a:43:1f:72:50:25:3e:6e:b6:af:ae:63:61:ca:ac:
         1c:d3:f4:07:7d:e4:21:ae:b4:7e:09:ba:3e:c9:a2:b0:92:60:
         cd:97:56:3b:0e:46:73:8b:14:15:2e:b2:15:2f:0e:d6:eb:0d:
         ce:56:0e:8d:d8:23:25:08:bb:a5:f4:a3:8f:65:09:63:07:5d:
         0f:84:f2:bb:f1:09:f5:e3:3c:fe:4d:87:60:05:c4:de:89:c3:
         57:e2:86:8d:4e:a0:17:9d:d8:90:92:8b:4c:b4:1d:08:82:5f:
         83:06:3a:83:9c:ac:5d:76:f8:24:9a:3d:ae:9c:7b:4c:1b:e9:
         9d:06:8f:b6:32:0e:32:dc:34:82:66:9d:88:c9:65:33:08:57:
         b7:e9:6a:e8
-----BEGIN CERTIFICATE-----
MIIFvzCCBKegAwIBAgIUQ3WacmmtxP1IOu+oV4i5v6N7RQgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNTkxMjkxQTVCMzYxODY0OEE4RTFCOEU3RDMxNDlCQzhE
MjVENzFCRDAeFw0yNTAyMDQxOTU4NDVaFw0yNjAyMDMyMDAzNDVaMDMxMTAvBgNV
BAMTKDdDNzlGQ0ZERUU0RjI3MjYzQjYzRjhFRTMzNjREOTA2MDkyMkQ2MkMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCn0PPLNaZfipY5ZGRrXRsIe4Ks
lSXDKhXVp56m2o113dQ112EbbEHJVgbWBNOJcEGn5FXsfD2hYDHf6U95eIRovBdL
hAmRXlaqh2RUbYybeL+en9nsbeDhZu2wSHAHAOvyXjlCHhKT3Vjy5VKNGpixcazO
n+ZQhT3DkvdFu+etdSLaWoEjB3xwggTrxnDtJoj7l1aBHp0M5HLTgixnu8E0lStU
9hKNtTgqy0O6oNeRgGpuE+B7ZWRfHAhZjqXBNwyOHbooeLz9gdX4rcoqzqBXVnlY
aU9J6xJaVQnpN2GhacOSh7ENueGMT3m2YMWZojRbd4Xezcav4ByVzQ8TpeitAgMB
AAGjggLJMIICxTAdBgNVHQ4EFgQUfHn8/e5PJyY7Y/juM2TZBgki1iwwHwYDVR0j
BBgwFoAUWRKRpbNhhkio4bjn0xSbyNJdcb0wDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8yMUJEREEzMTdBQTVERjlENTc2NDI1NTM0MDY4QTJCMzM2
Q0VCNUNEN0I1RENGMjU1RUFEQzM5NDZGM0M4MjUwLzAvNTkxMjkxQTVCMzYxODY0
OEE4RTFCOEU3RDMxNDlCQzhEMjVENzFCRC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC81OTEyOTFBNUIzNjE4NjQ4QThF
MUI4RTdEMzE0OUJDOEQyNUQ3MUJELmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMjFCRERBMzE3QUE1REY5RDU3NjQyNTUzNDA2OEEyQjMzNkNFQjVDRDdC
NURDRjI1NUVBREMzOTQ2RjNDODI1MC8wLzMyMzgzMDMzM2E2MjYxMzgzMDNhM2Ey
ZjMzMzIyZDM2MzQyMDNkM2UyMDMyMzYzMjM5MzMzMi5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACgDuoAw
DQYJKoZIhvcNAQELBQADggEBAFL0Ba6V7hlu6ZGK7fQ9Q68UaB1KVuTgQTd3psWL
uJ7ncoG1EgnrXZxkU9dCwaapDT5Z1kAQOpL0FAMENwGxq+ZZXQNbklQ9VKlrNO1R
Li4RGQdoL8CQAuKvATGe5ji59nU8vkkjGBuW1ZnzGQGLC4pDH3JQJT5utq+uY2HK
rBzT9Ad95CGutH4Juj7JorCSYM2XVjsORnOLFBUushUvDtbrDc5WDo3YIyUIu6X0
o49lCWMHXQ+E8rvxCfXjPP5Nh2AFxN6Jw1fiho1OoBed2JCSi0y0HQiCX4MGOoOc
rF12+CSaPa6ce0wb6Z0Gj7YyDjLcNIJmnYjJZTMIV7fpaug=
-----END CERTIFICATE-----