Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/28814650B74090E589468FE4EC142C9DEB755DF0F513353E597BF686E05AC9FA/0/323830333a613063303a3a2f33322d3332203d3e20323634373631.roa
File:                     323830333a613063303a3a2f33322d3332203d3e20323634373631.roa (raw, json)
Hash identifier:          JUT8925aOFaj1IyitO7U+37RzlOYAnoW916MNjX4ZfA=
Subject key identifier:   3F:6F:4A:4D:A1:C2:9F:77:89:47:B9:48:39:1C:6D:29:88:DD:3E:E8
Certificate issuer:       /CN=76ED1487236321BE3ADB764A2ADE56DE8EB91D48
Certificate serial:       23C46B7C1D2FDB692A5599C5415E8971B7F91A3A
Authority key identifier: 76:ED:14:87:23:63:21:BE:3A:DB:76:4A:2A:DE:56:DE:8E:B9:1D:48
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/76ED1487236321BE3ADB764A2ADE56DE8EB91D48.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/28814650B74090E589468FE4EC142C9DEB755DF0F513353E597BF686E05AC9FA/0/323830333a613063303a3a2f33322d3332203d3e20323634373631.roa
Signing time:             Tue 04 Feb 2025 18:55:53 +0000
ROA not before:           Tue 04 Feb 2025 18:50:53 +0000
ROA not after:            Tue 03 Feb 2026 18:55:53 +0000
asID:                     264761
IP address blocks:        2803:a0c0::/32 maxlen: 32
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            23:c4:6b:7c:1d:2f:db:69:2a:55:99:c5:41:5e:89:71:b7:f9:1a:3a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=76ED1487236321BE3ADB764A2ADE56DE8EB91D48
        Validity
            Not Before: Feb  4 18:50:53 2025 GMT
            Not After : Feb  3 18:55:53 2026 GMT
        Subject: CN=3F6F4A4DA1C29F778947B948391C6D2988DD3EE8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:0f:43:97:6b:79:35:c5:5d:d8:5f:1d:c2:c3:
                    5b:21:c8:50:58:48:22:db:e0:87:63:5e:27:40:2a:
                    3a:3c:1f:30:81:dc:42:fb:ab:08:86:b4:e4:03:09:
                    a0:4b:59:f2:95:33:e6:a9:fb:78:d0:a0:f0:5e:34:
                    5d:cc:f4:7a:1a:34:7e:40:ca:bf:fe:d8:68:59:f7:
                    4e:5e:42:87:9a:7f:a2:36:f1:18:d7:a8:22:3a:96:
                    1c:fe:26:98:34:9d:0e:59:95:98:36:1b:35:b5:0a:
                    cb:7d:3b:59:85:a5:e4:db:7a:b0:15:10:98:c3:9c:
                    64:04:44:55:63:90:2a:44:2d:d3:fa:a5:62:72:5e:
                    4b:a1:86:93:10:ce:09:21:97:c9:a8:fc:3b:a1:69:
                    f8:0d:e1:81:c4:1e:80:4a:98:e9:76:e8:11:3b:77:
                    13:25:5b:ec:ab:b5:07:5f:8e:18:e6:ad:f2:59:30:
                    7e:f2:1d:45:7b:36:bb:80:db:e6:82:a5:01:29:02:
                    df:45:c0:3d:50:5a:64:8c:f9:b0:10:ce:0b:84:be:
                    05:68:91:e7:d8:02:58:cf:eb:dd:1a:6c:e2:45:b9:
                    66:ed:84:ad:0a:54:54:06:f9:b4:54:73:f1:5d:8a:
                    49:48:18:0f:ff:1e:c6:df:49:20:a2:7a:00:22:39:
                    f1:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3F:6F:4A:4D:A1:C2:9F:77:89:47:B9:48:39:1C:6D:29:88:DD:3E:E8
            X509v3 Authority Key Identifier:
                keyid:76:ED:14:87:23:63:21:BE:3A:DB:76:4A:2A:DE:56:DE:8E:B9:1D:48

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/28814650B74090E589468FE4EC142C9DEB755DF0F513353E597BF686E05AC9FA/0/76ED1487236321BE3ADB764A2ADE56DE8EB91D48.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/76ED1487236321BE3ADB764A2ADE56DE8EB91D48.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/28814650B74090E589468FE4EC142C9DEB755DF0F513353E597BF686E05AC9FA/0/323830333a613063303a3a2f33322d3332203d3e20323634373631.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2803:a0c0::/32

    Signature Algorithm: sha256WithRSAEncryption
         36:a7:0f:d1:12:c1:21:84:cc:01:f6:aa:25:7b:85:7c:1a:f2:
         38:a2:69:dc:a4:49:85:2a:39:9b:85:93:97:51:9d:05:30:43:
         8c:d8:41:c1:ee:b8:d4:88:c2:35:d6:b4:2a:95:f2:6d:90:6b:
         8b:02:96:c8:5c:9d:c0:8f:37:2d:0e:b4:4d:b5:6b:29:84:4f:
         77:d9:42:2b:fc:80:bc:49:db:7f:cf:e9:1a:83:3e:7c:48:1a:
         0d:62:11:54:3c:b3:2e:bc:16:d0:2e:6b:39:97:ef:49:19:46:
         76:8d:e9:36:fb:77:9e:ac:1a:3a:19:fd:a5:54:75:c7:b9:a8:
         b6:b0:d1:19:00:f5:b8:3c:2c:20:ea:01:e3:2d:3b:fd:76:35:
         4e:be:b5:47:05:fe:13:89:b6:6d:05:94:c2:17:38:9b:12:79:
         7e:d6:f2:e4:04:51:c3:ba:08:9f:a2:4f:1e:0f:79:de:25:0a:
         21:5e:31:b3:d9:7c:c4:24:1c:f5:c1:e7:7b:77:e7:d8:1f:4e:
         6f:b5:d7:1c:e5:9a:40:49:f1:03:7a:8d:4b:88:61:a0:9a:a6:
         28:3a:5e:0d:24:d9:56:09:f1:19:d8:72:16:09:e1:7d:40:b8:
         48:68:ee:ee:f4:12:79:e7:5d:8f:71:1b:87:a5:11:00:3a:2e:
         53:55:9a:ab
-----BEGIN CERTIFICATE-----
MIIFvzCCBKegAwIBAgIUI8RrfB0v22kqVZnFQV6Jcbf5GjowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzZFRDE0ODcyMzYzMjFCRTNBREI3NjRBMkFERTU2REU4
RUI5MUQ0ODAeFw0yNTAyMDQxODUwNTNaFw0yNjAyMDMxODU1NTNaMDMxMTAvBgNV
BAMTKDNGNkY0QTREQTFDMjlGNzc4OTQ3Qjk0ODM5MUM2RDI5ODhERDNFRTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKD0OXa3k1xV3YXx3Cw1shyFBY
SCLb4IdjXidAKjo8HzCB3EL7qwiGtOQDCaBLWfKVM+ap+3jQoPBeNF3M9HoaNH5A
yr/+2GhZ905eQoeaf6I28RjXqCI6lhz+Jpg0nQ5ZlZg2GzW1Cst9O1mFpeTberAV
EJjDnGQERFVjkCpELdP6pWJyXkuhhpMQzgkhl8mo/DuhafgN4YHEHoBKmOl26BE7
dxMlW+yrtQdfjhjmrfJZMH7yHUV7NruA2+aCpQEpAt9FwD1QWmSM+bAQzguEvgVo
kefYAljP690abOJFuWbthK0KVFQG+bRUc/FdiklIGA//HsbfSSCiegAiOfGHAgMB
AAGjggLJMIICxTAdBgNVHQ4EFgQUP29KTaHCn3eJR7lIORxtKYjdPugwHwYDVR0j
BBgwFoAUdu0UhyNjIb4623ZKKt5W3o65HUgwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8yODgxNDY1MEI3NDA5MEU1ODk0NjhGRTRFQzE0MkM5REVC
NzU1REYwRjUxMzM1M0U1OTdCRjY4NkUwNUFDOUZBLzAvNzZFRDE0ODcyMzYzMjFC
RTNBREI3NjRBMkFERTU2REU4RUI5MUQ0OC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC83NkVEMTQ4NzIzNjMyMUJFM0FE
Qjc2NEEyQURFNTZERThFQjkxRDQ4LmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMjg4MTQ2NTBCNzQwOTBFNTg5NDY4RkU0RUMxNDJDOURFQjc1NURGMEY1
MTMzNTNFNTk3QkY2ODZFMDVBQzlGQS8wLzMyMzgzMDMzM2E2MTMwNjMzMDNhM2Ey
ZjMzMzIyZDMzMzIyMDNkM2UyMDMyMzYzNDM3MzYzMS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACgDoMAw
DQYJKoZIhvcNAQELBQADggEBADanD9ESwSGEzAH2qiV7hXwa8jiiadykSYUqOZuF
k5dRnQUwQ4zYQcHuuNSIwjXWtCqV8m2Qa4sClshcncCPNy0OtE21aymET3fZQiv8
gLxJ23/P6RqDPnxIGg1iEVQ8sy68FtAuazmX70kZRnaN6Tb7d56sGjoZ/aVUdce5
qLaw0RkA9bg8LCDqAeMtO/12NU6+tUcF/hOJtm0FlMIXOJsSeX7W8uQEUcO6CJ+i
Tx4Ped4lCiFeMbPZfMQkHPXB53t359gfTm+11xzlmkBJ8QN6jUuIYaCapig6Xg0k
2VYJ8RnYchYJ4X1AuEho7u70EnnnXY9xG4elEQA6LlNVmqs=
-----END CERTIFICATE-----