Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/342AB48DF24F4D85DAA49BDAB77609E5DB5B37712CFD9DE7A5CE9F98076010F2/0/323830333a396530303a3a2f33322d3438203d3e203532333939.roa
File:                     323830333a396530303a3a2f33322d3438203d3e203532333939.roa (raw, json)
Hash identifier:          9QGGJHjoDWdFBsUA/rne9TxfJ4eMkwgtI+73Z1bOy+w=
Subject key identifier:   A2:C3:EB:E7:87:DB:E0:BD:89:4D:C8:06:D0:E2:2F:A8:61:FB:D5:16
Certificate issuer:       /CN=C2B7A28859947C52A387BB628764F91AAA1D05B9
Certificate serial:       77115CE8A83B51719A7EB2F7D289C4FB7302509D
Authority key identifier: C2:B7:A2:88:59:94:7C:52:A3:87:BB:62:87:64:F9:1A:AA:1D:05:B9
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C2B7A28859947C52A387BB628764F91AAA1D05B9.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/342AB48DF24F4D85DAA49BDAB77609E5DB5B37712CFD9DE7A5CE9F98076010F2/0/323830333a396530303a3a2f33322d3438203d3e203532333939.roa
Signing time:             Tue 04 Feb 2025 18:35:58 +0000
ROA not before:           Tue 04 Feb 2025 18:30:58 +0000
ROA not after:            Tue 03 Feb 2026 18:35:58 +0000
asID:                     52399
IP address blocks:        2803:9e00::/32 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            77:11:5c:e8:a8:3b:51:71:9a:7e:b2:f7:d2:89:c4:fb:73:02:50:9d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=C2B7A28859947C52A387BB628764F91AAA1D05B9
        Validity
            Not Before: Feb  4 18:30:58 2025 GMT
            Not After : Feb  3 18:35:58 2026 GMT
        Subject: CN=A2C3EBE787DBE0BD894DC806D0E22FA861FBD516
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ed:3b:c7:0f:fa:04:1b:34:23:c2:0b:e2:3f:9d:
                    18:7f:d2:12:ca:fd:04:43:a4:bf:c9:51:ff:d5:8a:
                    cc:f6:19:00:57:8b:d6:bb:13:f9:1f:3d:5a:52:78:
                    36:3e:ae:86:d9:4b:8f:a1:bd:60:1f:1a:d2:ad:e2:
                    9b:d9:72:96:b5:53:f0:2a:2f:a6:bd:4a:6f:6f:40:
                    3b:5f:6e:ec:4a:65:dc:65:2e:8e:5b:51:22:b1:dc:
                    ce:bb:5e:c8:83:6a:31:b8:70:c6:de:f3:12:be:66:
                    15:3c:1b:21:de:df:d6:47:56:bc:e0:45:6d:5f:53:
                    5f:4a:ec:4b:ed:d7:88:50:66:20:5b:f9:0c:95:93:
                    19:ac:ad:93:17:28:3a:9f:7a:f8:81:1b:7e:99:8f:
                    1c:8c:68:65:5f:d2:80:7e:9a:a2:68:93:3e:4a:27:
                    5c:99:24:5f:60:e0:3a:40:12:7e:c2:66:72:78:a7:
                    9b:e1:2d:5c:4d:a5:ed:26:ac:86:4d:78:f5:9a:4f:
                    bf:4d:e2:ed:88:82:67:83:35:81:49:03:c3:44:3b:
                    fb:7d:29:e3:ca:e5:83:76:a0:91:7e:e6:df:64:c9:
                    84:b8:e3:da:2c:9e:ad:77:7e:cb:ba:51:fa:6a:79:
                    21:e0:26:a2:bb:bb:d1:6f:d3:24:64:d4:40:fc:6b:
                    77:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A2:C3:EB:E7:87:DB:E0:BD:89:4D:C8:06:D0:E2:2F:A8:61:FB:D5:16
            X509v3 Authority Key Identifier:
                keyid:C2:B7:A2:88:59:94:7C:52:A3:87:BB:62:87:64:F9:1A:AA:1D:05:B9

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/342AB48DF24F4D85DAA49BDAB77609E5DB5B37712CFD9DE7A5CE9F98076010F2/0/C2B7A28859947C52A387BB628764F91AAA1D05B9.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C2B7A28859947C52A387BB628764F91AAA1D05B9.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/342AB48DF24F4D85DAA49BDAB77609E5DB5B37712CFD9DE7A5CE9F98076010F2/0/323830333a396530303a3a2f33322d3438203d3e203532333939.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2803:9e00::/32

    Signature Algorithm: sha256WithRSAEncryption
         9b:b8:62:20:18:0a:63:0a:a3:2b:22:a0:57:31:0c:13:52:87:
         cd:f3:dd:2f:f0:fc:8e:c0:9a:da:e8:d4:fc:c8:53:dc:f8:82:
         31:f1:ca:af:b6:b4:4b:e1:13:0d:76:1f:ba:ba:b1:b0:3e:24:
         c1:a4:70:53:ba:49:82:30:2d:a3:73:3f:04:c8:04:47:09:54:
         4a:bb:65:48:b4:cf:ef:3e:0b:77:32:de:1f:da:32:38:c2:17:
         e5:19:87:63:a3:d7:41:20:c4:65:0e:aa:a4:48:92:78:51:3c:
         7a:f9:36:1d:6d:14:cd:18:0d:96:7c:fb:3b:a7:83:12:bc:aa:
         fc:1f:36:ab:a2:5c:cd:95:d0:c4:c9:24:38:56:4b:48:ac:3e:
         df:9b:a6:4a:9b:61:eb:54:62:8f:65:41:44:aa:8b:13:0f:10:
         72:98:17:89:fb:4d:d7:2f:f6:b8:62:55:80:50:48:37:5a:9d:
         6d:f7:de:6b:85:0f:91:c9:d9:ef:54:0b:5d:b4:32:fc:a8:ca:
         94:80:40:11:de:69:cd:e1:ba:24:09:18:9d:1a:9d:c9:56:df:
         f6:52:83:17:14:c3:0a:ad:2c:60:66:30:a5:11:44:f9:ab:1f:
         78:45:66:32:5c:67:2c:5e:ea:0b:78:b6:80:b0:6c:38:33:85:
         9b:bb:d9:8d
-----BEGIN CERTIFICATE-----
MIIFvTCCBKWgAwIBAgIUdxFc6Kg7UXGafrL30onE+3MCUJ0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQzJCN0EyODg1OTk0N0M1MkEzODdCQjYyODc2NEY5MUFB
QTFEMDVCOTAeFw0yNTAyMDQxODMwNThaFw0yNjAyMDMxODM1NThaMDMxMTAvBgNV
BAMTKEEyQzNFQkU3ODdEQkUwQkQ4OTREQzgwNkQwRTIyRkE4NjFGQkQ1MTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDtO8cP+gQbNCPCC+I/nRh/0hLK
/QRDpL/JUf/Visz2GQBXi9a7E/kfPVpSeDY+robZS4+hvWAfGtKt4pvZcpa1U/Aq
L6a9Sm9vQDtfbuxKZdxlLo5bUSKx3M67XsiDajG4cMbe8xK+ZhU8GyHe39ZHVrzg
RW1fU19K7Evt14hQZiBb+QyVkxmsrZMXKDqfeviBG36ZjxyMaGVf0oB+mqJokz5K
J1yZJF9g4DpAEn7CZnJ4p5vhLVxNpe0mrIZNePWaT79N4u2IgmeDNYFJA8NEO/t9
KePK5YN2oJF+5t9kyYS449osnq13fsu6UfpqeSHgJqK7u9Fv0yRk1ED8a3fdAgMB
AAGjggLHMIICwzAdBgNVHQ4EFgQUosPr54fb4L2JTcgG0OIvqGH71RYwHwYDVR0j
BBgwFoAUwreiiFmUfFKjh7tih2T5GqodBbkwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8zNDJBQjQ4REYyNEY0RDg1REFBNDlCREFCNzc2MDlFNURC
NUIzNzcxMkNGRDlERTdBNUNFOUY5ODA3NjAxMEYyLzAvQzJCN0EyODg1OTk0N0M1
MkEzODdCQjYyODc2NEY5MUFBQTFEMDVCOS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9DMkI3QTI4ODU5OTQ3QzUyQTM4
N0JCNjI4NzY0RjkxQUFBMUQwNUI5LmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMzQyQUI0OERGMjRGNEQ4NURBQTQ5QkRBQjc3NjA5RTVEQjVCMzc3MTJD
RkQ5REU3QTVDRTlGOTgwNzYwMTBGMi8wLzMyMzgzMDMzM2EzOTY1MzAzMDNhM2Ey
ZjMzMzIyZDM0MzgyMDNkM2UyMDM1MzIzMzM5Mzkucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAoA54AMA0G
CSqGSIb3DQEBCwUAA4IBAQCbuGIgGApjCqMrIqBXMQwTUofN890v8PyOwJra6NT8
yFPc+IIx8cqvtrRL4RMNdh+6urGwPiTBpHBTukmCMC2jcz8EyARHCVRKu2VItM/v
Pgt3Mt4f2jI4whflGYdjo9dBIMRlDqqkSJJ4UTx6+TYdbRTNGA2WfPs7p4MSvKr8
HzarolzNldDEySQ4VktIrD7fm6ZKm2HrVGKPZUFEqosTDxBymBeJ+03XL/a4YlWA
UEg3Wp1t995rhQ+RydnvVAtdtDL8qMqUgEAR3mnN4bokCRidGp3JVt/2UoMXFMMK
rSxgZjClEUT5qx94RWYyXGcsXuoLeLaAsGw4M4Wbu9mN
-----END CERTIFICATE-----