Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/3CAACDBC222D64D49E5C2EBBB7F27F861085890E265B8C651CAF59C725AA7D1E/0/323830363a3362373a3a2f33322d3332203d3e20323730313135.roa
File:                     323830363a3362373a3a2f33322d3332203d3e20323730313135.roa (raw, json)
Hash identifier:          OqIW1cNcoF3HqyMPO/Bxr4fxjIFF9zx0R5N/9YK/Ki0=
Subject key identifier:   BA:A5:C2:B4:5D:CF:A5:D6:52:71:B3:05:41:75:61:EB:FF:8A:0B:97
Certificate issuer:       /CN=3A4A29DEBD59C7A04E6193A42A5EFC3C244B2D27
Certificate serial:       5A1E67DDCD2F1E1671DC16234285E5D6AD215358
Authority key identifier: 3A:4A:29:DE:BD:59:C7:A0:4E:61:93:A4:2A:5E:FC:3C:24:4B:2D:27
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/3A4A29DEBD59C7A04E6193A42A5EFC3C244B2D27.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/3CAACDBC222D64D49E5C2EBBB7F27F861085890E265B8C651CAF59C725AA7D1E/0/323830363a3362373a3a2f33322d3332203d3e20323730313135.roa
Signing time:             Thu 27 Jun 2024 00:05:00 +0000
ROA not before:           Thu 27 Jun 2024 00:00:00 +0000
ROA not after:            Thu 26 Jun 2025 00:05:00 +0000
asID:                     270115
IP address blocks:        2806:3b7::/32 maxlen: 32
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5a:1e:67:dd:cd:2f:1e:16:71:dc:16:23:42:85:e5:d6:ad:21:53:58
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3A4A29DEBD59C7A04E6193A42A5EFC3C244B2D27
        Validity
            Not Before: Jun 27 00:00:00 2024 GMT
            Not After : Jun 26 00:05:00 2025 GMT
        Subject: CN=BAA5C2B45DCFA5D65271B305417561EBFF8A0B97
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:d2:4b:95:34:0b:28:b7:15:3d:28:c1:7c:76:
                    37:ad:6c:6f:a0:7d:a7:9b:ae:54:52:37:f0:83:75:
                    55:22:8d:02:b4:6b:2f:d5:05:cb:5a:e2:ec:27:1e:
                    11:4a:b4:f1:6f:38:09:ac:79:1d:7f:60:3f:7b:9d:
                    9a:33:88:cc:48:0e:d8:1b:0d:62:15:e2:21:89:d2:
                    d9:30:7c:e1:72:71:eb:6a:b2:8e:b8:4b:1b:dc:b9:
                    f6:4d:68:9f:62:80:4a:79:50:96:85:9a:8e:a8:cf:
                    8e:b4:5d:0e:4b:de:c3:95:2e:0c:d2:e9:49:b5:fa:
                    82:36:69:78:84:af:ef:4c:22:60:38:2e:4e:74:90:
                    8c:84:c8:d5:ea:de:85:25:e1:5b:7b:9b:2d:b7:27:
                    25:7f:8e:11:f5:0a:12:62:42:14:81:4b:45:d2:ba:
                    28:83:58:1e:4a:ed:84:e5:b6:a9:66:53:d4:11:80:
                    a6:ad:9e:25:c9:59:18:57:40:1b:69:e4:6e:3c:74:
                    d3:8b:38:49:8e:57:1b:fb:77:ba:3e:5f:ea:79:b2:
                    56:96:d3:c2:06:c6:c2:3c:aa:31:81:25:ba:4a:11:
                    99:9e:8e:6b:54:f6:51:ad:fa:bb:96:f4:54:71:c3:
                    3a:cf:f9:14:66:13:29:3b:f4:ee:58:1f:5b:55:f5:
                    78:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BA:A5:C2:B4:5D:CF:A5:D6:52:71:B3:05:41:75:61:EB:FF:8A:0B:97
            X509v3 Authority Key Identifier:
                keyid:3A:4A:29:DE:BD:59:C7:A0:4E:61:93:A4:2A:5E:FC:3C:24:4B:2D:27

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/3CAACDBC222D64D49E5C2EBBB7F27F861085890E265B8C651CAF59C725AA7D1E/0/3A4A29DEBD59C7A04E6193A42A5EFC3C244B2D27.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/3A4A29DEBD59C7A04E6193A42A5EFC3C244B2D27.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/3CAACDBC222D64D49E5C2EBBB7F27F861085890E265B8C651CAF59C725AA7D1E/0/323830363a3362373a3a2f33322d3332203d3e20323730313135.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2806:3b7::/32

    Signature Algorithm: sha256WithRSAEncryption
         33:af:4b:2a:6f:2e:de:a9:d5:02:40:ed:f9:8a:ed:7e:f7:35:
         6e:ad:ee:00:0f:02:17:4b:89:88:38:2e:e1:62:66:a8:22:a7:
         aa:85:dd:8f:2b:23:d8:02:27:16:6e:ec:71:1b:4f:19:cf:0e:
         9e:4a:9c:a9:ce:15:79:45:6c:98:38:aa:85:28:6c:48:74:aa:
         dd:2c:c5:b0:63:17:81:36:30:ff:0c:c7:a4:85:7c:5e:84:35:
         53:89:2f:10:f9:7a:0e:da:e6:e3:52:b7:22:6a:98:d7:76:bb:
         c7:1e:45:aa:cd:e5:57:fc:fd:a0:97:20:78:22:51:dd:87:c0:
         f9:d6:74:5a:5e:aa:00:f4:8f:c1:bf:99:58:56:a6:f4:24:e7:
         d9:0d:b7:e3:22:ed:ff:11:e0:e9:49:46:10:55:33:0e:12:53:
         74:7b:f4:cb:35:07:ad:97:b0:ad:39:88:51:45:d3:2f:db:11:
         d2:0c:8e:53:80:c1:84:8f:7f:c0:e0:85:b1:93:33:92:1f:88:
         82:6e:62:af:ba:c4:76:00:4c:93:fb:bc:0a:53:3e:b4:ae:5a:
         0b:4c:53:9d:87:58:71:56:b2:60:0f:0e:4a:7d:b1:f4:62:03:
         7b:62:b5:52:82:c7:69:ac:58:41:0b:d1:ca:21:7b:b0:af:79:
         01:80:43:26
-----BEGIN CERTIFICATE-----
MIIFvTCCBKWgAwIBAgIUWh5n3c0vHhZx3BYjQoXl1q0hU1gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM0E0QTI5REVCRDU5QzdBMDRFNjE5M0E0MkE1RUZDM0My
NDRCMkQyNzAeFw0yNDA2MjcwMDAwMDBaFw0yNTA2MjYwMDA1MDBaMDMxMTAvBgNV
BAMTKEJBQTVDMkI0NURDRkE1RDY1MjcxQjMwNTQxNzU2MUVCRkY4QTBCOTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCy0kuVNAsotxU9KMF8djetbG+g
faebrlRSN/CDdVUijQK0ay/VBcta4uwnHhFKtPFvOAmseR1/YD97nZoziMxIDtgb
DWIV4iGJ0tkwfOFycetqso64SxvcufZNaJ9igEp5UJaFmo6oz460XQ5L3sOVLgzS
6Um1+oI2aXiEr+9MImA4Lk50kIyEyNXq3oUl4Vt7my23JyV/jhH1ChJiQhSBS0XS
uiiDWB5K7YTltqlmU9QRgKatniXJWRhXQBtp5G48dNOLOEmOVxv7d7o+X+p5slaW
08IGxsI8qjGBJbpKEZmejmtU9lGt+ruW9FRxwzrP+RRmEyk79O5YH1tV9XiJAgMB
AAGjggLHMIICwzAdBgNVHQ4EFgQUuqXCtF3PpdZScbMFQXVh6/+KC5cwHwYDVR0j
BBgwFoAUOkop3r1Zx6BOYZOkKl78PCRLLScwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8zQ0FBQ0RCQzIyMkQ2NEQ0OUU1QzJFQkJCN0YyN0Y4NjEw
ODU4OTBFMjY1QjhDNjUxQ0FGNTlDNzI1QUE3RDFFLzAvM0E0QTI5REVCRDU5QzdB
MDRFNjE5M0E0MkE1RUZDM0MyNDRCMkQyNy5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8zQTRBMjlERUJENTlDN0EwNEU2
MTkzQTQyQTVFRkMzQzI0NEIyRDI3LmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvM0NBQUNEQkMyMjJENjRENDlFNUMyRUJCQjdGMjdGODYxMDg1ODkwRTI2
NUI4QzY1MUNBRjU5QzcyNUFBN0QxRS8wLzMyMzgzMDM2M2EzMzYyMzczYTNhMmYz
MzMyMmQzMzMyMjAzZDNlMjAzMjM3MzAzMTMxMzUucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAoBgO3MA0G
CSqGSIb3DQEBCwUAA4IBAQAzr0sqby7eqdUCQO35iu1+9zVure4ADwIXS4mIOC7h
YmaoIqeqhd2PKyPYAicWbuxxG08Zzw6eSpypzhV5RWyYOKqFKGxIdKrdLMWwYxeB
NjD/DMekhXxehDVTiS8Q+XoO2ubjUrciapjXdrvHHkWqzeVX/P2glyB4IlHdh8D5
1nRaXqoA9I/Bv5lYVqb0JOfZDbfjIu3/EeDpSUYQVTMOElN0e/TLNQetl7CtOYhR
RdMv2xHSDI5TgMGEj3/A4IWxkzOSH4iCbmKvusR2AEyT+7wKUz60rloLTFOdh1hx
VrJgDw5KfbH0YgN7YrVSgsdprFhBC9HKIXuwr3kBgEMm
-----END CERTIFICATE-----