Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/3FA771377A3530818881DC2226705A58B195BD6EC03510382117E92EE961D3A9/0/323830363a3330633a3a2f33322d3438203d3e20323730313733.roa
File:                     323830363a3330633a3a2f33322d3438203d3e20323730313733.roa (raw, json)
Hash identifier:          JRsnL/EF5Mvh3uIexqf/lKD0Frgj2yJLic8Lrr5SfrE=
Subject key identifier:   63:C1:EF:61:B4:7A:4B:09:85:C5:9F:6C:0C:79:E9:D2:FD:C6:A2:1D
Certificate issuer:       /CN=291BF264E3DFBE29A5D52AE24CE1243DF6F398C2
Certificate serial:       34D7D2AB3020ECDE86AB9A9413C70E6354837A9C
Authority key identifier: 29:1B:F2:64:E3:DF:BE:29:A5:D5:2A:E2:4C:E1:24:3D:F6:F3:98:C2
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/291BF264E3DFBE29A5D52AE24CE1243DF6F398C2.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/3FA771377A3530818881DC2226705A58B195BD6EC03510382117E92EE961D3A9/0/323830363a3330633a3a2f33322d3438203d3e20323730313733.roa
Signing time:             Tue 04 Feb 2025 18:45:42 +0000
ROA not before:           Tue 04 Feb 2025 18:40:42 +0000
ROA not after:            Tue 03 Feb 2026 18:45:42 +0000
asID:                     270173
IP address blocks:        2806:30c::/32 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            34:d7:d2:ab:30:20:ec:de:86:ab:9a:94:13:c7:0e:63:54:83:7a:9c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=291BF264E3DFBE29A5D52AE24CE1243DF6F398C2
        Validity
            Not Before: Feb  4 18:40:42 2025 GMT
            Not After : Feb  3 18:45:42 2026 GMT
        Subject: CN=63C1EF61B47A4B0985C59F6C0C79E9D2FDC6A21D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:43:c8:5d:60:16:90:57:02:af:66:63:ce:b7:
                    eb:d7:77:2f:61:b6:3a:ea:df:73:98:ca:28:ca:53:
                    e3:4e:38:d6:74:53:99:2e:c1:34:58:42:67:a6:57:
                    cb:f4:d2:e4:00:b1:69:ef:d6:ae:b0:df:1b:4b:bf:
                    16:8b:e5:1e:f1:89:12:f3:df:0f:49:74:9f:f7:03:
                    2e:3b:f0:c5:9b:94:7c:04:de:4c:e0:15:58:5a:25:
                    b6:c2:02:15:7f:48:92:02:20:25:7c:a1:d1:c1:7f:
                    b6:97:72:1f:16:28:f6:cf:f1:4a:03:da:da:da:af:
                    a1:78:13:5b:0b:12:40:9d:10:de:5f:ff:b8:f1:31:
                    a1:7d:70:bd:c0:63:04:2a:b5:c2:f3:17:4b:75:a2:
                    c1:57:93:68:aa:12:97:3a:c6:c8:71:10:fb:f3:a2:
                    c2:79:12:77:d8:c3:c4:08:1c:30:48:00:36:1e:3b:
                    4e:10:49:94:e0:41:a8:ff:bc:24:3d:6a:fb:4a:58:
                    9a:f5:ef:da:20:7b:b9:97:64:27:84:90:77:c1:2b:
                    b5:36:d7:01:c0:a1:6d:9c:13:a3:a3:8a:aa:90:ee:
                    38:8a:fb:ed:29:c7:ff:1c:14:f3:e9:26:63:1a:85:
                    41:18:fb:7e:05:41:29:ea:3c:6b:a4:ec:0b:96:77:
                    65:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                63:C1:EF:61:B4:7A:4B:09:85:C5:9F:6C:0C:79:E9:D2:FD:C6:A2:1D
            X509v3 Authority Key Identifier:
                keyid:29:1B:F2:64:E3:DF:BE:29:A5:D5:2A:E2:4C:E1:24:3D:F6:F3:98:C2

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/3FA771377A3530818881DC2226705A58B195BD6EC03510382117E92EE961D3A9/0/291BF264E3DFBE29A5D52AE24CE1243DF6F398C2.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/291BF264E3DFBE29A5D52AE24CE1243DF6F398C2.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/3FA771377A3530818881DC2226705A58B195BD6EC03510382117E92EE961D3A9/0/323830363a3330633a3a2f33322d3438203d3e20323730313733.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2806:30c::/32

    Signature Algorithm: sha256WithRSAEncryption
         20:14:81:f6:33:92:9a:04:a5:41:91:0a:64:d5:a5:b2:b1:89:
         d0:3a:be:4c:23:91:1e:69:81:58:db:21:a4:14:5b:0f:42:01:
         61:de:40:55:c0:65:66:22:9f:2c:53:7c:4f:d4:2f:9c:a7:6c:
         ba:08:4f:be:a0:07:5d:e3:e2:16:b9:e8:04:59:60:7d:9d:8a:
         6a:c9:92:61:06:90:38:f6:43:5d:b4:22:53:6d:4e:c2:b0:de:
         4e:05:4b:63:c0:2c:42:3f:7c:16:4f:7b:6c:f4:db:bb:f7:01:
         50:fa:79:48:bc:c1:67:f7:d1:61:5f:48:e1:cc:3d:f4:80:98:
         77:f1:e3:e8:50:93:40:6e:14:16:6c:77:2e:0d:4f:f7:92:58:
         2f:14:88:bb:2e:e3:61:43:66:ac:5f:57:3c:65:a5:eb:df:7c:
         19:38:08:1d:85:a0:5a:bb:8e:af:c2:d9:31:0e:2c:03:a0:81:
         46:b9:ad:f8:15:73:20:ba:b2:b5:a7:11:65:a5:ee:73:3c:9a:
         b2:d6:91:c2:b5:a9:9a:9d:ec:66:a8:f4:e0:e2:05:5c:83:1d:
         b2:76:95:8c:f1:1e:3f:c5:f4:95:98:1e:57:e0:12:96:aa:bb:
         a5:e2:06:a2:74:16:12:40:0e:9e:7a:66:97:2d:04:61:82:f9:
         75:93:30:72
-----BEGIN CERTIFICATE-----
MIIFvTCCBKWgAwIBAgIUNNfSqzAg7N6Gq5qUE8cOY1SDepwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjkxQkYyNjRFM0RGQkUyOUE1RDUyQUUyNENFMTI0M0RG
NkYzOThDMjAeFw0yNTAyMDQxODQwNDJaFw0yNjAyMDMxODQ1NDJaMDMxMTAvBgNV
BAMTKDYzQzFFRjYxQjQ3QTRCMDk4NUM1OUY2QzBDNzlFOUQyRkRDNkEyMUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQChQ8hdYBaQVwKvZmPOt+vXdy9h
tjrq33OYyijKU+NOONZ0U5kuwTRYQmemV8v00uQAsWnv1q6w3xtLvxaL5R7xiRLz
3w9JdJ/3Ay478MWblHwE3kzgFVhaJbbCAhV/SJICICV8odHBf7aXch8WKPbP8UoD
2trar6F4E1sLEkCdEN5f/7jxMaF9cL3AYwQqtcLzF0t1osFXk2iqEpc6xshxEPvz
osJ5EnfYw8QIHDBIADYeO04QSZTgQaj/vCQ9avtKWJr179oge7mXZCeEkHfBK7U2
1wHAoW2cE6OjiqqQ7jiK++0px/8cFPPpJmMahUEY+34FQSnqPGuk7AuWd2UdAgMB
AAGjggLHMIICwzAdBgNVHQ4EFgQUY8HvYbR6SwmFxZ9sDHnp0v3Goh0wHwYDVR0j
BBgwFoAUKRvyZOPfviml1SriTOEkPfbzmMIwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8zRkE3NzEzNzdBMzUzMDgxODg4MURDMjIyNjcwNUE1OEIx
OTVCRDZFQzAzNTEwMzgyMTE3RTkyRUU5NjFEM0E5LzAvMjkxQkYyNjRFM0RGQkUy
OUE1RDUyQUUyNENFMTI0M0RGNkYzOThDMi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8yOTFCRjI2NEUzREZCRTI5QTVE
NTJBRTI0Q0UxMjQzREY2RjM5OEMyLmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvM0ZBNzcxMzc3QTM1MzA4MTg4ODFEQzIyMjY3MDVBNThCMTk1QkQ2RUMw
MzUxMDM4MjExN0U5MkVFOTYxRDNBOS8wLzMyMzgzMDM2M2EzMzMwNjMzYTNhMmYz
MzMyMmQzNDM4MjAzZDNlMjAzMjM3MzAzMTM3MzMucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAoBgMMMA0G
CSqGSIb3DQEBCwUAA4IBAQAgFIH2M5KaBKVBkQpk1aWysYnQOr5MI5EeaYFY2yGk
FFsPQgFh3kBVwGVmIp8sU3xP1C+cp2y6CE++oAdd4+IWuegEWWB9nYpqyZJhBpA4
9kNdtCJTbU7CsN5OBUtjwCxCP3wWT3ts9Nu79wFQ+nlIvMFn99FhX0jhzD30gJh3
8ePoUJNAbhQWbHcuDU/3klgvFIi7LuNhQ2asX1c8ZaXr33wZOAgdhaBau46vwtkx
DiwDoIFGua34FXMgurK1pxFlpe5zPJqy1pHCtamanexmqPTg4gVcgx2ydpWM8R4/
xfSVmB5X4BKWqrul4gaidBYSQA6eemaXLQRhgvl1kzBy
-----END CERTIFICATE-----