Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/467CA131098E1BC8222571EDD2A1800F00015E7F803B88714751949BFEDC3313/0/323830333a326230303a3a2f33322d3438203d3e203532343638.roa
File:                     323830333a326230303a3a2f33322d3438203d3e203532343638.roa (raw, json)
Hash identifier:          hX3Vkw1UI8PH5/nTG3wZXhG5saMXrvbsZnQ3IQH42zM=
Subject key identifier:   9F:3B:DC:59:9A:82:18:38:8D:9C:1D:5D:FC:B9:75:44:4F:F2:58:FC
Certificate issuer:       /CN=15A0ECF9986E4ED2D8E703E1C0F76470A6A91F2A
Certificate serial:       2D0BBB532A2617AA2393BD331BFC095C28200616
Authority key identifier: 15:A0:EC:F9:98:6E:4E:D2:D8:E7:03:E1:C0:F7:64:70:A6:A9:1F:2A
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/15A0ECF9986E4ED2D8E703E1C0F76470A6A91F2A.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/467CA131098E1BC8222571EDD2A1800F00015E7F803B88714751949BFEDC3313/0/323830333a326230303a3a2f33322d3438203d3e203532343638.roa
Signing time:             Tue 04 Feb 2025 18:17:58 +0000
ROA not before:           Tue 04 Feb 2025 18:12:58 +0000
ROA not after:            Tue 03 Feb 2026 18:17:58 +0000
asID:                     52468
IP address blocks:        2803:2b00::/32 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2d:0b:bb:53:2a:26:17:aa:23:93:bd:33:1b:fc:09:5c:28:20:06:16
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=15A0ECF9986E4ED2D8E703E1C0F76470A6A91F2A
        Validity
            Not Before: Feb  4 18:12:58 2025 GMT
            Not After : Feb  3 18:17:58 2026 GMT
        Subject: CN=9F3BDC599A8218388D9C1D5DFCB975444FF258FC
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:5f:94:68:63:49:bd:6e:23:53:7d:a6:3e:eb:
                    44:3f:6f:12:e3:7b:08:6e:67:62:d2:52:fd:76:8c:
                    56:8b:1e:8a:cf:ea:c4:b0:a5:bf:82:31:12:87:8f:
                    b7:73:86:8c:9a:8c:1d:25:b5:55:fd:b3:6b:8e:3c:
                    e9:e5:d2:db:c1:6a:ce:a8:24:73:d8:31:95:16:3f:
                    ec:d2:15:51:2c:2d:af:30:06:fa:85:60:cd:2b:ff:
                    be:07:fd:b8:11:fd:e6:1d:18:fe:39:d9:a9:e1:67:
                    67:9c:f8:f7:f6:e8:6e:61:97:92:07:a1:5b:f3:f7:
                    bc:5a:7b:5f:d9:8b:c9:41:87:be:89:af:48:e5:71:
                    db:d4:48:f4:7b:a8:61:eb:af:d9:26:0b:99:27:43:
                    ee:a7:a7:93:d5:18:87:9b:70:d9:b9:87:b4:aa:af:
                    f7:f5:6f:33:e0:75:ff:55:02:36:9c:67:03:a3:16:
                    80:80:7d:8c:d7:56:2b:91:74:e1:64:23:c9:78:b8:
                    ab:f4:e4:16:6b:b7:ce:b9:de:db:e0:b7:71:92:58:
                    78:bc:8c:b4:47:a2:74:f2:e7:82:69:d5:8a:18:49:
                    b4:b1:e6:46:be:00:52:98:91:19:17:49:5b:3c:7b:
                    ad:29:79:b9:85:ac:00:82:53:66:74:e2:e7:b1:65:
                    bd:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9F:3B:DC:59:9A:82:18:38:8D:9C:1D:5D:FC:B9:75:44:4F:F2:58:FC
            X509v3 Authority Key Identifier:
                keyid:15:A0:EC:F9:98:6E:4E:D2:D8:E7:03:E1:C0:F7:64:70:A6:A9:1F:2A

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/467CA131098E1BC8222571EDD2A1800F00015E7F803B88714751949BFEDC3313/0/15A0ECF9986E4ED2D8E703E1C0F76470A6A91F2A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/15A0ECF9986E4ED2D8E703E1C0F76470A6A91F2A.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/467CA131098E1BC8222571EDD2A1800F00015E7F803B88714751949BFEDC3313/0/323830333a326230303a3a2f33322d3438203d3e203532343638.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2803:2b00::/32

    Signature Algorithm: sha256WithRSAEncryption
         38:09:f3:ae:46:0a:6d:1f:eb:fa:1d:c7:ae:22:53:00:68:7e:
         2b:89:4a:9f:80:d1:b1:6b:6d:ce:b9:24:e3:49:99:da:91:55:
         46:9a:42:20:36:10:5f:24:36:12:13:fc:16:db:3f:26:3a:88:
         7e:42:c7:e5:fe:98:9c:e6:69:d9:41:73:65:65:b6:cc:8e:8a:
         0e:32:b4:17:3e:b1:02:41:ba:22:34:a0:94:e4:e1:6f:b0:88:
         76:38:42:19:f9:41:32:cb:20:28:cf:01:5e:e6:70:8a:5f:00:
         66:30:69:27:9c:29:6c:ad:1c:c2:dd:a0:80:ff:38:3f:16:02:
         2c:28:57:26:7d:a3:d2:c7:b5:d4:c8:8a:f2:ed:b4:28:87:6c:
         3e:0d:06:09:d9:2b:16:bc:47:36:55:1a:6a:dd:14:e0:9b:b7:
         cc:20:2d:e5:a1:5e:f8:a4:17:3b:d8:0f:87:bc:b2:d8:35:b2:
         da:33:9e:23:85:8f:22:b5:ea:ae:8e:dd:5a:a0:d9:e7:13:06:
         b5:9f:31:61:98:f7:3e:9c:03:15:4c:0c:b0:3a:49:5a:8a:fb:
         63:3a:da:b7:c1:5d:16:b2:34:67:8d:eb:f6:d5:c1:b6:a3:86:
         7d:28:14:9c:aa:50:3a:96:f3:33:c5:e7:c1:66:6e:16:66:7d:
         e3:21:8e:81
-----BEGIN CERTIFICATE-----
MIIFvTCCBKWgAwIBAgIULQu7UyomF6ojk70zG/wJXCggBhYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTVBMEVDRjk5ODZFNEVEMkQ4RTcwM0UxQzBGNzY0NzBB
NkE5MUYyQTAeFw0yNTAyMDQxODEyNThaFw0yNjAyMDMxODE3NThaMDMxMTAvBgNV
BAMTKDlGM0JEQzU5OUE4MjE4Mzg4RDlDMUQ1REZDQjk3NTQ0NEZGMjU4RkMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCPX5RoY0m9biNTfaY+60Q/bxLj
ewhuZ2LSUv12jFaLHorP6sSwpb+CMRKHj7dzhoyajB0ltVX9s2uOPOnl0tvBas6o
JHPYMZUWP+zSFVEsLa8wBvqFYM0r/74H/bgR/eYdGP452anhZ2ec+Pf26G5hl5IH
oVvz97xae1/Zi8lBh76Jr0jlcdvUSPR7qGHrr9kmC5knQ+6np5PVGIebcNm5h7Sq
r/f1bzPgdf9VAjacZwOjFoCAfYzXViuRdOFkI8l4uKv05BZrt8653tvgt3GSWHi8
jLRHonTy54Jp1YoYSbSx5ka+AFKYkRkXSVs8e60pebmFrACCU2Z04uexZb0lAgMB
AAGjggLHMIICwzAdBgNVHQ4EFgQUnzvcWZqCGDiNnB1d/Ll1RE/yWPwwHwYDVR0j
BBgwFoAUFaDs+ZhuTtLY5wPhwPdkcKapHyowDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy80NjdDQTEzMTA5OEUxQkM4MjIyNTcxRUREMkExODAwRjAw
MDE1RTdGODAzQjg4NzE0NzUxOTQ5QkZFREMzMzEzLzAvMTVBMEVDRjk5ODZFNEVE
MkQ4RTcwM0UxQzBGNzY0NzBBNkE5MUYyQS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8xNUEwRUNGOTk4NkU0RUQyRDhF
NzAzRTFDMEY3NjQ3MEE2QTkxRjJBLmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNDY3Q0ExMzEwOThFMUJDODIyMjU3MUVERDJBMTgwMEYwMDAxNUU3Rjgw
M0I4ODcxNDc1MTk0OUJGRURDMzMxMy8wLzMyMzgzMDMzM2EzMjYyMzAzMDNhM2Ey
ZjMzMzIyZDM0MzgyMDNkM2UyMDM1MzIzNDM2Mzgucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAoAysAMA0G
CSqGSIb3DQEBCwUAA4IBAQA4CfOuRgptH+v6HceuIlMAaH4riUqfgNGxa23OuSTj
SZnakVVGmkIgNhBfJDYSE/wW2z8mOoh+Qsfl/pic5mnZQXNlZbbMjooOMrQXPrEC
QboiNKCU5OFvsIh2OEIZ+UEyyyAozwFe5nCKXwBmMGknnClsrRzC3aCA/zg/FgIs
KFcmfaPSx7XUyIry7bQoh2w+DQYJ2SsWvEc2VRpq3RTgm7fMIC3loV74pBc72A+H
vLLYNbLaM54jhY8itequjt1aoNnnEwa1nzFhmPc+nAMVTAywOklaivtjOtq3wV0W
sjRnjev21cG2o4Z9KBScqlA6lvMzxefBZm4WZn3jIY6B
-----END CERTIFICATE-----