Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/48E82F7BA0FA591BEC7E035CFFD87245849693F2365E52ECBE46752996637A3E/0/323830313a31663a323030303a3a2f34382d3438203d3e20323633383331.roa
File:                     323830313a31663a323030303a3a2f34382d3438203d3e20323633383331.roa (raw, json)
Hash identifier:          YGj+woCOOtwe2TTe7ZdKdy6KHoumLwLA+PK233PPsMs=
Subject key identifier:   AC:9A:CF:DB:C9:46:D1:B6:7C:E1:6C:48:EF:54:75:41:23:95:48:C3
Certificate issuer:       /CN=DF440E65C2E63992C250A9905BFC8D428DB61F12
Certificate serial:       395C04D57FFD5F2DCC4C9E5E71E9CDEA0C16D6E4
Authority key identifier: DF:44:0E:65:C2:E6:39:92:C2:50:A9:90:5B:FC:8D:42:8D:B6:1F:12
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/DF440E65C2E63992C250A9905BFC8D428DB61F12.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/48E82F7BA0FA591BEC7E035CFFD87245849693F2365E52ECBE46752996637A3E/0/323830313a31663a323030303a3a2f34382d3438203d3e20323633383331.roa
Signing time:             Tue 04 Feb 2025 18:03:47 +0000
ROA not before:           Tue 04 Feb 2025 17:58:47 +0000
ROA not after:            Tue 03 Feb 2026 18:03:47 +0000
asID:                     263831
IP address blocks:        2801:1f:2000::/48 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            39:5c:04:d5:7f:fd:5f:2d:cc:4c:9e:5e:71:e9:cd:ea:0c:16:d6:e4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=DF440E65C2E63992C250A9905BFC8D428DB61F12
        Validity
            Not Before: Feb  4 17:58:47 2025 GMT
            Not After : Feb  3 18:03:47 2026 GMT
        Subject: CN=AC9ACFDBC946D1B67CE16C48EF547541239548C3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:ad:21:0a:4e:e0:75:d8:4b:75:f9:ee:a5:fc:
                    32:69:7d:a6:57:88:9e:78:aa:77:ee:27:13:de:a4:
                    d5:28:11:93:ef:ec:50:98:77:05:58:8c:50:24:79:
                    4d:7a:c7:ad:c5:a9:25:b3:b4:85:1c:c8:da:db:18:
                    c3:4d:ea:24:2d:a8:b1:31:ef:2f:1a:60:36:72:a4:
                    3b:28:29:a9:47:9f:97:c7:1c:b0:9c:73:2f:6e:5d:
                    34:c6:7c:64:67:6b:7d:5a:c7:ab:36:ee:be:66:27:
                    24:2e:13:55:e8:77:f0:0f:de:b5:6e:8e:40:cf:23:
                    fe:1c:2f:42:84:c6:d2:98:1a:c5:bb:68:78:39:3d:
                    a6:7d:b4:cb:8e:ba:57:24:bd:7e:a4:01:cb:2a:4f:
                    37:11:33:c2:d6:e4:0d:6d:aa:e8:6a:87:5a:56:21:
                    4f:f8:45:6a:21:6f:02:66:95:22:ff:3b:18:80:ae:
                    64:96:c0:ed:0a:13:0c:eb:69:5d:5b:d0:3c:7c:7b:
                    f3:df:da:96:a8:2c:58:97:95:98:90:7b:b6:bf:ba:
                    d7:61:13:0d:e8:01:5a:29:62:5a:3e:38:5d:70:18:
                    d7:7d:b3:62:61:e8:17:e9:72:e9:c8:b2:73:ea:67:
                    bb:22:2a:c3:e2:29:a5:6a:e5:ae:85:31:0f:48:b4:
                    68:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AC:9A:CF:DB:C9:46:D1:B6:7C:E1:6C:48:EF:54:75:41:23:95:48:C3
            X509v3 Authority Key Identifier:
                keyid:DF:44:0E:65:C2:E6:39:92:C2:50:A9:90:5B:FC:8D:42:8D:B6:1F:12

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/48E82F7BA0FA591BEC7E035CFFD87245849693F2365E52ECBE46752996637A3E/0/DF440E65C2E63992C250A9905BFC8D428DB61F12.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/DF440E65C2E63992C250A9905BFC8D428DB61F12.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/48E82F7BA0FA591BEC7E035CFFD87245849693F2365E52ECBE46752996637A3E/0/323830313a31663a323030303a3a2f34382d3438203d3e20323633383331.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2801:1f:2000::/48

    Signature Algorithm: sha256WithRSAEncryption
         96:eb:c3:00:4b:90:93:90:80:64:3a:61:0d:bf:9e:66:20:69:
         cb:7a:e2:a5:75:fe:f0:74:c2:0f:bf:70:ca:bf:ae:6c:e8:c7:
         1b:1a:5b:a1:9b:bf:77:1b:f1:f0:44:46:42:d2:e3:69:c3:15:
         ad:f0:91:91:39:b2:54:8d:a5:12:84:5f:ea:a7:62:c1:9f:c8:
         20:c7:6f:4d:ec:eb:95:40:b6:e4:9e:50:09:92:b5:c1:a3:3f:
         cb:48:bc:7d:61:da:59:09:6a:28:3f:58:6e:27:a8:d2:f9:3c:
         cb:3e:56:a5:b6:6d:23:79:81:40:54:58:3f:92:d2:7b:ba:ae:
         30:74:8a:4d:1d:08:3e:b8:c5:1f:48:5b:6b:16:67:8c:4d:a4:
         de:b6:23:ac:d8:77:73:59:9a:56:d2:5d:51:fc:ef:2e:ec:e3:
         6c:e2:b5:57:66:5a:5d:9c:09:39:e7:93:15:05:b8:a3:3f:5d:
         2f:8f:de:55:43:44:0f:ba:89:79:8e:0a:35:29:77:51:e9:ba:
         72:65:68:dd:b4:85:e4:24:fb:d5:79:36:63:30:28:c7:b2:71:
         92:ae:b3:71:de:ba:e3:fd:77:05:cf:32:49:0c:94:da:6f:ae:
         7d:25:68:1b:fb:14:ed:56:f5:1b:96:c9:d4:80:53:b6:e5:4b:
         3d:36:51:44
-----BEGIN CERTIFICATE-----
MIIFxzCCBK+gAwIBAgIUOVwE1X/9Xy3MTJ5ecenN6gwW1uQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoREY0NDBFNjVDMkU2Mzk5MkMyNTBBOTkwNUJGQzhENDI4
REI2MUYxMjAeFw0yNTAyMDQxNzU4NDdaFw0yNjAyMDMxODAzNDdaMDMxMTAvBgNV
BAMTKEFDOUFDRkRCQzk0NkQxQjY3Q0UxNkM0OEVGNTQ3NTQxMjM5NTQ4QzMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCtrSEKTuB12Et1+e6l/DJpfaZX
iJ54qnfuJxPepNUoEZPv7FCYdwVYjFAkeU16x63FqSWztIUcyNrbGMNN6iQtqLEx
7y8aYDZypDsoKalHn5fHHLCccy9uXTTGfGRna31ax6s27r5mJyQuE1Xod/AP3rVu
jkDPI/4cL0KExtKYGsW7aHg5PaZ9tMuOulckvX6kAcsqTzcRM8LW5A1tquhqh1pW
IU/4RWohbwJmlSL/OxiArmSWwO0KEwzraV1b0Dx8e/Pf2paoLFiXlZiQe7a/utdh
Ew3oAVopYlo+OF1wGNd9s2Jh6BfpcunIsnPqZ7siKsPiKaVq5a6FMQ9ItGg9AgMB
AAGjggLRMIICzTAdBgNVHQ4EFgQUrJrP28lG0bZ84WxI71R1QSOVSMMwHwYDVR0j
BBgwFoAU30QOZcLmOZLCUKmQW/yNQo22HxIwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy80OEU4MkY3QkEwRkE1OTFCRUM3RTAzNUNGRkQ4NzI0NTg0
OTY5M0YyMzY1RTUyRUNCRTQ2NzUyOTk2NjM3QTNFLzAvREY0NDBFNjVDMkU2Mzk5
MkMyNTBBOTkwNUJGQzhENDI4REI2MUYxMi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9ERjQ0MEU2NUMyRTYzOTkyQzI1
MEE5OTA1QkZDOEQ0MjhEQjYxRjEyLmNlcjCBzQYIKwYBBQUHAQsEgcAwgb0wgboG
CCsGAQUFBzALhoGtcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNDhFODJGN0JBMEZBNTkxQkVDN0UwMzVDRkZEODcyNDU4NDk2OTNGMjM2
NUU1MkVDQkU0Njc1Mjk5NjYzN0EzRS8wLzMyMzgzMDMxM2EzMTY2M2EzMjMwMzAz
MDNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzYzMzM4MzMzMS5yb2EwGAYDVR0g
AQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMH
ACgBAB8gADANBgkqhkiG9w0BAQsFAAOCAQEAluvDAEuQk5CAZDphDb+eZiBpy3ri
pXX+8HTCD79wyr+ubOjHGxpboZu/dxvx8ERGQtLjacMVrfCRkTmyVI2lEoRf6qdi
wZ/IIMdvTezrlUC25J5QCZK1waM/y0i8fWHaWQlqKD9Ybieo0vk8yz5WpbZtI3mB
QFRYP5LSe7quMHSKTR0IPrjFH0hbaxZnjE2k3rYjrNh3c1maVtJdUfzvLuzjbOK1
V2ZaXZwJOeeTFQW4oz9dL4/eVUNED7qJeY4KNSl3Uem6cmVo3bSF5CT71Xk2YzAo
x7Jxkq6zcd664/13Bc8ySQyU2m+ufSVoG/sU7Vb1G5bJ1IBTtuVLPTZRRA==
-----END CERTIFICATE-----