Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/4ED6EB0CD247E17FF0A8DCE6B46C64555E8B6E899F5580B5E4C02BE5DC9F96EF/0/323830333a383230303a3a2f33322d3332203d3e203532333933.roa
File:                     323830333a383230303a3a2f33322d3332203d3e203532333933.roa (raw, json)
Hash identifier:          CGalbEjpjAzclEcojRlVxHlkHv7Ip/2tpgHiyeVupZU=
Subject key identifier:   72:CA:B8:CC:E2:59:3B:E1:DA:9D:F0:8F:AD:0F:13:59:45:BF:16:4D
Certificate issuer:       /CN=DB11B7707911064B45F88A13AD77795D0BCE5CC6
Certificate serial:       59DE1C3A690A9956A9801ACE8F40764822CA37C1
Authority key identifier: DB:11:B7:70:79:11:06:4B:45:F8:8A:13:AD:77:79:5D:0B:CE:5C:C6
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/DB11B7707911064B45F88A13AD77795D0BCE5CC6.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/4ED6EB0CD247E17FF0A8DCE6B46C64555E8B6E899F5580B5E4C02BE5DC9F96EF/0/323830333a383230303a3a2f33322d3332203d3e203532333933.roa
Signing time:             Tue 04 Feb 2025 18:28:56 +0000
ROA not before:           Tue 04 Feb 2025 18:23:56 +0000
ROA not after:            Tue 03 Feb 2026 18:28:56 +0000
asID:                     52393
IP address blocks:        2803:8200::/32 maxlen: 32
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            59:de:1c:3a:69:0a:99:56:a9:80:1a:ce:8f:40:76:48:22:ca:37:c1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=DB11B7707911064B45F88A13AD77795D0BCE5CC6
        Validity
            Not Before: Feb  4 18:23:56 2025 GMT
            Not After : Feb  3 18:28:56 2026 GMT
        Subject: CN=72CAB8CCE2593BE1DA9DF08FAD0F135945BF164D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:37:76:67:84:e1:b1:96:d7:7c:31:eb:eb:b8:
                    d0:6a:c3:87:db:cd:14:92:11:f7:de:7b:c9:b6:d5:
                    4c:5a:a4:dc:8b:10:e8:6d:37:31:dd:18:07:c7:a5:
                    e8:2b:a8:00:98:84:9b:55:dd:16:e6:30:ab:6a:c2:
                    fd:fd:ab:b8:3f:d5:77:aa:00:5d:8f:35:a2:6f:46:
                    43:4c:9b:ef:7d:a1:35:54:6e:f1:9e:08:a8:82:dc:
                    6d:f9:81:3d:4b:c3:b6:43:e9:9c:98:26:33:e4:6f:
                    b7:53:e6:9d:b5:d4:d7:df:2b:5c:88:ab:5c:49:e8:
                    36:48:95:55:d9:5b:28:54:41:78:67:19:f3:ca:e9:
                    4d:2b:7b:32:6d:7b:f3:6b:b3:f9:4f:73:25:60:59:
                    55:00:81:a9:27:80:12:01:ea:2a:d0:9f:7e:9b:02:
                    c2:15:37:f9:22:ec:23:d9:d8:6a:8d:cf:27:50:a2:
                    55:3b:aa:ab:5f:53:6b:34:b5:e1:93:06:6a:1f:67:
                    e7:5e:17:b3:e1:42:36:8c:e0:94:b6:88:df:76:9b:
                    5f:a8:04:ee:e7:47:ba:16:cc:96:d5:d6:f3:b1:61:
                    db:ba:c5:4e:5f:53:b4:36:07:78:3b:85:20:a8:ae:
                    4b:88:78:e7:be:44:6c:f5:71:f8:7c:d7:27:e0:f2:
                    23:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                72:CA:B8:CC:E2:59:3B:E1:DA:9D:F0:8F:AD:0F:13:59:45:BF:16:4D
            X509v3 Authority Key Identifier:
                keyid:DB:11:B7:70:79:11:06:4B:45:F8:8A:13:AD:77:79:5D:0B:CE:5C:C6

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/4ED6EB0CD247E17FF0A8DCE6B46C64555E8B6E899F5580B5E4C02BE5DC9F96EF/0/DB11B7707911064B45F88A13AD77795D0BCE5CC6.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/DB11B7707911064B45F88A13AD77795D0BCE5CC6.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/4ED6EB0CD247E17FF0A8DCE6B46C64555E8B6E899F5580B5E4C02BE5DC9F96EF/0/323830333a383230303a3a2f33322d3332203d3e203532333933.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2803:8200::/32

    Signature Algorithm: sha256WithRSAEncryption
         85:07:f3:c5:1a:ca:81:34:7f:bb:b5:4f:1b:56:af:66:ad:2d:
         78:03:17:c4:47:73:80:b7:87:95:d3:78:b2:04:b2:dc:b7:e4:
         b2:1e:86:f7:3f:38:0a:86:e0:f4:b9:4a:aa:9b:df:64:00:2c:
         3d:c2:11:4c:c0:f3:9e:31:7c:71:3f:ad:7d:fc:28:cb:8d:34:
         1a:a7:75:38:b0:4b:73:dd:f2:36:d3:e8:93:50:cb:fb:41:08:
         e5:62:f7:04:61:d3:78:a8:b7:b2:40:25:30:9e:a9:63:15:11:
         04:1b:71:f3:ed:d5:ed:47:29:2c:79:df:09:69:79:35:aa:15:
         78:59:4e:dd:83:18:72:9e:82:a6:b9:12:c8:3f:6b:2a:59:21:
         bc:ca:af:e5:15:14:dc:d2:77:4a:1d:59:8f:d3:24:6e:a7:25:
         d0:a2:e3:d1:d3:46:ed:57:68:81:00:76:6b:36:7e:2f:8a:0d:
         4b:b2:f8:b4:7d:3c:4c:b2:e3:e9:d3:db:a2:b6:bd:b5:7f:0e:
         a0:2c:28:5b:cc:a9:0b:ef:07:b4:68:ec:b0:52:69:7f:2e:a5:
         53:5d:3b:23:d7:4f:e2:97:1c:8b:9d:a6:4e:61:ba:24:15:f0:
         ab:62:cd:d6:f3:93:96:2c:3e:bb:fb:ad:b2:6b:b5:7d:24:b0:
         11:cd:f3:ee
-----BEGIN CERTIFICATE-----
MIIFvTCCBKWgAwIBAgIUWd4cOmkKmVapgBrOj0B2SCLKN8EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoREIxMUI3NzA3OTExMDY0QjQ1Rjg4QTEzQUQ3Nzc5NUQw
QkNFNUNDNjAeFw0yNTAyMDQxODIzNTZaFw0yNjAyMDMxODI4NTZaMDMxMTAvBgNV
BAMTKDcyQ0FCOENDRTI1OTNCRTFEQTlERjA4RkFEMEYxMzU5NDVCRjE2NEQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGN3ZnhOGxltd8MevruNBqw4fb
zRSSEffee8m21UxapNyLEOhtNzHdGAfHpegrqACYhJtV3RbmMKtqwv39q7g/1Xeq
AF2PNaJvRkNMm+99oTVUbvGeCKiC3G35gT1Lw7ZD6ZyYJjPkb7dT5p211NffK1yI
q1xJ6DZIlVXZWyhUQXhnGfPK6U0rezJte/Nrs/lPcyVgWVUAgakngBIB6irQn36b
AsIVN/ki7CPZ2GqNzydQolU7qqtfU2s0teGTBmofZ+deF7PhQjaM4JS2iN92m1+o
BO7nR7oWzJbV1vOxYdu6xU5fU7Q2B3g7hSCorkuIeOe+RGz1cfh81yfg8iPvAgMB
AAGjggLHMIICwzAdBgNVHQ4EFgQUcsq4zOJZO+HanfCPrQ8TWUW/Fk0wHwYDVR0j
BBgwFoAU2xG3cHkRBktF+IoTrXd5XQvOXMYwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy80RUQ2RUIwQ0QyNDdFMTdGRjBBOERDRTZCNDZDNjQ1NTVF
OEI2RTg5OUY1NTgwQjVFNEMwMkJFNURDOUY5NkVGLzAvREIxMUI3NzA3OTExMDY0
QjQ1Rjg4QTEzQUQ3Nzc5NUQwQkNFNUNDNi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9EQjExQjc3MDc5MTEwNjRCNDVG
ODhBMTNBRDc3Nzk1RDBCQ0U1Q0M2LmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNEVENkVCMENEMjQ3RTE3RkYwQThEQ0U2QjQ2QzY0NTU1RThCNkU4OTlG
NTU4MEI1RTRDMDJCRTVEQzlGOTZFRi8wLzMyMzgzMDMzM2EzODMyMzAzMDNhM2Ey
ZjMzMzIyZDMzMzIyMDNkM2UyMDM1MzIzMzM5MzMucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAoA4IAMA0G
CSqGSIb3DQEBCwUAA4IBAQCFB/PFGsqBNH+7tU8bVq9mrS14AxfER3OAt4eV03iy
BLLct+SyHob3PzgKhuD0uUqqm99kACw9whFMwPOeMXxxP619/CjLjTQap3U4sEtz
3fI20+iTUMv7QQjlYvcEYdN4qLeyQCUwnqljFREEG3Hz7dXtRyksed8JaXk1qhV4
WU7dgxhynoKmuRLIP2sqWSG8yq/lFRTc0ndKHVmP0yRupyXQouPR00btV2iBAHZr
Nn4vig1Lsvi0fTxMsuPp09uitr21fw6gLChbzKkL7we0aOywUml/LqVTXTsj10/i
lxyLnaZOYbokFfCrYs3W85OWLD67+62ya7V9JLARzfPu
-----END CERTIFICATE-----