Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/5972D5CC3498C9D38CCA4EDED1834EFA9897C62416814DECD3DD848AA977377A/0/323830333a326139303a3130303a3a2f34302d3430203d3e20323732383737.roa
File:                     323830333a326139303a3130303a3a2f34302d3430203d3e20323732383737.roa (raw, json)
Hash identifier:          iBSniWiZg+dVSKgfJUf+xq9k7q21w4bX4GauSfTZ2vc=
Subject key identifier:   FB:41:AF:20:94:80:BE:99:4C:27:D5:A5:8B:3C:11:C1:62:0A:11:F9
Certificate issuer:       /CN=E19BC5FA671BC143D11A298D8E45D012F8B59DB8
Certificate serial:       636FC42BA40B8AD14CE4EBF2484E3D7E67AA5F53
Authority key identifier: E1:9B:C5:FA:67:1B:C1:43:D1:1A:29:8D:8E:45:D0:12:F8:B5:9D:B8
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/E19BC5FA671BC143D11A298D8E45D012F8B59DB8.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/5972D5CC3498C9D38CCA4EDED1834EFA9897C62416814DECD3DD848AA977377A/0/323830333a326139303a3130303a3a2f34302d3430203d3e20323732383737.roa
Signing time:             Wed 19 Mar 2025 02:12:26 +0000
ROA not before:           Wed 19 Mar 2025 02:07:26 +0000
ROA not after:            Wed 18 Mar 2026 02:12:26 +0000
asID:                     272877
IP address blocks:        2803:2a90:100::/40 maxlen: 40
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            63:6f:c4:2b:a4:0b:8a:d1:4c:e4:eb:f2:48:4e:3d:7e:67:aa:5f:53
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=E19BC5FA671BC143D11A298D8E45D012F8B59DB8
        Validity
            Not Before: Mar 19 02:07:26 2025 GMT
            Not After : Mar 18 02:12:26 2026 GMT
        Subject: CN=FB41AF209480BE994C27D5A58B3C11C1620A11F9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:f5:64:eb:d2:96:fb:c0:0a:9b:de:ec:18:80:
                    b4:b3:3e:1b:e8:d7:00:df:dc:2e:26:a3:df:de:b1:
                    42:85:7f:10:c1:16:17:0d:b9:6f:db:5e:7e:cc:c9:
                    59:cd:20:1f:89:c6:e1:08:32:93:f9:2e:8a:2e:60:
                    93:09:47:2b:0a:a0:c4:9f:e4:24:dd:ca:c1:99:cc:
                    77:eb:28:1e:aa:6e:04:79:db:36:59:f6:23:9f:c1:
                    e2:38:97:39:1a:0d:a8:3d:33:06:5e:4b:69:3a:fc:
                    da:5c:0d:73:4e:c1:c6:db:5a:19:7e:1d:a4:25:78:
                    8a:e4:3c:c8:c4:53:3e:7d:29:ff:5a:01:49:49:06:
                    fb:c0:ac:be:9d:f5:5f:69:ab:6b:eb:f2:60:99:90:
                    01:b4:37:d9:53:8b:f3:9a:f0:aa:36:ca:18:67:36:
                    39:9f:a8:80:5b:5c:cc:a4:8d:68:83:b1:8c:89:21:
                    ba:5d:64:6d:c1:a3:9b:65:03:9e:3d:f3:ea:b4:ba:
                    a9:d0:68:f1:e4:5d:3e:af:a8:e1:53:e9:c1:aa:fb:
                    58:26:83:ce:1a:7b:c4:f1:89:8f:ec:f0:52:72:df:
                    bd:da:2c:10:e2:5b:c3:d8:b4:85:f4:ff:08:2f:75:
                    5a:85:13:b0:62:56:18:8a:56:72:7d:5e:53:c5:ff:
                    ad:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FB:41:AF:20:94:80:BE:99:4C:27:D5:A5:8B:3C:11:C1:62:0A:11:F9
            X509v3 Authority Key Identifier:
                keyid:E1:9B:C5:FA:67:1B:C1:43:D1:1A:29:8D:8E:45:D0:12:F8:B5:9D:B8

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/5972D5CC3498C9D38CCA4EDED1834EFA9897C62416814DECD3DD848AA977377A/0/E19BC5FA671BC143D11A298D8E45D012F8B59DB8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/E19BC5FA671BC143D11A298D8E45D012F8B59DB8.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/5972D5CC3498C9D38CCA4EDED1834EFA9897C62416814DECD3DD848AA977377A/0/323830333a326139303a3130303a3a2f34302d3430203d3e20323732383737.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2803:2a90:100::/40

    Signature Algorithm: sha256WithRSAEncryption
         78:20:1b:55:6c:cb:a0:c1:04:41:12:2d:91:af:c6:57:12:35:
         c7:15:72:73:d1:27:38:83:e4:16:98:ab:9c:9e:82:5c:87:19:
         19:4a:a9:d6:8d:b6:98:47:06:ff:42:79:0b:ff:a7:b9:7d:9c:
         7e:e6:b7:11:b2:15:31:81:18:9d:df:8f:b0:0e:d6:83:05:45:
         f6:19:4f:62:f0:f4:3c:57:16:c1:8f:a5:fb:75:fd:67:1b:a1:
         ee:99:93:ea:1b:97:00:bc:b1:1b:8b:7e:90:55:06:86:44:64:
         0d:6b:1e:d9:91:42:1c:ad:ec:92:ed:3e:77:ac:b8:a5:13:27:
         b5:c4:98:2a:56:13:8b:9d:8f:b8:94:eb:45:d5:cf:19:b5:ba:
         2d:f3:c1:95:18:80:bd:cd:b9:a2:f8:8c:22:e2:26:9b:0e:cc:
         63:44:88:d9:ce:45:d6:09:c7:13:10:b0:bb:a9:19:67:61:db:
         09:ab:fb:6c:db:b7:35:37:7f:62:39:bd:8a:9c:70:90:2c:4f:
         72:1d:aa:f1:7e:21:28:e9:f7:92:dd:6d:08:d7:3f:6b:93:d2:
         20:30:a8:75:09:66:71:8a:0a:69:4e:b4:e8:d1:db:c3:c0:29:
         9f:ba:ed:ef:2b:61:24:0e:d8:e9:6e:39:90:0e:9f:c0:0a:16:
         cd:49:08:8b
-----BEGIN CERTIFICATE-----
MIIFyDCCBLCgAwIBAgIUY2/EK6QLitFM5OvySE49fmeqX1MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRTE5QkM1RkE2NzFCQzE0M0QxMUEyOThEOEU0NUQwMTJG
OEI1OURCODAeFw0yNTAzMTkwMjA3MjZaFw0yNjAzMTgwMjEyMjZaMDMxMTAvBgNV
BAMTKEZCNDFBRjIwOTQ4MEJFOTk0QzI3RDVBNThCM0MxMUMxNjIwQTExRjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDU9WTr0pb7wAqb3uwYgLSzPhvo
1wDf3C4mo9/esUKFfxDBFhcNuW/bXn7MyVnNIB+JxuEIMpP5LoouYJMJRysKoMSf
5CTdysGZzHfrKB6qbgR52zZZ9iOfweI4lzkaDag9MwZeS2k6/NpcDXNOwcbbWhl+
HaQleIrkPMjEUz59Kf9aAUlJBvvArL6d9V9pq2vr8mCZkAG0N9lTi/Oa8Ko2yhhn
NjmfqIBbXMykjWiDsYyJIbpdZG3Bo5tlA5498+q0uqnQaPHkXT6vqOFT6cGq+1gm
g84ae8TxiY/s8FJy373aLBDiW8PYtIX0/wgvdVqFE7BiVhiKVnJ9XlPF/621AgMB
AAGjggLSMIICzjAdBgNVHQ4EFgQU+0GvIJSAvplMJ9WlizwRwWIKEfkwHwYDVR0j
BBgwFoAU4ZvF+mcbwUPRGimNjkXQEvi1nbgwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy81OTcyRDVDQzM0OThDOUQzOENDQTRFREVEMTgzNEVGQTk4
OTdDNjI0MTY4MTRERUNEM0REODQ4QUE5NzczNzdBLzAvRTE5QkM1RkE2NzFCQzE0
M0QxMUEyOThEOEU0NUQwMTJGOEI1OURCOC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9FMTlCQzVGQTY3MUJDMTQzRDEx
QTI5OEQ4RTQ1RDAxMkY4QjU5REI4LmNlcjCBzwYIKwYBBQUHAQsEgcIwgb8wgbwG
CCsGAQUFBzALhoGvcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNTk3MkQ1Q0MzNDk4QzlEMzhDQ0E0RURFRDE4MzRFRkE5ODk3QzYyNDE2
ODE0REVDRDNERDg0OEFBOTc3Mzc3QS8wLzMyMzgzMDMzM2EzMjYxMzkzMDNhMzEz
MDMwM2EzYTJmMzQzMDJkMzQzMDIwM2QzZTIwMzIzNzMyMzgzNzM3LnJvYTAYBgNV
HSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAI
AwYAKAMqkAEwDQYJKoZIhvcNAQELBQADggEBAHggG1Vsy6DBBEESLZGvxlcSNccV
cnPRJziD5BaYq5yeglyHGRlKqdaNtphHBv9CeQv/p7l9nH7mtxGyFTGBGJ3fj7AO
1oMFRfYZT2Lw9DxXFsGPpft1/Wcboe6Zk+oblwC8sRuLfpBVBoZEZA1rHtmRQhyt
7JLtPnesuKUTJ7XEmCpWE4udj7iU60XVzxm1ui3zwZUYgL3NuaL4jCLiJpsOzGNE
iNnORdYJxxMQsLupGWdh2wmr+2zbtzU3f2I5vYqccJAsT3IdqvF+ISjp95LdbQjX
P2uT0iAwqHUJZnGKCmlOtOjR28PAKZ+67e8rYSQO2OluOZAOn8AKFs1JCIs=
-----END CERTIFICATE-----