Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/5CB9848E9893725A7D22E0CBCE9B9EDCA70AC5F5B2DE28C64352B5D7BDCD4696/0/323830333a3231303a3a2f33322d3634203d3e20323731383839.roa
File:                     323830333a3231303a3a2f33322d3634203d3e20323731383839.roa (raw, json)
Hash identifier:          mgN1o1Ur/0N/WztIWzf6AHv8L+CVBMm2VIE+49K7m2Q=
Subject key identifier:   F6:22:EF:94:03:F5:B1:C4:BC:8E:09:10:AD:F8:3B:30:7E:31:01:B5
Certificate issuer:       /CN=E4680E7DB5E2661029DADF95F18EDCCD3A194B02
Certificate serial:       79A5A343296FB7F533363943EEC90A293F23478E
Authority key identifier: E4:68:0E:7D:B5:E2:66:10:29:DA:DF:95:F1:8E:DC:CD:3A:19:4B:02
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/E4680E7DB5E2661029DADF95F18EDCCD3A194B02.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/5CB9848E9893725A7D22E0CBCE9B9EDCA70AC5F5B2DE28C64352B5D7BDCD4696/0/323830333a3231303a3a2f33322d3634203d3e20323731383839.roa
Signing time:             Tue 04 Feb 2025 18:16:11 +0000
ROA not before:           Tue 04 Feb 2025 18:11:11 +0000
ROA not after:            Tue 03 Feb 2026 18:16:11 +0000
asID:                     271889
IP address blocks:        2803:210::/32 maxlen: 64
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            79:a5:a3:43:29:6f:b7:f5:33:36:39:43:ee:c9:0a:29:3f:23:47:8e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=E4680E7DB5E2661029DADF95F18EDCCD3A194B02
        Validity
            Not Before: Feb  4 18:11:11 2025 GMT
            Not After : Feb  3 18:16:11 2026 GMT
        Subject: CN=F622EF9403F5B1C4BC8E0910ADF83B307E3101B5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:4c:fc:8d:61:b2:e4:d5:89:1a:23:7d:d1:87:
                    a6:f4:d8:17:48:c0:14:c9:f6:1c:7b:04:8e:23:22:
                    93:cf:50:38:c8:7b:81:d7:6f:9a:29:56:39:cb:d4:
                    e7:f8:8d:49:9e:a6:c7:4a:f8:df:83:70:02:65:2b:
                    4e:c0:88:8c:55:6e:ba:01:e1:30:38:2a:93:9d:b1:
                    cf:83:61:07:51:25:31:90:99:3d:fa:06:09:55:85:
                    de:d1:bb:02:57:c1:b0:3a:b3:1f:27:2c:31:e7:4c:
                    4e:57:35:9a:a5:87:df:f1:14:4d:37:16:d6:da:a2:
                    90:55:39:21:10:2a:40:70:cb:8d:f7:aa:49:0c:d0:
                    79:f0:9c:da:d4:55:71:bf:e4:15:98:43:ec:90:0c:
                    ff:c8:6e:38:67:4e:fc:d8:03:76:ea:f3:2e:15:77:
                    a6:db:ba:c9:dd:eb:2c:f1:e7:e0:b8:2e:99:05:6a:
                    e4:9e:4f:1d:58:b8:60:a7:b3:f3:73:32:f4:53:a5:
                    6e:98:9a:65:bc:97:f2:de:90:10:d6:70:49:eb:f4:
                    78:23:b8:e4:50:ac:3e:d5:36:da:b6:92:41:e9:96:
                    1b:b8:52:39:83:63:96:6a:1c:3b:63:bc:66:e1:21:
                    80:ba:e0:a1:6e:fc:81:46:9b:1b:ec:ec:54:cb:11:
                    01:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F6:22:EF:94:03:F5:B1:C4:BC:8E:09:10:AD:F8:3B:30:7E:31:01:B5
            X509v3 Authority Key Identifier:
                keyid:E4:68:0E:7D:B5:E2:66:10:29:DA:DF:95:F1:8E:DC:CD:3A:19:4B:02

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/5CB9848E9893725A7D22E0CBCE9B9EDCA70AC5F5B2DE28C64352B5D7BDCD4696/0/E4680E7DB5E2661029DADF95F18EDCCD3A194B02.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/E4680E7DB5E2661029DADF95F18EDCCD3A194B02.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/5CB9848E9893725A7D22E0CBCE9B9EDCA70AC5F5B2DE28C64352B5D7BDCD4696/0/323830333a3231303a3a2f33322d3634203d3e20323731383839.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2803:210::/32

    Signature Algorithm: sha256WithRSAEncryption
         23:74:07:ff:9f:51:b8:78:2a:ab:a5:0f:ac:5a:c6:e3:ff:11:
         4e:a6:a6:6e:65:fe:33:8f:57:67:6f:23:0e:e8:06:ab:a9:87:
         95:3b:fd:d6:36:c5:d7:5e:9a:90:a2:9d:14:fa:57:f7:6e:17:
         50:d6:75:df:2d:f1:8e:ff:88:d2:a2:7d:48:cb:cc:65:fd:d9:
         30:13:cc:42:2d:e6:ff:a4:60:1b:1e:fa:1d:0e:e7:db:27:fd:
         fd:7e:b9:4f:f2:52:58:26:a1:9c:7c:ea:76:79:48:09:51:2b:
         aa:46:52:e4:49:81:a8:73:d0:c8:83:23:b2:1f:13:45:ef:dc:
         43:0e:72:ea:b8:65:0e:a5:d2:60:47:7b:0e:aa:37:b0:87:5a:
         4d:d0:45:df:9d:46:dc:3e:66:b6:af:46:00:89:fa:30:3e:de:
         c4:99:a6:e3:c7:ca:28:1c:16:c9:35:0e:6d:c6:02:f7:10:5b:
         e3:8f:15:9a:0b:2e:12:64:28:11:e7:1b:93:da:a7:50:75:e6:
         70:3f:63:6b:71:8a:11:f8:d7:16:41:76:33:b1:2e:c7:7b:57:
         c6:0f:38:02:38:a2:92:e8:32:95:a2:ca:fe:3f:9b:2c:e1:89:
         2f:1b:6a:6a:ec:b9:63:73:fc:e1:cc:e1:f7:df:c7:1d:9d:45:
         27:a7:a1:63
-----BEGIN CERTIFICATE-----
MIIFvTCCBKWgAwIBAgIUeaWjQylvt/UzNjlD7skKKT8jR44wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRTQ2ODBFN0RCNUUyNjYxMDI5REFERjk1RjE4RURDQ0Qz
QTE5NEIwMjAeFw0yNTAyMDQxODExMTFaFw0yNjAyMDMxODE2MTFaMDMxMTAvBgNV
BAMTKEY2MjJFRjk0MDNGNUIxQzRCQzhFMDkxMEFERjgzQjMwN0UzMTAxQjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCmTPyNYbLk1YkaI33Rh6b02BdI
wBTJ9hx7BI4jIpPPUDjIe4HXb5opVjnL1Of4jUmepsdK+N+DcAJlK07AiIxVbroB
4TA4KpOdsc+DYQdRJTGQmT36BglVhd7RuwJXwbA6sx8nLDHnTE5XNZqlh9/xFE03
FtbaopBVOSEQKkBwy433qkkM0HnwnNrUVXG/5BWYQ+yQDP/IbjhnTvzYA3bq8y4V
d6bbusnd6yzx5+C4LpkFauSeTx1YuGCns/NzMvRTpW6YmmW8l/LekBDWcEnr9Hgj
uORQrD7VNtq2kkHplhu4UjmDY5ZqHDtjvGbhIYC64KFu/IFGmxvs7FTLEQG9AgMB
AAGjggLHMIICwzAdBgNVHQ4EFgQU9iLvlAP1scS8jgkQrfg7MH4xAbUwHwYDVR0j
BBgwFoAU5GgOfbXiZhAp2t+V8Y7czToZSwIwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy81Q0I5ODQ4RTk4OTM3MjVBN0QyMkUwQ0JDRTlCOUVEQ0E3
MEFDNUY1QjJERTI4QzY0MzUyQjVEN0JEQ0Q0Njk2LzAvRTQ2ODBFN0RCNUUyNjYx
MDI5REFERjk1RjE4RURDQ0QzQTE5NEIwMi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9FNDY4MEU3REI1RTI2NjEwMjlE
QURGOTVGMThFRENDRDNBMTk0QjAyLmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNUNCOTg0OEU5ODkzNzI1QTdEMjJFMENCQ0U5QjlFRENBNzBBQzVGNUIy
REUyOEM2NDM1MkI1RDdCRENENDY5Ni8wLzMyMzgzMDMzM2EzMjMxMzAzYTNhMmYz
MzMyMmQzNjM0MjAzZDNlMjAzMjM3MzEzODM4Mzkucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAoAwIQMA0G
CSqGSIb3DQEBCwUAA4IBAQAjdAf/n1G4eCqrpQ+sWsbj/xFOpqZuZf4zj1dnbyMO
6AarqYeVO/3WNsXXXpqQop0U+lf3bhdQ1nXfLfGO/4jSon1Iy8xl/dkwE8xCLeb/
pGAbHvodDufbJ/39frlP8lJYJqGcfOp2eUgJUSuqRlLkSYGoc9DIgyOyHxNF79xD
DnLquGUOpdJgR3sOqjewh1pN0EXfnUbcPma2r0YAifowPt7Emabjx8ooHBbJNQ5t
xgL3EFvjjxWaCy4SZCgR5xuT2qdQdeZwP2NrcYoR+NcWQXYzsS7He1fGDzgCOKKS
6DKVosr+P5ss4YkvG2pq7Lljc/zhzOH338cdnUUnp6Fj
-----END CERTIFICATE-----