Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/5D5BDC4006B2D7EA9E59D54B452005C51A260DD47CC6CABA7D577D1CE2D13801/0/323830313a31663a373030303a3a2f34382d3438203d3e203532333138.roa
File:                     323830313a31663a373030303a3a2f34382d3438203d3e203532333138.roa (raw, json)
Hash identifier:          Kfvr5R9prHiIS6VB2ko57uvQAn4L4NXIsOgke+ci+k0=
Subject key identifier:   23:3D:C7:4F:7B:C6:DC:24:FF:E8:06:17:1B:6F:74:27:AC:F6:5A:DC
Certificate issuer:       /CN=3802AD95B7CACA97DDF17AEBD1AAA914EE988E98
Certificate serial:       77727019B06F3292D427EA04192B70617EA924A8
Authority key identifier: 38:02:AD:95:B7:CA:CA:97:DD:F1:7A:EB:D1:AA:A9:14:EE:98:8E:98
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/3802AD95B7CACA97DDF17AEBD1AAA914EE988E98.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/5D5BDC4006B2D7EA9E59D54B452005C51A260DD47CC6CABA7D577D1CE2D13801/0/323830313a31663a373030303a3a2f34382d3438203d3e203532333138.roa
Signing time:             Tue 04 Feb 2025 18:19:54 +0000
ROA not before:           Tue 04 Feb 2025 18:14:54 +0000
ROA not after:            Tue 03 Feb 2026 18:19:54 +0000
asID:                     52318
IP address blocks:        2801:1f:7000::/48 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            77:72:70:19:b0:6f:32:92:d4:27:ea:04:19:2b:70:61:7e:a9:24:a8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3802AD95B7CACA97DDF17AEBD1AAA914EE988E98
        Validity
            Not Before: Feb  4 18:14:54 2025 GMT
            Not After : Feb  3 18:19:54 2026 GMT
        Subject: CN=233DC74F7BC6DC24FFE806171B6F7427ACF65ADC
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:42:86:e5:de:ba:5a:01:4d:4e:83:d0:b4:27:
                    08:d4:a9:b2:e1:f0:9e:93:63:1b:ef:e1:7e:df:55:
                    03:cf:97:3e:09:9b:93:c3:86:18:b1:e7:28:3a:95:
                    1f:ac:4f:40:e5:87:0e:3b:5d:97:bb:06:8a:cb:e2:
                    f5:67:d8:fe:8a:17:c1:ba:e7:de:2d:e8:3e:d4:6d:
                    78:b5:6d:e3:9b:ec:1a:5d:01:80:32:6e:e9:25:e1:
                    9f:1a:06:aa:a2:01:f8:67:b7:9b:a9:e4:ce:42:8e:
                    d2:ff:75:8f:1b:ab:80:35:fa:2b:28:aa:6a:5c:c2:
                    50:f0:6e:74:1a:e8:da:95:40:75:56:c8:41:05:f0:
                    7d:e5:2b:ce:fb:91:65:6c:ef:9b:3f:70:74:33:09:
                    f6:aa:fc:e7:78:89:ee:d4:18:69:60:11:21:68:2d:
                    60:c7:30:5a:bd:fd:6c:a3:88:eb:46:d0:3b:93:31:
                    73:0d:ee:d1:bc:74:ce:ee:bf:c5:ff:98:3b:22:56:
                    56:c8:0f:0b:44:f2:65:17:d9:8a:58:e9:77:5f:74:
                    c3:c9:43:7c:82:b5:d6:42:64:30:39:60:48:ab:8b:
                    d1:e0:6b:1e:3d:0f:1d:41:33:48:f5:74:3c:03:35:
                    b2:e7:2e:89:29:7b:cc:cb:0d:46:5b:69:aa:9b:33:
                    58:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                23:3D:C7:4F:7B:C6:DC:24:FF:E8:06:17:1B:6F:74:27:AC:F6:5A:DC
            X509v3 Authority Key Identifier:
                keyid:38:02:AD:95:B7:CA:CA:97:DD:F1:7A:EB:D1:AA:A9:14:EE:98:8E:98

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/5D5BDC4006B2D7EA9E59D54B452005C51A260DD47CC6CABA7D577D1CE2D13801/0/3802AD95B7CACA97DDF17AEBD1AAA914EE988E98.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/3802AD95B7CACA97DDF17AEBD1AAA914EE988E98.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/5D5BDC4006B2D7EA9E59D54B452005C51A260DD47CC6CABA7D577D1CE2D13801/0/323830313a31663a373030303a3a2f34382d3438203d3e203532333138.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2801:1f:7000::/48

    Signature Algorithm: sha256WithRSAEncryption
         6d:0d:30:14:65:83:80:e6:96:55:53:67:10:ee:a2:bf:f7:37:
         16:40:06:fe:f8:74:9a:6b:84:4a:74:53:af:ad:a6:ca:75:e4:
         48:ad:fa:de:c8:42:ca:1f:bd:31:27:c5:1d:63:f3:c3:16:51:
         ae:92:4c:3d:ed:22:5e:44:65:0a:2d:b6:c3:68:06:1d:43:5b:
         16:b1:40:4c:08:c2:41:65:e1:25:0f:47:e1:26:4d:ab:11:ff:
         bd:1c:15:db:1d:50:bc:ec:d5:94:18:5b:e5:87:1b:f3:02:10:
         1f:54:94:03:2c:74:7f:cb:0d:f7:64:ef:ca:2a:51:40:f3:dc:
         87:59:ab:44:b8:6d:c8:7d:52:39:6a:14:32:e6:c7:08:cd:c9:
         4b:6e:ad:46:91:4f:f5:bb:bb:49:1d:d8:56:c9:e9:7a:f2:81:
         00:be:f3:21:b3:b1:11:bf:bd:3d:0e:eb:ee:18:54:c8:94:30:
         37:11:27:b8:b8:94:e8:43:01:27:8a:fb:d8:a0:fc:42:40:11:
         35:14:78:62:60:52:16:db:5a:c5:f6:c2:ab:75:14:7a:a1:56:
         c9:13:2d:53:5b:c0:28:03:98:2c:91:bc:d5:d3:df:14:b4:4a:
         95:57:c6:bf:0e:2e:78:48:6d:2d:df:b9:50:67:d0:43:f8:a3:
         ba:72:e9:90
-----BEGIN CERTIFICATE-----
MIIFxTCCBK2gAwIBAgIUd3JwGbBvMpLUJ+oEGStwYX6pJKgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzgwMkFEOTVCN0NBQ0E5N0RERjE3QUVCRDFBQUE5MTRF
RTk4OEU5ODAeFw0yNTAyMDQxODE0NTRaFw0yNjAyMDMxODE5NTRaMDMxMTAvBgNV
BAMTKDIzM0RDNzRGN0JDNkRDMjRGRkU4MDYxNzFCNkY3NDI3QUNGNjVBREMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzQobl3rpaAU1Og9C0JwjUqbLh
8J6TYxvv4X7fVQPPlz4Jm5PDhhix5yg6lR+sT0Dlhw47XZe7BorL4vVn2P6KF8G6
594t6D7UbXi1beOb7BpdAYAybukl4Z8aBqqiAfhnt5up5M5CjtL/dY8bq4A1+iso
qmpcwlDwbnQa6NqVQHVWyEEF8H3lK877kWVs75s/cHQzCfaq/Od4ie7UGGlgESFo
LWDHMFq9/WyjiOtG0DuTMXMN7tG8dM7uv8X/mDsiVlbIDwtE8mUX2YpY6XdfdMPJ
Q3yCtdZCZDA5YEiri9Hgax49Dx1BM0j1dDwDNbLnLokpe8zLDUZbaaqbM1hHAgMB
AAGjggLPMIICyzAdBgNVHQ4EFgQUIz3HT3vG3CT/6AYXG290J6z2WtwwHwYDVR0j
BBgwFoAUOAKtlbfKypfd8Xrr0aqpFO6YjpgwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy81RDVCREM0MDA2QjJEN0VBOUU1OUQ1NEI0NTIwMDVDNTFB
MjYwREQ0N0NDNkNBQkE3RDU3N0QxQ0UyRDEzODAxLzAvMzgwMkFEOTVCN0NBQ0E5
N0RERjE3QUVCRDFBQUE5MTRFRTk4OEU5OC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8zODAyQUQ5NUI3Q0FDQTk3RERG
MTdBRUJEMUFBQTkxNEVFOTg4RTk4LmNlcjCBywYIKwYBBQUHAQsEgb4wgbswgbgG
CCsGAQUFBzALhoGrcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNUQ1QkRDNDAwNkIyRDdFQTlFNTlENTRCNDUyMDA1QzUxQTI2MERENDdD
QzZDQUJBN0Q1NzdEMUNFMkQxMzgwMS8wLzMyMzgzMDMxM2EzMTY2M2EzNzMwMzAz
MDNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDM1MzIzMzMxMzgucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAo
AQAfcAAwDQYJKoZIhvcNAQELBQADggEBAG0NMBRlg4DmllVTZxDuor/3NxZABv74
dJprhEp0U6+tpsp15Eit+t7IQsofvTEnxR1j88MWUa6STD3tIl5EZQottsNoBh1D
WxaxQEwIwkFl4SUPR+EmTasR/70cFdsdULzs1ZQYW+WHG/MCEB9UlAMsdH/LDfdk
78oqUUDz3IdZq0S4bch9UjlqFDLmxwjNyUturUaRT/W7u0kd2FbJ6XrygQC+8yGz
sRG/vT0O6+4YVMiUMDcRJ7i4lOhDASeK+9ig/EJAETUUeGJgUhbbWsX2wqt1FHqh
VskTLVNbwCgDmCyRvNXT3xS0SpVXxr8OLnhIbS3fuVBn0EP4o7py6ZA=
-----END CERTIFICATE-----