Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/5D8F51B1D1657BF366614511A20581BDED03B32FBCD5E9D471AF986BA436211B/0/323830333a626130303a3330303a3a2f34302d3430203d3e203532323836.roa
File:                     323830333a626130303a3330303a3a2f34302d3430203d3e203532323836.roa (raw, json)
Hash identifier:          ElDvKptvq6/9BAgYg9BkR6J4EKNixNDQD0hqblVNhH8=
Subject key identifier:   6C:6A:FF:8E:FD:69:97:60:09:3B:3E:93:1C:D8:14:02:E6:24:21:43
Certificate issuer:       /CN=241DE049AC3C932631785D79E6569AB7CF57A340
Certificate serial:       40F7229E0DC3E9A5B33A7263EAC47F58228002F6
Authority key identifier: 24:1D:E0:49:AC:3C:93:26:31:78:5D:79:E6:56:9A:B7:CF:57:A3:40
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/241DE049AC3C932631785D79E6569AB7CF57A340.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/5D8F51B1D1657BF366614511A20581BDED03B32FBCD5E9D471AF986BA436211B/0/323830333a626130303a3330303a3a2f34302d3430203d3e203532323836.roa
Signing time:             Tue 04 Feb 2025 18:01:12 +0000
ROA not before:           Tue 04 Feb 2025 17:56:12 +0000
ROA not after:            Tue 03 Feb 2026 18:01:12 +0000
asID:                     52286
IP address blocks:        2803:ba00:300::/40 maxlen: 40
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            40:f7:22:9e:0d:c3:e9:a5:b3:3a:72:63:ea:c4:7f:58:22:80:02:f6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=241DE049AC3C932631785D79E6569AB7CF57A340
        Validity
            Not Before: Feb  4 17:56:12 2025 GMT
            Not After : Feb  3 18:01:12 2026 GMT
        Subject: CN=6C6AFF8EFD699760093B3E931CD81402E6242143
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:98:ea:59:95:89:a3:5d:28:53:fb:7e:9d:a3:
                    a4:4c:32:87:25:94:0f:c1:37:2b:3e:1e:10:31:77:
                    d2:d4:a8:f7:cf:e5:d3:a1:b4:f4:fd:e1:69:f0:fb:
                    d8:62:bc:5a:17:13:ed:18:53:ea:30:29:80:0b:f1:
                    3c:ae:2c:96:37:f2:da:79:eb:5d:b2:c9:70:47:2c:
                    e7:97:0e:69:b0:2e:c4:3c:f2:78:5f:d6:78:0d:6e:
                    92:03:a7:d5:30:db:3b:cd:e0:e1:b9:31:50:39:15:
                    91:7a:64:b8:9a:80:83:26:06:cc:91:be:ea:14:3b:
                    9e:a4:3f:91:f5:92:49:79:95:cb:9d:2e:cc:7f:64:
                    ab:a9:68:b1:e4:db:34:f8:6d:31:d6:87:53:b5:b8:
                    75:f8:14:a7:b7:c4:6f:b7:ec:89:52:45:0e:59:3e:
                    cf:d8:21:a3:6f:b7:05:e4:94:67:e6:dc:79:b6:94:
                    59:d7:53:57:9d:86:8c:e5:f3:26:e1:97:00:1c:b6:
                    70:a8:6d:d8:3b:31:a2:48:9c:96:8d:67:0f:83:1e:
                    b2:b3:ca:96:b6:4a:d5:da:79:cd:b3:c1:73:73:4a:
                    43:58:67:ca:60:4e:b8:00:3b:32:d6:6e:a8:da:53:
                    91:ca:91:f1:dc:b1:cd:70:5e:3a:13:d6:ee:a4:07:
                    09:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6C:6A:FF:8E:FD:69:97:60:09:3B:3E:93:1C:D8:14:02:E6:24:21:43
            X509v3 Authority Key Identifier:
                keyid:24:1D:E0:49:AC:3C:93:26:31:78:5D:79:E6:56:9A:B7:CF:57:A3:40

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/5D8F51B1D1657BF366614511A20581BDED03B32FBCD5E9D471AF986BA436211B/0/241DE049AC3C932631785D79E6569AB7CF57A340.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/241DE049AC3C932631785D79E6569AB7CF57A340.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/5D8F51B1D1657BF366614511A20581BDED03B32FBCD5E9D471AF986BA436211B/0/323830333a626130303a3330303a3a2f34302d3430203d3e203532323836.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2803:ba00:300::/40

    Signature Algorithm: sha256WithRSAEncryption
         6f:4f:ed:8d:5e:ff:2b:a9:8e:4c:e3:a8:d1:c4:0c:b2:0c:1d:
         46:0f:44:58:79:23:4f:e3:72:e1:07:03:09:ab:b8:db:ac:7b:
         b1:17:4e:ee:31:43:16:08:f9:7d:4d:78:44:ea:57:06:32:22:
         f6:a7:9e:75:d9:d9:8c:7d:f0:80:e0:7a:1e:68:9a:93:d5:04:
         b0:ce:21:dd:cc:fc:fb:74:05:8d:26:78:97:fd:1d:dd:c9:2a:
         65:8d:e1:30:21:43:9f:ed:dc:79:5a:df:56:84:0d:b6:ee:3d:
         6d:5f:57:5a:1a:45:c6:30:a6:74:76:72:52:93:51:7c:30:25:
         c2:c9:bb:a7:22:49:26:0f:d6:42:39:2a:57:7b:fc:95:9d:ed:
         d6:54:8b:71:c0:bd:0e:4a:a7:3c:5b:be:c4:c5:f4:c1:82:be:
         dc:ab:52:a8:6f:a7:09:8a:32:b8:e8:be:86:4c:b8:8a:c9:1d:
         5b:05:96:62:ea:ac:41:82:fa:8c:2f:d3:ad:72:37:b9:8d:50:
         89:78:b6:ae:cf:76:66:84:2c:cb:2b:69:1a:2c:a2:99:12:f2:
         7b:d0:59:b2:5d:4c:75:af:f0:6d:60:d6:b4:ab:6a:51:a1:4c:
         f2:20:9b:9c:00:99:ee:25:26:b8:43:90:db:e4:20:70:af:ca:
         4a:ef:03:29
-----BEGIN CERTIFICATE-----
MIIFxjCCBK6gAwIBAgIUQPcing3D6aWzOnJj6sR/WCKAAvYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjQxREUwNDlBQzNDOTMyNjMxNzg1RDc5RTY1NjlBQjdD
RjU3QTM0MDAeFw0yNTAyMDQxNzU2MTJaFw0yNjAyMDMxODAxMTJaMDMxMTAvBgNV
BAMTKDZDNkFGRjhFRkQ2OTk3NjAwOTNCM0U5MzFDRDgxNDAyRTYyNDIxNDMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBmOpZlYmjXShT+36do6RMMocl
lA/BNys+HhAxd9LUqPfP5dOhtPT94Wnw+9hivFoXE+0YU+owKYAL8TyuLJY38tp5
612yyXBHLOeXDmmwLsQ88nhf1ngNbpIDp9Uw2zvN4OG5MVA5FZF6ZLiagIMmBsyR
vuoUO56kP5H1kkl5lcudLsx/ZKupaLHk2zT4bTHWh1O1uHX4FKe3xG+37IlSRQ5Z
Ps/YIaNvtwXklGfm3Hm2lFnXU1edhozl8ybhlwActnCobdg7MaJInJaNZw+DHrKz
ypa2StXaec2zwXNzSkNYZ8pgTrgAOzLWbqjaU5HKkfHcsc1wXjoT1u6kBwntAgMB
AAGjggLQMIICzDAdBgNVHQ4EFgQUbGr/jv1pl2AJOz6THNgUAuYkIUMwHwYDVR0j
BBgwFoAUJB3gSaw8kyYxeF155laat89Xo0AwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy81RDhGNTFCMUQxNjU3QkYzNjY2MTQ1MTFBMjA1ODFCREVE
MDNCMzJGQkNENUU5RDQ3MUFGOTg2QkE0MzYyMTFCLzAvMjQxREUwNDlBQzNDOTMy
NjMxNzg1RDc5RTY1NjlBQjdDRjU3QTM0MC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8yNDFERTA0OUFDM0M5MzI2MzE3
ODVENzlFNjU2OUFCN0NGNTdBMzQwLmNlcjCBzQYIKwYBBQUHAQsEgcAwgb0wgboG
CCsGAQUFBzALhoGtcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNUQ4RjUxQjFEMTY1N0JGMzY2NjE0NTExQTIwNTgxQkRFRDAzQjMyRkJD
RDVFOUQ0NzFBRjk4NkJBNDM2MjExQi8wLzMyMzgzMDMzM2E2MjYxMzAzMDNhMzMz
MDMwM2EzYTJmMzQzMDJkMzQzMDIwM2QzZTIwMzUzMjMyMzgzNi5yb2EwGAYDVR0g
AQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMG
ACgDugADMA0GCSqGSIb3DQEBCwUAA4IBAQBvT+2NXv8rqY5M46jRxAyyDB1GD0RY
eSNP43LhBwMJq7jbrHuxF07uMUMWCPl9TXhE6lcGMiL2p5512dmMffCA4HoeaJqT
1QSwziHdzPz7dAWNJniX/R3dySpljeEwIUOf7dx5Wt9WhA227j1tX1daGkXGMKZ0
dnJSk1F8MCXCybunIkkmD9ZCOSpXe/yVne3WVItxwL0OSqc8W77ExfTBgr7cq1Ko
b6cJijK46L6GTLiKyR1bBZZi6qxBgvqML9Otcje5jVCJeLauz3ZmhCzLK2kaLKKZ
EvJ70FmyXUx1r/BtYNa0q2pRoUzyIJucAJnuJSa4Q5Db5CBwr8pK7wMp
-----END CERTIFICATE-----