Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/63FE89222B509B58D284648D1A0F41BFE9C32FC8A26F9591AD821518708F3863/0/323830333a6461303a3a2f33322d3332203d3e20323637373335.roa
File:                     323830333a6461303a3a2f33322d3332203d3e20323637373335.roa (raw, json)
Hash identifier:          OnFr+9/vcDgwANh/IBemZ80cCNt1z6cfrUA331Vh6Ko=
Subject key identifier:   C9:29:1D:89:D9:2F:A6:61:CB:1D:1C:7F:0B:63:E7:90:66:ED:8A:E7
Certificate issuer:       /CN=9E37B5F5D41561B61BB52734CEC0DD26DC074DDF
Certificate serial:       7D827F2CE2CE969D4B56EF41D5702743262563F6
Authority key identifier: 9E:37:B5:F5:D4:15:61:B6:1B:B5:27:34:CE:C0:DD:26:DC:07:4D:DF
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/9E37B5F5D41561B61BB52734CEC0DD26DC074DDF.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/63FE89222B509B58D284648D1A0F41BFE9C32FC8A26F9591AD821518708F3863/0/323830333a6461303a3a2f33322d3332203d3e20323637373335.roa
Signing time:             Tue 04 Feb 2025 18:47:40 +0000
ROA not before:           Tue 04 Feb 2025 18:42:40 +0000
ROA not after:            Tue 03 Feb 2026 18:47:40 +0000
asID:                     267735
IP address blocks:        2803:da0::/32 maxlen: 32
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7d:82:7f:2c:e2:ce:96:9d:4b:56:ef:41:d5:70:27:43:26:25:63:f6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9E37B5F5D41561B61BB52734CEC0DD26DC074DDF
        Validity
            Not Before: Feb  4 18:42:40 2025 GMT
            Not After : Feb  3 18:47:40 2026 GMT
        Subject: CN=C9291D89D92FA661CB1D1C7F0B63E79066ED8AE7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:f0:07:cd:bf:19:4b:0d:74:40:7f:27:fe:b0:
                    1a:a0:7b:11:a3:3b:87:88:16:b0:9c:81:bb:21:ee:
                    e7:62:e8:5d:b9:00:2c:95:50:5d:19:9d:ec:69:90:
                    6e:27:35:ac:4e:47:8d:99:9e:fd:17:5c:e2:4f:9f:
                    47:8f:c7:18:bf:ed:66:40:15:89:7f:7b:94:f7:2f:
                    1e:d5:0d:58:2e:92:f0:64:09:b1:7f:e4:48:04:ea:
                    1a:19:74:81:ad:9e:1a:5d:d9:fc:08:b4:09:74:1d:
                    1d:9f:c8:d2:98:69:5a:24:13:83:4b:09:30:16:79:
                    ef:84:56:0c:d8:f9:64:91:69:4c:6a:f0:f8:f1:8f:
                    4e:1a:19:1b:e3:49:64:93:97:f6:e4:1e:74:ec:8a:
                    27:e3:25:42:8e:71:9e:e6:79:f9:b5:9d:03:91:7e:
                    7f:9c:08:f9:2d:79:f1:cc:53:c0:1b:dd:d9:2e:4e:
                    28:a3:b1:2f:af:98:44:98:d0:d8:e1:e5:bc:0c:87:
                    0f:55:ec:82:05:37:09:4b:6a:94:f0:37:db:a9:a1:
                    5a:5d:4f:d0:1f:1a:21:c6:8a:1c:51:e6:f3:7f:e0:
                    63:e6:a1:43:b0:df:b5:b1:2f:20:73:1c:b7:32:03:
                    ef:ef:fa:99:44:72:10:7e:b3:55:08:6e:03:63:71:
                    ac:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C9:29:1D:89:D9:2F:A6:61:CB:1D:1C:7F:0B:63:E7:90:66:ED:8A:E7
            X509v3 Authority Key Identifier:
                keyid:9E:37:B5:F5:D4:15:61:B6:1B:B5:27:34:CE:C0:DD:26:DC:07:4D:DF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/63FE89222B509B58D284648D1A0F41BFE9C32FC8A26F9591AD821518708F3863/0/9E37B5F5D41561B61BB52734CEC0DD26DC074DDF.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/9E37B5F5D41561B61BB52734CEC0DD26DC074DDF.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/63FE89222B509B58D284648D1A0F41BFE9C32FC8A26F9591AD821518708F3863/0/323830333a6461303a3a2f33322d3332203d3e20323637373335.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2803:da0::/32

    Signature Algorithm: sha256WithRSAEncryption
         01:9f:15:3b:c5:44:43:54:51:3f:36:7d:b3:14:16:1a:29:57:
         cf:b8:ed:26:4b:9d:8d:34:74:f3:24:71:52:56:1e:dc:79:b2:
         8b:c2:d3:91:00:3b:c4:ad:da:c5:e7:e2:5d:64:13:0c:0e:73:
         2e:53:a7:49:b2:ae:ef:22:8b:cc:9d:8a:73:36:28:66:df:a0:
         d3:45:43:bb:61:b4:fa:f4:a9:a0:ac:37:5b:d7:12:6c:21:b2:
         38:59:85:7d:3e:3c:fa:7d:02:e9:05:ee:5d:3f:10:ed:15:a3:
         9c:2a:c8:28:dc:bf:3e:c3:9a:95:a2:39:26:d8:28:35:fe:bb:
         25:cf:a5:9a:f6:03:ff:bf:85:c2:29:3d:cf:76:ea:31:9b:1c:
         05:29:cd:92:c9:7b:21:01:6a:95:09:98:47:20:f7:21:bc:6d:
         6d:f0:40:ed:14:16:47:71:3a:c3:a9:81:84:15:5d:dd:4f:69:
         ae:a7:fa:64:b4:1c:75:6c:9d:9e:96:bf:c9:fb:a4:36:c2:1c:
         a3:1e:1e:d8:6d:68:44:91:d9:8e:75:fe:f6:2f:f0:e7:c6:ee:
         b9:94:53:ba:9c:1f:12:22:97:e6:8d:04:9e:95:05:e5:aa:5a:
         34:39:b7:2f:32:bc:d2:54:67:2c:b5:1b:61:11:0c:ff:d4:3f:
         ca:73:52:30
-----BEGIN CERTIFICATE-----
MIIFvTCCBKWgAwIBAgIUfYJ/LOLOlp1LVu9B1XAnQyYlY/YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOUUzN0I1RjVENDE1NjFCNjFCQjUyNzM0Q0VDMEREMjZE
QzA3NERERjAeFw0yNTAyMDQxODQyNDBaFw0yNjAyMDMxODQ3NDBaMDMxMTAvBgNV
BAMTKEM5MjkxRDg5RDkyRkE2NjFDQjFEMUM3RjBCNjNFNzkwNjZFRDhBRTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDl8AfNvxlLDXRAfyf+sBqgexGj
O4eIFrCcgbsh7udi6F25ACyVUF0ZnexpkG4nNaxOR42Znv0XXOJPn0ePxxi/7WZA
FYl/e5T3Lx7VDVgukvBkCbF/5EgE6hoZdIGtnhpd2fwItAl0HR2fyNKYaVokE4NL
CTAWee+EVgzY+WSRaUxq8Pjxj04aGRvjSWSTl/bkHnTsiifjJUKOcZ7mefm1nQOR
fn+cCPktefHMU8Ab3dkuTiijsS+vmESY0Njh5bwMhw9V7IIFNwlLapTwN9upoVpd
T9AfGiHGihxR5vN/4GPmoUOw37WxLyBzHLcyA+/v+plEchB+s1UIbgNjcaz7AgMB
AAGjggLHMIICwzAdBgNVHQ4EFgQUySkdidkvpmHLHRx/C2PnkGbtiucwHwYDVR0j
BBgwFoAUnje19dQVYbYbtSc0zsDdJtwHTd8wDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy82M0ZFODkyMjJCNTA5QjU4RDI4NDY0OEQxQTBGNDFCRkU5
QzMyRkM4QTI2Rjk1OTFBRDgyMTUxODcwOEYzODYzLzAvOUUzN0I1RjVENDE1NjFC
NjFCQjUyNzM0Q0VDMEREMjZEQzA3NERERi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC85RTM3QjVGNUQ0MTU2MUI2MUJC
NTI3MzRDRUMwREQyNkRDMDc0RERGLmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNjNGRTg5MjIyQjUwOUI1OEQyODQ2NDhEMUEwRjQxQkZFOUMzMkZDOEEy
NkY5NTkxQUQ4MjE1MTg3MDhGMzg2My8wLzMyMzgzMDMzM2E2NDYxMzAzYTNhMmYz
MzMyMmQzMzMyMjAzZDNlMjAzMjM2MzczNzMzMzUucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAoAw2gMA0G
CSqGSIb3DQEBCwUAA4IBAQABnxU7xURDVFE/Nn2zFBYaKVfPuO0mS52NNHTzJHFS
Vh7cebKLwtORADvErdrF5+JdZBMMDnMuU6dJsq7vIovMnYpzNihm36DTRUO7YbT6
9KmgrDdb1xJsIbI4WYV9Pjz6fQLpBe5dPxDtFaOcKsgo3L8+w5qVojkm2Cg1/rsl
z6Wa9gP/v4XCKT3PduoxmxwFKc2SyXshAWqVCZhHIPchvG1t8EDtFBZHcTrDqYGE
FV3dT2mup/pktBx1bJ2elr/J+6Q2whyjHh7YbWhEkdmOdf72L/Dnxu65lFO6nB8S
IpfmjQSelQXlqlo0ObcvMrzSVGcstRthEQz/1D/Kc1Iw
-----END CERTIFICATE-----