Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/677EAD7672C2B1A5E3D3F69DFCB964C866ED4CA7C9B2FF7DB131F76D68C4BC04/0/323830333a663539303a3a2f33322d3438203d3e20323732393836.roa
File:                     323830333a663539303a3a2f33322d3438203d3e20323732393836.roa (raw, json)
Hash identifier:          TnOVedbp+yogJRQK4jz8NHuHBn2RuKd+k8b7N8MvRe4=
Subject key identifier:   81:53:B4:74:5E:3E:10:74:C8:8A:B8:A5:0C:97:05:B3:35:7C:78:F3
Certificate issuer:       /CN=BD9D398BACE390C26A32CD4C7758AA1FA9E37CC7
Certificate serial:       06AE867331A4C2654DA3FECFB6F90CD42347CD9A
Authority key identifier: BD:9D:39:8B:AC:E3:90:C2:6A:32:CD:4C:77:58:AA:1F:A9:E3:7C:C7
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BD9D398BACE390C26A32CD4C7758AA1FA9E37CC7.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/677EAD7672C2B1A5E3D3F69DFCB964C866ED4CA7C9B2FF7DB131F76D68C4BC04/0/323830333a663539303a3a2f33322d3438203d3e20323732393836.roa
Signing time:             Tue 04 Feb 2025 18:10:14 +0000
ROA not before:           Tue 04 Feb 2025 18:05:14 +0000
ROA not after:            Tue 03 Feb 2026 18:10:14 +0000
asID:                     272986
IP address blocks:        2803:f590::/32 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            06:ae:86:73:31:a4:c2:65:4d:a3:fe:cf:b6:f9:0c:d4:23:47:cd:9a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=BD9D398BACE390C26A32CD4C7758AA1FA9E37CC7
        Validity
            Not Before: Feb  4 18:05:14 2025 GMT
            Not After : Feb  3 18:10:14 2026 GMT
        Subject: CN=8153B4745E3E1074C88AB8A50C9705B3357C78F3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:24:45:f3:1d:e1:c1:31:82:ae:60:8c:8f:f6:
                    2a:cf:ec:34:0b:a0:a1:06:60:49:a9:5f:92:ae:30:
                    22:b5:ff:36:42:8d:d3:0a:3f:2d:ad:22:9b:07:4c:
                    2f:8c:ce:ba:fb:e9:63:cc:a5:4f:e5:e7:6a:e6:e0:
                    fb:90:32:a5:b6:ab:bd:80:b6:52:8c:27:77:3f:92:
                    ac:b1:46:3c:2a:50:85:df:fe:ff:b1:9f:c9:09:f1:
                    a9:b0:85:83:bc:a7:b3:69:9e:01:8b:e8:c4:c6:88:
                    7f:15:6a:95:b5:53:de:94:8c:74:a6:fc:53:16:d1:
                    74:e6:20:14:00:21:d2:c4:53:cf:26:80:57:63:f6:
                    61:83:aa:29:9d:9c:19:3a:1b:d5:79:dd:fb:4c:cb:
                    cc:a8:f7:5e:8d:85:9a:1e:b1:3c:e4:10:d6:f1:35:
                    3e:2a:ce:2d:dc:17:51:40:fe:78:50:63:49:0d:be:
                    51:29:29:63:61:69:3d:ca:a5:be:0e:c4:bd:19:6d:
                    e6:ab:52:2d:92:7c:4a:d0:5a:d1:cb:a7:af:40:a7:
                    6a:7b:f2:be:72:9c:42:aa:9c:66:1f:f4:e0:ff:99:
                    6d:b0:3e:b9:42:8c:a6:15:13:b2:b0:31:22:46:c5:
                    b2:94:3c:1f:3e:eb:fe:98:4b:54:31:3e:64:dd:7b:
                    6d:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                81:53:B4:74:5E:3E:10:74:C8:8A:B8:A5:0C:97:05:B3:35:7C:78:F3
            X509v3 Authority Key Identifier:
                keyid:BD:9D:39:8B:AC:E3:90:C2:6A:32:CD:4C:77:58:AA:1F:A9:E3:7C:C7

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/677EAD7672C2B1A5E3D3F69DFCB964C866ED4CA7C9B2FF7DB131F76D68C4BC04/0/BD9D398BACE390C26A32CD4C7758AA1FA9E37CC7.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BD9D398BACE390C26A32CD4C7758AA1FA9E37CC7.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/677EAD7672C2B1A5E3D3F69DFCB964C866ED4CA7C9B2FF7DB131F76D68C4BC04/0/323830333a663539303a3a2f33322d3438203d3e20323732393836.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2803:f590::/32

    Signature Algorithm: sha256WithRSAEncryption
         0a:7d:00:8e:84:78:08:82:84:a4:ce:52:50:b4:dc:ab:f0:84:
         06:99:92:ea:ed:21:d6:c2:b8:54:9c:1d:34:0f:26:ea:ae:03:
         4e:b9:63:62:01:5d:88:bc:98:3d:4a:f1:9c:9a:18:73:b1:21:
         ac:a9:22:c7:27:2e:2e:3e:46:ed:84:d9:89:81:a6:a4:64:cd:
         fa:ab:53:2e:96:76:49:d1:bf:e3:50:b2:4e:eb:c1:79:f5:bd:
         19:7e:0e:bc:64:c5:c9:7c:a9:3e:6b:38:78:c8:56:f5:2e:8d:
         19:7d:c1:61:cb:0c:ba:51:36:0d:f1:a3:bf:d2:d6:fb:93:fc:
         fb:45:2e:2a:bb:b4:6d:39:75:e7:03:70:a9:13:41:5b:43:32:
         50:66:06:4f:d5:f5:4d:7a:f0:b0:7c:5a:5f:cc:6b:03:d6:19:
         1e:3d:fe:36:0a:6a:89:8d:bf:bb:d0:8c:7e:68:b5:34:6c:7d:
         aa:91:c1:bc:72:20:cd:0f:0e:54:dd:d6:97:9a:75:a4:8b:ce:
         27:f4:39:e7:69:3e:00:f8:7a:74:b7:87:f1:51:0e:35:50:4c:
         80:d1:c6:d1:a5:af:fb:eb:cb:7c:99:91:df:2c:0a:c1:46:2e:
         b7:47:7a:17:5c:2a:a7:ff:4c:54:84:cf:fb:2a:e6:10:0a:89:
         01:de:06:d3
-----BEGIN CERTIFICATE-----
MIIFvzCCBKegAwIBAgIUBq6GczGkwmVNo/7PtvkM1CNHzZowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQkQ5RDM5OEJBQ0UzOTBDMjZBMzJDRDRDNzc1OEFBMUZB
OUUzN0NDNzAeFw0yNTAyMDQxODA1MTRaFw0yNjAyMDMxODEwMTRaMDMxMTAvBgNV
BAMTKDgxNTNCNDc0NUUzRTEwNzRDODhBQjhBNTBDOTcwNUIzMzU3Qzc4RjMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDYJEXzHeHBMYKuYIyP9irP7DQL
oKEGYEmpX5KuMCK1/zZCjdMKPy2tIpsHTC+Mzrr76WPMpU/l52rm4PuQMqW2q72A
tlKMJ3c/kqyxRjwqUIXf/v+xn8kJ8amwhYO8p7NpngGL6MTGiH8VapW1U96UjHSm
/FMW0XTmIBQAIdLEU88mgFdj9mGDqimdnBk6G9V53ftMy8yo916NhZoesTzkENbx
NT4qzi3cF1FA/nhQY0kNvlEpKWNhaT3Kpb4OxL0ZbearUi2SfErQWtHLp69Ap2p7
8r5ynEKqnGYf9OD/mW2wPrlCjKYVE7KwMSJGxbKUPB8+6/6YS1QxPmTde23pAgMB
AAGjggLJMIICxTAdBgNVHQ4EFgQUgVO0dF4+EHTIirilDJcFszV8ePMwHwYDVR0j
BBgwFoAUvZ05i6zjkMJqMs1Md1iqH6njfMcwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy82NzdFQUQ3NjcyQzJCMUE1RTNEM0Y2OURGQ0I5NjRDODY2
RUQ0Q0E3QzlCMkZGN0RCMTMxRjc2RDY4QzRCQzA0LzAvQkQ5RDM5OEJBQ0UzOTBD
MjZBMzJDRDRDNzc1OEFBMUZBOUUzN0NDNy5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9CRDlEMzk4QkFDRTM5MEMyNkEz
MkNENEM3NzU4QUExRkE5RTM3Q0M3LmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNjc3RUFENzY3MkMyQjFBNUUzRDNGNjlERkNCOTY0Qzg2NkVENENBN0M5
QjJGRjdEQjEzMUY3NkQ2OEM0QkMwNC8wLzMyMzgzMDMzM2E2NjM1MzkzMDNhM2Ey
ZjMzMzIyZDM0MzgyMDNkM2UyMDMyMzczMjM5MzgzNi5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACgD9ZAw
DQYJKoZIhvcNAQELBQADggEBAAp9AI6EeAiChKTOUlC03KvwhAaZkurtIdbCuFSc
HTQPJuquA065Y2IBXYi8mD1K8ZyaGHOxIaypIscnLi4+Ru2E2YmBpqRkzfqrUy6W
dknRv+NQsk7rwXn1vRl+Drxkxcl8qT5rOHjIVvUujRl9wWHLDLpRNg3xo7/S1vuT
/PtFLiq7tG05decDcKkTQVtDMlBmBk/V9U168LB8Wl/MawPWGR49/jYKaomNv7vQ
jH5otTRsfaqRwbxyIM0PDlTd1peadaSLzif0OedpPgD4enS3h/FRDjVQTIDRxtGl
r/vry3yZkd8sCsFGLrdHehdcKqf/TFSEz/sq5hAKiQHeBtM=
-----END CERTIFICATE-----