Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/67A0ED362E68FF42E188A1058CBDF747A7DD93A358EA173B7A5EBA327B365A52/0/323830333a653532303a3a2f33322d3438203d3e20323636363837.roa
File:                     323830333a653532303a3a2f33322d3438203d3e20323636363837.roa (raw, json)
Hash identifier:          RFp/7paxrjEnmz7NX5siL1qxhM8AW6ttH3PE4IdU9z0=
Subject key identifier:   EF:DD:E9:84:50:15:A4:9A:02:EC:48:00:6F:AD:05:BD:87:44:54:BF
Certificate issuer:       /CN=20E5FE4589C1CE472D39C9FF10EE1A6E4D5CBFC5
Certificate serial:       30E8DC8C8FF488F4025599B5E20B6F4FD9AEB7BC
Authority key identifier: 20:E5:FE:45:89:C1:CE:47:2D:39:C9:FF:10:EE:1A:6E:4D:5C:BF:C5
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/20E5FE4589C1CE472D39C9FF10EE1A6E4D5CBFC5.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/67A0ED362E68FF42E188A1058CBDF747A7DD93A358EA173B7A5EBA327B365A52/0/323830333a653532303a3a2f33322d3438203d3e20323636363837.roa
Signing time:             Tue 04 Feb 2025 18:08:31 +0000
ROA not before:           Tue 04 Feb 2025 18:03:31 +0000
ROA not after:            Tue 03 Feb 2026 18:08:31 +0000
asID:                     266687
IP address blocks:        2803:e520::/32 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            30:e8:dc:8c:8f:f4:88:f4:02:55:99:b5:e2:0b:6f:4f:d9:ae:b7:bc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=20E5FE4589C1CE472D39C9FF10EE1A6E4D5CBFC5
        Validity
            Not Before: Feb  4 18:03:31 2025 GMT
            Not After : Feb  3 18:08:31 2026 GMT
        Subject: CN=EFDDE9845015A49A02EC48006FAD05BD874454BF
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:46:d8:85:fe:75:ca:a6:28:4f:a2:16:90:80:
                    53:f4:de:32:81:51:57:15:9a:3c:b6:81:70:5f:bd:
                    94:cc:65:ab:e4:6a:76:65:0e:3b:64:86:59:49:4d:
                    24:67:ea:55:93:47:be:bc:84:a4:52:37:3c:c5:bb:
                    56:61:aa:21:7b:21:bc:81:f1:7e:1e:be:6f:87:6d:
                    5b:f1:29:d0:e6:60:b4:a7:0b:24:2e:8f:c0:90:fe:
                    d3:ee:38:1a:14:cc:2c:54:45:b9:91:10:28:fc:d2:
                    4b:19:fb:2d:5c:9c:06:b1:4b:61:b2:13:52:33:33:
                    3b:12:97:0e:47:29:85:93:d5:e7:f0:53:e6:88:07:
                    fc:07:3f:65:96:0e:47:fa:1b:9c:83:2e:9b:54:ce:
                    c0:14:36:fa:f9:29:d5:52:76:4b:4c:77:89:9e:52:
                    16:74:46:aa:8a:f6:29:f7:b6:7f:91:1a:3e:23:6f:
                    ad:4e:eb:1e:cf:8c:0a:15:60:fa:61:10:e8:fa:97:
                    31:24:20:3f:69:14:bc:09:a5:af:14:4a:67:09:f2:
                    6f:65:15:05:ff:59:93:40:8e:c9:c5:b4:90:49:55:
                    35:22:d9:aa:57:79:67:83:29:91:41:46:89:d8:72:
                    12:94:04:c7:76:bd:e4:cc:c8:26:16:1d:f0:42:63:
                    84:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EF:DD:E9:84:50:15:A4:9A:02:EC:48:00:6F:AD:05:BD:87:44:54:BF
            X509v3 Authority Key Identifier:
                keyid:20:E5:FE:45:89:C1:CE:47:2D:39:C9:FF:10:EE:1A:6E:4D:5C:BF:C5

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/67A0ED362E68FF42E188A1058CBDF747A7DD93A358EA173B7A5EBA327B365A52/0/20E5FE4589C1CE472D39C9FF10EE1A6E4D5CBFC5.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/20E5FE4589C1CE472D39C9FF10EE1A6E4D5CBFC5.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/67A0ED362E68FF42E188A1058CBDF747A7DD93A358EA173B7A5EBA327B365A52/0/323830333a653532303a3a2f33322d3438203d3e20323636363837.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2803:e520::/32

    Signature Algorithm: sha256WithRSAEncryption
         62:20:ae:5e:c2:bd:e9:42:cb:3b:46:24:ea:24:82:64:68:7c:
         aa:20:25:aa:77:dd:80:57:a1:25:02:b2:95:ba:a4:02:cd:85:
         df:f9:19:3f:08:3f:cb:a7:b9:6f:25:09:02:60:ae:e8:36:d3:
         fb:dc:2e:d8:e3:b5:44:a0:e5:5d:30:2a:94:2b:ad:ef:a3:74:
         83:75:da:60:5f:1e:aa:0a:8c:88:b0:15:24:86:4a:d2:a3:d2:
         84:4c:b0:bc:5b:6c:f4:aa:c5:67:16:9f:31:0b:6a:cd:86:75:
         e5:db:3a:4c:f0:21:51:65:12:fb:79:65:20:9a:fd:25:6c:3f:
         8c:ff:63:2e:8e:49:9a:0c:00:a9:0a:40:2d:ec:28:5f:8a:21:
         cd:52:ec:c7:38:d3:24:81:8b:b8:7b:c0:e4:f6:3c:7c:55:b6:
         e5:ba:92:e5:cd:d0:bd:4b:5e:d0:0c:ec:4c:c6:73:02:ed:6a:
         e3:cc:6a:7c:d1:3c:b1:95:4d:5e:26:c0:c4:a4:ac:28:49:54:
         fe:a3:26:59:11:cc:21:c0:71:fd:7b:3f:f6:6d:8a:35:a3:27:
         95:86:37:be:ae:1b:92:d4:42:f6:70:ed:1f:2f:cf:af:cc:34:
         20:49:17:33:27:f8:26:dd:52:f9:f9:c4:42:89:03:99:c4:84:
         4a:98:d4:bf
-----BEGIN CERTIFICATE-----
MIIFvzCCBKegAwIBAgIUMOjcjI/0iPQCVZm14gtvT9mut7wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjBFNUZFNDU4OUMxQ0U0NzJEMzlDOUZGMTBFRTFBNkU0
RDVDQkZDNTAeFw0yNTAyMDQxODAzMzFaFw0yNjAyMDMxODA4MzFaMDMxMTAvBgNV
BAMTKEVGRERFOTg0NTAxNUE0OUEwMkVDNDgwMDZGQUQwNUJEODc0NDU0QkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCyRtiF/nXKpihPohaQgFP03jKB
UVcVmjy2gXBfvZTMZavkanZlDjtkhllJTSRn6lWTR768hKRSNzzFu1ZhqiF7IbyB
8X4evm+HbVvxKdDmYLSnCyQuj8CQ/tPuOBoUzCxURbmRECj80ksZ+y1cnAaxS2Gy
E1IzMzsSlw5HKYWT1efwU+aIB/wHP2WWDkf6G5yDLptUzsAUNvr5KdVSdktMd4me
UhZ0RqqK9in3tn+RGj4jb61O6x7PjAoVYPphEOj6lzEkID9pFLwJpa8USmcJ8m9l
FQX/WZNAjsnFtJBJVTUi2apXeWeDKZFBRonYchKUBMd2veTMyCYWHfBCY4RNAgMB
AAGjggLJMIICxTAdBgNVHQ4EFgQU793phFAVpJoC7EgAb60FvYdEVL8wHwYDVR0j
BBgwFoAUIOX+RYnBzkctOcn/EO4abk1cv8UwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy82N0EwRUQzNjJFNjhGRjQyRTE4OEExMDU4Q0JERjc0N0E3
REQ5M0EzNThFQTE3M0I3QTVFQkEzMjdCMzY1QTUyLzAvMjBFNUZFNDU4OUMxQ0U0
NzJEMzlDOUZGMTBFRTFBNkU0RDVDQkZDNS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8yMEU1RkU0NTg5QzFDRTQ3MkQz
OUM5RkYxMEVFMUE2RTRENUNCRkM1LmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNjdBMEVEMzYyRTY4RkY0MkUxODhBMTA1OENCREY3NDdBN0REOTNBMzU4
RUExNzNCN0E1RUJBMzI3QjM2NUE1Mi8wLzMyMzgzMDMzM2E2NTM1MzIzMDNhM2Ey
ZjMzMzIyZDM0MzgyMDNkM2UyMDMyMzYzNjM2MzgzNy5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACgD5SAw
DQYJKoZIhvcNAQELBQADggEBAGIgrl7CvelCyztGJOokgmRofKogJap33YBXoSUC
spW6pALNhd/5GT8IP8unuW8lCQJgrug20/vcLtjjtUSg5V0wKpQrre+jdIN12mBf
HqoKjIiwFSSGStKj0oRMsLxbbPSqxWcWnzELas2GdeXbOkzwIVFlEvt5ZSCa/SVs
P4z/Yy6OSZoMAKkKQC3sKF+KIc1S7Mc40ySBi7h7wOT2PHxVtuW6kuXN0L1LXtAM
7EzGcwLtauPManzRPLGVTV4mwMSkrChJVP6jJlkRzCHAcf17P/ZtijWjJ5WGN76u
G5LUQvZw7R8vz6/MNCBJFzMn+CbdUvn5xEKJA5nEhEqY1L8=
-----END CERTIFICATE-----