Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/748D698B243A0964A4ECEB7F9337590AF93C138D8656A80896B6E416B9B1FD9C/0/323830303a3961333a323030303a3a2f34302d3430203d3e203134353232.roa
File:                     323830303a3961333a323030303a3a2f34302d3430203d3e203134353232.roa (raw, json)
Hash identifier:          rJJ0uHDmfXvwE4eUsdhq7Sy34w8+9utvwLCcCX6o1fI=
Subject key identifier:   CE:7C:65:48:CC:64:F4:6A:05:3F:68:00:09:06:F8:15:22:A0:5F:EB
Certificate issuer:       /CN=822F4455E9726CC3D6DCD4143A6D9F1773F8A36F
Certificate serial:       67FA2333FF9FC3F34970F3B92D74249106B2E4ED
Authority key identifier: 82:2F:44:55:E9:72:6C:C3:D6:DC:D4:14:3A:6D:9F:17:73:F8:A3:6F
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/822F4455E9726CC3D6DCD4143A6D9F1773F8A36F.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/748D698B243A0964A4ECEB7F9337590AF93C138D8656A80896B6E416B9B1FD9C/0/323830303a3961333a323030303a3a2f34302d3430203d3e203134353232.roa
Signing time:             Tue 04 Feb 2025 20:08:44 +0000
ROA not before:           Tue 04 Feb 2025 20:03:44 +0000
ROA not after:            Tue 03 Feb 2026 20:08:44 +0000
asID:                     14522
IP address blocks:        2800:9a3:2000::/40 maxlen: 40
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            67:fa:23:33:ff:9f:c3:f3:49:70:f3:b9:2d:74:24:91:06:b2:e4:ed
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=822F4455E9726CC3D6DCD4143A6D9F1773F8A36F
        Validity
            Not Before: Feb  4 20:03:44 2025 GMT
            Not After : Feb  3 20:08:44 2026 GMT
        Subject: CN=CE7C6548CC64F46A053F68000906F81522A05FEB
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:f5:c3:50:15:97:fe:56:b9:59:62:52:46:12:
                    00:32:14:56:55:2b:17:63:15:1c:17:a7:d6:72:05:
                    d7:33:c7:09:30:a1:8b:e8:4d:ed:42:18:16:f9:47:
                    67:be:cf:88:fc:01:65:ef:f2:f4:73:d8:02:aa:3c:
                    f1:73:4d:c0:f8:cf:c3:73:49:8c:ff:76:0f:03:37:
                    eb:8b:92:5a:6c:f2:c5:5d:bb:3a:3d:85:8b:46:be:
                    fc:d1:d8:8a:8d:eb:47:cc:76:fc:e8:69:2d:e5:ea:
                    ec:b6:f0:01:e9:98:22:99:5f:ce:4b:f4:78:77:2d:
                    c0:e2:b2:f4:bf:aa:96:1a:36:d5:63:b1:91:7c:9c:
                    f1:66:fd:bc:e3:3c:f9:8e:b3:f6:3d:d0:e2:3f:1e:
                    7a:8c:ba:4e:d1:35:05:e6:41:a8:2b:f9:0e:91:04:
                    a5:f3:6c:a2:71:05:8e:58:f2:02:36:f8:16:79:37:
                    23:aa:ca:26:39:01:cb:f9:e2:42:34:d5:7c:63:d4:
                    72:04:2b:44:6c:6e:d9:91:fc:36:1a:41:26:bd:fa:
                    0f:59:0f:48:dc:3d:af:8f:76:63:47:5d:cd:b8:76:
                    f7:af:5a:4e:d4:88:65:df:6b:a0:da:31:b0:a9:f8:
                    2f:b9:b0:56:d3:6f:06:55:b0:04:8f:4e:a1:1c:fe:
                    09:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CE:7C:65:48:CC:64:F4:6A:05:3F:68:00:09:06:F8:15:22:A0:5F:EB
            X509v3 Authority Key Identifier:
                keyid:82:2F:44:55:E9:72:6C:C3:D6:DC:D4:14:3A:6D:9F:17:73:F8:A3:6F

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/748D698B243A0964A4ECEB7F9337590AF93C138D8656A80896B6E416B9B1FD9C/0/822F4455E9726CC3D6DCD4143A6D9F1773F8A36F.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/822F4455E9726CC3D6DCD4143A6D9F1773F8A36F.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/748D698B243A0964A4ECEB7F9337590AF93C138D8656A80896B6E416B9B1FD9C/0/323830303a3961333a323030303a3a2f34302d3430203d3e203134353232.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2800:9a3:2000::/40

    Signature Algorithm: sha256WithRSAEncryption
         6e:a9:13:01:27:41:e8:4e:9b:d5:12:18:2d:d3:e6:a0:b1:6a:
         90:db:cc:58:d0:bc:2f:93:da:67:6f:90:14:ee:f8:b9:18:fa:
         0c:67:f3:f9:23:a0:d7:00:85:c4:b7:18:28:2f:31:db:e2:3e:
         4a:6c:9e:2f:f2:a6:e3:1c:2d:ac:cb:24:66:4c:1f:21:7d:a8:
         da:d9:d5:11:22:7c:6f:c9:57:fe:29:37:3c:4f:38:dd:91:fe:
         32:1a:56:da:d9:3d:76:3f:d2:7a:ec:cd:43:4f:dd:2c:5a:16:
         fc:be:0b:90:21:72:2b:6b:af:cf:fe:5d:be:86:13:80:ba:50:
         1d:1d:4a:78:5e:17:ae:6e:88:c7:c7:56:3e:f8:7d:08:ad:7b:
         d3:79:fe:68:ac:78:2d:60:3d:14:93:e3:65:0c:0c:f4:93:d6:
         2b:a2:bd:24:a5:87:cb:07:ba:cb:e0:05:92:2c:6e:8a:ff:c7:
         53:c5:61:bb:a3:87:ac:78:1b:d9:f2:1b:c2:c7:79:45:66:a4:
         e7:60:5a:65:b0:5e:51:e3:50:ff:b2:07:4b:6f:0d:47:ec:31:
         0f:cc:f9:fc:74:a3:a2:70:4f:c3:20:a0:f0:c1:3d:70:9e:db:
         67:98:e5:65:27:c2:49:76:17:86:a8:63:71:53:c6:7a:5e:f7:
         2b:63:2f:88
-----BEGIN CERTIFICATE-----
MIIFxjCCBK6gAwIBAgIUZ/ojM/+fw/NJcPO5LXQkkQay5O0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODIyRjQ0NTVFOTcyNkNDM0Q2RENENDE0M0E2RDlGMTc3
M0Y4QTM2RjAeFw0yNTAyMDQyMDAzNDRaFw0yNjAyMDMyMDA4NDRaMDMxMTAvBgNV
BAMTKENFN0M2NTQ4Q0M2NEY0NkEwNTNGNjgwMDA5MDZGODE1MjJBMDVGRUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDE9cNQFZf+VrlZYlJGEgAyFFZV
KxdjFRwXp9ZyBdczxwkwoYvoTe1CGBb5R2e+z4j8AWXv8vRz2AKqPPFzTcD4z8Nz
SYz/dg8DN+uLklps8sVduzo9hYtGvvzR2IqN60fMdvzoaS3l6uy28AHpmCKZX85L
9Hh3LcDisvS/qpYaNtVjsZF8nPFm/bzjPPmOs/Y90OI/HnqMuk7RNQXmQagr+Q6R
BKXzbKJxBY5Y8gI2+BZ5NyOqyiY5Acv54kI01Xxj1HIEK0RsbtmR/DYaQSa9+g9Z
D0jcPa+PdmNHXc24dvevWk7UiGXfa6DaMbCp+C+5sFbTbwZVsASPTqEc/gkTAgMB
AAGjggLQMIICzDAdBgNVHQ4EFgQUznxlSMxk9GoFP2gACQb4FSKgX+swHwYDVR0j
BBgwFoAUgi9EVelybMPW3NQUOm2fF3P4o28wDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy83NDhENjk4QjI0M0EwOTY0QTRFQ0VCN0Y5MzM3NTkwQUY5
M0MxMzhEODY1NkE4MDg5NkI2RTQxNkI5QjFGRDlDLzAvODIyRjQ0NTVFOTcyNkND
M0Q2RENENDE0M0E2RDlGMTc3M0Y4QTM2Ri5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC84MjJGNDQ1NUU5NzI2Q0MzRDZE
Q0Q0MTQzQTZEOUYxNzczRjhBMzZGLmNlcjCBzQYIKwYBBQUHAQsEgcAwgb0wgboG
CCsGAQUFBzALhoGtcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNzQ4RDY5OEIyNDNBMDk2NEE0RUNFQjdGOTMzNzU5MEFGOTNDMTM4RDg2
NTZBODA4OTZCNkU0MTZCOUIxRkQ5Qy8wLzMyMzgzMDMwM2EzOTYxMzMzYTMyMzAz
MDMwM2EzYTJmMzQzMDJkMzQzMDIwM2QzZTIwMzEzNDM1MzIzMi5yb2EwGAYDVR0g
AQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMG
ACgACaMgMA0GCSqGSIb3DQEBCwUAA4IBAQBuqRMBJ0HoTpvVEhgt0+agsWqQ28xY
0Lwvk9pnb5AU7vi5GPoMZ/P5I6DXAIXEtxgoLzHb4j5KbJ4v8qbjHC2syyRmTB8h
faja2dURInxvyVf+KTc8Tzjdkf4yGlba2T12P9J67M1DT90sWhb8vguQIXIra6/P
/l2+hhOAulAdHUp4XheubojHx1Y++H0IrXvTef5orHgtYD0Uk+NlDAz0k9Yror0k
pYfLB7rL4AWSLG6K/8dTxWG7o4eseBvZ8hvCx3lFZqTnYFplsF5R41D/sgdLbw1H
7DEPzPn8dKOicE/DIKDwwT1wnttnmOVlJ8JJdheGqGNxU8Z6XvcrYy+I
-----END CERTIFICATE-----