Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/748D698B243A0964A4ECEB7F9337590AF93C138D8656A80896B6E416B9B1FD9C/0/323830303a3961333a333030303a3a2f34302d3430203d3e203134353232.roa
File:                     323830303a3961333a333030303a3a2f34302d3430203d3e203134353232.roa (raw, json)
Hash identifier:          0kaWCjI8WVIVG00PqLgNSROwf2j4/fcw3b5mUgODY6Y=
Subject key identifier:   E9:55:A0:79:BC:CD:4B:D4:75:23:95:72:62:A6:5F:A4:D4:D4:F2:4D
Certificate issuer:       /CN=822F4455E9726CC3D6DCD4143A6D9F1773F8A36F
Certificate serial:       6DA0A1226D77E0D5145DE80AF162E81DFB82D001
Authority key identifier: 82:2F:44:55:E9:72:6C:C3:D6:DC:D4:14:3A:6D:9F:17:73:F8:A3:6F
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/822F4455E9726CC3D6DCD4143A6D9F1773F8A36F.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/748D698B243A0964A4ECEB7F9337590AF93C138D8656A80896B6E416B9B1FD9C/0/323830303a3961333a333030303a3a2f34302d3430203d3e203134353232.roa
Signing time:             Tue 04 Feb 2025 20:08:48 +0000
ROA not before:           Tue 04 Feb 2025 20:03:48 +0000
ROA not after:            Tue 03 Feb 2026 20:08:48 +0000
asID:                     14522
IP address blocks:        2800:9a3:3000::/40 maxlen: 40
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6d:a0:a1:22:6d:77:e0:d5:14:5d:e8:0a:f1:62:e8:1d:fb:82:d0:01
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=822F4455E9726CC3D6DCD4143A6D9F1773F8A36F
        Validity
            Not Before: Feb  4 20:03:48 2025 GMT
            Not After : Feb  3 20:08:48 2026 GMT
        Subject: CN=E955A079BCCD4BD47523957262A65FA4D4D4F24D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:a9:88:13:49:2c:e9:1f:85:59:82:57:d8:a4:
                    4d:3c:3b:c7:ed:3c:da:52:5f:a1:e9:07:e8:a5:9c:
                    65:44:94:b1:14:e1:f4:3d:fb:ad:0b:60:2e:9c:a5:
                    6d:d9:26:09:19:58:0c:20:e9:47:37:7a:a6:4c:30:
                    5c:32:06:40:67:e8:b6:ed:cb:2e:aa:d9:93:b4:2d:
                    a2:40:0d:2c:0b:28:20:39:c3:6b:1f:4a:06:dd:5f:
                    2f:5c:d9:45:04:fb:15:8f:aa:ce:35:f2:1c:f5:32:
                    e4:38:ff:1f:b7:dd:45:d9:ac:3f:18:0a:f5:fc:62:
                    9f:6b:50:bf:d3:64:d5:b1:de:b0:f8:cc:2c:8d:7d:
                    d7:ba:cc:9b:f4:fd:00:76:d1:ba:7b:00:69:39:6f:
                    36:52:fe:3c:89:5e:d1:39:ec:ce:cf:e7:8f:97:c1:
                    d5:53:a5:44:cb:e0:01:bc:fc:2f:6e:7d:05:cf:68:
                    df:ea:fa:84:58:76:7a:05:77:60:41:35:f5:e6:56:
                    23:fd:0e:69:58:9e:a4:2b:66:45:b6:ca:a7:8f:f0:
                    03:4b:90:fb:02:c0:81:52:f5:80:f3:9d:2b:a4:42:
                    51:79:ab:81:e7:d6:08:b5:ee:28:96:7d:2f:88:ff:
                    1b:ba:7d:bd:ad:85:52:68:bc:f3:30:31:9f:90:0f:
                    0c:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E9:55:A0:79:BC:CD:4B:D4:75:23:95:72:62:A6:5F:A4:D4:D4:F2:4D
            X509v3 Authority Key Identifier:
                keyid:82:2F:44:55:E9:72:6C:C3:D6:DC:D4:14:3A:6D:9F:17:73:F8:A3:6F

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/748D698B243A0964A4ECEB7F9337590AF93C138D8656A80896B6E416B9B1FD9C/0/822F4455E9726CC3D6DCD4143A6D9F1773F8A36F.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/822F4455E9726CC3D6DCD4143A6D9F1773F8A36F.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/748D698B243A0964A4ECEB7F9337590AF93C138D8656A80896B6E416B9B1FD9C/0/323830303a3961333a333030303a3a2f34302d3430203d3e203134353232.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2800:9a3:3000::/40

    Signature Algorithm: sha256WithRSAEncryption
         93:9d:2a:05:6e:97:17:72:d4:60:72:62:fc:07:8e:18:18:64:
         37:1c:79:81:39:7c:67:60:fc:57:42:d9:a0:02:39:f2:76:cc:
         23:21:fb:4e:0a:22:a1:cc:e3:9b:56:48:c1:c7:b5:38:2b:03:
         0b:75:e5:54:ac:48:1c:64:bc:04:2e:63:f4:6d:9d:ca:2f:70:
         68:ce:c9:6c:e5:d2:25:ac:41:d6:d3:b8:f7:20:54:63:8a:01:
         ac:86:13:5f:28:41:f0:37:59:29:9e:70:82:61:6f:94:da:3c:
         41:08:a0:de:b9:f8:36:6c:3b:9b:91:08:4e:da:af:e8:66:9a:
         2b:14:90:1d:b3:44:84:78:b6:fa:f7:db:a4:43:96:72:1c:f8:
         ed:94:6f:b0:df:be:b8:4a:04:60:53:6b:cf:21:2a:7e:41:4e:
         cf:94:bc:26:be:dd:5c:1a:4c:a2:05:9e:a7:d4:74:10:f0:33:
         0f:a9:32:e4:df:1e:d1:1e:99:58:62:84:c2:38:8d:24:e0:19:
         da:73:bb:fe:50:d4:02:16:ec:bd:72:d3:ba:01:77:b5:56:81:
         f7:55:bd:2e:db:50:6e:12:86:3c:eb:89:8e:04:61:01:25:21:
         28:0b:27:0a:c2:55:c9:9e:53:51:d1:e6:5b:00:78:c5:81:d4:
         70:7a:b4:a8
-----BEGIN CERTIFICATE-----
MIIFxjCCBK6gAwIBAgIUbaChIm134NUUXegK8WLoHfuC0AEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODIyRjQ0NTVFOTcyNkNDM0Q2RENENDE0M0E2RDlGMTc3
M0Y4QTM2RjAeFw0yNTAyMDQyMDAzNDhaFw0yNjAyMDMyMDA4NDhaMDMxMTAvBgNV
BAMTKEU5NTVBMDc5QkNDRDRCRDQ3NTIzOTU3MjYyQTY1RkE0RDRENEYyNEQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCNqYgTSSzpH4VZglfYpE08O8ft
PNpSX6HpB+ilnGVElLEU4fQ9+60LYC6cpW3ZJgkZWAwg6Uc3eqZMMFwyBkBn6Lbt
yy6q2ZO0LaJADSwLKCA5w2sfSgbdXy9c2UUE+xWPqs418hz1MuQ4/x+33UXZrD8Y
CvX8Yp9rUL/TZNWx3rD4zCyNfde6zJv0/QB20bp7AGk5bzZS/jyJXtE57M7P54+X
wdVTpUTL4AG8/C9ufQXPaN/q+oRYdnoFd2BBNfXmViP9DmlYnqQrZkW2yqeP8ANL
kPsCwIFS9YDznSukQlF5q4Hn1gi17iiWfS+I/xu6fb2thVJovPMwMZ+QDwxJAgMB
AAGjggLQMIICzDAdBgNVHQ4EFgQU6VWgebzNS9R1I5VyYqZfpNTU8k0wHwYDVR0j
BBgwFoAUgi9EVelybMPW3NQUOm2fF3P4o28wDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy83NDhENjk4QjI0M0EwOTY0QTRFQ0VCN0Y5MzM3NTkwQUY5
M0MxMzhEODY1NkE4MDg5NkI2RTQxNkI5QjFGRDlDLzAvODIyRjQ0NTVFOTcyNkND
M0Q2RENENDE0M0E2RDlGMTc3M0Y4QTM2Ri5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC84MjJGNDQ1NUU5NzI2Q0MzRDZE
Q0Q0MTQzQTZEOUYxNzczRjhBMzZGLmNlcjCBzQYIKwYBBQUHAQsEgcAwgb0wgboG
CCsGAQUFBzALhoGtcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNzQ4RDY5OEIyNDNBMDk2NEE0RUNFQjdGOTMzNzU5MEFGOTNDMTM4RDg2
NTZBODA4OTZCNkU0MTZCOUIxRkQ5Qy8wLzMyMzgzMDMwM2EzOTYxMzMzYTMzMzAz
MDMwM2EzYTJmMzQzMDJkMzQzMDIwM2QzZTIwMzEzNDM1MzIzMi5yb2EwGAYDVR0g
AQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMG
ACgACaMwMA0GCSqGSIb3DQEBCwUAA4IBAQCTnSoFbpcXctRgcmL8B44YGGQ3HHmB
OXxnYPxXQtmgAjnydswjIftOCiKhzOObVkjBx7U4KwMLdeVUrEgcZLwELmP0bZ3K
L3Bozsls5dIlrEHW07j3IFRjigGshhNfKEHwN1kpnnCCYW+U2jxBCKDeufg2bDub
kQhO2q/oZporFJAds0SEeLb699ukQ5ZyHPjtlG+w3764SgRgU2vPISp+QU7PlLwm
vt1cGkyiBZ6n1HQQ8DMPqTLk3x7RHplYYoTCOI0k4Bnac7v+UNQCFuy9ctO6AXe1
VoH3Vb0u21BuEoY864mOBGEBJSEoCycKwlXJnlNR0eZbAHjFgdRwerSo
-----END CERTIFICATE-----