Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/802672FE15624BDF705C3588B1C7767DD409D7594E5A7CC8FD3A384F7AA4E7EF/0/323830333a623539303a323a3a2f36342d3634203d3e20323733303038.roa
File:                     323830333a623539303a323a3a2f36342d3634203d3e20323733303038.roa (raw, json)
Hash identifier:          dINMBxJA4oAsbyk7ZkWKgQGK51oPFC/bgnqw+Bm0ocM=
Subject key identifier:   88:84:82:D2:0A:38:C8:75:B9:2F:AD:AF:56:F6:DE:5F:DD:DD:A1:42
Certificate issuer:       /CN=D68C275AE349DFCD32C558419A7893BADFF5F3F8
Certificate serial:       5FA9CF92F0987ED149D192A2291AA54E2768C15C
Authority key identifier: D6:8C:27:5A:E3:49:DF:CD:32:C5:58:41:9A:78:93:BA:DF:F5:F3:F8
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D68C275AE349DFCD32C558419A7893BADFF5F3F8.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/802672FE15624BDF705C3588B1C7767DD409D7594E5A7CC8FD3A384F7AA4E7EF/0/323830333a623539303a323a3a2f36342d3634203d3e20323733303038.roa
Signing time:             Tue 04 Feb 2025 18:08:55 +0000
ROA not before:           Tue 04 Feb 2025 18:03:55 +0000
ROA not after:            Tue 03 Feb 2026 18:08:55 +0000
asID:                     273008
IP address blocks:        2803:b590:2::/64 maxlen: 64
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5f:a9:cf:92:f0:98:7e:d1:49:d1:92:a2:29:1a:a5:4e:27:68:c1:5c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=D68C275AE349DFCD32C558419A7893BADFF5F3F8
        Validity
            Not Before: Feb  4 18:03:55 2025 GMT
            Not After : Feb  3 18:08:55 2026 GMT
        Subject: CN=888482D20A38C875B92FADAF56F6DE5FDDDDA142
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:ac:09:f2:99:d7:84:a2:87:5c:2f:e7:89:10:
                    b5:99:b2:b4:4d:85:eb:23:dc:86:45:2b:f1:78:df:
                    18:85:23:56:34:53:36:f6:18:15:93:20:e0:fc:09:
                    26:1f:7d:3a:03:e2:bc:45:f1:96:51:e7:4b:ed:01:
                    fe:4b:9a:2e:d1:b5:8f:12:79:7c:6e:77:32:19:25:
                    19:4e:f6:3a:6f:07:73:bb:6d:7f:1e:08:1e:dc:a9:
                    18:4d:52:20:ce:06:a4:65:e0:ae:57:92:43:8f:37:
                    02:9e:34:7f:36:32:85:67:e1:b5:3d:d5:95:63:f2:
                    0d:af:28:1d:22:a4:72:e4:79:9d:6c:3c:3c:dc:33:
                    0b:c6:c5:4b:56:5b:4f:9e:ee:2b:79:79:09:9b:57:
                    b5:61:6d:1e:ae:a1:5c:46:74:81:8f:ec:b6:d7:5b:
                    39:c2:a9:db:0a:cb:f9:90:27:8f:12:b4:65:a7:7f:
                    79:1e:2d:9d:c6:80:80:21:e8:8e:21:59:83:12:9a:
                    d0:67:77:0a:05:6e:90:b3:7b:fc:c8:2a:f2:e1:78:
                    1e:71:a3:cf:5e:37:5b:0d:cc:27:f3:9b:f8:e4:d1:
                    6e:4a:4e:22:04:bf:ab:e2:2e:45:d6:a2:c8:14:3d:
                    46:e3:4e:61:4c:5b:e1:88:41:c0:ff:cb:1d:e8:21:
                    2a:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                88:84:82:D2:0A:38:C8:75:B9:2F:AD:AF:56:F6:DE:5F:DD:DD:A1:42
            X509v3 Authority Key Identifier:
                keyid:D6:8C:27:5A:E3:49:DF:CD:32:C5:58:41:9A:78:93:BA:DF:F5:F3:F8

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/802672FE15624BDF705C3588B1C7767DD409D7594E5A7CC8FD3A384F7AA4E7EF/0/D68C275AE349DFCD32C558419A7893BADFF5F3F8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D68C275AE349DFCD32C558419A7893BADFF5F3F8.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/802672FE15624BDF705C3588B1C7767DD409D7594E5A7CC8FD3A384F7AA4E7EF/0/323830333a623539303a323a3a2f36342d3634203d3e20323733303038.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2803:b590:2::/64

    Signature Algorithm: sha256WithRSAEncryption
         6d:b6:2d:54:36:59:65:14:c1:94:b8:52:d5:62:f7:3f:3b:d1:
         14:0f:9c:d3:1c:f7:9e:24:1f:6e:18:87:a0:d2:36:90:10:da:
         25:9f:a5:8d:5f:33:e0:0d:c0:0a:32:3b:12:e3:8f:f5:a3:75:
         91:3b:16:bb:54:9f:8d:c2:75:7c:05:52:17:47:eb:d3:6e:7e:
         bd:0d:a0:ed:d8:fe:ed:79:d0:5d:dd:de:2b:79:cc:dd:8a:3f:
         0f:b4:c0:3e:fb:61:ee:39:de:8e:c2:93:5e:02:0b:90:26:35:
         c6:83:53:ea:77:b1:04:58:f7:1e:ed:e1:b8:ef:12:95:10:f2:
         ba:03:f6:ef:ec:8d:b8:5f:a3:ec:50:b9:12:b3:0d:d8:d0:d5:
         4d:d4:f2:bb:a1:0e:0e:51:18:18:c6:d7:32:d9:97:d3:90:49:
         ff:76:dc:fc:1c:71:14:f4:9d:00:1d:7a:ff:4d:84:77:07:10:
         a6:6e:26:08:6f:af:3c:0d:96:fc:2c:e0:25:b6:ef:f7:7d:bf:
         86:67:49:bf:7c:46:7f:2d:2c:16:6d:67:ff:a4:09:57:8c:66:
         ee:14:12:de:38:57:91:07:32:f4:a4:d3:5d:2d:c5:49:3c:22:
         16:93:71:33:d0:e8:bc:75:5b:a8:3f:fc:48:dd:2b:33:1e:59:
         7e:16:f2:73
-----BEGIN CERTIFICATE-----
MIIFxzCCBK+gAwIBAgIUX6nPkvCYftFJ0ZKiKRqlTidowVwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRDY4QzI3NUFFMzQ5REZDRDMyQzU1ODQxOUE3ODkzQkFE
RkY1RjNGODAeFw0yNTAyMDQxODAzNTVaFw0yNjAyMDMxODA4NTVaMDMxMTAvBgNV
BAMTKDg4ODQ4MkQyMEEzOEM4NzVCOTJGQURBRjU2RjZERTVGREREREExNDIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDarAnymdeEoodcL+eJELWZsrRN
hesj3IZFK/F43xiFI1Y0Uzb2GBWTIOD8CSYffToD4rxF8ZZR50vtAf5Lmi7RtY8S
eXxudzIZJRlO9jpvB3O7bX8eCB7cqRhNUiDOBqRl4K5XkkOPNwKeNH82MoVn4bU9
1ZVj8g2vKB0ipHLkeZ1sPDzcMwvGxUtWW0+e7it5eQmbV7VhbR6uoVxGdIGP7LbX
WznCqdsKy/mQJ48StGWnf3keLZ3GgIAh6I4hWYMSmtBndwoFbpCze/zIKvLheB5x
o89eN1sNzCfzm/jk0W5KTiIEv6viLkXWosgUPUbjTmFMW+GIQcD/yx3oISrxAgMB
AAGjggLRMIICzTAdBgNVHQ4EFgQUiISC0go4yHW5L62vVvbeX93doUIwHwYDVR0j
BBgwFoAU1ownWuNJ380yxVhBmniTut/18/gwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy84MDI2NzJGRTE1NjI0QkRGNzA1QzM1ODhCMUM3NzY3REQ0
MDlENzU5NEU1QTdDQzhGRDNBMzg0RjdBQTRFN0VGLzAvRDY4QzI3NUFFMzQ5REZD
RDMyQzU1ODQxOUE3ODkzQkFERkY1RjNGOC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9ENjhDMjc1QUUzNDlERkNEMzJD
NTU4NDE5QTc4OTNCQURGRjVGM0Y4LmNlcjCBywYIKwYBBQUHAQsEgb4wgbswgbgG
CCsGAQUFBzALhoGrcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvODAyNjcyRkUxNTYyNEJERjcwNUMzNTg4QjFDNzc2N0RENDA5RDc1OTRF
NUE3Q0M4RkQzQTM4NEY3QUE0RTdFRi8wLzMyMzgzMDMzM2E2MjM1MzkzMDNhMzIz
YTNhMmYzNjM0MmQzNjM0MjAzZDNlMjAzMjM3MzMzMDMwMzgucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwJAYIKwYBBQUHAQcBAf8EFTATMBEEAgACMAsDCQAo
A7WQAAIAADANBgkqhkiG9w0BAQsFAAOCAQEAbbYtVDZZZRTBlLhS1WL3PzvRFA+c
0xz3niQfbhiHoNI2kBDaJZ+ljV8z4A3ACjI7EuOP9aN1kTsWu1SfjcJ1fAVSF0fr
025+vQ2g7dj+7XnQXd3eK3nM3Yo/D7TAPvth7jnejsKTXgILkCY1xoNT6nexBFj3
Hu3huO8SlRDyugP27+yNuF+j7FC5ErMN2NDVTdTyu6EODlEYGMbXMtmX05BJ/3bc
/BxxFPSdAB16/02EdwcQpm4mCG+vPA2W/CzgJbbv932/hmdJv3xGfy0sFm1n/6QJ
V4xm7hQS3jhXkQcy9KTTXS3FSTwiFpNxM9DovHVbqD/8SN0rMx5Zfhbycw==
-----END CERTIFICATE-----