Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/812F74A7AD0A93636C3984A9BE967A5891DAD9E4D3A2C45D8DFAF390BE31E2C2/0/323830333a363839303a3a2f33322d3438203d3e20323732383030.roa
File:                     323830333a363839303a3a2f33322d3438203d3e20323732383030.roa (raw, json)
Hash identifier:          ftG3Lp34RpQktdABiEjKNzrzZH5KGbsqmDIscTf5X5A=
Subject key identifier:   88:E7:FF:EF:F2:3E:F4:84:C1:F7:CF:F6:A6:3C:FD:7B:F9:36:68:3D
Certificate issuer:       /CN=02575F1BA13D436FEC62261AE219A69141C16A83
Certificate serial:       1310D6874D8C0923AD98A6D1AF95AB2ABE36CBE3
Authority key identifier: 02:57:5F:1B:A1:3D:43:6F:EC:62:26:1A:E2:19:A6:91:41:C1:6A:83
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/02575F1BA13D436FEC62261AE219A69141C16A83.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/812F74A7AD0A93636C3984A9BE967A5891DAD9E4D3A2C45D8DFAF390BE31E2C2/0/323830333a363839303a3a2f33322d3438203d3e20323732383030.roa
Signing time:             Tue 04 Feb 2025 18:25:58 +0000
ROA not before:           Tue 04 Feb 2025 18:20:58 +0000
ROA not after:            Tue 03 Feb 2026 18:25:58 +0000
asID:                     272800
IP address blocks:        2803:6890::/32 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            13:10:d6:87:4d:8c:09:23:ad:98:a6:d1:af:95:ab:2a:be:36:cb:e3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=02575F1BA13D436FEC62261AE219A69141C16A83
        Validity
            Not Before: Feb  4 18:20:58 2025 GMT
            Not After : Feb  3 18:25:58 2026 GMT
        Subject: CN=88E7FFEFF23EF484C1F7CFF6A63CFD7BF936683D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:5f:68:1c:8f:42:f3:91:26:d8:cf:db:82:a3:
                    40:26:cb:a5:af:e5:7b:05:55:fc:ea:81:3f:99:e7:
                    88:a9:bc:30:a6:a8:d2:7c:63:e9:e0:ed:f5:72:a6:
                    e2:be:e1:4e:c2:a6:67:c7:36:b9:01:ce:c7:57:10:
                    e3:f0:46:4b:ee:13:cd:05:52:59:bb:50:7a:98:f4:
                    78:c1:5c:be:0f:ba:01:30:73:90:b6:11:2e:63:a9:
                    a7:70:8b:db:2e:6b:5e:ec:47:8a:f6:9c:56:52:89:
                    66:8e:50:96:cd:c9:90:14:82:4a:d5:ca:d5:1c:b6:
                    85:ae:a8:9b:52:7d:01:a8:d2:b9:56:df:2c:fa:08:
                    85:f2:9d:ed:7f:1d:bd:de:00:56:a0:d5:05:48:1a:
                    b7:2a:60:52:5e:09:25:2a:4c:a9:32:3f:06:b0:97:
                    14:84:24:d3:82:19:ec:ee:b3:38:41:0f:13:c5:45:
                    43:ee:b5:d6:37:96:1c:5c:ad:16:4e:e0:d3:b4:67:
                    d4:7b:fb:a4:6e:ed:ff:f0:33:a6:29:df:fa:f4:d2:
                    75:f3:d0:0e:78:43:1a:db:6d:e2:10:22:48:31:2c:
                    35:76:af:af:82:ac:30:ab:73:eb:41:a2:78:b6:04:
                    72:fa:64:eb:67:d8:88:ab:e2:73:eb:00:9a:cb:c1:
                    a5:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                88:E7:FF:EF:F2:3E:F4:84:C1:F7:CF:F6:A6:3C:FD:7B:F9:36:68:3D
            X509v3 Authority Key Identifier:
                keyid:02:57:5F:1B:A1:3D:43:6F:EC:62:26:1A:E2:19:A6:91:41:C1:6A:83

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/812F74A7AD0A93636C3984A9BE967A5891DAD9E4D3A2C45D8DFAF390BE31E2C2/0/02575F1BA13D436FEC62261AE219A69141C16A83.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/02575F1BA13D436FEC62261AE219A69141C16A83.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/812F74A7AD0A93636C3984A9BE967A5891DAD9E4D3A2C45D8DFAF390BE31E2C2/0/323830333a363839303a3a2f33322d3438203d3e20323732383030.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2803:6890::/32

    Signature Algorithm: sha256WithRSAEncryption
         3d:7f:d3:ca:ff:61:42:da:40:21:d5:61:61:bd:fa:d4:65:5d:
         43:3c:8b:d5:c8:8a:53:9b:46:a4:ef:53:40:f0:3c:f0:f0:3e:
         97:d8:b3:29:8e:87:50:6c:00:3b:e1:ae:c4:f4:64:ef:db:bd:
         f2:ff:20:c8:1f:98:71:fe:af:18:73:5d:24:69:b3:c0:9c:24:
         9a:c8:d2:f9:f5:c2:da:a7:70:10:df:b6:28:a1:1e:98:e3:7d:
         a0:0c:a4:3b:71:16:83:07:af:69:56:39:70:dc:04:29:19:67:
         1e:01:9e:52:65:06:d2:02:9f:10:8f:97:c8:5c:b7:50:b1:03:
         db:2d:ce:05:9d:dd:6b:f1:a1:9a:5e:3e:e7:5a:bc:0e:34:db:
         41:8a:18:e2:f3:74:99:6f:94:b3:c5:c6:2b:bc:bb:02:30:bc:
         3c:d3:d0:33:61:00:72:34:20:d0:b3:28:2f:0c:42:a5:63:f7:
         2f:a8:d0:2c:91:31:c4:b8:0a:f1:ef:ec:03:f4:be:f4:a4:69:
         b1:ff:4b:47:36:18:59:31:8b:93:23:dc:da:33:31:ac:ce:a7:
         eb:d8:a7:b5:61:08:d2:74:06:b3:1a:6c:00:bc:04:f5:dd:c7:
         73:18:13:f3:97:44:3a:96:68:13:a8:57:61:e2:52:b7:34:74:
         d8:59:2f:e2
-----BEGIN CERTIFICATE-----
MIIFvzCCBKegAwIBAgIUExDWh02MCSOtmKbRr5WrKr42y+MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDI1NzVGMUJBMTNENDM2RkVDNjIyNjFBRTIxOUE2OTE0
MUMxNkE4MzAeFw0yNTAyMDQxODIwNThaFw0yNjAyMDMxODI1NThaMDMxMTAvBgNV
BAMTKDg4RTdGRkVGRjIzRUY0ODRDMUY3Q0ZGNkE2M0NGRDdCRjkzNjY4M0QwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDOX2gcj0LzkSbYz9uCo0Amy6Wv
5XsFVfzqgT+Z54ipvDCmqNJ8Y+ng7fVypuK+4U7CpmfHNrkBzsdXEOPwRkvuE80F
Ulm7UHqY9HjBXL4PugEwc5C2ES5jqadwi9sua17sR4r2nFZSiWaOUJbNyZAUgkrV
ytUctoWuqJtSfQGo0rlW3yz6CIXyne1/Hb3eAFag1QVIGrcqYFJeCSUqTKkyPwaw
lxSEJNOCGezuszhBDxPFRUPutdY3lhxcrRZO4NO0Z9R7+6Ru7f/wM6Yp3/r00nXz
0A54QxrbbeIQIkgxLDV2r6+CrDCrc+tBoni2BHL6ZOtn2Iir4nPrAJrLwaXlAgMB
AAGjggLJMIICxTAdBgNVHQ4EFgQUiOf/7/I+9ITB98/2pjz9e/k2aD0wHwYDVR0j
BBgwFoAUAldfG6E9Q2/sYiYa4hmmkUHBaoMwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy84MTJGNzRBN0FEMEE5MzYzNkMzOTg0QTlCRTk2N0E1ODkx
REFEOUU0RDNBMkM0NUQ4REZBRjM5MEJFMzFFMkMyLzAvMDI1NzVGMUJBMTNENDM2
RkVDNjIyNjFBRTIxOUE2OTE0MUMxNkE4My5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8wMjU3NUYxQkExM0Q0MzZGRUM2
MjI2MUFFMjE5QTY5MTQxQzE2QTgzLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvODEyRjc0QTdBRDBBOTM2MzZDMzk4NEE5QkU5NjdBNTg5MURBRDlFNEQz
QTJDNDVEOERGQUYzOTBCRTMxRTJDMi8wLzMyMzgzMDMzM2EzNjM4MzkzMDNhM2Ey
ZjMzMzIyZDM0MzgyMDNkM2UyMDMyMzczMjM4MzAzMC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACgDaJAw
DQYJKoZIhvcNAQELBQADggEBAD1/08r/YULaQCHVYWG9+tRlXUM8i9XIilObRqTv
U0DwPPDwPpfYsymOh1BsADvhrsT0ZO/bvfL/IMgfmHH+rxhzXSRps8CcJJrI0vn1
wtqncBDftiihHpjjfaAMpDtxFoMHr2lWOXDcBCkZZx4BnlJlBtICnxCPl8hct1Cx
A9stzgWd3WvxoZpePudavA4020GKGOLzdJlvlLPFxiu8uwIwvDzT0DNhAHI0INCz
KC8MQqVj9y+o0CyRMcS4CvHv7AP0vvSkabH/S0c2GFkxi5Mj3NozMazOp+vYp7Vh
CNJ0BrMabAC8BPXdx3MYE/OXRDqWaBOoV2HiUrc0dNhZL+I=
-----END CERTIFICATE-----