Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/84696DE99AA1241EEF7F197DAF7F7FFE3EA22960A6D1E2F532504D3BA860F721/0/323830333a386636303a3a2f33322d3438203d3e203532343936.roa
File:                     323830333a386636303a3a2f33322d3438203d3e203532343936.roa (raw, json)
Hash identifier:          jVTQNzFluA8He+etAF25NKhaoTGWNxMLHlzGt3NPsw0=
Subject key identifier:   81:A1:55:2E:A8:26:63:D3:1D:C9:21:F5:53:23:AF:54:12:4C:88:A5
Certificate issuer:       /CN=0AC68AE029154F6D77C1C00DCE8081D363F9D2BC
Certificate serial:       58969419BD35B7061094D64E2EC83F732FB94FEC
Authority key identifier: 0A:C6:8A:E0:29:15:4F:6D:77:C1:C0:0D:CE:80:81:D3:63:F9:D2:BC
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/0AC68AE029154F6D77C1C00DCE8081D363F9D2BC.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/84696DE99AA1241EEF7F197DAF7F7FFE3EA22960A6D1E2F532504D3BA860F721/0/323830333a386636303a3a2f33322d3438203d3e203532343936.roa
Signing time:             Tue 04 Feb 2025 17:59:34 +0000
ROA not before:           Tue 04 Feb 2025 17:54:34 +0000
ROA not after:            Tue 03 Feb 2026 17:59:34 +0000
asID:                     52496
IP address blocks:        2803:8f60::/32 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            58:96:94:19:bd:35:b7:06:10:94:d6:4e:2e:c8:3f:73:2f:b9:4f:ec
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0AC68AE029154F6D77C1C00DCE8081D363F9D2BC
        Validity
            Not Before: Feb  4 17:54:34 2025 GMT
            Not After : Feb  3 17:59:34 2026 GMT
        Subject: CN=81A1552EA82663D31DC921F55323AF54124C88A5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ed:38:57:56:de:ac:ae:51:65:a6:51:f9:3e:ce:
                    30:1b:ba:32:e0:74:6f:94:80:cd:62:7c:71:95:4d:
                    c5:77:7f:64:7d:91:fa:9b:44:d3:cd:8f:dc:b3:aa:
                    32:41:0a:ea:a6:db:43:38:30:d1:75:3a:77:83:ec:
                    e8:8f:8c:a2:ad:ba:91:cc:a2:eb:62:d6:00:75:db:
                    1a:3e:b6:9b:24:8d:29:fd:b8:96:9a:46:b9:72:3f:
                    cc:55:35:5f:6f:99:4f:60:f2:3d:04:3b:4f:f6:d9:
                    32:0a:d3:19:f4:8b:87:06:d3:5d:6a:6f:d0:b4:be:
                    f6:a5:74:e6:97:1a:ee:cf:df:7d:08:00:f4:69:ba:
                    d0:17:5b:91:27:89:82:91:48:ba:3c:dd:c5:30:4c:
                    ec:cf:04:4d:08:2a:1a:47:4e:d3:c7:19:9a:a5:d7:
                    30:6c:5e:fc:5e:13:ab:31:28:4c:ee:00:12:10:ef:
                    b3:fd:cd:f2:ce:fc:5f:8f:9a:ed:2f:3d:06:ff:bf:
                    71:3d:99:86:e1:14:f7:67:09:17:97:cf:d5:6f:5c:
                    cf:5e:3e:03:d9:37:1d:af:db:88:7c:b0:68:90:2f:
                    86:1c:0d:75:c0:f7:30:7a:78:82:4f:6e:68:2c:cc:
                    cf:51:a8:63:39:24:7c:37:58:c6:bf:0c:74:5a:8b:
                    a8:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                81:A1:55:2E:A8:26:63:D3:1D:C9:21:F5:53:23:AF:54:12:4C:88:A5
            X509v3 Authority Key Identifier:
                keyid:0A:C6:8A:E0:29:15:4F:6D:77:C1:C0:0D:CE:80:81:D3:63:F9:D2:BC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/84696DE99AA1241EEF7F197DAF7F7FFE3EA22960A6D1E2F532504D3BA860F721/0/0AC68AE029154F6D77C1C00DCE8081D363F9D2BC.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/0AC68AE029154F6D77C1C00DCE8081D363F9D2BC.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/84696DE99AA1241EEF7F197DAF7F7FFE3EA22960A6D1E2F532504D3BA860F721/0/323830333a386636303a3a2f33322d3438203d3e203532343936.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2803:8f60::/32

    Signature Algorithm: sha256WithRSAEncryption
         91:ac:44:19:2a:ea:47:92:2f:ff:73:47:e5:4f:66:8b:54:12:
         35:ce:46:0f:ce:bd:46:aa:dd:57:57:e5:33:c0:fc:a7:9f:f6:
         62:0a:61:b8:aa:9c:6e:86:43:7b:9d:3b:ec:ed:c6:86:43:e2:
         70:76:96:e7:a3:61:a6:13:b2:48:3b:94:4e:3d:b6:0c:2a:4a:
         72:01:d5:22:99:6f:ff:df:a7:1f:1e:86:6c:cc:58:d0:5f:e2:
         7f:4f:20:03:43:ff:74:98:63:1e:fe:5e:7a:62:63:30:a0:63:
         0a:e8:ec:4c:09:26:1d:23:c4:fe:d1:d5:cc:f1:00:7c:51:21:
         b5:31:9a:7f:da:66:98:59:35:5b:1a:5a:96:50:a2:d7:c6:05:
         5d:e8:c2:30:82:e7:09:14:95:76:44:2f:c0:6c:5d:05:96:71:
         f5:3c:c0:20:c5:9b:42:a5:d1:08:b3:62:13:64:7d:13:21:23:
         16:a9:6d:6b:e8:8a:aa:60:a4:a4:33:ce:09:30:71:42:7c:f3:
         9a:a9:3e:4e:5e:59:80:90:ae:11:6d:94:c2:ae:ed:55:7f:6f:
         a4:97:c5:eb:9e:da:f9:ab:29:47:cd:20:bc:08:51:34:a9:f8:
         89:fa:83:57:bd:a8:74:26:65:fa:98:bd:9f:dd:01:19:32:fa:
         00:c1:c8:e2
-----BEGIN CERTIFICATE-----
MIIFvTCCBKWgAwIBAgIUWJaUGb01twYQlNZOLsg/cy+5T+wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMEFDNjhBRTAyOTE1NEY2RDc3QzFDMDBEQ0U4MDgxRDM2
M0Y5RDJCQzAeFw0yNTAyMDQxNzU0MzRaFw0yNjAyMDMxNzU5MzRaMDMxMTAvBgNV
BAMTKDgxQTE1NTJFQTgyNjYzRDMxREM5MjFGNTUzMjNBRjU0MTI0Qzg4QTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDtOFdW3qyuUWWmUfk+zjAbujLg
dG+UgM1ifHGVTcV3f2R9kfqbRNPNj9yzqjJBCuqm20M4MNF1OneD7OiPjKKtupHM
outi1gB12xo+tpskjSn9uJaaRrlyP8xVNV9vmU9g8j0EO0/22TIK0xn0i4cG011q
b9C0vvaldOaXGu7P330IAPRputAXW5EniYKRSLo83cUwTOzPBE0IKhpHTtPHGZql
1zBsXvxeE6sxKEzuABIQ77P9zfLO/F+Pmu0vPQb/v3E9mYbhFPdnCReXz9VvXM9e
PgPZNx2v24h8sGiQL4YcDXXA9zB6eIJPbmgszM9RqGM5JHw3WMa/DHRai6gDAgMB
AAGjggLHMIICwzAdBgNVHQ4EFgQUgaFVLqgmY9MdySH1UyOvVBJMiKUwHwYDVR0j
BBgwFoAUCsaK4CkVT213wcANzoCB02P50rwwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy84NDY5NkRFOTlBQTEyNDFFRUY3RjE5N0RBRjdGN0ZGRTNF
QTIyOTYwQTZEMUUyRjUzMjUwNEQzQkE4NjBGNzIxLzAvMEFDNjhBRTAyOTE1NEY2
RDc3QzFDMDBEQ0U4MDgxRDM2M0Y5RDJCQy5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8wQUM2OEFFMDI5MTU0RjZENzdD
MUMwMERDRTgwODFEMzYzRjlEMkJDLmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvODQ2OTZERTk5QUExMjQxRUVGN0YxOTdEQUY3RjdGRkUzRUEyMjk2MEE2
RDFFMkY1MzI1MDREM0JBODYwRjcyMS8wLzMyMzgzMDMzM2EzODY2MzYzMDNhM2Ey
ZjMzMzIyZDM0MzgyMDNkM2UyMDM1MzIzNDM5MzYucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAoA49gMA0G
CSqGSIb3DQEBCwUAA4IBAQCRrEQZKupHki//c0flT2aLVBI1zkYPzr1Gqt1XV+Uz
wPynn/ZiCmG4qpxuhkN7nTvs7caGQ+Jwdpbno2GmE7JIO5ROPbYMKkpyAdUimW//
36cfHoZszFjQX+J/TyADQ/90mGMe/l56YmMwoGMK6OxMCSYdI8T+0dXM8QB8USG1
MZp/2maYWTVbGlqWUKLXxgVd6MIwgucJFJV2RC/AbF0FlnH1PMAgxZtCpdEIs2IT
ZH0TISMWqW1r6IqqYKSkM84JMHFCfPOaqT5OXlmAkK4RbZTCru1Vf2+kl8Xrntr5
qylHzSC8CFE0qfiJ+oNXvah0JmX6mL2f3QEZMvoAwcji
-----END CERTIFICATE-----