Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/8D75AA3199BFADD81E2FA56BEDC57BEDECD719BC9E063F9F77E6730C4C5CB4FD/0/323830333a353763303a3a2f33322d3438203d3e203532343638.roa
File:                     323830333a353763303a3a2f33322d3438203d3e203532343638.roa (raw, json)
Hash identifier:          9cpozkOT2iP1G8VBjYdpENxiPQdkDwL3DLsn8InoC34=
Subject key identifier:   0C:D8:F5:EE:49:5B:DE:C5:E6:16:86:3A:95:53:9D:53:D1:6B:78:74
Certificate issuer:       /CN=BA43CC9DA5DF2E86CDE276C6DD5F826F162A5886
Certificate serial:       659B221BCA8DF6EF3B5085EC0F5FCC771030E5B8
Authority key identifier: BA:43:CC:9D:A5:DF:2E:86:CD:E2:76:C6:DD:5F:82:6F:16:2A:58:86
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BA43CC9DA5DF2E86CDE276C6DD5F826F162A5886.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/8D75AA3199BFADD81E2FA56BEDC57BEDECD719BC9E063F9F77E6730C4C5CB4FD/0/323830333a353763303a3a2f33322d3438203d3e203532343638.roa
Signing time:             Tue 04 Feb 2025 18:24:53 +0000
ROA not before:           Tue 04 Feb 2025 18:19:53 +0000
ROA not after:            Tue 03 Feb 2026 18:24:53 +0000
asID:                     52468
IP address blocks:        2803:57c0::/32 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            65:9b:22:1b:ca:8d:f6:ef:3b:50:85:ec:0f:5f:cc:77:10:30:e5:b8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=BA43CC9DA5DF2E86CDE276C6DD5F826F162A5886
        Validity
            Not Before: Feb  4 18:19:53 2025 GMT
            Not After : Feb  3 18:24:53 2026 GMT
        Subject: CN=0CD8F5EE495BDEC5E616863A95539D53D16B7874
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:d8:f4:6d:eb:bc:38:11:b9:d6:d8:35:05:24:
                    6e:89:e8:06:ab:df:8a:5a:ba:18:0a:94:30:3e:00:
                    de:7e:28:99:10:b9:8a:32:b6:8e:e1:62:60:5f:e9:
                    51:fc:93:20:a8:63:6a:93:67:81:44:85:c8:8d:2d:
                    80:25:80:17:1f:ad:c5:0a:4a:06:cd:36:74:52:a9:
                    97:c7:74:05:01:91:d9:58:08:73:f7:27:1d:15:e9:
                    c5:7d:1f:f0:70:88:3a:52:65:2c:fa:95:b5:08:35:
                    a5:1f:da:7c:72:2a:1a:f9:0d:af:60:51:af:36:5e:
                    15:7f:8a:33:5d:5a:17:0d:01:55:fd:86:8d:ea:1e:
                    e6:b5:37:4d:7d:07:0e:28:df:2a:14:88:d4:1c:2c:
                    7e:c4:60:7f:21:71:d9:81:de:91:d2:1b:bf:9d:e1:
                    ed:fb:92:81:df:53:11:77:cb:56:48:fe:a9:41:50:
                    a3:55:42:6f:a3:48:61:d4:01:57:5f:54:94:27:22:
                    58:49:19:35:01:43:ee:58:5e:04:68:e7:35:47:0e:
                    88:5c:4b:33:4d:53:19:03:fd:51:47:7d:03:c2:57:
                    d9:0b:26:b2:2c:66:8e:f0:43:cb:ab:8b:e2:fa:79:
                    6c:d1:b2:ed:dd:eb:7e:2e:91:f5:c4:aa:d5:5d:cc:
                    b8:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0C:D8:F5:EE:49:5B:DE:C5:E6:16:86:3A:95:53:9D:53:D1:6B:78:74
            X509v3 Authority Key Identifier:
                keyid:BA:43:CC:9D:A5:DF:2E:86:CD:E2:76:C6:DD:5F:82:6F:16:2A:58:86

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/8D75AA3199BFADD81E2FA56BEDC57BEDECD719BC9E063F9F77E6730C4C5CB4FD/0/BA43CC9DA5DF2E86CDE276C6DD5F826F162A5886.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BA43CC9DA5DF2E86CDE276C6DD5F826F162A5886.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/8D75AA3199BFADD81E2FA56BEDC57BEDECD719BC9E063F9F77E6730C4C5CB4FD/0/323830333a353763303a3a2f33322d3438203d3e203532343638.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2803:57c0::/32

    Signature Algorithm: sha256WithRSAEncryption
         bd:b9:ba:24:d2:fe:96:8a:d7:57:ee:3c:37:3c:81:32:c8:1c:
         bb:1b:53:5d:b0:a2:e8:fe:e5:0f:fb:ac:21:e3:72:13:d2:f5:
         64:b8:8c:85:00:9e:fb:c7:40:f6:39:d7:f1:49:c1:6e:92:98:
         89:f8:a1:ce:06:52:d9:56:0d:9c:61:c5:8d:c4:70:85:e2:72:
         3a:d7:81:3b:9d:db:b5:41:7d:24:bd:45:59:0f:be:11:9c:96:
         26:be:8c:74:7b:1b:72:da:75:8f:d4:c1:03:b4:72:57:04:91:
         16:8e:75:a1:d8:e6:04:48:5b:16:6d:c9:fc:5e:57:fe:7f:c1:
         93:f1:da:82:be:f7:cc:65:87:70:c4:fc:f9:05:0a:69:5f:98:
         dd:53:09:fb:6b:a7:e0:22:ad:cc:d1:99:3d:da:a2:29:89:f2:
         e8:6c:56:c5:82:91:19:f6:ff:9d:53:37:31:ee:52:e4:41:d8:
         28:8f:ed:05:51:6b:ce:5c:7e:79:98:a8:e9:10:73:53:90:5f:
         f7:b9:3e:e9:6c:5b:fd:99:0e:d9:62:fe:e6:5e:ee:a5:42:17:
         ad:64:30:ee:03:f3:f3:c3:d8:3c:b2:e3:98:88:ac:a4:31:61:
         ce:d9:6d:64:ec:44:61:8f:ce:0b:22:b9:51:71:9d:50:fa:38:
         ac:5f:c9:21
-----BEGIN CERTIFICATE-----
MIIFvTCCBKWgAwIBAgIUZZsiG8qN9u87UIXsD1/MdxAw5bgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQkE0M0NDOURBNURGMkU4NkNERTI3NkM2REQ1RjgyNkYx
NjJBNTg4NjAeFw0yNTAyMDQxODE5NTNaFw0yNjAyMDMxODI0NTNaMDMxMTAvBgNV
BAMTKDBDRDhGNUVFNDk1QkRFQzVFNjE2ODYzQTk1NTM5RDUzRDE2Qjc4NzQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDP2PRt67w4EbnW2DUFJG6J6Aar
34pauhgKlDA+AN5+KJkQuYoyto7hYmBf6VH8kyCoY2qTZ4FEhciNLYAlgBcfrcUK
SgbNNnRSqZfHdAUBkdlYCHP3Jx0V6cV9H/BwiDpSZSz6lbUINaUf2nxyKhr5Da9g
Ua82XhV/ijNdWhcNAVX9ho3qHua1N019Bw4o3yoUiNQcLH7EYH8hcdmB3pHSG7+d
4e37koHfUxF3y1ZI/qlBUKNVQm+jSGHUAVdfVJQnIlhJGTUBQ+5YXgRo5zVHDohc
SzNNUxkD/VFHfQPCV9kLJrIsZo7wQ8uri+L6eWzRsu3d634ukfXEqtVdzLiDAgMB
AAGjggLHMIICwzAdBgNVHQ4EFgQUDNj17klb3sXmFoY6lVOdU9FreHQwHwYDVR0j
BBgwFoAUukPMnaXfLobN4nbG3V+CbxYqWIYwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy84RDc1QUEzMTk5QkZBREQ4MUUyRkE1NkJFREM1N0JFREVD
RDcxOUJDOUUwNjNGOUY3N0U2NzMwQzRDNUNCNEZELzAvQkE0M0NDOURBNURGMkU4
NkNERTI3NkM2REQ1RjgyNkYxNjJBNTg4Ni5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9CQTQzQ0M5REE1REYyRTg2Q0RF
Mjc2QzZERDVGODI2RjE2MkE1ODg2LmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvOEQ3NUFBMzE5OUJGQUREODFFMkZBNTZCRURDNTdCRURFQ0Q3MTlCQzlF
MDYzRjlGNzdFNjczMEM0QzVDQjRGRC8wLzMyMzgzMDMzM2EzNTM3NjMzMDNhM2Ey
ZjMzMzIyZDM0MzgyMDNkM2UyMDM1MzIzNDM2Mzgucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAoA1fAMA0G
CSqGSIb3DQEBCwUAA4IBAQC9ubok0v6WitdX7jw3PIEyyBy7G1NdsKLo/uUP+6wh
43IT0vVkuIyFAJ77x0D2OdfxScFukpiJ+KHOBlLZVg2cYcWNxHCF4nI614E7ndu1
QX0kvUVZD74RnJYmvox0exty2nWP1MEDtHJXBJEWjnWh2OYESFsWbcn8Xlf+f8GT
8dqCvvfMZYdwxPz5BQppX5jdUwn7a6fgIq3M0Zk92qIpifLobFbFgpEZ9v+dUzcx
7lLkQdgoj+0FUWvOXH55mKjpEHNTkF/3uT7pbFv9mQ7ZYv7mXu6lQhetZDDuA/Pz
w9g8suOYiKykMWHO2W1k7ERhj84LIrlRcZ1Q+jisX8kh
-----END CERTIFICATE-----