Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/8DBD41B7F06A468732622CF059FCEEFAFA6BD5E6E5A930002D28F9E79CF26A7B/0/323830333a346663303a3a2f33322d313238203d3e20323635373737.roa
File:                     323830333a346663303a3a2f33322d313238203d3e20323635373737.roa (raw, json)
Hash identifier:          tM3+WDZGpQ2oy+WnKTX1KBex7wtD4ESBSY0m4dzn8Gk=
Subject key identifier:   89:10:E7:40:F7:4F:55:AA:D5:5F:C5:8D:4B:96:A1:5C:DE:11:8D:C7
Certificate issuer:       /CN=B3E16B442B70A5D5C45D8B88AB4F5945F139E65C
Certificate serial:       755D8E553C6B206573A1AB6217E3D5198ECBE128
Authority key identifier: B3:E1:6B:44:2B:70:A5:D5:C4:5D:8B:88:AB:4F:59:45:F1:39:E6:5C
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/B3E16B442B70A5D5C45D8B88AB4F5945F139E65C.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/8DBD41B7F06A468732622CF059FCEEFAFA6BD5E6E5A930002D28F9E79CF26A7B/0/323830333a346663303a3a2f33322d313238203d3e20323635373737.roa
Signing time:             Thu 10 Oct 2024 13:00:00 +0000
ROA not before:           Thu 10 Oct 2024 12:55:00 +0000
ROA not after:            Thu 09 Oct 2025 13:00:00 +0000
asID:                     265777
IP address blocks:        2803:4fc0::/32 maxlen: 128
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            75:5d:8e:55:3c:6b:20:65:73:a1:ab:62:17:e3:d5:19:8e:cb:e1:28
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=B3E16B442B70A5D5C45D8B88AB4F5945F139E65C
        Validity
            Not Before: Oct 10 12:55:00 2024 GMT
            Not After : Oct  9 13:00:00 2025 GMT
        Subject: CN=8910E740F74F55AAD55FC58D4B96A15CDE118DC7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e7:5f:ca:8f:17:d2:44:1c:c1:1f:53:57:62:d8:
                    36:75:58:d1:41:2f:d5:2e:c7:e1:48:9a:ed:6e:fa:
                    4f:8f:34:f0:70:26:97:6d:25:a3:2f:d7:35:1c:cb:
                    fa:aa:f5:d1:ca:91:37:f0:62:a2:e6:8e:fa:b4:6c:
                    fb:62:ab:d7:2e:59:0d:08:eb:d6:52:ec:53:9c:65:
                    8e:23:a9:c2:a8:9d:7e:c8:5d:89:0d:66:72:05:32:
                    43:6d:ba:2d:07:56:74:c8:a9:81:c5:a4:f2:74:25:
                    43:c8:e5:21:83:a2:48:4e:1c:87:fc:50:fa:29:36:
                    c0:a6:b8:06:2a:3a:73:17:64:8c:47:36:ac:cd:d2:
                    4c:a8:71:f1:42:31:a6:1e:5b:b6:fd:bd:5a:df:95:
                    d1:a2:d9:c0:68:59:c7:57:4e:be:4e:a6:4d:1a:b3:
                    c9:77:b5:a6:3c:3e:53:0d:22:b8:90:36:68:50:da:
                    ec:36:b7:a2:86:55:48:c8:a4:c8:ab:06:e9:f6:d0:
                    53:21:ed:99:1f:03:af:9d:ff:a2:34:39:43:2b:e1:
                    6e:d5:6d:8b:94:9b:66:c8:f2:6d:4d:43:12:d1:bd:
                    a9:74:f5:93:f4:e9:56:e2:32:0f:36:54:67:27:8b:
                    4a:c9:ae:3e:d3:2e:5f:36:9a:b4:65:16:4e:06:fa:
                    af:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                89:10:E7:40:F7:4F:55:AA:D5:5F:C5:8D:4B:96:A1:5C:DE:11:8D:C7
            X509v3 Authority Key Identifier:
                keyid:B3:E1:6B:44:2B:70:A5:D5:C4:5D:8B:88:AB:4F:59:45:F1:39:E6:5C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/8DBD41B7F06A468732622CF059FCEEFAFA6BD5E6E5A930002D28F9E79CF26A7B/0/B3E16B442B70A5D5C45D8B88AB4F5945F139E65C.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/B3E16B442B70A5D5C45D8B88AB4F5945F139E65C.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/8DBD41B7F06A468732622CF059FCEEFAFA6BD5E6E5A930002D28F9E79CF26A7B/0/323830333a346663303a3a2f33322d313238203d3e20323635373737.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2803:4fc0::/32

    Signature Algorithm: sha256WithRSAEncryption
         36:30:6c:ee:b3:2c:cf:14:04:1e:26:d5:c6:57:5e:62:36:67:
         6e:59:70:5e:3e:df:95:8e:9a:43:63:d0:a4:c2:b2:6a:f0:7f:
         87:28:3f:e9:49:46:1d:5e:76:e6:b0:29:43:02:73:24:44:c0:
         3c:2b:71:fe:7d:de:7c:ef:e8:7b:42:66:83:eb:7a:c7:ec:9d:
         c5:f9:27:f8:90:d0:6c:36:d7:76:85:90:e9:c4:16:e1:f9:09:
         4a:7f:57:d0:3d:1a:b8:e6:1f:73:d0:e6:85:e9:d6:52:f8:eb:
         30:49:b0:1c:61:ac:7c:4b:f3:c1:36:4d:79:cb:ba:41:43:52:
         3b:25:38:68:82:31:ae:60:96:b7:f5:a7:96:73:19:de:90:fa:
         ff:22:3b:2b:ab:84:45:93:56:e9:7f:ad:70:79:76:55:ba:71:
         a3:51:c3:c2:14:e2:2f:d5:23:d0:89:60:5c:e7:5a:f4:00:16:
         34:0d:24:03:20:75:dd:cd:e1:0e:4e:66:17:6e:9f:32:47:a8:
         32:f7:d1:64:03:f2:71:88:81:3f:4c:ec:4c:ef:42:13:78:c8:
         c2:38:29:a4:d2:a4:53:3a:3d:14:0f:fb:40:9f:05:84:bc:12:
         3e:f0:49:b3:c3:2d:66:2d:f1:48:b8:96:f1:28:e1:63:de:00:
         5d:0e:c7:bd
-----BEGIN CERTIFICATE-----
MIIFwTCCBKmgAwIBAgIUdV2OVTxrIGVzoatiF+PVGY7L4SgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQjNFMTZCNDQyQjcwQTVENUM0NUQ4Qjg4QUI0RjU5NDVG
MTM5RTY1QzAeFw0yNDEwMTAxMjU1MDBaFw0yNTEwMDkxMzAwMDBaMDMxMTAvBgNV
BAMTKDg5MTBFNzQwRjc0RjU1QUFENTVGQzU4RDRCOTZBMTVDREUxMThEQzcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDnX8qPF9JEHMEfU1di2DZ1WNFB
L9Uux+FImu1u+k+PNPBwJpdtJaMv1zUcy/qq9dHKkTfwYqLmjvq0bPtiq9cuWQ0I
69ZS7FOcZY4jqcKonX7IXYkNZnIFMkNtui0HVnTIqYHFpPJ0JUPI5SGDokhOHIf8
UPopNsCmuAYqOnMXZIxHNqzN0kyocfFCMaYeW7b9vVrfldGi2cBoWcdXTr5Opk0a
s8l3taY8PlMNIriQNmhQ2uw2t6KGVUjIpMirBun20FMh7ZkfA6+d/6I0OUMr4W7V
bYuUm2bI8m1NQxLRval09ZP06VbiMg82VGcni0rJrj7TLl82mrRlFk4G+q+nAgMB
AAGjggLLMIICxzAdBgNVHQ4EFgQUiRDnQPdPVarVX8WNS5ahXN4RjccwHwYDVR0j
BBgwFoAUs+FrRCtwpdXEXYuIq09ZRfE55lwwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy84REJENDFCN0YwNkE0Njg3MzI2MjJDRjA1OUZDRUVGQUZB
NkJENUU2RTVBOTMwMDAyRDI4RjlFNzlDRjI2QTdCLzAvQjNFMTZCNDQyQjcwQTVE
NUM0NUQ4Qjg4QUI0RjU5NDVGMTM5RTY1Qy5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9CM0UxNkI0NDJCNzBBNUQ1QzQ1
RDhCODhBQjRGNTk0NUYxMzlFNjVDLmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvOERCRDQxQjdGMDZBNDY4NzMyNjIyQ0YwNTlGQ0VFRkFGQTZCRDVFNkU1
QTkzMDAwMkQyOEY5RTc5Q0YyNkE3Qi8wLzMyMzgzMDMzM2EzNDY2NjMzMDNhM2Ey
ZjMzMzIyZDMxMzIzODIwM2QzZTIwMzIzNjM1MzczNzM3LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKANP
wDANBgkqhkiG9w0BAQsFAAOCAQEANjBs7rMszxQEHibVxldeYjZnbllwXj7flY6a
Q2PQpMKyavB/hyg/6UlGHV525rApQwJzJETAPCtx/n3efO/oe0Jmg+t6x+ydxfkn
+JDQbDbXdoWQ6cQW4fkJSn9X0D0auOYfc9DmhenWUvjrMEmwHGGsfEvzwTZNecu6
QUNSOyU4aIIxrmCWt/WnlnMZ3pD6/yI7K6uERZNW6X+tcHl2Vbpxo1HDwhTiL9Uj
0IlgXOda9AAWNA0kAyB13c3hDk5mF26fMkeoMvfRZAPycYiBP0zsTO9CE3jIwjgp
pNKkUzo9FA/7QJ8FhLwSPvBJs8MtZi3xSLiW8SjhY94AXQ7HvQ==
-----END CERTIFICATE-----