Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/8EF707C4FD266762D19EF19863D8B5CB58EFAC8132BE06535A3DDAA2A2C47CBE/0/323830333a353965303a3a2f33322d3332203d3e20323730303231.roa
File:                     323830333a353965303a3a2f33322d3332203d3e20323730303231.roa (raw, json)
Hash identifier:          W358e58iNrP9R90gb+ZnqH+AueEglE87GUW4pe63Zkk=
Subject key identifier:   5E:81:F9:B0:5F:AA:87:95:99:9F:79:C5:30:FA:DD:A7:E5:74:23:7A
Certificate issuer:       /CN=6D9C794B5D39E9E3CCC978B3378627D090E06C4F
Certificate serial:       7E707648770E75D3C124E1322837B62DFF85C31F
Authority key identifier: 6D:9C:79:4B:5D:39:E9:E3:CC:C9:78:B3:37:86:27:D0:90:E0:6C:4F
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/6D9C794B5D39E9E3CCC978B3378627D090E06C4F.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/8EF707C4FD266762D19EF19863D8B5CB58EFAC8132BE06535A3DDAA2A2C47CBE/0/323830333a353965303a3a2f33322d3332203d3e20323730303231.roa
Signing time:             Tue 04 Feb 2025 17:59:30 +0000
ROA not before:           Tue 04 Feb 2025 17:54:30 +0000
ROA not after:            Tue 03 Feb 2026 17:59:30 +0000
asID:                     270021
IP address blocks:        2803:59e0::/32 maxlen: 32
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7e:70:76:48:77:0e:75:d3:c1:24:e1:32:28:37:b6:2d:ff:85:c3:1f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6D9C794B5D39E9E3CCC978B3378627D090E06C4F
        Validity
            Not Before: Feb  4 17:54:30 2025 GMT
            Not After : Feb  3 17:59:30 2026 GMT
        Subject: CN=5E81F9B05FAA8795999F79C530FADDA7E574237A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:c2:fa:6e:fa:8b:71:a0:ea:a4:fb:8c:ad:b9:
                    ac:5f:35:45:d6:a9:1c:db:2a:c2:4e:a2:1d:a6:3e:
                    99:c8:79:3d:e7:75:6d:0e:bf:4b:ec:35:40:77:5d:
                    0d:cd:e5:23:a9:58:f3:04:16:45:b2:47:7e:a5:88:
                    3d:0a:4e:e7:a3:ee:a3:54:37:dc:77:16:4a:38:7f:
                    c5:18:4b:b9:19:a3:a2:91:97:72:d3:93:d7:52:f0:
                    9b:47:f4:51:cf:1b:82:59:79:0e:c3:8e:3e:74:30:
                    2d:b3:cf:d6:f5:81:8f:a9:88:96:a8:83:9d:e3:b3:
                    86:14:80:05:78:fa:66:05:3c:f2:c6:25:c8:98:f3:
                    3b:d7:1d:22:f7:27:cd:16:f6:44:f4:6a:ff:40:3b:
                    1b:f2:1d:85:74:df:12:e0:9e:f0:9a:da:9f:a7:6d:
                    b1:0f:76:42:f4:49:4e:09:14:c2:c9:1f:ac:75:cf:
                    bd:71:3e:10:b1:ed:66:91:5c:88:9f:86:45:1f:8e:
                    39:97:8f:47:6f:66:9b:33:5c:98:e8:fd:f0:ff:d3:
                    9b:5d:70:bc:f6:89:a8:50:46:2a:19:51:88:7f:05:
                    ea:e9:08:49:70:50:58:22:a9:6a:fc:34:60:38:68:
                    4a:ae:bf:1a:7f:21:9e:ae:8b:4d:44:4d:bb:38:74:
                    b4:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5E:81:F9:B0:5F:AA:87:95:99:9F:79:C5:30:FA:DD:A7:E5:74:23:7A
            X509v3 Authority Key Identifier:
                keyid:6D:9C:79:4B:5D:39:E9:E3:CC:C9:78:B3:37:86:27:D0:90:E0:6C:4F

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/8EF707C4FD266762D19EF19863D8B5CB58EFAC8132BE06535A3DDAA2A2C47CBE/0/6D9C794B5D39E9E3CCC978B3378627D090E06C4F.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/6D9C794B5D39E9E3CCC978B3378627D090E06C4F.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/8EF707C4FD266762D19EF19863D8B5CB58EFAC8132BE06535A3DDAA2A2C47CBE/0/323830333a353965303a3a2f33322d3332203d3e20323730303231.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2803:59e0::/32

    Signature Algorithm: sha256WithRSAEncryption
         44:8a:27:3d:10:a6:61:61:99:5d:1e:5f:ce:f0:8f:23:bf:03:
         57:72:76:06:6b:a9:91:6c:2e:3b:5b:0a:11:04:9a:91:da:6d:
         02:98:e7:c6:bc:e9:d6:eb:9e:45:c8:d5:2b:fd:20:d0:97:8b:
         58:9d:55:46:1f:8f:d4:9e:e8:d4:96:a2:ee:f5:8b:a8:9d:54:
         68:c7:03:ca:62:6e:0f:58:5f:0a:a0:3e:66:d5:01:82:01:49:
         62:9c:8e:69:88:55:b5:bc:3b:f6:31:1c:60:38:60:59:0c:83:
         4b:45:0f:39:dd:b5:49:e6:30:9c:94:d3:0f:7e:81:cd:e5:70:
         04:2a:52:88:74:7a:ad:33:1f:96:cc:13:75:f7:8d:c3:e7:24:
         dd:56:7b:4c:6e:83:e7:61:bc:66:af:33:01:ec:29:40:3c:3a:
         33:b3:ba:36:5e:e8:8f:ee:48:f4:d9:d7:a8:a8:f9:c6:d6:56:
         50:77:89:0b:bb:be:3f:8a:5f:36:67:41:cb:30:80:6e:0d:26:
         47:03:2e:bb:73:58:0b:a9:37:1b:48:d8:84:fa:53:e2:d1:e3:
         13:ab:5a:a5:68:83:7e:89:af:5d:25:75:a4:49:c5:d1:b9:06:
         0a:33:9f:7a:8e:26:da:8a:0a:14:03:79:0b:e0:0b:a2:1e:6b:
         27:a7:a1:bd
-----BEGIN CERTIFICATE-----
MIIFvzCCBKegAwIBAgIUfnB2SHcOddPBJOEyKDe2Lf+Fwx8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNkQ5Qzc5NEI1RDM5RTlFM0NDQzk3OEIzMzc4NjI3RDA5
MEUwNkM0RjAeFw0yNTAyMDQxNzU0MzBaFw0yNjAyMDMxNzU5MzBaMDMxMTAvBgNV
BAMTKDVFODFGOUIwNUZBQTg3OTU5OTlGNzlDNTMwRkFEREE3RTU3NDIzN0EwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrwvpu+otxoOqk+4ytuaxfNUXW
qRzbKsJOoh2mPpnIeT3ndW0Ov0vsNUB3XQ3N5SOpWPMEFkWyR36liD0KTuej7qNU
N9x3Fko4f8UYS7kZo6KRl3LTk9dS8JtH9FHPG4JZeQ7Djj50MC2zz9b1gY+piJao
g53js4YUgAV4+mYFPPLGJciY8zvXHSL3J80W9kT0av9AOxvyHYV03xLgnvCa2p+n
bbEPdkL0SU4JFMLJH6x1z71xPhCx7WaRXIifhkUfjjmXj0dvZpszXJjo/fD/05td
cLz2iahQRioZUYh/BerpCElwUFgiqWr8NGA4aEquvxp/IZ6ui01ETbs4dLSNAgMB
AAGjggLJMIICxTAdBgNVHQ4EFgQUXoH5sF+qh5WZn3nFMPrdp+V0I3owHwYDVR0j
BBgwFoAUbZx5S1056ePMyXizN4Yn0JDgbE8wDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy84RUY3MDdDNEZEMjY2NzYyRDE5RUYxOTg2M0Q4QjVDQjU4
RUZBQzgxMzJCRTA2NTM1QTNEREFBMkEyQzQ3Q0JFLzAvNkQ5Qzc5NEI1RDM5RTlF
M0NDQzk3OEIzMzc4NjI3RDA5MEUwNkM0Ri5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC82RDlDNzk0QjVEMzlFOUUzQ0ND
OTc4QjMzNzg2MjdEMDkwRTA2QzRGLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvOEVGNzA3QzRGRDI2Njc2MkQxOUVGMTk4NjNEOEI1Q0I1OEVGQUM4MTMy
QkUwNjUzNUEzRERBQTJBMkM0N0NCRS8wLzMyMzgzMDMzM2EzNTM5NjUzMDNhM2Ey
ZjMzMzIyZDMzMzIyMDNkM2UyMDMyMzczMDMwMzIzMS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACgDWeAw
DQYJKoZIhvcNAQELBQADggEBAESKJz0QpmFhmV0eX87wjyO/A1dydgZrqZFsLjtb
ChEEmpHabQKY58a86dbrnkXI1Sv9INCXi1idVUYfj9Se6NSWou71i6idVGjHA8pi
bg9YXwqgPmbVAYIBSWKcjmmIVbW8O/YxHGA4YFkMg0tFDzndtUnmMJyU0w9+gc3l
cAQqUoh0eq0zH5bME3X3jcPnJN1We0xug+dhvGavMwHsKUA8OjOzujZe6I/uSPTZ
16io+cbWVlB3iQu7vj+KXzZnQcswgG4NJkcDLrtzWAupNxtI2IT6U+LR4xOrWqVo
g36Jr10ldaRJxdG5Bgozn3qOJtqKChQDeQvgC6Ieayenob0=
-----END CERTIFICATE-----