Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/8FECD5798E3294C3D469818A080FF5CECA775E61554192DD987E1EE7363DB6F7/0/323830303a3131303a333430303a3a2f34382d3438203d3e203238303638.roa
File:                     323830303a3131303a333430303a3a2f34382d3438203d3e203238303638.roa (raw, json)
Hash identifier:          oV9tSOH6MzsgwIZgUcZG6bIycU6CO6wQS8ebrB72smE=
Subject key identifier:   56:DD:31:61:56:A6:9D:AD:EA:CE:0B:B5:93:8A:B9:B0:3A:8A:CD:41
Certificate issuer:       /CN=22D4B25C65781140A2B8DB968C7D0B813D457F0B
Certificate serial:       4F48DD9F92F99669930749CC07BF8CBB05D40BC0
Authority key identifier: 22:D4:B2:5C:65:78:11:40:A2:B8:DB:96:8C:7D:0B:81:3D:45:7F:0B
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/22D4B25C65781140A2B8DB968C7D0B813D457F0B.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/8FECD5798E3294C3D469818A080FF5CECA775E61554192DD987E1EE7363DB6F7/0/323830303a3131303a333430303a3a2f34382d3438203d3e203238303638.roa
Signing time:             Tue 04 Feb 2025 18:26:58 +0000
ROA not before:           Tue 04 Feb 2025 18:21:58 +0000
ROA not after:            Tue 03 Feb 2026 18:26:58 +0000
asID:                     28068
IP address blocks:        2800:110:3400::/48 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4f:48:dd:9f:92:f9:96:69:93:07:49:cc:07:bf:8c:bb:05:d4:0b:c0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22D4B25C65781140A2B8DB968C7D0B813D457F0B
        Validity
            Not Before: Feb  4 18:21:58 2025 GMT
            Not After : Feb  3 18:26:58 2026 GMT
        Subject: CN=56DD316156A69DADEACE0BB5938AB9B03A8ACD41
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:fa:99:a5:fc:7d:fc:0a:d6:45:22:c3:33:ba:
                    25:00:04:8a:d3:2e:0c:cc:6a:1c:b0:a3:a2:8b:b3:
                    d2:a7:f4:c6:97:28:1c:a0:25:d6:d8:42:2d:c1:f9:
                    01:8f:e6:a3:5f:3c:24:4d:27:8c:13:50:8e:95:30:
                    82:29:dd:e6:26:64:96:f1:91:5b:01:e2:ec:e2:38:
                    c1:bc:59:06:09:e4:a6:d2:e2:dd:d3:69:7f:45:41:
                    d3:52:91:15:e4:fe:46:2b:c6:0a:f9:b7:a4:37:c2:
                    71:7d:7f:47:15:85:07:54:85:cb:38:45:7b:40:79:
                    51:11:f6:32:09:ef:0a:ae:80:48:6c:76:20:ee:a6:
                    85:f4:e9:48:a0:91:2b:5f:76:4c:ba:db:c9:b7:98:
                    1e:ba:e0:70:4b:8e:e3:8f:64:25:de:7b:f0:fb:20:
                    16:84:9f:d4:74:12:75:ba:9d:3d:91:fc:6d:f3:b1:
                    ce:09:d5:20:e3:df:ed:9c:c9:22:e1:bb:d6:22:8b:
                    a2:4c:03:d3:ae:06:c4:8f:af:db:ca:72:50:85:a4:
                    fe:64:78:ec:01:e5:18:2f:d2:7d:25:e7:53:66:69:
                    da:4a:ca:87:b2:8e:ed:a5:9d:75:7e:2d:95:29:aa:
                    0a:95:ad:d4:17:92:7e:1e:48:dd:4e:b3:b3:2a:0e:
                    fd:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                56:DD:31:61:56:A6:9D:AD:EA:CE:0B:B5:93:8A:B9:B0:3A:8A:CD:41
            X509v3 Authority Key Identifier:
                keyid:22:D4:B2:5C:65:78:11:40:A2:B8:DB:96:8C:7D:0B:81:3D:45:7F:0B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/8FECD5798E3294C3D469818A080FF5CECA775E61554192DD987E1EE7363DB6F7/0/22D4B25C65781140A2B8DB968C7D0B813D457F0B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/22D4B25C65781140A2B8DB968C7D0B813D457F0B.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/8FECD5798E3294C3D469818A080FF5CECA775E61554192DD987E1EE7363DB6F7/0/323830303a3131303a333430303a3a2f34382d3438203d3e203238303638.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2800:110:3400::/48

    Signature Algorithm: sha256WithRSAEncryption
         b3:e4:fa:87:45:51:4c:b1:c4:67:2b:4c:5e:a1:f4:fd:41:66:
         bc:f9:72:2e:1d:2a:87:52:dd:e7:20:83:69:5b:fc:da:cb:56:
         a3:28:c6:9f:7b:9f:04:e1:a6:e7:c8:a3:35:c4:cd:92:8d:c8:
         4f:12:2c:50:9c:7c:d4:f1:df:45:fb:c9:16:c3:6e:51:e1:39:
         6a:99:ed:d8:3b:4c:4e:81:43:15:54:65:7b:15:93:99:24:6a:
         c4:33:5c:57:df:0a:8e:62:3e:e2:d3:6f:c9:39:7b:c4:9f:6a:
         77:93:64:28:83:71:67:5c:b6:55:c4:4c:77:e0:4e:63:40:14:
         ab:cb:79:f7:88:74:20:60:34:f9:b2:af:f7:73:51:93:a8:09:
         7d:9e:a3:79:21:06:ba:59:87:ae:14:5d:8c:b6:b6:2c:bd:f7:
         06:37:fa:10:dd:d5:16:a9:a9:ec:37:0e:77:79:0f:f6:5d:b3:
         fa:78:3b:68:b5:a0:d2:2a:6a:de:1b:86:c3:ec:aa:ca:23:79:
         92:6d:0d:2c:94:58:2e:b2:c7:6c:44:0f:2e:54:e7:9c:81:44:
         3d:71:fe:e4:0d:13:e4:f1:a5:97:96:e4:16:19:a7:e0:c5:eb:
         78:0b:8a:61:01:86:c1:3b:81:ed:41:df:90:ff:87:bd:98:e9:
         4b:30:86:ae
-----BEGIN CERTIFICATE-----
MIIFxzCCBK+gAwIBAgIUT0jdn5L5lmmTB0nMB7+MuwXUC8AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjJENEIyNUM2NTc4MTE0MEEyQjhEQjk2OEM3RDBCODEz
RDQ1N0YwQjAeFw0yNTAyMDQxODIxNThaFw0yNjAyMDMxODI2NThaMDMxMTAvBgNV
BAMTKDU2REQzMTYxNTZBNjlEQURFQUNFMEJCNTkzOEFCOUIwM0E4QUNENDEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCt+pml/H38CtZFIsMzuiUABIrT
LgzMahywo6KLs9Kn9MaXKBygJdbYQi3B+QGP5qNfPCRNJ4wTUI6VMIIp3eYmZJbx
kVsB4uziOMG8WQYJ5KbS4t3TaX9FQdNSkRXk/kYrxgr5t6Q3wnF9f0cVhQdUhcs4
RXtAeVER9jIJ7wqugEhsdiDupoX06UigkStfdky628m3mB664HBLjuOPZCXee/D7
IBaEn9R0EnW6nT2R/G3zsc4J1SDj3+2cySLhu9Yii6JMA9OuBsSPr9vKclCFpP5k
eOwB5Rgv0n0l51NmadpKyoeyju2lnXV+LZUpqgqVrdQXkn4eSN1Os7MqDv2FAgMB
AAGjggLRMIICzTAdBgNVHQ4EFgQUVt0xYVamna3qzgu1k4q5sDqKzUEwHwYDVR0j
BBgwFoAUItSyXGV4EUCiuNuWjH0LgT1FfwswDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy84RkVDRDU3OThFMzI5NEMzRDQ2OTgxOEEwODBGRjVDRUNB
Nzc1RTYxNTU0MTkyREQ5ODdFMUVFNzM2M0RCNkY3LzAvMjJENEIyNUM2NTc4MTE0
MEEyQjhEQjk2OEM3RDBCODEzRDQ1N0YwQi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8yMkQ0QjI1QzY1NzgxMTQwQTJC
OERCOTY4QzdEMEI4MTNENDU3RjBCLmNlcjCBzQYIKwYBBQUHAQsEgcAwgb0wgboG
CCsGAQUFBzALhoGtcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvOEZFQ0Q1Nzk4RTMyOTRDM0Q0Njk4MThBMDgwRkY1Q0VDQTc3NUU2MTU1
NDE5MkREOTg3RTFFRTczNjNEQjZGNy8wLzMyMzgzMDMwM2EzMTMxMzAzYTMzMzQz
MDMwM2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIzODMwMzYzOC5yb2EwGAYDVR0g
AQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMH
ACgAARA0ADANBgkqhkiG9w0BAQsFAAOCAQEAs+T6h0VRTLHEZytMXqH0/UFmvPly
Lh0qh1Ld5yCDaVv82stWoyjGn3ufBOGm58ijNcTNko3ITxIsUJx81PHfRfvJFsNu
UeE5apnt2DtMToFDFVRlexWTmSRqxDNcV98KjmI+4tNvyTl7xJ9qd5NkKINxZ1y2
VcRMd+BOY0AUq8t594h0IGA0+bKv93NRk6gJfZ6jeSEGulmHrhRdjLa2LL33Bjf6
EN3VFqmp7DcOd3kP9l2z+ng7aLWg0ipq3huGw+yqyiN5km0NLJRYLrLHbEQPLlTn
nIFEPXH+5A0T5PGll5bkFhmn4MXreAuKYQGGwTuB7UHfkP+HvZjpSzCGrg==
-----END CERTIFICATE-----