Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/9072CC7AC9935A96AECDC3B156F0BE285AC0D2F3E2B26466F87D7C39639FE7C9/0/323830333a363930303a3532343a3a2f34382d3438203d3e203532343233.roa
File:                     323830333a363930303a3532343a3a2f34382d3438203d3e203532343233.roa (raw, json)
Hash identifier:          Tjb73wegGv0YJXvlrsaniZuIp8WwIYuTthttLFLCoBk=
Subject key identifier:   3C:4C:E9:DB:0B:33:6C:83:CE:F8:2C:76:B6:76:C0:25:01:7F:9C:A9
Certificate issuer:       /CN=522A19041F7AD8D0B4F97D6DDAFC99C2590276AB
Certificate serial:       62438DDE6852F9C918F9C9F7B4DD3B6417E88F03
Authority key identifier: 52:2A:19:04:1F:7A:D8:D0:B4:F9:7D:6D:DA:FC:99:C2:59:02:76:AB
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/522A19041F7AD8D0B4F97D6DDAFC99C2590276AB.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/9072CC7AC9935A96AECDC3B156F0BE285AC0D2F3E2B26466F87D7C39639FE7C9/0/323830333a363930303a3532343a3a2f34382d3438203d3e203532343233.roa
Signing time:             Tue 04 Feb 2025 18:20:44 +0000
ROA not before:           Tue 04 Feb 2025 18:15:44 +0000
ROA not after:            Tue 03 Feb 2026 18:20:44 +0000
asID:                     52423
IP address blocks:        2803:6900:524::/48 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            62:43:8d:de:68:52:f9:c9:18:f9:c9:f7:b4:dd:3b:64:17:e8:8f:03
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=522A19041F7AD8D0B4F97D6DDAFC99C2590276AB
        Validity
            Not Before: Feb  4 18:15:44 2025 GMT
            Not After : Feb  3 18:20:44 2026 GMT
        Subject: CN=3C4CE9DB0B336C83CEF82C76B676C025017F9CA9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:a4:a9:78:ad:85:08:a3:90:fb:6d:95:47:6a:
                    b6:80:03:1a:c3:12:5d:54:2e:f1:34:70:40:3a:9d:
                    92:6c:1b:17:b7:c7:ba:f4:41:75:80:f6:20:8e:94:
                    f5:ec:7e:0c:ba:2b:ca:fc:ea:80:20:c3:a5:49:67:
                    43:cc:a2:12:34:2d:dc:87:b8:13:06:36:95:ee:aa:
                    d7:da:c4:c8:b3:a2:1f:03:3c:9c:74:c3:f5:a6:6a:
                    b1:8e:f1:c3:56:72:4b:c0:2e:ba:ab:41:0b:9d:35:
                    9d:01:50:0a:c4:31:32:5b:99:52:27:8b:99:c7:16:
                    3d:01:3b:36:f8:17:4e:a6:8e:b7:0f:ea:16:b8:f1:
                    df:1f:bb:be:92:6e:43:63:85:04:48:7a:58:25:72:
                    13:b0:77:72:f7:c7:bf:34:22:d1:66:8b:92:45:13:
                    5d:cf:e8:ce:70:59:bf:e7:93:0e:59:35:34:50:2c:
                    85:98:fc:bb:d9:30:0f:e7:5d:c5:3d:bd:4a:3f:b2:
                    9a:3f:36:8d:89:96:5b:53:cd:d7:54:3b:d6:2c:79:
                    bd:4a:bf:d1:2d:0d:9d:64:cd:2b:57:19:a8:8a:e5:
                    61:82:b3:f8:59:3f:f6:8d:f8:ab:72:47:00:06:aa:
                    49:16:f1:e7:53:a6:74:64:7a:96:ee:96:52:39:48:
                    e5:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3C:4C:E9:DB:0B:33:6C:83:CE:F8:2C:76:B6:76:C0:25:01:7F:9C:A9
            X509v3 Authority Key Identifier:
                keyid:52:2A:19:04:1F:7A:D8:D0:B4:F9:7D:6D:DA:FC:99:C2:59:02:76:AB

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/9072CC7AC9935A96AECDC3B156F0BE285AC0D2F3E2B26466F87D7C39639FE7C9/0/522A19041F7AD8D0B4F97D6DDAFC99C2590276AB.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/522A19041F7AD8D0B4F97D6DDAFC99C2590276AB.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/9072CC7AC9935A96AECDC3B156F0BE285AC0D2F3E2B26466F87D7C39639FE7C9/0/323830333a363930303a3532343a3a2f34382d3438203d3e203532343233.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2803:6900:524::/48

    Signature Algorithm: sha256WithRSAEncryption
         79:1e:1f:96:9a:06:06:d1:7f:61:23:d2:21:3c:a3:5f:3e:a4:
         35:81:11:cc:ae:d0:8c:6b:41:78:08:03:51:59:23:6b:58:6c:
         09:83:0f:45:3c:e1:50:49:96:22:20:4a:7a:7f:b0:cf:f8:07:
         17:fa:90:66:5a:e1:0e:14:72:39:be:6f:65:67:76:e2:e4:52:
         5c:2c:e6:04:e8:bd:d6:69:ad:23:bf:32:9d:75:01:57:53:f3:
         c2:14:cf:a3:2b:70:73:70:7d:89:c8:6d:6d:52:16:83:db:5e:
         bf:73:44:ff:40:51:c7:99:ce:9c:75:b9:b5:1f:a4:a3:8a:86:
         07:d8:c5:04:68:16:89:19:69:68:d5:1d:d1:55:c9:d0:36:39:
         1d:e3:04:bf:88:b1:3e:49:10:fa:a7:3d:57:37:2b:63:05:59:
         1c:9d:89:3f:83:25:9b:95:c9:d1:db:05:72:5d:82:00:01:eb:
         12:24:49:d4:4f:1d:80:d1:7a:74:ad:ef:af:36:dd:4d:75:b9:
         a5:a0:e5:ab:58:24:9a:31:c1:18:42:e6:fe:be:25:88:0e:0c:
         be:1c:a3:9e:10:fe:fe:c7:a5:79:c0:44:b2:36:2d:23:8f:fb:
         ec:fc:a1:bd:d3:83:c9:b8:2a:3b:9a:2f:11:17:d2:41:23:06:
         7f:3a:73:65
-----BEGIN CERTIFICATE-----
MIIFxzCCBK+gAwIBAgIUYkON3mhS+ckY+cn3tN07ZBfojwMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNTIyQTE5MDQxRjdBRDhEMEI0Rjk3RDZEREFGQzk5QzI1
OTAyNzZBQjAeFw0yNTAyMDQxODE1NDRaFw0yNjAyMDMxODIwNDRaMDMxMTAvBgNV
BAMTKDNDNENFOURCMEIzMzZDODNDRUY4MkM3NkI2NzZDMDI1MDE3RjlDQTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDbpKl4rYUIo5D7bZVHaraAAxrD
El1ULvE0cEA6nZJsGxe3x7r0QXWA9iCOlPXsfgy6K8r86oAgw6VJZ0PMohI0LdyH
uBMGNpXuqtfaxMizoh8DPJx0w/WmarGO8cNWckvALrqrQQudNZ0BUArEMTJbmVIn
i5nHFj0BOzb4F06mjrcP6ha48d8fu76SbkNjhQRIelglchOwd3L3x780ItFmi5JF
E13P6M5wWb/nkw5ZNTRQLIWY/LvZMA/nXcU9vUo/spo/No2JlltTzddUO9Yseb1K
v9EtDZ1kzStXGaiK5WGCs/hZP/aN+KtyRwAGqkkW8edTpnRkepbullI5SOVLAgMB
AAGjggLRMIICzTAdBgNVHQ4EFgQUPEzp2wszbIPO+Cx2tnbAJQF/nKkwHwYDVR0j
BBgwFoAUUioZBB962NC0+X1t2vyZwlkCdqswDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy85MDcyQ0M3QUM5OTM1QTk2QUVDREMzQjE1NkYwQkUyODVB
QzBEMkYzRTJCMjY0NjZGODdEN0MzOTYzOUZFN0M5LzAvNTIyQTE5MDQxRjdBRDhE
MEI0Rjk3RDZEREFGQzk5QzI1OTAyNzZBQi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC81MjJBMTkwNDFGN0FEOEQwQjRG
OTdENkREQUZDOTlDMjU5MDI3NkFCLmNlcjCBzQYIKwYBBQUHAQsEgcAwgb0wgboG
CCsGAQUFBzALhoGtcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvOTA3MkNDN0FDOTkzNUE5NkFFQ0RDM0IxNTZGMEJFMjg1QUMwRDJGM0Uy
QjI2NDY2Rjg3RDdDMzk2MzlGRTdDOS8wLzMyMzgzMDMzM2EzNjM5MzAzMDNhMzUz
MjM0M2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzUzMjM0MzIzMy5yb2EwGAYDVR0g
AQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMH
ACgDaQAFJDANBgkqhkiG9w0BAQsFAAOCAQEAeR4flpoGBtF/YSPSITyjXz6kNYER
zK7QjGtBeAgDUVkja1hsCYMPRTzhUEmWIiBKen+wz/gHF/qQZlrhDhRyOb5vZWd2
4uRSXCzmBOi91mmtI78ynXUBV1PzwhTPoytwc3B9ichtbVIWg9tev3NE/0BRx5nO
nHW5tR+ko4qGB9jFBGgWiRlpaNUd0VXJ0DY5HeMEv4ixPkkQ+qc9VzcrYwVZHJ2J
P4Mlm5XJ0dsFcl2CAAHrEiRJ1E8dgNF6dK3vrzbdTXW5paDlq1gkmjHBGELm/r4l
iA4MvhyjnhD+/selecBEsjYtI4/77PyhvdODybgqO5ovERfSQSMGfzpzZQ==
-----END CERTIFICATE-----