Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/9072CC7AC9935A96AECDC3B156F0BE285AC0D2F3E2B26466F87D7C39639FE7C9/0/323830333a363930303a3534363a3a2f34372d3438203d3e203532343233.roa
File:                     323830333a363930303a3534363a3a2f34372d3438203d3e203532343233.roa (raw, json)
Hash identifier:          OF72oXo7e158YCaENRuXrro2shM6SatZTdVAiRyCaYE=
Subject key identifier:   CB:FB:5D:32:3C:E7:66:5D:39:25:77:52:6C:88:DD:A6:72:31:1E:46
Certificate issuer:       /CN=522A19041F7AD8D0B4F97D6DDAFC99C2590276AB
Certificate serial:       079F2914E214DD8CE9032DA7BD67D073D57C2D8A
Authority key identifier: 52:2A:19:04:1F:7A:D8:D0:B4:F9:7D:6D:DA:FC:99:C2:59:02:76:AB
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/522A19041F7AD8D0B4F97D6DDAFC99C2590276AB.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/9072CC7AC9935A96AECDC3B156F0BE285AC0D2F3E2B26466F87D7C39639FE7C9/0/323830333a363930303a3534363a3a2f34372d3438203d3e203532343233.roa
Signing time:             Tue 04 Feb 2025 18:20:41 +0000
ROA not before:           Tue 04 Feb 2025 18:15:41 +0000
ROA not after:            Tue 03 Feb 2026 18:20:41 +0000
asID:                     52423
IP address blocks:        2803:6900:546::/47 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            07:9f:29:14:e2:14:dd:8c:e9:03:2d:a7:bd:67:d0:73:d5:7c:2d:8a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=522A19041F7AD8D0B4F97D6DDAFC99C2590276AB
        Validity
            Not Before: Feb  4 18:15:41 2025 GMT
            Not After : Feb  3 18:20:41 2026 GMT
        Subject: CN=CBFB5D323CE7665D392577526C88DDA672311E46
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:4e:43:71:5a:3c:65:9b:c8:62:ac:b5:cb:d9:
                    85:b1:62:91:1a:af:b0:c4:27:6b:7d:45:0a:39:4a:
                    20:fd:51:e1:3a:d6:0c:de:70:1f:f6:87:e9:6f:12:
                    a0:9b:9e:41:04:7c:84:5e:ce:79:aa:a6:ea:17:ae:
                    8c:aa:18:46:32:bf:c1:83:d7:f1:d0:9b:b4:73:36:
                    78:ff:f2:38:eb:9a:a5:7d:1f:68:95:a3:60:82:15:
                    9e:40:86:0c:f2:b4:c2:f1:22:e5:2f:3a:80:ce:51:
                    b4:58:09:b2:5a:13:87:e8:56:f5:7a:26:67:c3:f1:
                    df:26:9c:96:f0:ae:ce:b3:90:77:55:ba:ed:62:04:
                    82:0d:1f:a9:2c:44:79:5f:33:37:4b:40:94:bf:f4:
                    60:a7:07:eb:34:71:cd:57:2e:22:d1:e3:d1:5e:50:
                    e0:c2:8c:d8:c6:00:95:ef:d9:73:10:a2:3c:a5:a7:
                    58:bd:44:69:13:0e:0f:a9:d0:95:a2:0a:fd:4a:11:
                    64:ba:cd:a2:f2:21:20:7b:62:48:6b:ba:1d:79:d3:
                    01:55:46:49:c0:26:d9:41:3c:5c:61:30:6c:3b:1f:
                    40:2a:9d:3b:9f:cf:5e:c1:58:90:ff:70:ef:65:7b:
                    7b:b9:db:d2:19:99:4a:01:b2:c8:b3:4e:ec:7f:79:
                    7f:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CB:FB:5D:32:3C:E7:66:5D:39:25:77:52:6C:88:DD:A6:72:31:1E:46
            X509v3 Authority Key Identifier:
                keyid:52:2A:19:04:1F:7A:D8:D0:B4:F9:7D:6D:DA:FC:99:C2:59:02:76:AB

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/9072CC7AC9935A96AECDC3B156F0BE285AC0D2F3E2B26466F87D7C39639FE7C9/0/522A19041F7AD8D0B4F97D6DDAFC99C2590276AB.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/522A19041F7AD8D0B4F97D6DDAFC99C2590276AB.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/9072CC7AC9935A96AECDC3B156F0BE285AC0D2F3E2B26466F87D7C39639FE7C9/0/323830333a363930303a3534363a3a2f34372d3438203d3e203532343233.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2803:6900:546::/47

    Signature Algorithm: sha256WithRSAEncryption
         83:37:14:8e:c7:5d:33:95:e9:39:7b:51:c2:7a:cb:3c:f4:3b:
         72:15:0b:c6:0e:aa:e3:2a:22:64:ae:13:b7:1d:d0:be:05:45:
         c5:c0:e6:33:8a:72:d2:82:a4:f3:c9:10:31:0f:af:a3:23:15:
         c4:3e:b3:60:d9:90:7a:d2:19:13:9a:2a:f7:38:44:db:82:ed:
         38:21:9a:4e:e3:a7:e2:1f:45:6e:5f:17:08:44:98:ac:e4:97:
         0a:e2:d4:d5:5d:79:8c:71:23:7d:78:d2:7e:43:20:9a:fe:d7:
         3f:05:b7:fe:f4:37:ba:8a:d6:e1:10:31:d0:a9:96:19:20:27:
         1a:d6:ed:b7:55:34:24:21:81:71:71:bb:b2:2f:d0:da:d3:33:
         98:d0:c7:23:c9:28:72:0b:5e:12:3c:7f:f7:8a:1d:89:b9:93:
         7c:94:8a:2c:08:9e:da:72:da:e3:fa:93:58:8c:04:f8:9e:7c:
         2c:e7:87:fa:0f:28:51:62:d9:c6:d2:fc:8a:6e:c7:71:78:be:
         99:3e:f4:85:e6:4c:fc:da:e5:c5:29:73:47:fa:8f:c4:58:87:
         71:fc:14:51:8a:9d:78:68:b1:48:49:6e:2c:c0:20:8b:eb:f5:
         80:fa:2c:37:15:85:2e:aa:22:bb:8b:4e:42:a3:26:5e:c5:e4:
         e2:01:80:a5
-----BEGIN CERTIFICATE-----
MIIFxzCCBK+gAwIBAgIUB58pFOIU3YzpAy2nvWfQc9V8LYowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNTIyQTE5MDQxRjdBRDhEMEI0Rjk3RDZEREFGQzk5QzI1
OTAyNzZBQjAeFw0yNTAyMDQxODE1NDFaFw0yNjAyMDMxODIwNDFaMDMxMTAvBgNV
BAMTKENCRkI1RDMyM0NFNzY2NUQzOTI1Nzc1MjZDODhEREE2NzIzMTFFNDYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCsTkNxWjxlm8hirLXL2YWxYpEa
r7DEJ2t9RQo5SiD9UeE61gzecB/2h+lvEqCbnkEEfIReznmqpuoXroyqGEYyv8GD
1/HQm7RzNnj/8jjrmqV9H2iVo2CCFZ5AhgzytMLxIuUvOoDOUbRYCbJaE4foVvV6
JmfD8d8mnJbwrs6zkHdVuu1iBIINH6ksRHlfMzdLQJS/9GCnB+s0cc1XLiLR49Fe
UODCjNjGAJXv2XMQojylp1i9RGkTDg+p0JWiCv1KEWS6zaLyISB7Ykhruh150wFV
RknAJtlBPFxhMGw7H0AqnTufz17BWJD/cO9le3u529IZmUoBssizTux/eX8JAgMB
AAGjggLRMIICzTAdBgNVHQ4EFgQUy/tdMjznZl05JXdSbIjdpnIxHkYwHwYDVR0j
BBgwFoAUUioZBB962NC0+X1t2vyZwlkCdqswDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy85MDcyQ0M3QUM5OTM1QTk2QUVDREMzQjE1NkYwQkUyODVB
QzBEMkYzRTJCMjY0NjZGODdEN0MzOTYzOUZFN0M5LzAvNTIyQTE5MDQxRjdBRDhE
MEI0Rjk3RDZEREFGQzk5QzI1OTAyNzZBQi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC81MjJBMTkwNDFGN0FEOEQwQjRG
OTdENkREQUZDOTlDMjU5MDI3NkFCLmNlcjCBzQYIKwYBBQUHAQsEgcAwgb0wgboG
CCsGAQUFBzALhoGtcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvOTA3MkNDN0FDOTkzNUE5NkFFQ0RDM0IxNTZGMEJFMjg1QUMwRDJGM0Uy
QjI2NDY2Rjg3RDdDMzk2MzlGRTdDOS8wLzMyMzgzMDMzM2EzNjM5MzAzMDNhMzUz
NDM2M2EzYTJmMzQzNzJkMzQzODIwM2QzZTIwMzUzMjM0MzIzMy5yb2EwGAYDVR0g
AQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMH
ASgDaQAFRjANBgkqhkiG9w0BAQsFAAOCAQEAgzcUjsddM5XpOXtRwnrLPPQ7chUL
xg6q4yoiZK4Ttx3QvgVFxcDmM4py0oKk88kQMQ+voyMVxD6zYNmQetIZE5oq9zhE
24LtOCGaTuOn4h9Fbl8XCESYrOSXCuLU1V15jHEjfXjSfkMgmv7XPwW3/vQ3uorW
4RAx0KmWGSAnGtbtt1U0JCGBcXG7si/Q2tMzmNDHI8kocgteEjx/94odibmTfJSK
LAie2nLa4/qTWIwE+J58LOeH+g8oUWLZxtL8im7HcXi+mT70heZM/NrlxSlzR/qP
xFiHcfwUUYqdeGixSEluLMAgi+v1gPosNxWFLqoiu4tOQqMmXsXk4gGApQ==
-----END CERTIFICATE-----