Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/A799CC9E3583D4E8E794A0ABEEC59F9B172E6489CBCBFA2E66491362C3C5964F/0/323830333a623739303a3730303a3a2f34302d3430203d3e20323733303638.roa
File:                     323830333a623739303a3730303a3a2f34302d3430203d3e20323733303638.roa (raw, json)
Hash identifier:          DDK4k3Jmmrzsm96bMGjdfjsE7w+I71d3y8xEpz0nfSk=
Subject key identifier:   9F:7B:25:B5:09:BD:66:1C:6E:C0:6F:96:8D:15:D1:C0:C0:74:42:DE
Certificate issuer:       /CN=0DFF2DC79EE538393460BA53D01DC71916150D41
Certificate serial:       23B4DDA34AFFF354B325F96A9B9353E4C966DFC6
Authority key identifier: 0D:FF:2D:C7:9E:E5:38:39:34:60:BA:53:D0:1D:C7:19:16:15:0D:41
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/0DFF2DC79EE538393460BA53D01DC71916150D41.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/A799CC9E3583D4E8E794A0ABEEC59F9B172E6489CBCBFA2E66491362C3C5964F/0/323830333a623739303a3730303a3a2f34302d3430203d3e20323733303638.roa
Signing time:             Thu 04 Jul 2024 20:10:01 +0000
ROA not before:           Thu 04 Jul 2024 20:05:01 +0000
ROA not after:            Thu 03 Jul 2025 20:10:01 +0000
asID:                     273068
IP address blocks:        2803:b790:700::/40 maxlen: 40
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            23:b4:dd:a3:4a:ff:f3:54:b3:25:f9:6a:9b:93:53:e4:c9:66:df:c6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0DFF2DC79EE538393460BA53D01DC71916150D41
        Validity
            Not Before: Jul  4 20:05:01 2024 GMT
            Not After : Jul  3 20:10:01 2025 GMT
        Subject: CN=9F7B25B509BD661C6EC06F968D15D1C0C07442DE
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:d7:d6:03:15:e5:b5:59:79:0a:61:10:56:24:
                    53:5e:39:83:98:ca:b2:76:aa:39:33:d2:77:30:ef:
                    6a:c6:8b:45:e6:15:5d:f5:ff:7a:8f:5f:c4:83:c0:
                    4e:24:cf:46:8a:1f:be:95:4c:ba:ec:b3:50:4a:62:
                    11:c7:c0:53:0b:85:09:38:9b:6d:81:ff:42:a3:c1:
                    78:91:9c:51:98:10:77:66:18:92:64:3c:2b:c8:19:
                    02:da:22:d5:2f:28:70:45:83:ea:e5:dd:df:f4:88:
                    3a:b9:b3:13:5c:a3:d3:dc:77:95:a8:dc:85:b2:e1:
                    a2:32:0a:d1:be:00:cf:4e:fe:0e:8e:8f:32:7c:60:
                    d3:90:0a:a2:28:cb:03:65:5f:a1:af:06:ca:bb:2c:
                    02:ce:b7:6b:3a:15:f0:b0:87:78:1a:23:99:0f:90:
                    ed:26:de:f5:9e:0e:60:d5:25:09:bd:f7:8d:0b:01:
                    fe:69:4a:f7:b1:d5:c0:13:2c:88:cc:d9:c2:d3:ac:
                    9a:98:5a:17:c1:08:b1:35:c8:a1:64:84:44:2c:2d:
                    bc:9e:16:e2:ff:a9:d2:d4:a4:50:8a:fd:df:56:fa:
                    3f:e1:52:94:a8:f7:f6:e5:0b:06:ce:0a:49:12:ac:
                    09:4e:19:f4:e8:c0:11:74:0e:63:5b:98:a3:4e:f3:
                    44:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9F:7B:25:B5:09:BD:66:1C:6E:C0:6F:96:8D:15:D1:C0:C0:74:42:DE
            X509v3 Authority Key Identifier:
                keyid:0D:FF:2D:C7:9E:E5:38:39:34:60:BA:53:D0:1D:C7:19:16:15:0D:41

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/A799CC9E3583D4E8E794A0ABEEC59F9B172E6489CBCBFA2E66491362C3C5964F/0/0DFF2DC79EE538393460BA53D01DC71916150D41.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/0DFF2DC79EE538393460BA53D01DC71916150D41.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/A799CC9E3583D4E8E794A0ABEEC59F9B172E6489CBCBFA2E66491362C3C5964F/0/323830333a623739303a3730303a3a2f34302d3430203d3e20323733303638.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2803:b790:700::/40

    Signature Algorithm: sha256WithRSAEncryption
         15:1d:80:51:be:36:2a:dc:d3:03:68:96:62:0d:18:7d:15:d3:
         ac:5c:8f:16:16:47:b7:ec:54:83:73:77:e8:35:f5:05:30:62:
         77:eb:3b:ba:7c:96:7b:65:7f:c7:53:75:84:ad:62:3c:c0:f4:
         e5:0e:e2:02:1b:c0:d5:b3:e0:a9:fb:be:68:69:dd:1b:1d:3c:
         62:92:75:9d:04:ab:51:3c:af:d5:c0:e0:33:72:3f:06:a1:cf:
         c6:2c:04:e5:19:15:d1:05:4b:9f:c5:a6:e4:03:6e:2e:37:1b:
         42:1c:9f:a7:f0:07:f8:34:61:d9:e5:9c:d0:71:0c:d1:e1:d8:
         06:d8:2b:40:f1:52:56:c6:53:92:77:9c:1d:92:93:40:c5:e5:
         d4:40:3f:04:d5:a4:fb:1d:b8:91:e9:cd:85:85:43:56:78:af:
         bb:57:2f:90:60:a8:9c:29:b5:f6:fb:3e:f8:e4:32:5f:fb:9f:
         cc:60:36:3b:ef:8e:57:21:6f:b7:6c:14:00:4a:79:b8:55:e6:
         b1:d7:4a:94:a1:3a:0b:21:90:f9:8b:c3:0a:7b:19:48:7f:4d:
         5d:99:22:7c:51:44:9e:53:13:80:c2:94:f4:f4:6d:57:56:ed:
         5a:09:ce:91:e5:56:a5:fb:e5:22:02:b1:b4:5d:88:27:19:a9:
         3f:f1:78:e0
-----BEGIN CERTIFICATE-----
MIIFyDCCBLCgAwIBAgIUI7Tdo0r/81SzJflqm5NT5Mlm38YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMERGRjJEQzc5RUU1MzgzOTM0NjBCQTUzRDAxREM3MTkx
NjE1MEQ0MTAeFw0yNDA3MDQyMDA1MDFaFw0yNTA3MDMyMDEwMDFaMDMxMTAvBgNV
BAMTKDlGN0IyNUI1MDlCRDY2MUM2RUMwNkY5NjhEMTVEMUMwQzA3NDQyREUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+19YDFeW1WXkKYRBWJFNeOYOY
yrJ2qjkz0ncw72rGi0XmFV31/3qPX8SDwE4kz0aKH76VTLrss1BKYhHHwFMLhQk4
m22B/0KjwXiRnFGYEHdmGJJkPCvIGQLaItUvKHBFg+rl3d/0iDq5sxNco9Pcd5Wo
3IWy4aIyCtG+AM9O/g6OjzJ8YNOQCqIoywNlX6GvBsq7LALOt2s6FfCwh3gaI5kP
kO0m3vWeDmDVJQm9940LAf5pSvex1cATLIjM2cLTrJqYWhfBCLE1yKFkhEQsLbye
FuL/qdLUpFCK/d9W+j/hUpSo9/blCwbOCkkSrAlOGfTowBF0DmNbmKNO80QzAgMB
AAGjggLSMIICzjAdBgNVHQ4EFgQUn3sltQm9ZhxuwG+WjRXRwMB0Qt4wHwYDVR0j
BBgwFoAUDf8tx57lODk0YLpT0B3HGRYVDUEwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9BNzk5Q0M5RTM1ODNENEU4RTc5NEEwQUJFRUM1OUY5QjE3
MkU2NDg5Q0JDQkZBMkU2NjQ5MTM2MkMzQzU5NjRGLzAvMERGRjJEQzc5RUU1Mzgz
OTM0NjBCQTUzRDAxREM3MTkxNjE1MEQ0MS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8wREZGMkRDNzlFRTUzODM5MzQ2
MEJBNTNEMDFEQzcxOTE2MTUwRDQxLmNlcjCBzwYIKwYBBQUHAQsEgcIwgb8wgbwG
CCsGAQUFBzALhoGvcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQTc5OUNDOUUzNTgzRDRFOEU3OTRBMEFCRUVDNTlGOUIxNzJFNjQ4OUNC
Q0JGQTJFNjY0OTEzNjJDM0M1OTY0Ri8wLzMyMzgzMDMzM2E2MjM3MzkzMDNhMzcz
MDMwM2EzYTJmMzQzMDJkMzQzMDIwM2QzZTIwMzIzNzMzMzAzNjM4LnJvYTAYBgNV
HSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAI
AwYAKAO3kAcwDQYJKoZIhvcNAQELBQADggEBABUdgFG+Nirc0wNolmINGH0V06xc
jxYWR7fsVINzd+g19QUwYnfrO7p8lntlf8dTdYStYjzA9OUO4gIbwNWz4Kn7vmhp
3RsdPGKSdZ0Eq1E8r9XA4DNyPwahz8YsBOUZFdEFS5/FpuQDbi43G0Icn6fwB/g0
YdnlnNBxDNHh2AbYK0DxUlbGU5J3nB2Sk0DF5dRAPwTVpPsduJHpzYWFQ1Z4r7tX
L5BgqJwptfb7PvjkMl/7n8xgNjvvjlchb7dsFABKebhV5rHXSpShOgshkPmLwwp7
GUh/TV2ZInxRRJ5TE4DClPT0bVdW7VoJzpHlVqX75SICsbRdiCcZqT/xeOA=
-----END CERTIFICATE-----