Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/ACC213E8AC969258161F3A0484B0B9A832D04E5D7733E934EA436569865C6E30/0/323830313a3137303a3a2f34382d3438203d3e203139343239.roa
File:                     323830313a3137303a3a2f34382d3438203d3e203139343239.roa (raw, json)
Hash identifier:          iHkZkaRhOceBVZrsMoH3VNE1QFpE92V0s9F1Byo0Z7E=
Subject key identifier:   A1:F4:C6:31:8F:7A:4E:8D:11:8E:15:4B:D0:24:2F:0A:0B:71:0C:A3
Certificate issuer:       /CN=A532A5617E35D5F0364199A8CD84D10C17493179
Certificate serial:       3F9947B7C8408AD62941F89AA0318EA215089D95
Authority key identifier: A5:32:A5:61:7E:35:D5:F0:36:41:99:A8:CD:84:D1:0C:17:49:31:79
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A532A5617E35D5F0364199A8CD84D10C17493179.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/ACC213E8AC969258161F3A0484B0B9A832D04E5D7733E934EA436569865C6E30/0/323830313a3137303a3a2f34382d3438203d3e203139343239.roa
Signing time:             Tue 04 Feb 2025 18:34:18 +0000
ROA not before:           Tue 04 Feb 2025 18:29:18 +0000
ROA not after:            Tue 03 Feb 2026 18:34:18 +0000
asID:                     19429
IP address blocks:        2801:170::/48 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3f:99:47:b7:c8:40:8a:d6:29:41:f8:9a:a0:31:8e:a2:15:08:9d:95
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A532A5617E35D5F0364199A8CD84D10C17493179
        Validity
            Not Before: Feb  4 18:29:18 2025 GMT
            Not After : Feb  3 18:34:18 2026 GMT
        Subject: CN=A1F4C6318F7A4E8D118E154BD0242F0A0B710CA3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:13:72:b5:32:98:3c:39:07:6b:05:fd:75:cc:
                    29:45:fc:ce:bf:a0:53:09:1e:94:05:c6:03:80:e6:
                    61:d9:8d:99:3d:a8:f4:b8:b2:67:78:f9:c5:b2:85:
                    2f:e7:a9:a3:fd:e3:ad:1f:a4:3c:eb:97:60:f1:0b:
                    52:58:3a:18:7b:f7:25:cd:b4:90:59:d1:ba:4b:c2:
                    9d:5c:b0:01:d8:15:33:0c:14:14:53:2f:c8:89:49:
                    fc:52:5e:e6:f8:ae:c1:61:7e:ec:c7:c0:26:c7:f9:
                    e6:9d:07:54:f6:f3:d1:1f:ed:55:47:8c:77:82:81:
                    95:3f:18:d6:01:34:a3:7c:04:62:b8:0c:b1:2d:21:
                    23:b2:86:bb:33:6b:45:17:c0:db:c4:4f:26:df:d3:
                    42:3a:df:0e:62:fe:1c:c1:92:be:4d:fb:04:13:44:
                    95:cd:ed:30:ef:e3:0d:ee:d5:f9:51:a8:de:5b:2b:
                    49:61:2c:e2:66:dd:d5:4a:44:39:ae:8b:10:bc:e0:
                    c5:9d:6e:d7:6e:4b:10:4e:d4:4f:8d:ca:4c:51:02:
                    63:64:61:06:fa:92:cd:6e:b9:d6:26:b6:a3:92:b2:
                    b8:9d:3e:ff:d1:d8:86:eb:14:15:92:c1:0a:c8:43:
                    c5:3c:e6:1b:81:a7:3a:19:68:e7:c9:00:5c:d2:3d:
                    e7:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A1:F4:C6:31:8F:7A:4E:8D:11:8E:15:4B:D0:24:2F:0A:0B:71:0C:A3
            X509v3 Authority Key Identifier:
                keyid:A5:32:A5:61:7E:35:D5:F0:36:41:99:A8:CD:84:D1:0C:17:49:31:79

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/ACC213E8AC969258161F3A0484B0B9A832D04E5D7733E934EA436569865C6E30/0/A532A5617E35D5F0364199A8CD84D10C17493179.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A532A5617E35D5F0364199A8CD84D10C17493179.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/ACC213E8AC969258161F3A0484B0B9A832D04E5D7733E934EA436569865C6E30/0/323830313a3137303a3a2f34382d3438203d3e203139343239.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2801:170::/48

    Signature Algorithm: sha256WithRSAEncryption
         20:64:5c:dc:1b:b2:28:d6:8a:fa:6c:2a:20:f4:9b:aa:0c:eb:
         83:20:47:15:3a:80:ac:93:d4:cd:7a:c3:a4:c2:16:69:ed:77:
         ff:fa:10:0b:80:13:de:06:7e:6d:d5:da:3f:ef:e3:61:4d:d0:
         e2:4c:74:66:af:c3:ac:e7:71:59:6e:e5:5c:3a:e6:f9:b0:2b:
         de:33:17:a6:27:6a:29:b4:a3:e7:9b:4f:97:49:86:dd:d3:12:
         4e:fc:74:79:99:34:fc:75:23:3f:aa:72:f0:5d:98:d4:03:b4:
         7d:ea:3d:5c:bc:65:d8:ee:a6:51:a4:8c:50:23:29:7a:1b:42:
         cf:4d:5c:bb:68:b7:f4:ee:4b:ea:b0:64:25:72:78:18:23:cf:
         ca:d5:82:c7:75:02:14:e4:b9:3c:14:a5:6c:3a:3a:7f:11:cc:
         4f:07:93:cb:41:63:e6:2a:cd:43:fa:b2:ee:c2:ae:23:2e:68:
         c5:c3:ba:a9:d6:42:d7:97:d5:66:f7:dc:4d:35:50:83:a5:47:
         19:e2:85:9d:26:cf:d6:0c:fb:b1:9e:94:73:f3:7c:60:ce:12:
         20:77:4c:81:f4:9e:86:8d:a8:91:75:9a:33:c5:be:b7:28:a4:
         48:85:47:b9:4f:3b:b6:23:64:5c:ef:09:f8:b6:b1:88:7a:c6:
         24:d7:2a:75
-----BEGIN CERTIFICATE-----
MIIFvTCCBKWgAwIBAgIUP5lHt8hAitYpQfiaoDGOohUInZUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTUzMkE1NjE3RTM1RDVGMDM2NDE5OUE4Q0Q4NEQxMEMx
NzQ5MzE3OTAeFw0yNTAyMDQxODI5MThaFw0yNjAyMDMxODM0MThaMDMxMTAvBgNV
BAMTKEExRjRDNjMxOEY3QTRFOEQxMThFMTU0QkQwMjQyRjBBMEI3MTBDQTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCoE3K1Mpg8OQdrBf11zClF/M6/
oFMJHpQFxgOA5mHZjZk9qPS4smd4+cWyhS/nqaP9460fpDzrl2DxC1JYOhh79yXN
tJBZ0bpLwp1csAHYFTMMFBRTL8iJSfxSXub4rsFhfuzHwCbH+eadB1T289Ef7VVH
jHeCgZU/GNYBNKN8BGK4DLEtISOyhrsza0UXwNvETybf00I63w5i/hzBkr5N+wQT
RJXN7TDv4w3u1flRqN5bK0lhLOJm3dVKRDmuixC84MWdbtduSxBO1E+NykxRAmNk
YQb6ks1uudYmtqOSsridPv/R2IbrFBWSwQrIQ8U85huBpzoZaOfJAFzSPefJAgMB
AAGjggLHMIICwzAdBgNVHQ4EFgQUofTGMY96To0RjhVL0CQvCgtxDKMwHwYDVR0j
BBgwFoAUpTKlYX411fA2QZmozYTRDBdJMXkwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9BQ0MyMTNFOEFDOTY5MjU4MTYxRjNBMDQ4NEIwQjlBODMy
RDA0RTVENzczM0U5MzRFQTQzNjU2OTg2NUM2RTMwLzAvQTUzMkE1NjE3RTM1RDVG
MDM2NDE5OUE4Q0Q4NEQxMEMxNzQ5MzE3OS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9BNTMyQTU2MTdFMzVENUYwMzY0
MTk5QThDRDg0RDEwQzE3NDkzMTc5LmNlcjCBwwYIKwYBBQUHAQsEgbYwgbMwgbAG
CCsGAQUFBzALhoGjcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQUNDMjEzRThBQzk2OTI1ODE2MUYzQTA0ODRCMEI5QTgzMkQwNEU1RDc3
MzNFOTM0RUE0MzY1Njk4NjVDNkUzMC8wLzMyMzgzMDMxM2EzMTM3MzAzYTNhMmYz
NDM4MmQzNDM4MjAzZDNlMjAzMTM5MzQzMjM5LnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKAEBcAAAMA0G
CSqGSIb3DQEBCwUAA4IBAQAgZFzcG7Io1or6bCog9JuqDOuDIEcVOoCsk9TNesOk
whZp7Xf/+hALgBPeBn5t1do/7+NhTdDiTHRmr8Os53FZbuVcOub5sCveMxemJ2op
tKPnm0+XSYbd0xJO/HR5mTT8dSM/qnLwXZjUA7R96j1cvGXY7qZRpIxQIyl6G0LP
TVy7aLf07kvqsGQlcngYI8/K1YLHdQIU5Lk8FKVsOjp/EcxPB5PLQWPmKs1D+rLu
wq4jLmjFw7qp1kLXl9Vm99xNNVCDpUcZ4oWdJs/WDPuxnpRz83xgzhIgd0yB9J6G
jaiRdZozxb63KKRIhUe5Tzu2I2Rc7wn4trGIesYk1yp1
-----END CERTIFICATE-----