Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/AE2A5A0E8687661639744042ED8D0F05DF8C34B28E4E6487F9F9EB60D69232BA/0/323830333a393034303a3a2f33322d3438203d3e20323634383231.roa
File:                     323830333a393034303a3a2f33322d3438203d3e20323634383231.roa (raw, json)
Hash identifier:          jcOPP8RXxmHFQLJ9WAMIG+PXIy5cLLL8Teduwo6wz8U=
Subject key identifier:   5E:88:F6:7E:14:88:C9:83:17:E5:07:8C:63:EF:DA:D4:26:C3:57:45
Certificate issuer:       /CN=6A21791828146BC17DAE86EA069BF125DBBC3007
Certificate serial:       3AF705FF2E531C628E031D5CCC72EED55AE0C9CB
Authority key identifier: 6A:21:79:18:28:14:6B:C1:7D:AE:86:EA:06:9B:F1:25:DB:BC:30:07
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/6A21791828146BC17DAE86EA069BF125DBBC3007.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/AE2A5A0E8687661639744042ED8D0F05DF8C34B28E4E6487F9F9EB60D69232BA/0/323830333a393034303a3a2f33322d3438203d3e20323634383231.roa
Signing time:             Tue 04 Feb 2025 18:26:48 +0000
ROA not before:           Tue 04 Feb 2025 18:21:48 +0000
ROA not after:            Tue 03 Feb 2026 18:26:48 +0000
asID:                     264821
IP address blocks:        2803:9040::/32 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3a:f7:05:ff:2e:53:1c:62:8e:03:1d:5c:cc:72:ee:d5:5a:e0:c9:cb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6A21791828146BC17DAE86EA069BF125DBBC3007
        Validity
            Not Before: Feb  4 18:21:48 2025 GMT
            Not After : Feb  3 18:26:48 2026 GMT
        Subject: CN=5E88F67E1488C98317E5078C63EFDAD426C35745
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:21:f2:4f:cd:1a:a6:c3:8e:2e:eb:c3:bd:fa:
                    1e:45:57:73:2b:27:e4:ea:1f:24:19:e0:20:e1:82:
                    5f:af:6b:64:7a:14:f7:d0:33:83:af:d3:8a:50:74:
                    0e:8d:c7:09:7f:38:f6:e0:66:3f:a7:4e:a6:c5:ab:
                    ca:93:b3:72:ec:f3:a2:c6:0b:3a:d6:f9:32:b5:6c:
                    c5:61:5e:d1:54:f9:f5:55:c4:7e:4e:80:b4:d9:72:
                    b0:a7:58:e0:51:5e:24:4e:12:4b:84:03:ba:1d:88:
                    7b:cc:ab:8a:58:a6:f3:2b:bc:be:18:3c:80:b5:42:
                    fa:38:c7:ff:da:fd:af:96:4c:b3:89:97:48:46:10:
                    f7:88:10:f1:d3:df:2c:67:92:37:2b:65:ab:77:2f:
                    69:54:18:64:ed:9f:66:df:86:b6:45:8f:aa:86:a8:
                    95:d0:9e:b8:be:42:3f:5d:ab:57:31:df:c4:f4:1f:
                    bc:83:43:43:7f:2d:10:46:26:d4:af:bb:15:f1:d6:
                    2a:fa:52:15:45:be:9d:d5:0e:cc:96:65:ab:ea:b9:
                    50:88:33:d6:15:94:9f:cc:f6:42:78:5c:4e:f7:b8:
                    cc:e2:6d:42:98:9d:8a:7e:a7:5f:bc:49:d1:ad:f3:
                    6f:a8:22:40:45:d8:2c:b5:3c:cd:a2:e9:b5:97:9d:
                    62:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5E:88:F6:7E:14:88:C9:83:17:E5:07:8C:63:EF:DA:D4:26:C3:57:45
            X509v3 Authority Key Identifier:
                keyid:6A:21:79:18:28:14:6B:C1:7D:AE:86:EA:06:9B:F1:25:DB:BC:30:07

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/AE2A5A0E8687661639744042ED8D0F05DF8C34B28E4E6487F9F9EB60D69232BA/0/6A21791828146BC17DAE86EA069BF125DBBC3007.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/6A21791828146BC17DAE86EA069BF125DBBC3007.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/AE2A5A0E8687661639744042ED8D0F05DF8C34B28E4E6487F9F9EB60D69232BA/0/323830333a393034303a3a2f33322d3438203d3e20323634383231.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2803:9040::/32

    Signature Algorithm: sha256WithRSAEncryption
         3a:86:f6:cb:0c:06:88:c1:3a:95:50:9b:bd:2c:c2:ab:f9:76:
         a1:50:a0:8f:9d:6d:11:08:85:ce:93:8c:e0:f0:32:7f:97:d6:
         59:d9:b8:f5:f7:fb:6b:4f:6d:7c:14:53:1c:0e:2c:b9:c5:82:
         2d:67:4c:80:98:d0:5d:33:3d:ac:dd:3b:b1:7a:73:64:2b:2f:
         fc:21:c6:67:04:e4:9b:20:c4:7e:0f:04:89:03:f8:5b:da:f5:
         37:57:6a:8b:d7:ec:df:28:4b:bc:84:bb:23:62:94:57:22:64:
         ed:fb:c2:c9:05:8a:16:76:54:07:80:19:13:1f:a3:97:e8:e4:
         c5:13:12:d7:3d:75:c2:64:07:c3:ea:21:8f:01:cb:f8:17:72:
         05:77:7d:9a:e8:75:e4:ea:52:35:11:1b:f3:86:c1:f8:3f:0d:
         45:4c:21:a1:cc:b9:1e:b9:37:5f:1b:bf:c4:fa:36:fd:98:45:
         ff:3f:7c:e4:cf:e7:27:64:80:3d:b5:0e:cf:a5:7a:e2:5c:2a:
         a0:34:e3:72:a2:70:0e:34:ba:e3:bf:21:ce:a6:87:fd:b4:7f:
         8e:77:51:8d:69:c6:6e:de:58:b9:30:71:bc:c1:f3:37:d7:cd:
         49:c0:40:6b:56:88:f3:52:db:ea:ea:48:64:aa:c3:3a:2e:0c:
         7c:38:17:b8
-----BEGIN CERTIFICATE-----
MIIFvzCCBKegAwIBAgIUOvcF/y5THGKOAx1czHLu1VrgycswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNkEyMTc5MTgyODE0NkJDMTdEQUU4NkVBMDY5QkYxMjVE
QkJDMzAwNzAeFw0yNTAyMDQxODIxNDhaFw0yNjAyMDMxODI2NDhaMDMxMTAvBgNV
BAMTKDVFODhGNjdFMTQ4OEM5ODMxN0U1MDc4QzYzRUZEQUQ0MjZDMzU3NDUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQChIfJPzRqmw44u68O9+h5FV3Mr
J+TqHyQZ4CDhgl+va2R6FPfQM4Ov04pQdA6Nxwl/OPbgZj+nTqbFq8qTs3Ls86LG
CzrW+TK1bMVhXtFU+fVVxH5OgLTZcrCnWOBRXiROEkuEA7odiHvMq4pYpvMrvL4Y
PIC1Qvo4x//a/a+WTLOJl0hGEPeIEPHT3yxnkjcrZat3L2lUGGTtn2bfhrZFj6qG
qJXQnri+Qj9dq1cx38T0H7yDQ0N/LRBGJtSvuxXx1ir6UhVFvp3VDsyWZavquVCI
M9YVlJ/M9kJ4XE73uMzibUKYnYp+p1+8SdGt82+oIkBF2Cy1PM2i6bWXnWIbAgMB
AAGjggLJMIICxTAdBgNVHQ4EFgQUXoj2fhSIyYMX5QeMY+/a1CbDV0UwHwYDVR0j
BBgwFoAUaiF5GCgUa8F9robqBpvxJdu8MAcwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9BRTJBNUEwRTg2ODc2NjE2Mzk3NDQwNDJFRDhEMEYwNURG
OEMzNEIyOEU0RTY0ODdGOUY5RUI2MEQ2OTIzMkJBLzAvNkEyMTc5MTgyODE0NkJD
MTdEQUU4NkVBMDY5QkYxMjVEQkJDMzAwNy5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC82QTIxNzkxODI4MTQ2QkMxN0RB
RTg2RUEwNjlCRjEyNURCQkMzMDA3LmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQUUyQTVBMEU4Njg3NjYxNjM5NzQ0MDQyRUQ4RDBGMDVERjhDMzRCMjhF
NEU2NDg3RjlGOUVCNjBENjkyMzJCQS8wLzMyMzgzMDMzM2EzOTMwMzQzMDNhM2Ey
ZjMzMzIyZDM0MzgyMDNkM2UyMDMyMzYzNDM4MzIzMS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACgDkEAw
DQYJKoZIhvcNAQELBQADggEBADqG9ssMBojBOpVQm70swqv5dqFQoI+dbREIhc6T
jODwMn+X1lnZuPX3+2tPbXwUUxwOLLnFgi1nTICY0F0zPazdO7F6c2QrL/whxmcE
5JsgxH4PBIkD+Fva9TdXaovX7N8oS7yEuyNilFciZO37wskFihZ2VAeAGRMfo5fo
5MUTEtc9dcJkB8PqIY8By/gXcgV3fZrodeTqUjURG/OGwfg/DUVMIaHMuR65N18b
v8T6Nv2YRf8/fOTP5ydkgD21Ds+leuJcKqA043KicA40uuO/Ic6mh/20f453UY1p
xm7eWLkwcbzB8zfXzUnAQGtWiPNS2+rqSGSqwzouDHw4F7g=
-----END CERTIFICATE-----