Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/B7BC4B2F7986968C12D5BB70FF862D98C21252312266E0418E6E39E8D3256009/0/323830313a3139303a3a2f34302d3434203d3e203532343838.roa
File:                     323830313a3139303a3a2f34302d3434203d3e203532343838.roa (raw, json)
Hash identifier:          ZVFyFElvrex7fgIFYpKx/dD/ov5iL2ZOVx4CQ3ekXmI=
Subject key identifier:   02:56:18:4E:E7:0C:01:08:C9:45:39:23:7C:8D:E1:0C:EA:89:A1:2D
Certificate issuer:       /CN=701E1FD04F1549BDB62D5F31FEC6DE58970DCFCC
Certificate serial:       4E2AE399EE5EE235EB3B6D6AD58529CE6684BD4E
Authority key identifier: 70:1E:1F:D0:4F:15:49:BD:B6:2D:5F:31:FE:C6:DE:58:97:0D:CF:CC
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/701E1FD04F1549BDB62D5F31FEC6DE58970DCFCC.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/B7BC4B2F7986968C12D5BB70FF862D98C21252312266E0418E6E39E8D3256009/0/323830313a3139303a3a2f34302d3434203d3e203532343838.roa
Signing time:             Tue 04 Feb 2025 18:54:24 +0000
ROA not before:           Tue 04 Feb 2025 18:49:24 +0000
ROA not after:            Tue 03 Feb 2026 18:54:24 +0000
asID:                     52488
IP address blocks:        2801:190::/40 maxlen: 44
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4e:2a:e3:99:ee:5e:e2:35:eb:3b:6d:6a:d5:85:29:ce:66:84:bd:4e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=701E1FD04F1549BDB62D5F31FEC6DE58970DCFCC
        Validity
            Not Before: Feb  4 18:49:24 2025 GMT
            Not After : Feb  3 18:54:24 2026 GMT
        Subject: CN=0256184EE70C0108C94539237C8DE10CEA89A12D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:80:51:c5:10:b2:fd:2e:e3:50:7d:c8:45:69:
                    30:80:d8:ca:b0:c0:80:03:b1:d0:e7:71:26:e0:cb:
                    a2:60:16:17:68:f7:d9:12:8c:c4:8d:18:5c:7b:d1:
                    88:55:6a:41:ad:98:b3:0f:a1:d3:12:3d:8d:01:3d:
                    ef:c5:04:8c:ad:67:e7:53:3f:b5:0a:a5:1b:17:6a:
                    48:d5:27:2f:ab:8c:f8:70:12:49:2c:a9:4f:91:f3:
                    88:8d:ef:be:70:40:30:ba:57:1e:1c:13:c6:ee:5e:
                    a1:a0:3b:88:8a:4c:da:e3:47:28:4b:5a:50:0e:06:
                    cf:7f:82:5a:7c:19:aa:41:ca:6c:19:cf:ae:32:ea:
                    8e:4b:1a:cc:23:f0:d4:5f:16:b0:cf:48:c0:26:6f:
                    90:e2:24:1d:1b:64:c0:25:b3:ba:c8:a0:00:4b:b5:
                    a0:c4:d7:0b:c4:b2:4a:62:3f:fa:60:82:ba:fa:d7:
                    f8:35:81:d5:79:8c:da:ce:9c:4a:69:72:ec:84:95:
                    3d:e7:ae:9d:1a:9a:fd:0f:7b:7a:44:4f:09:40:06:
                    33:35:73:c0:d4:bd:da:8f:22:60:55:20:c3:32:3b:
                    ef:28:34:bc:80:a8:6f:c4:bb:3c:58:e5:d6:ff:3f:
                    d7:bc:b1:85:66:97:03:cb:f8:dd:a2:a3:ec:ed:e8:
                    b1:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                02:56:18:4E:E7:0C:01:08:C9:45:39:23:7C:8D:E1:0C:EA:89:A1:2D
            X509v3 Authority Key Identifier:
                keyid:70:1E:1F:D0:4F:15:49:BD:B6:2D:5F:31:FE:C6:DE:58:97:0D:CF:CC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/B7BC4B2F7986968C12D5BB70FF862D98C21252312266E0418E6E39E8D3256009/0/701E1FD04F1549BDB62D5F31FEC6DE58970DCFCC.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/701E1FD04F1549BDB62D5F31FEC6DE58970DCFCC.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/B7BC4B2F7986968C12D5BB70FF862D98C21252312266E0418E6E39E8D3256009/0/323830313a3139303a3a2f34302d3434203d3e203532343838.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2801:190::/40

    Signature Algorithm: sha256WithRSAEncryption
         99:61:e9:d0:7f:7d:b1:25:f9:5b:32:29:93:32:e0:b5:67:ca:
         70:9a:f8:97:9c:b4:6a:0a:33:a4:28:10:78:4f:1b:04:c2:de:
         9e:8c:da:5f:91:64:12:e1:bc:8d:ae:55:5e:e3:c3:5d:a8:f4:
         70:e2:27:7f:5b:3c:91:ab:f4:08:bc:02:85:90:7f:da:89:b8:
         92:38:1a:ed:c4:48:dc:8b:a6:8c:45:9b:c5:42:7d:43:71:f5:
         b6:98:2c:46:81:6d:1f:9f:57:d9:01:7b:fc:8d:2f:c1:96:9c:
         a0:56:1c:47:21:48:e9:34:9d:ec:e3:07:d5:29:f4:65:26:0f:
         29:f7:a2:9a:45:ac:a1:d6:a7:02:8f:11:f6:74:95:d6:d1:e3:
         d7:05:bd:86:0a:08:cf:ae:a2:5f:bd:6d:dd:ea:a9:dc:60:4d:
         8d:e1:c0:6e:ff:f1:bc:7e:b7:25:4a:93:1e:05:72:e5:cb:f6:
         d9:e7:f7:9b:0d:15:76:a4:2d:ed:82:03:8e:a2:14:e3:55:ff:
         a0:72:88:60:7b:20:17:26:25:2d:03:f7:83:a8:7c:a2:04:21:
         1c:6b:5a:4f:f8:1b:4d:cc:0c:eb:db:49:84:78:17:a4:6c:a0:
         64:b5:dc:f9:f1:d7:03:b3:e4:be:43:3d:48:76:ae:5e:81:a4:
         b8:60:9d:28
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIUTirjme5e4jXrO21q1YUpzmaEvU4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzAxRTFGRDA0RjE1NDlCREI2MkQ1RjMxRkVDNkRFNTg5
NzBEQ0ZDQzAeFw0yNTAyMDQxODQ5MjRaFw0yNjAyMDMxODU0MjRaMDMxMTAvBgNV
BAMTKDAyNTYxODRFRTcwQzAxMDhDOTQ1MzkyMzdDOERFMTBDRUE4OUExMkQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9gFHFELL9LuNQfchFaTCA2Mqw
wIADsdDncSbgy6JgFhdo99kSjMSNGFx70YhVakGtmLMPodMSPY0BPe/FBIytZ+dT
P7UKpRsXakjVJy+rjPhwEkksqU+R84iN775wQDC6Vx4cE8buXqGgO4iKTNrjRyhL
WlAOBs9/glp8GapBymwZz64y6o5LGswj8NRfFrDPSMAmb5DiJB0bZMAls7rIoABL
taDE1wvEskpiP/pggrr61/g1gdV5jNrOnEppcuyElT3nrp0amv0Pe3pETwlABjM1
c8DUvdqPImBVIMMyO+8oNLyAqG/EuzxY5db/P9e8sYVmlwPL+N2io+zt6LFFAgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQUAlYYTucMAQjJRTkjfI3hDOqJoS0wHwYDVR0j
BBgwFoAUcB4f0E8VSb22LV8x/sbeWJcNz8wwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9CN0JDNEIyRjc5ODY5NjhDMTJENUJCNzBGRjg2MkQ5OEMy
MTI1MjMxMjI2NkUwNDE4RTZFMzlFOEQzMjU2MDA5LzAvNzAxRTFGRDA0RjE1NDlC
REI2MkQ1RjMxRkVDNkRFNTg5NzBEQ0ZDQy5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC83MDFFMUZEMDRGMTU0OUJEQjYy
RDVGMzFGRUM2REU1ODk3MERDRkNDLmNlcjCBwwYIKwYBBQUHAQsEgbYwgbMwgbAG
CCsGAQUFBzALhoGjcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQjdCQzRCMkY3OTg2OTY4QzEyRDVCQjcwRkY4NjJEOThDMjEyNTIzMTIy
NjZFMDQxOEU2RTM5RThEMzI1NjAwOS8wLzMyMzgzMDMxM2EzMTM5MzAzYTNhMmYz
NDMwMmQzNDM0MjAzZDNlMjAzNTMyMzQzODM4LnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKAEBkAAwDQYJ
KoZIhvcNAQELBQADggEBAJlh6dB/fbEl+VsyKZMy4LVnynCa+JectGoKM6QoEHhP
GwTC3p6M2l+RZBLhvI2uVV7jw12o9HDiJ39bPJGr9Ai8AoWQf9qJuJI4Gu3ESNyL
poxFm8VCfUNx9baYLEaBbR+fV9kBe/yNL8GWnKBWHEchSOk0nezjB9Up9GUmDyn3
oppFrKHWpwKPEfZ0ldbR49cFvYYKCM+uol+9bd3qqdxgTY3hwG7/8bx+tyVKkx4F
cuXL9tnn95sNFXakLe2CA46iFONV/6ByiGB7IBcmJS0D94OofKIEIRxrWk/4G03M
DOvbSYR4F6RsoGS13Pnx1wOz5L5DPUh2rl6BpLhgnSg=
-----END CERTIFICATE-----