Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/B8995BF863751A5C60951770258DFE4F82DB7390E62C1B7625A5E1F4190120A9/0/323830333a656131303a313a3a2f34382d3438203d3e20323731393237.roa
File:                     323830333a656131303a313a3a2f34382d3438203d3e20323731393237.roa (raw, json)
Hash identifier:          qcr70kzUFeMUP9esUrhnh7z1tt1XUH0DWcSUcPzLfZw=
Subject key identifier:   2C:51:4D:91:91:83:7A:41:B4:61:97:69:A7:E9:39:21:28:E2:30:A6
Certificate issuer:       /CN=5AC74DB2E733289AD330B5CC47EFF7E610D2236E
Certificate serial:       233E86FAA2F0B37822D454BBD8962B50701F5AC2
Authority key identifier: 5A:C7:4D:B2:E7:33:28:9A:D3:30:B5:CC:47:EF:F7:E6:10:D2:23:6E
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/5AC74DB2E733289AD330B5CC47EFF7E610D2236E.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/B8995BF863751A5C60951770258DFE4F82DB7390E62C1B7625A5E1F4190120A9/0/323830333a656131303a313a3a2f34382d3438203d3e20323731393237.roa
Signing time:             Tue 04 Feb 2025 18:46:52 +0000
ROA not before:           Tue 04 Feb 2025 18:41:52 +0000
ROA not after:            Tue 03 Feb 2026 18:46:52 +0000
asID:                     271927
IP address blocks:        2803:ea10:1::/48 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            23:3e:86:fa:a2:f0:b3:78:22:d4:54:bb:d8:96:2b:50:70:1f:5a:c2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5AC74DB2E733289AD330B5CC47EFF7E610D2236E
        Validity
            Not Before: Feb  4 18:41:52 2025 GMT
            Not After : Feb  3 18:46:52 2026 GMT
        Subject: CN=2C514D9191837A41B4619769A7E9392128E230A6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:b1:fb:50:1c:3a:f5:08:40:28:ab:75:69:3c:
                    31:24:b8:30:c8:4d:b8:de:d4:b6:2f:e7:33:32:f5:
                    d8:64:d9:01:62:9c:42:64:8c:aa:d1:ea:8b:20:32:
                    e1:23:16:20:f1:d4:e1:36:95:ee:79:c7:05:6c:17:
                    da:7f:0b:84:c2:84:e3:cd:da:5e:b3:68:b3:85:53:
                    cd:5a:61:40:8c:60:53:8e:28:e2:b2:38:57:03:a6:
                    83:19:40:45:d9:92:52:51:13:89:d8:c9:3a:75:ab:
                    0f:9e:c0:cc:f2:a9:a5:0b:65:97:5c:f6:bf:0c:64:
                    03:56:ee:15:c7:ab:ea:4f:90:6e:6d:ad:02:38:3b:
                    fb:34:fc:69:a4:db:8d:03:58:ad:a7:fd:97:64:4c:
                    6f:58:22:0b:0f:66:f5:dd:4d:27:9f:19:6e:06:69:
                    89:cd:aa:16:f2:61:52:7f:eb:0d:fc:c4:2d:24:64:
                    cb:4a:c4:04:b2:27:e4:8b:34:aa:3c:c8:dc:f1:b9:
                    85:20:e6:9c:4d:67:01:4e:b8:58:49:a0:2d:39:3e:
                    4f:be:f7:c1:1b:58:f6:d5:e3:be:a7:6a:06:22:bc:
                    15:86:09:87:55:72:0a:47:90:ab:aa:6a:e0:11:03:
                    77:db:56:47:12:ee:2d:98:17:fe:6a:99:3a:11:54:
                    ed:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2C:51:4D:91:91:83:7A:41:B4:61:97:69:A7:E9:39:21:28:E2:30:A6
            X509v3 Authority Key Identifier:
                keyid:5A:C7:4D:B2:E7:33:28:9A:D3:30:B5:CC:47:EF:F7:E6:10:D2:23:6E

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/B8995BF863751A5C60951770258DFE4F82DB7390E62C1B7625A5E1F4190120A9/0/5AC74DB2E733289AD330B5CC47EFF7E610D2236E.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/5AC74DB2E733289AD330B5CC47EFF7E610D2236E.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/B8995BF863751A5C60951770258DFE4F82DB7390E62C1B7625A5E1F4190120A9/0/323830333a656131303a313a3a2f34382d3438203d3e20323731393237.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2803:ea10:1::/48

    Signature Algorithm: sha256WithRSAEncryption
         2f:38:9e:bc:b0:4c:ac:c3:93:12:53:da:d8:35:a3:16:83:85:
         6a:f4:6b:f8:66:3e:e8:1a:51:30:53:7a:4c:81:fb:7f:c9:b4:
         05:32:f8:00:08:ae:3c:ae:ad:8f:44:84:43:d3:28:75:36:59:
         20:80:58:40:08:46:64:bf:72:7e:59:09:2f:9e:9c:cd:25:49:
         d7:de:a5:95:c8:8f:ce:77:94:13:13:51:97:6d:ce:be:f3:0f:
         56:6e:45:8f:e3:b0:34:31:d3:f0:e3:9b:4e:80:f7:73:4e:c4:
         8a:4e:ff:ce:4f:d0:32:af:4f:8c:27:2f:ad:a6:fa:b6:8a:78:
         fb:c0:57:df:b1:44:98:5a:fb:6b:48:1d:e7:f7:c6:aa:39:b7:
         eb:d2:ed:4f:31:c2:b5:38:cb:36:9e:55:36:85:36:e5:46:2c:
         d0:26:75:b2:be:a4:f9:d3:da:c8:30:84:49:51:08:b5:fe:01:
         7b:e2:8c:4b:b9:a6:74:c3:18:d9:68:e9:90:b1:7c:8f:23:ae:
         1d:f3:99:16:7b:08:8e:ee:d7:a0:21:77:e5:76:c5:6e:a1:34:
         85:75:c5:b2:7d:7d:2f:3e:95:2e:ef:77:ca:0a:02:62:24:28:
         f5:94:96:73:09:07:88:fa:53:bc:a5:d0:6e:03:40:7c:05:b0:
         7e:56:0c:61
-----BEGIN CERTIFICATE-----
MIIFxTCCBK2gAwIBAgIUIz6G+qLws3gi1FS72JYrUHAfWsIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNUFDNzREQjJFNzMzMjg5QUQzMzBCNUNDNDdFRkY3RTYx
MEQyMjM2RTAeFw0yNTAyMDQxODQxNTJaFw0yNjAyMDMxODQ2NTJaMDMxMTAvBgNV
BAMTKDJDNTE0RDkxOTE4MzdBNDFCNDYxOTc2OUE3RTkzOTIxMjhFMjMwQTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDJsftQHDr1CEAoq3VpPDEkuDDI
Tbje1LYv5zMy9dhk2QFinEJkjKrR6osgMuEjFiDx1OE2le55xwVsF9p/C4TChOPN
2l6zaLOFU81aYUCMYFOOKOKyOFcDpoMZQEXZklJRE4nYyTp1qw+ewMzyqaULZZdc
9r8MZANW7hXHq+pPkG5trQI4O/s0/Gmk240DWK2n/ZdkTG9YIgsPZvXdTSefGW4G
aYnNqhbyYVJ/6w38xC0kZMtKxASyJ+SLNKo8yNzxuYUg5pxNZwFOuFhJoC05Pk++
98EbWPbV476nagYivBWGCYdVcgpHkKuqauARA3fbVkcS7i2YF/5qmToRVO19AgMB
AAGjggLPMIICyzAdBgNVHQ4EFgQULFFNkZGDekG0YZdpp+k5ISjiMKYwHwYDVR0j
BBgwFoAUWsdNsuczKJrTMLXMR+/35hDSI24wDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9CODk5NUJGODYzNzUxQTVDNjA5NTE3NzAyNThERkU0Rjgy
REI3MzkwRTYyQzFCNzYyNUE1RTFGNDE5MDEyMEE5LzAvNUFDNzREQjJFNzMzMjg5
QUQzMzBCNUNDNDdFRkY3RTYxMEQyMjM2RS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC81QUM3NERCMkU3MzMyODlBRDMz
MEI1Q0M0N0VGRjdFNjEwRDIyMzZFLmNlcjCBywYIKwYBBQUHAQsEgb4wgbswgbgG
CCsGAQUFBzALhoGrcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQjg5OTVCRjg2Mzc1MUE1QzYwOTUxNzcwMjU4REZFNEY4MkRCNzM5MEU2
MkMxQjc2MjVBNUUxRjQxOTAxMjBBOS8wLzMyMzgzMDMzM2E2NTYxMzEzMDNhMzEz
YTNhMmYzNDM4MmQzNDM4MjAzZDNlMjAzMjM3MzEzOTMyMzcucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAo
A+oQAAEwDQYJKoZIhvcNAQELBQADggEBAC84nrywTKzDkxJT2tg1oxaDhWr0a/hm
PugaUTBTekyB+3/JtAUy+AAIrjyurY9EhEPTKHU2WSCAWEAIRmS/cn5ZCS+enM0l
SdfepZXIj853lBMTUZdtzr7zD1ZuRY/jsDQx0/Djm06A93NOxIpO/85P0DKvT4wn
L62m+raKePvAV9+xRJha+2tIHef3xqo5t+vS7U8xwrU4yzaeVTaFNuVGLNAmdbK+
pPnT2sgwhElRCLX+AXvijEu5pnTDGNlo6ZCxfI8jrh3zmRZ7CI7u16Ahd+V2xW6h
NIV1xbJ9fS8+lS7vd8oKAmIkKPWUlnMJB4j6U7yl0G4DQHwFsH5WDGE=
-----END CERTIFICATE-----