Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/BFF9744E64C56E138AEC517D910F61D895CAD645CCF21CB7C16A278D5C2F944C/0/323830333a383130303a3a2f34382d3438203d3e203231383236.roa
File:                     323830333a383130303a3a2f34382d3438203d3e203231383236.roa (raw, json)
Hash identifier:          fETq7QuQ8lx8ZF2mIvdgrCuO9Mgp0mXGgnEUG+Va764=
Subject key identifier:   44:EA:3D:17:D6:BA:B1:E6:D7:5C:48:CB:D6:B9:E6:76:6B:A5:A5:A8
Certificate issuer:       /CN=165E0F133EF8A6DF2ECCBFDD6E915964893A4324
Certificate serial:       0F050C54BB3986D14C0F06D0416DF8094279A3A7
Authority key identifier: 16:5E:0F:13:3E:F8:A6:DF:2E:CC:BF:DD:6E:91:59:64:89:3A:43:24
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/165E0F133EF8A6DF2ECCBFDD6E915964893A4324.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/BFF9744E64C56E138AEC517D910F61D895CAD645CCF21CB7C16A278D5C2F944C/0/323830333a383130303a3a2f34382d3438203d3e203231383236.roa
Signing time:             Tue 04 Feb 2025 18:44:34 +0000
ROA not before:           Tue 04 Feb 2025 18:39:34 +0000
ROA not after:            Tue 03 Feb 2026 18:44:34 +0000
asID:                     21826
IP address blocks:        2803:8100::/48 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0f:05:0c:54:bb:39:86:d1:4c:0f:06:d0:41:6d:f8:09:42:79:a3:a7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=165E0F133EF8A6DF2ECCBFDD6E915964893A4324
        Validity
            Not Before: Feb  4 18:39:34 2025 GMT
            Not After : Feb  3 18:44:34 2026 GMT
        Subject: CN=44EA3D17D6BAB1E6D75C48CBD6B9E6766BA5A5A8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:2f:0b:4e:f7:40:f5:ea:0f:ba:31:8e:3d:46:
                    0e:84:45:f8:cd:4e:9e:b2:7a:47:ea:8b:fc:2e:92:
                    b2:78:e5:eb:fe:b7:5a:6c:85:ea:de:b1:4e:a9:bd:
                    e4:6c:6e:31:14:10:3c:ee:5a:52:f6:80:fe:03:03:
                    1a:1d:94:fd:01:53:97:ed:7c:02:58:f3:30:58:12:
                    e0:99:7c:a0:32:fe:40:bc:f6:a6:ca:8c:c5:25:76:
                    76:ab:58:d0:19:5b:e0:09:f5:8a:10:c4:77:21:34:
                    4a:84:4b:e8:21:be:b1:a0:1b:12:54:9c:88:99:28:
                    ac:da:cf:43:a1:37:ef:8c:da:78:30:0d:fc:35:85:
                    e9:84:b3:58:26:b5:f4:a3:8e:f6:06:ae:93:f1:92:
                    ad:b0:a1:49:c2:81:69:94:38:ee:42:5e:df:55:c0:
                    df:47:81:36:e6:92:b1:44:52:6f:b5:d1:22:a0:ee:
                    b5:18:20:e9:19:9a:c4:57:09:5b:ed:4b:1e:22:2a:
                    28:48:1a:69:91:85:39:ea:a0:d1:c6:55:57:a9:5c:
                    8f:fa:39:61:12:22:c1:b0:92:6a:03:0d:4c:de:30:
                    c9:7c:0a:21:1c:b6:36:e6:ef:0d:80:72:f5:13:64:
                    0a:99:46:04:d3:ca:c0:03:11:ce:d4:77:3d:16:74:
                    72:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                44:EA:3D:17:D6:BA:B1:E6:D7:5C:48:CB:D6:B9:E6:76:6B:A5:A5:A8
            X509v3 Authority Key Identifier:
                keyid:16:5E:0F:13:3E:F8:A6:DF:2E:CC:BF:DD:6E:91:59:64:89:3A:43:24

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/BFF9744E64C56E138AEC517D910F61D895CAD645CCF21CB7C16A278D5C2F944C/0/165E0F133EF8A6DF2ECCBFDD6E915964893A4324.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/165E0F133EF8A6DF2ECCBFDD6E915964893A4324.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/BFF9744E64C56E138AEC517D910F61D895CAD645CCF21CB7C16A278D5C2F944C/0/323830333a383130303a3a2f34382d3438203d3e203231383236.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2803:8100::/48

    Signature Algorithm: sha256WithRSAEncryption
         12:18:6c:a7:1c:02:e1:12:d3:1e:f4:74:65:1a:33:2e:8e:ed:
         97:43:74:59:28:39:d6:af:e7:d6:0c:66:32:14:96:c6:8b:ea:
         f7:fb:4d:a7:d1:d6:54:05:fe:a9:45:64:a9:a3:4e:c6:da:9c:
         4d:d6:95:82:f5:3f:84:a3:74:e6:84:a2:50:3a:65:45:fa:0a:
         67:09:4e:40:76:c6:4b:d9:ac:78:2c:b1:e7:8e:c4:64:9c:3e:
         73:86:04:22:65:ef:9e:18:b8:5d:51:38:e1:1f:f2:b6:1e:14:
         3f:16:46:9f:d9:56:fb:b0:53:9a:b2:9b:de:d9:0c:be:7e:1e:
         a9:2a:8d:60:d7:fc:78:5f:34:ea:ae:bd:1b:51:82:d5:80:82:
         76:da:0a:b4:95:19:b6:12:4d:a8:ac:f5:55:41:a7:d9:be:77:
         e9:36:7e:85:f9:d4:80:82:fd:29:e9:64:e1:f4:f2:df:66:fd:
         37:86:33:89:83:8c:0f:1f:fb:12:4d:03:25:43:9d:1c:aa:8c:
         2c:82:c6:f8:4a:f9:40:bd:01:e0:cc:97:0f:b0:7a:dd:2e:49:
         4d:00:53:29:40:32:c4:73:53:1d:37:fa:35:3f:1e:71:76:0e:
         b0:6e:f8:ba:9c:4d:3a:ce:da:cf:78:ac:9b:70:9c:7d:03:53:
         ee:a9:63:6b
-----BEGIN CERTIFICATE-----
MIIFvzCCBKegAwIBAgIUDwUMVLs5htFMDwbQQW34CUJ5o6cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTY1RTBGMTMzRUY4QTZERjJFQ0NCRkRENkU5MTU5NjQ4
OTNBNDMyNDAeFw0yNTAyMDQxODM5MzRaFw0yNjAyMDMxODQ0MzRaMDMxMTAvBgNV
BAMTKDQ0RUEzRDE3RDZCQUIxRTZENzVDNDhDQkQ2QjlFNjc2NkJBNUE1QTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDLLwtO90D16g+6MY49Rg6ERfjN
Tp6yekfqi/wukrJ45ev+t1psheresU6pveRsbjEUEDzuWlL2gP4DAxodlP0BU5ft
fAJY8zBYEuCZfKAy/kC89qbKjMUldnarWNAZW+AJ9YoQxHchNEqES+ghvrGgGxJU
nIiZKKzaz0OhN++M2ngwDfw1hemEs1gmtfSjjvYGrpPxkq2woUnCgWmUOO5CXt9V
wN9HgTbmkrFEUm+10SKg7rUYIOkZmsRXCVvtSx4iKihIGmmRhTnqoNHGVVepXI/6
OWESIsGwkmoDDUzeMMl8CiEctjbm7w2AcvUTZAqZRgTTysADEc7Udz0WdHKBAgMB
AAGjggLJMIICxTAdBgNVHQ4EFgQUROo9F9a6sebXXEjL1rnmdmulpagwHwYDVR0j
BBgwFoAUFl4PEz74pt8uzL/dbpFZZIk6QyQwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9CRkY5NzQ0RTY0QzU2RTEzOEFFQzUxN0Q5MTBGNjFEODk1
Q0FENjQ1Q0NGMjFDQjdDMTZBMjc4RDVDMkY5NDRDLzAvMTY1RTBGMTMzRUY4QTZE
RjJFQ0NCRkRENkU5MTU5NjQ4OTNBNDMyNC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8xNjVFMEYxMzNFRjhBNkRGMkVD
Q0JGREQ2RTkxNTk2NDg5M0E0MzI0LmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQkZGOTc0NEU2NEM1NkUxMzhBRUM1MTdEOTEwRjYxRDg5NUNBRDY0NUND
RjIxQ0I3QzE2QTI3OEQ1QzJGOTQ0Qy8wLzMyMzgzMDMzM2EzODMxMzAzMDNhM2Ey
ZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzEzODMyMzYucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAoA4EAAAAw
DQYJKoZIhvcNAQELBQADggEBABIYbKccAuES0x70dGUaMy6O7ZdDdFkoOdav59YM
ZjIUlsaL6vf7TafR1lQF/qlFZKmjTsbanE3WlYL1P4SjdOaEolA6ZUX6CmcJTkB2
xkvZrHgsseeOxGScPnOGBCJl754YuF1ROOEf8rYeFD8WRp/ZVvuwU5qym97ZDL5+
HqkqjWDX/HhfNOquvRtRgtWAgnbaCrSVGbYSTais9VVBp9m+d+k2foX51ICC/Snp
ZOH08t9m/TeGM4mDjA8f+xJNAyVDnRyqjCyCxvhK+UC9AeDMlw+wet0uSU0AUylA
MsRzUx03+jU/HnF2DrBu+LqcTTrO2s94rJtwnH0DU+6pY2s=
-----END CERTIFICATE-----