Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/C49F09D0777CD260B28DBBF1CA577BBF1A598B854F7D3DBA3A094E8B654051F2/0/323830363a3331313a3a2f33322d3332203d3e20323635353334.roa
File:                     323830363a3331313a3a2f33322d3332203d3e20323635353334.roa (raw, json)
Hash identifier:          TZOgNVMXbo3PDCnkRLxR0R9HhJ+AbqusAcdj3vgq7X8=
Subject key identifier:   E3:09:88:D7:E2:E1:79:62:1D:74:FC:F1:0A:8B:B0:01:0F:F9:8E:DD
Certificate issuer:       /CN=CD0CE589373B27C7377B95716717C42DB8B1FF08
Certificate serial:       368DD1FD1D599B9EDC95F0723481E72E1E31AFA6
Authority key identifier: CD:0C:E5:89:37:3B:27:C7:37:7B:95:71:67:17:C4:2D:B8:B1:FF:08
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/CD0CE589373B27C7377B95716717C42DB8B1FF08.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/C49F09D0777CD260B28DBBF1CA577BBF1A598B854F7D3DBA3A094E8B654051F2/0/323830363a3331313a3a2f33322d3332203d3e20323635353334.roa
Signing time:             Tue 04 Feb 2025 18:03:49 +0000
ROA not before:           Tue 04 Feb 2025 17:58:49 +0000
ROA not after:            Tue 03 Feb 2026 18:03:49 +0000
asID:                     265534
IP address blocks:        2806:311::/32 maxlen: 32
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            36:8d:d1:fd:1d:59:9b:9e:dc:95:f0:72:34:81:e7:2e:1e:31:af:a6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=CD0CE589373B27C7377B95716717C42DB8B1FF08
        Validity
            Not Before: Feb  4 17:58:49 2025 GMT
            Not After : Feb  3 18:03:49 2026 GMT
        Subject: CN=E30988D7E2E179621D74FCF10A8BB0010FF98EDD
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:79:d1:39:9c:53:a7:1c:78:99:e6:e9:dc:3f:
                    5e:8f:58:0a:3f:c8:26:50:11:f3:84:97:ce:64:56:
                    17:72:4d:93:3e:93:aa:5b:8e:a7:4d:44:a6:4f:bd:
                    0a:1a:45:6b:34:eb:12:5c:ce:8d:de:57:35:33:9e:
                    9f:a7:f7:8c:3b:c6:4a:62:bc:fc:c4:7a:1d:c1:7b:
                    85:c6:96:52:00:19:b9:43:0d:9b:a3:76:ba:be:dd:
                    2f:16:3c:eb:4f:a4:ba:39:73:79:2b:a9:1b:ea:b7:
                    0f:e3:3e:89:a8:79:65:16:f2:46:8e:a2:99:7e:0e:
                    e4:24:2f:d6:da:c9:3f:3d:33:fa:4d:9c:2b:f3:ff:
                    c6:c4:57:e1:de:32:bd:06:77:3c:1d:c7:ec:51:1b:
                    17:de:e4:db:34:97:6b:6c:0d:11:40:01:b5:83:c6:
                    19:4b:66:4d:e3:45:32:58:8e:ef:35:d1:48:ef:58:
                    0e:3c:15:a1:6e:20:b3:b6:89:0d:75:56:2f:82:c7:
                    6d:f9:82:e4:6b:d1:84:8a:64:4c:c8:3c:a7:0d:d4:
                    0f:cf:c0:ff:50:d0:7c:b2:ae:2b:b2:1a:ff:a1:16:
                    e8:7b:1a:72:df:35:05:3b:f9:6b:fc:5c:15:dc:da:
                    b0:84:5e:1a:bf:b5:55:e3:07:fd:b9:46:c9:ef:cc:
                    5e:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E3:09:88:D7:E2:E1:79:62:1D:74:FC:F1:0A:8B:B0:01:0F:F9:8E:DD
            X509v3 Authority Key Identifier:
                keyid:CD:0C:E5:89:37:3B:27:C7:37:7B:95:71:67:17:C4:2D:B8:B1:FF:08

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/C49F09D0777CD260B28DBBF1CA577BBF1A598B854F7D3DBA3A094E8B654051F2/0/CD0CE589373B27C7377B95716717C42DB8B1FF08.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/CD0CE589373B27C7377B95716717C42DB8B1FF08.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/C49F09D0777CD260B28DBBF1CA577BBF1A598B854F7D3DBA3A094E8B654051F2/0/323830363a3331313a3a2f33322d3332203d3e20323635353334.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2806:311::/32

    Signature Algorithm: sha256WithRSAEncryption
         57:d8:97:d1:77:c4:a2:a6:81:b7:b9:9a:0f:9f:41:06:e8:d9:
         8f:17:60:7a:e0:f1:51:2b:06:88:9d:86:41:f0:0e:cc:15:bc:
         48:b5:c9:8c:13:e1:5b:15:c3:23:b1:28:7a:28:5d:6c:e1:6e:
         d5:41:a0:82:3f:c3:8e:9e:4e:eb:e8:34:e3:5f:ff:33:fd:7e:
         73:86:72:2a:5e:14:d3:4a:40:9a:1a:85:46:bd:11:22:34:d3:
         12:e8:b3:b7:1c:d4:cc:03:24:a2:72:06:4b:83:b7:6b:53:e9:
         3f:e2:7b:61:5c:44:f1:d7:9e:70:3c:31:66:cc:7a:29:75:33:
         60:3d:53:dd:88:45:ad:12:94:a7:f5:b5:2c:62:54:a3:89:53:
         52:08:6d:c4:8a:4f:23:69:b5:7a:9d:8c:8b:0f:14:7a:4a:05:
         da:e6:39:bf:8d:b4:1b:ce:58:e3:6d:7b:7c:b8:3d:70:e1:0c:
         b2:43:58:95:88:f6:4b:b3:b4:0e:8c:07:73:7e:3d:61:72:4b:
         94:44:9f:8e:bf:11:a4:e6:bf:41:1e:dc:ef:3e:b1:69:f9:2b:
         fb:45:0b:5c:d9:80:79:3e:07:d4:f4:9f:66:be:17:10:dc:98:
         c8:2d:75:af:a9:a8:7a:85:46:56:6a:6c:f0:b7:18:0c:80:e5:
         22:1a:5e:04
-----BEGIN CERTIFICATE-----
MIIFvTCCBKWgAwIBAgIUNo3R/R1Zm57clfByNIHnLh4xr6YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQ0QwQ0U1ODkzNzNCMjdDNzM3N0I5NTcxNjcxN0M0MkRC
OEIxRkYwODAeFw0yNTAyMDQxNzU4NDlaFw0yNjAyMDMxODAzNDlaMDMxMTAvBgNV
BAMTKEUzMDk4OEQ3RTJFMTc5NjIxRDc0RkNGMTBBOEJCMDAxMEZGOThFREQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDgedE5nFOnHHiZ5uncP16PWAo/
yCZQEfOEl85kVhdyTZM+k6pbjqdNRKZPvQoaRWs06xJczo3eVzUznp+n94w7xkpi
vPzEeh3Be4XGllIAGblDDZujdrq+3S8WPOtPpLo5c3krqRvqtw/jPomoeWUW8kaO
opl+DuQkL9bayT89M/pNnCvz/8bEV+HeMr0Gdzwdx+xRGxfe5Ns0l2tsDRFAAbWD
xhlLZk3jRTJYju810UjvWA48FaFuILO2iQ11Vi+Cx235guRr0YSKZEzIPKcN1A/P
wP9Q0HyyriuyGv+hFuh7GnLfNQU7+Wv8XBXc2rCEXhq/tVXjB/25RsnvzF5lAgMB
AAGjggLHMIICwzAdBgNVHQ4EFgQU4wmI1+LheWIddPzxCouwAQ/5jt0wHwYDVR0j
BBgwFoAUzQzliTc7J8c3e5VxZxfELbix/wgwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9DNDlGMDlEMDc3N0NEMjYwQjI4REJCRjFDQTU3N0JCRjFB
NTk4Qjg1NEY3RDNEQkEzQTA5NEU4QjY1NDA1MUYyLzAvQ0QwQ0U1ODkzNzNCMjdD
NzM3N0I5NTcxNjcxN0M0MkRCOEIxRkYwOC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9DRDBDRTU4OTM3M0IyN0M3Mzc3
Qjk1NzE2NzE3QzQyREI4QjFGRjA4LmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQzQ5RjA5RDA3NzdDRDI2MEIyOERCQkYxQ0E1NzdCQkYxQTU5OEI4NTRG
N0QzREJBM0EwOTRFOEI2NTQwNTFGMi8wLzMyMzgzMDM2M2EzMzMxMzEzYTNhMmYz
MzMyMmQzMzMyMjAzZDNlMjAzMjM2MzUzNTMzMzQucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAoBgMRMA0G
CSqGSIb3DQEBCwUAA4IBAQBX2JfRd8SipoG3uZoPn0EG6NmPF2B64PFRKwaInYZB
8A7MFbxItcmME+FbFcMjsSh6KF1s4W7VQaCCP8OOnk7r6DTjX/8z/X5zhnIqXhTT
SkCaGoVGvREiNNMS6LO3HNTMAySicgZLg7drU+k/4nthXETx155wPDFmzHopdTNg
PVPdiEWtEpSn9bUsYlSjiVNSCG3Eik8jabV6nYyLDxR6SgXa5jm/jbQbzljjbXt8
uD1w4QyyQ1iViPZLs7QOjAdzfj1hckuURJ+OvxGk5r9BHtzvPrFp+Sv7RQtc2YB5
PgfU9J9mvhcQ3JjILXWvqah6hUZWamzwtxgMgOUiGl4E
-----END CERTIFICATE-----