Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/C7D89C2EF2E2F1A93E9A3BE2DD888CCF5C91515B288EB2B421D9FAC530B5B640/0/323830333a386632303a3a2f33322d3438203d3e203237383834.roa
File:                     323830333a386632303a3a2f33322d3438203d3e203237383834.roa (raw, json)
Hash identifier:          Vz6yf6l+q4GaVyOa4Y0BmQRrvQMdUIGIrRfpB4JiAxQ=
Subject key identifier:   10:00:B8:92:0C:26:2D:5D:A9:4A:7A:29:1F:11:02:71:90:F5:D1:AE
Certificate issuer:       /CN=0E361CEAE1F58D0D8671ECBFECD09AAE2E74F16A
Certificate serial:       300DB0AC4DB26081699B37129FF7CEF935E999ED
Authority key identifier: 0E:36:1C:EA:E1:F5:8D:0D:86:71:EC:BF:EC:D0:9A:AE:2E:74:F1:6A
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/0E361CEAE1F58D0D8671ECBFECD09AAE2E74F16A.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/C7D89C2EF2E2F1A93E9A3BE2DD888CCF5C91515B288EB2B421D9FAC530B5B640/0/323830333a386632303a3a2f33322d3438203d3e203237383834.roa
Signing time:             Tue 04 Feb 2025 20:06:42 +0000
ROA not before:           Tue 04 Feb 2025 20:01:42 +0000
ROA not after:            Tue 03 Feb 2026 20:06:42 +0000
asID:                     27884
IP address blocks:        2803:8f20::/32 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            30:0d:b0:ac:4d:b2:60:81:69:9b:37:12:9f:f7:ce:f9:35:e9:99:ed
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0E361CEAE1F58D0D8671ECBFECD09AAE2E74F16A
        Validity
            Not Before: Feb  4 20:01:42 2025 GMT
            Not After : Feb  3 20:06:42 2026 GMT
        Subject: CN=1000B8920C262D5DA94A7A291F11027190F5D1AE
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:ea:88:73:63:3c:6a:7a:6a:3c:79:8f:16:93:
                    78:b3:46:da:1a:8d:60:b5:0b:cc:de:36:e6:8b:09:
                    61:30:ab:0c:f1:b8:4f:e9:70:b0:44:f3:33:d0:c9:
                    b9:af:b4:21:e8:1e:a3:9f:8c:8d:bc:a3:6a:6c:e7:
                    ff:8a:3a:6e:3a:2f:a5:7c:df:df:c7:e1:1e:b0:59:
                    1d:e0:9d:ec:66:fb:04:12:15:70:72:c8:c7:c3:60:
                    ed:25:4b:fe:35:6c:51:e4:13:be:ff:5c:1e:0b:39:
                    90:97:66:f8:4c:ac:38:0d:32:51:54:87:13:b7:38:
                    14:70:36:e9:3f:51:83:72:41:dc:c3:bf:a8:65:be:
                    99:2c:fa:a7:cb:68:0a:c9:a0:77:81:d9:c2:da:4c:
                    b3:71:52:32:f5:1f:0b:fa:05:62:b3:1d:c5:c9:d2:
                    1e:0a:40:b3:7d:8a:80:9a:4d:c8:82:0b:9d:81:17:
                    39:fd:fe:3c:2f:fa:3f:b1:d8:13:d7:60:ee:78:12:
                    55:8a:63:22:9d:3e:80:7e:88:e7:cc:57:40:1f:08:
                    12:d6:17:3e:5c:58:b0:a9:e0:c9:93:a8:e8:bc:87:
                    47:2f:6e:c7:5f:0a:50:a0:18:ec:75:0b:f4:0f:dd:
                    49:56:ad:88:c5:18:c8:0b:36:32:22:0c:49:3f:10:
                    03:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                10:00:B8:92:0C:26:2D:5D:A9:4A:7A:29:1F:11:02:71:90:F5:D1:AE
            X509v3 Authority Key Identifier:
                keyid:0E:36:1C:EA:E1:F5:8D:0D:86:71:EC:BF:EC:D0:9A:AE:2E:74:F1:6A

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/C7D89C2EF2E2F1A93E9A3BE2DD888CCF5C91515B288EB2B421D9FAC530B5B640/0/0E361CEAE1F58D0D8671ECBFECD09AAE2E74F16A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/0E361CEAE1F58D0D8671ECBFECD09AAE2E74F16A.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/C7D89C2EF2E2F1A93E9A3BE2DD888CCF5C91515B288EB2B421D9FAC530B5B640/0/323830333a386632303a3a2f33322d3438203d3e203237383834.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2803:8f20::/32

    Signature Algorithm: sha256WithRSAEncryption
         65:bf:5d:05:ce:1f:c3:96:b0:5b:51:a5:cd:de:c3:02:d1:25:
         42:6f:4e:55:c8:9e:0f:11:58:cb:91:02:e7:90:74:d4:b9:8e:
         4b:69:aa:e4:bb:c1:53:a9:1d:0c:12:b1:26:41:a3:75:62:a3:
         59:37:36:89:70:27:f4:dd:0c:8e:e4:f8:c4:3e:3f:30:25:5e:
         97:6d:be:0b:2f:a6:a9:9b:37:e8:cc:c6:c3:b0:13:26:0a:fa:
         e9:0b:47:98:b1:d2:c2:c8:86:d8:d5:a9:01:eb:ef:cc:14:46:
         7d:47:e2:41:cf:a6:68:c4:61:26:05:57:e3:4d:4a:dd:e4:48:
         61:9a:de:20:3d:ec:22:d8:3a:37:cd:94:44:1b:24:40:a9:cd:
         9f:41:0d:bb:7b:94:59:61:5d:dd:e4:9b:fd:d4:99:25:3f:95:
         3c:54:99:ea:dd:44:1f:c0:bc:f3:90:0c:15:8f:91:d9:41:34:
         ea:80:91:7d:84:23:44:df:bc:6e:da:59:49:cc:b0:9f:30:04:
         d4:e0:98:36:47:04:1f:17:8f:72:dd:80:11:04:ba:58:9e:41:
         ff:53:5b:54:bf:d1:64:9c:92:5a:2f:5a:26:4b:20:98:01:5c:
         d5:61:a0:a1:a6:c2:17:2f:d9:6e:d9:7c:9c:4b:fb:ae:dc:10:
         29:6b:70:25
-----BEGIN CERTIFICATE-----
MIIFvTCCBKWgAwIBAgIUMA2wrE2yYIFpmzcSn/fO+TXpme0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMEUzNjFDRUFFMUY1OEQwRDg2NzFFQ0JGRUNEMDlBQUUy
RTc0RjE2QTAeFw0yNTAyMDQyMDAxNDJaFw0yNjAyMDMyMDA2NDJaMDMxMTAvBgNV
BAMTKDEwMDBCODkyMEMyNjJENURBOTRBN0EyOTFGMTEwMjcxOTBGNUQxQUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCh6ohzYzxqemo8eY8Wk3izRtoa
jWC1C8zeNuaLCWEwqwzxuE/pcLBE8zPQybmvtCHoHqOfjI28o2ps5/+KOm46L6V8
39/H4R6wWR3gnexm+wQSFXByyMfDYO0lS/41bFHkE77/XB4LOZCXZvhMrDgNMlFU
hxO3OBRwNuk/UYNyQdzDv6hlvpks+qfLaArJoHeB2cLaTLNxUjL1Hwv6BWKzHcXJ
0h4KQLN9ioCaTciCC52BFzn9/jwv+j+x2BPXYO54ElWKYyKdPoB+iOfMV0AfCBLW
Fz5cWLCp4MmTqOi8h0cvbsdfClCgGOx1C/QP3UlWrYjFGMgLNjIiDEk/EAOHAgMB
AAGjggLHMIICwzAdBgNVHQ4EFgQUEAC4kgwmLV2pSnopHxECcZD10a4wHwYDVR0j
BBgwFoAUDjYc6uH1jQ2Gcey/7NCari508WowDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9DN0Q4OUMyRUYyRTJGMUE5M0U5QTNCRTJERDg4OENDRjVD
OTE1MTVCMjg4RUIyQjQyMUQ5RkFDNTMwQjVCNjQwLzAvMEUzNjFDRUFFMUY1OEQw
RDg2NzFFQ0JGRUNEMDlBQUUyRTc0RjE2QS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8wRTM2MUNFQUUxRjU4RDBEODY3
MUVDQkZFQ0QwOUFBRTJFNzRGMTZBLmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQzdEODlDMkVGMkUyRjFBOTNFOUEzQkUyREQ4ODhDQ0Y1QzkxNTE1QjI4
OEVCMkI0MjFEOUZBQzUzMEI1QjY0MC8wLzMyMzgzMDMzM2EzODY2MzIzMDNhM2Ey
ZjMzMzIyZDM0MzgyMDNkM2UyMDMyMzczODM4MzQucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAoA48gMA0G
CSqGSIb3DQEBCwUAA4IBAQBlv10Fzh/DlrBbUaXN3sMC0SVCb05VyJ4PEVjLkQLn
kHTUuY5Laarku8FTqR0MErEmQaN1YqNZNzaJcCf03QyO5PjEPj8wJV6Xbb4LL6ap
mzfozMbDsBMmCvrpC0eYsdLCyIbY1akB6+/MFEZ9R+JBz6ZoxGEmBVfjTUrd5Ehh
mt4gPewi2Do3zZREGyRAqc2fQQ27e5RZYV3d5Jv91JklP5U8VJnq3UQfwLzzkAwV
j5HZQTTqgJF9hCNE37xu2llJzLCfMATU4Jg2RwQfF49y3YARBLpYnkH/U1tUv9Fk
nJJaL1omSyCYAVzVYaChpsIXL9lu2XycS/uu3BApa3Al
-----END CERTIFICATE-----