Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/D90725055620C1A52F09E9DBBABEB3B012803B7C253881FC4A6C3942F15EC407/0/323830333a346463303a3a2f33322d3438203d3e20323635373231.roa
File:                     323830333a346463303a3a2f33322d3438203d3e20323635373231.roa (raw, json)
Hash identifier:          9eINwRSHdoIllB2qpGnBwWIaRHXOv28j3zAloDR8YXY=
Subject key identifier:   BB:DF:95:4E:64:AA:B8:D4:2E:6D:23:D4:02:A1:5C:D9:96:2E:14:77
Certificate issuer:       /CN=2F8C3680D6F88B72EC06F1326CAA0A348AE4FAA9
Certificate serial:       131B0D4BFA4B06D61AA5EE53EBB619B483A7812E
Authority key identifier: 2F:8C:36:80:D6:F8:8B:72:EC:06:F1:32:6C:AA:0A:34:8A:E4:FA:A9
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/2F8C3680D6F88B72EC06F1326CAA0A348AE4FAA9.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/D90725055620C1A52F09E9DBBABEB3B012803B7C253881FC4A6C3942F15EC407/0/323830333a346463303a3a2f33322d3438203d3e20323635373231.roa
Signing time:             Tue 04 Feb 2025 18:31:36 +0000
ROA not before:           Tue 04 Feb 2025 18:26:36 +0000
ROA not after:            Tue 03 Feb 2026 18:31:36 +0000
asID:                     265721
IP address blocks:        2803:4dc0::/32 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            13:1b:0d:4b:fa:4b:06:d6:1a:a5:ee:53:eb:b6:19:b4:83:a7:81:2e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2F8C3680D6F88B72EC06F1326CAA0A348AE4FAA9
        Validity
            Not Before: Feb  4 18:26:36 2025 GMT
            Not After : Feb  3 18:31:36 2026 GMT
        Subject: CN=BBDF954E64AAB8D42E6D23D402A15CD9962E1477
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:ce:86:da:76:ce:94:e7:24:a2:8d:0a:48:67:
                    54:c5:60:68:a2:73:a2:71:8c:5d:ac:c5:4a:52:79:
                    bf:41:c1:b7:a4:2f:92:a5:c3:01:82:6b:89:9c:56:
                    f1:32:77:81:8e:91:0c:c3:5b:c8:cd:b8:11:42:b3:
                    47:bd:61:fa:8e:7f:08:7c:5b:eb:44:b5:fe:36:60:
                    31:d4:5f:df:6a:1d:c7:b5:1c:13:ac:ce:51:fd:58:
                    44:31:37:19:d3:b1:c6:df:63:48:a6:cd:c5:c6:d8:
                    c0:5e:bf:51:6c:85:6a:3c:1e:8b:58:75:9a:f3:fc:
                    0b:e8:ec:05:bb:9e:cc:04:dd:fc:55:d5:3d:e5:e0:
                    db:d5:7a:03:5c:ce:1d:8f:f0:75:86:a6:7b:8d:02:
                    32:20:dd:ae:49:3d:49:b6:86:2b:4c:99:76:1c:18:
                    28:8c:9d:89:75:00:86:40:af:49:ed:33:b5:c6:c5:
                    0a:9d:33:8c:41:ff:76:c7:3f:44:48:8f:a0:5e:1c:
                    2c:4f:2f:6e:54:ff:33:1c:d0:e8:1b:2d:5b:fd:5a:
                    a0:38:56:c7:b5:df:73:6a:2b:35:f1:fc:8a:d4:14:
                    5e:3f:6c:b5:56:ed:cf:96:fd:23:78:52:07:49:87:
                    21:88:4b:90:52:69:02:28:c2:9d:fd:aa:f8:8f:dd:
                    a8:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BB:DF:95:4E:64:AA:B8:D4:2E:6D:23:D4:02:A1:5C:D9:96:2E:14:77
            X509v3 Authority Key Identifier:
                keyid:2F:8C:36:80:D6:F8:8B:72:EC:06:F1:32:6C:AA:0A:34:8A:E4:FA:A9

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/D90725055620C1A52F09E9DBBABEB3B012803B7C253881FC4A6C3942F15EC407/0/2F8C3680D6F88B72EC06F1326CAA0A348AE4FAA9.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/2F8C3680D6F88B72EC06F1326CAA0A348AE4FAA9.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/D90725055620C1A52F09E9DBBABEB3B012803B7C253881FC4A6C3942F15EC407/0/323830333a346463303a3a2f33322d3438203d3e20323635373231.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2803:4dc0::/32

    Signature Algorithm: sha256WithRSAEncryption
         39:a6:b1:f7:a6:a0:a1:c1:bd:38:2d:51:f9:a4:cd:60:22:71:
         40:d0:41:da:d9:0b:fd:0a:78:53:c6:87:ae:97:03:38:ff:a5:
         6e:4b:79:b4:56:d8:77:85:b4:2a:4a:ab:60:7c:fb:dd:a3:f2:
         7f:7c:e6:f9:57:86:b1:6a:5f:76:66:70:63:a3:8b:4b:7a:2d:
         d6:46:81:2b:c4:d7:34:5b:c7:2a:c4:d9:84:b1:c5:ae:56:2e:
         c7:b3:fd:d7:2c:03:50:05:4b:b6:61:1a:e4:a6:12:3b:96:27:
         62:0f:b9:f3:2a:8a:1e:11:ca:b3:45:72:e5:99:92:e0:06:75:
         25:f3:c4:e3:86:9f:35:0d:a8:a5:1c:c7:21:63:7b:c7:54:c1:
         b8:ab:90:3f:20:ba:ff:c5:52:f4:2a:7f:f0:b2:f3:a6:92:fa:
         74:6e:49:1f:ad:5c:29:65:11:7e:d2:68:a0:9d:46:79:b3:30:
         b0:c6:ca:85:31:47:4a:52:b6:b2:75:df:20:31:d5:ba:4d:f0:
         cf:ac:74:3e:46:9a:62:11:72:df:7f:7b:83:49:25:9c:01:1c:
         70:e9:7b:30:52:2d:6a:57:3d:f9:dc:ca:29:1e:a8:38:42:98:
         89:ed:10:97:b8:10:b9:74:e8:44:bf:78:3b:6a:89:72:aa:c6:
         4f:0a:da:42
-----BEGIN CERTIFICATE-----
MIIFvzCCBKegAwIBAgIUExsNS/pLBtYape5T67YZtIOngS4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMkY4QzM2ODBENkY4OEI3MkVDMDZGMTMyNkNBQTBBMzQ4
QUU0RkFBOTAeFw0yNTAyMDQxODI2MzZaFw0yNjAyMDMxODMxMzZaMDMxMTAvBgNV
BAMTKEJCREY5NTRFNjRBQUI4RDQyRTZEMjNENDAyQTE1Q0Q5OTYyRTE0NzcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCczobads6U5ySijQpIZ1TFYGii
c6JxjF2sxUpSeb9BwbekL5KlwwGCa4mcVvEyd4GOkQzDW8jNuBFCs0e9YfqOfwh8
W+tEtf42YDHUX99qHce1HBOszlH9WEQxNxnTscbfY0imzcXG2MBev1FshWo8HotY
dZrz/Avo7AW7nswE3fxV1T3l4NvVegNczh2P8HWGpnuNAjIg3a5JPUm2hitMmXYc
GCiMnYl1AIZAr0ntM7XGxQqdM4xB/3bHP0RIj6BeHCxPL25U/zMc0OgbLVv9WqA4
Vse133NqKzXx/IrUFF4/bLVW7c+W/SN4UgdJhyGIS5BSaQIowp39qviP3aivAgMB
AAGjggLJMIICxTAdBgNVHQ4EFgQUu9+VTmSquNQubSPUAqFc2ZYuFHcwHwYDVR0j
BBgwFoAUL4w2gNb4i3LsBvEybKoKNIrk+qkwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9EOTA3MjUwNTU2MjBDMUE1MkYwOUU5REJCQUJFQjNCMDEy
ODAzQjdDMjUzODgxRkM0QTZDMzk0MkYxNUVDNDA3LzAvMkY4QzM2ODBENkY4OEI3
MkVDMDZGMTMyNkNBQTBBMzQ4QUU0RkFBOS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8yRjhDMzY4MEQ2Rjg4QjcyRUMw
NkYxMzI2Q0FBMEEzNDhBRTRGQUE5LmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvRDkwNzI1MDU1NjIwQzFBNTJGMDlFOURCQkFCRUIzQjAxMjgwM0I3QzI1
Mzg4MUZDNEE2QzM5NDJGMTVFQzQwNy8wLzMyMzgzMDMzM2EzNDY0NjMzMDNhM2Ey
ZjMzMzIyZDM0MzgyMDNkM2UyMDMyMzYzNTM3MzIzMS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACgDTcAw
DQYJKoZIhvcNAQELBQADggEBADmmsfemoKHBvTgtUfmkzWAicUDQQdrZC/0KeFPG
h66XAzj/pW5LebRW2HeFtCpKq2B8+92j8n985vlXhrFqX3ZmcGOji0t6LdZGgSvE
1zRbxyrE2YSxxa5WLsez/dcsA1AFS7ZhGuSmEjuWJ2IPufMqih4RyrNFcuWZkuAG
dSXzxOOGnzUNqKUcxyFje8dUwbirkD8guv/FUvQqf/Cy86aS+nRuSR+tXCllEX7S
aKCdRnmzMLDGyoUxR0pStrJ13yAx1bpN8M+sdD5GmmIRct9/e4NJJZwBHHDpezBS
LWpXPfncyikeqDhCmIntEJe4ELl06ES/eDtqiXKqxk8K2kI=
-----END CERTIFICATE-----