Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/D939D9ABEA691570A5D804C203149B30ADA870DF9D368FE15C53E58B1B4DE3FC/0/323830333a6432303a3a2f33322d3332203d3e20323635363834.roa
File:                     323830333a6432303a3a2f33322d3332203d3e20323635363834.roa (raw, json)
Hash identifier:          /D7cnLnJXa5ipFVdP+IaE3sgufXRlHkmM6F8ATrITQk=
Subject key identifier:   56:D3:B3:40:50:09:04:8C:A0:8E:DB:16:24:D5:11:40:B7:7F:64:0B
Certificate issuer:       /CN=DEFA5C5AFE63F6B02C3C33399D2C192E24DCF7FB
Certificate serial:       19D014B75A55AB79559B9985526D7699FB1A8F1E
Authority key identifier: DE:FA:5C:5A:FE:63:F6:B0:2C:3C:33:39:9D:2C:19:2E:24:DC:F7:FB
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/DEFA5C5AFE63F6B02C3C33399D2C192E24DCF7FB.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/D939D9ABEA691570A5D804C203149B30ADA870DF9D368FE15C53E58B1B4DE3FC/0/323830333a6432303a3a2f33322d3332203d3e20323635363834.roa
Signing time:             Thu 20 Feb 2025 20:10:29 +0000
ROA not before:           Thu 20 Feb 2025 20:05:29 +0000
ROA not after:            Thu 19 Feb 2026 20:10:29 +0000
asID:                     265684
IP address blocks:        2803:d20::/32 maxlen: 32
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            19:d0:14:b7:5a:55:ab:79:55:9b:99:85:52:6d:76:99:fb:1a:8f:1e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=DEFA5C5AFE63F6B02C3C33399D2C192E24DCF7FB
        Validity
            Not Before: Feb 20 20:05:29 2025 GMT
            Not After : Feb 19 20:10:29 2026 GMT
        Subject: CN=56D3B3405009048CA08EDB1624D51140B77F640B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:30:f9:9a:d1:3f:a9:2e:7f:91:c6:3d:4a:6a:
                    09:10:95:53:73:14:14:ea:41:71:d0:c1:4e:75:8f:
                    51:2e:b9:50:7b:f9:3a:f1:f0:c6:b3:4a:27:74:0e:
                    e8:cb:6e:22:85:e0:73:9f:55:11:60:c5:4f:e8:69:
                    59:28:56:60:3c:e0:76:0d:5c:be:15:98:48:e8:d5:
                    13:30:e1:3a:4a:e8:8e:ef:c2:da:64:7f:4b:c3:71:
                    06:35:99:fa:5c:ab:58:34:14:4d:ea:3a:7f:5b:b0:
                    2d:ad:00:38:22:cd:32:34:08:f7:17:70:ed:00:67:
                    80:a4:8a:5a:df:69:76:73:23:95:16:3e:6a:5d:a5:
                    90:9f:80:0d:1f:31:f3:36:82:5f:5b:ed:f5:76:76:
                    9b:98:cd:46:9f:78:8c:cd:b7:51:e7:ce:61:64:16:
                    97:a7:4a:11:ad:c9:c3:97:f9:2b:dc:42:42:25:cb:
                    71:6a:4d:ea:97:99:de:51:e3:d5:f8:ba:6a:6e:53:
                    d5:57:10:e1:03:76:4a:a2:61:7a:67:95:ff:92:89:
                    ab:ef:04:79:7b:38:f9:e2:2a:01:d7:72:20:ef:e9:
                    60:ef:3c:ae:0a:2e:c6:db:29:61:0b:05:99:e2:a1:
                    10:07:4d:b8:39:72:bf:ab:1e:78:0d:8c:f8:90:73:
                    7d:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                56:D3:B3:40:50:09:04:8C:A0:8E:DB:16:24:D5:11:40:B7:7F:64:0B
            X509v3 Authority Key Identifier:
                keyid:DE:FA:5C:5A:FE:63:F6:B0:2C:3C:33:39:9D:2C:19:2E:24:DC:F7:FB

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/D939D9ABEA691570A5D804C203149B30ADA870DF9D368FE15C53E58B1B4DE3FC/0/DEFA5C5AFE63F6B02C3C33399D2C192E24DCF7FB.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/DEFA5C5AFE63F6B02C3C33399D2C192E24DCF7FB.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/D939D9ABEA691570A5D804C203149B30ADA870DF9D368FE15C53E58B1B4DE3FC/0/323830333a6432303a3a2f33322d3332203d3e20323635363834.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2803:d20::/32

    Signature Algorithm: sha256WithRSAEncryption
         08:01:b3:2a:6d:fd:f0:58:a2:f3:55:ab:f4:3d:b1:87:30:1a:
         77:56:69:03:4a:69:b4:60:24:f4:cc:f7:ea:f3:65:32:96:a5:
         f9:04:0a:7a:06:de:5e:31:56:5c:91:66:f5:59:17:62:f4:68:
         82:99:e2:0f:e7:7c:2a:99:6f:e1:9d:06:42:16:cf:84:37:15:
         ef:10:c8:cc:03:b6:a8:8a:8e:f3:41:5d:f4:e4:1d:24:5b:d3:
         22:1e:5b:45:94:2c:dd:a4:55:70:b4:8a:bd:6c:de:2f:4d:b3:
         e5:51:ff:7e:ef:35:8d:dd:c5:1f:90:41:ea:e3:9b:40:a9:db:
         a5:5c:99:76:cc:c0:f0:44:9b:0b:13:9a:a9:1f:bd:c2:fa:c5:
         90:22:a0:ed:1d:bc:06:03:dd:27:2e:8e:49:11:71:82:b5:2b:
         61:23:f6:79:d6:80:bb:7b:52:e3:c6:35:01:e0:90:85:a6:61:
         e7:69:3a:48:b1:1f:f6:c7:96:6e:10:bd:ea:ae:f9:9b:8b:d6:
         0c:44:43:eb:09:0c:02:f6:26:ee:da:5a:e1:fe:3e:6b:7f:2c:
         fe:2d:2a:8e:08:7c:4b:22:29:2f:23:01:c2:2b:9b:6a:a0:8b:
         f4:06:a2:ab:36:63:a9:bc:bf:29:71:61:9c:e3:60:b1:0c:f7:
         06:90:37:18
-----BEGIN CERTIFICATE-----
MIIFvTCCBKWgAwIBAgIUGdAUt1pVq3lVm5mFUm12mfsajx4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoREVGQTVDNUFGRTYzRjZCMDJDM0MzMzM5OUQyQzE5MkUy
NERDRjdGQjAeFw0yNTAyMjAyMDA1MjlaFw0yNjAyMTkyMDEwMjlaMDMxMTAvBgNV
BAMTKDU2RDNCMzQwNTAwOTA0OENBMDhFREIxNjI0RDUxMTQwQjc3RjY0MEIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4MPma0T+pLn+Rxj1KagkQlVNz
FBTqQXHQwU51j1EuuVB7+Trx8MazSid0DujLbiKF4HOfVRFgxU/oaVkoVmA84HYN
XL4VmEjo1RMw4TpK6I7vwtpkf0vDcQY1mfpcq1g0FE3qOn9bsC2tADgizTI0CPcX
cO0AZ4CkilrfaXZzI5UWPmpdpZCfgA0fMfM2gl9b7fV2dpuYzUafeIzNt1HnzmFk
FpenShGtycOX+SvcQkIly3FqTeqXmd5R49X4umpuU9VXEOEDdkqiYXpnlf+Siavv
BHl7OPniKgHXciDv6WDvPK4KLsbbKWELBZnioRAHTbg5cr+rHngNjPiQc32dAgMB
AAGjggLHMIICwzAdBgNVHQ4EFgQUVtOzQFAJBIygjtsWJNURQLd/ZAswHwYDVR0j
BBgwFoAU3vpcWv5j9rAsPDM5nSwZLiTc9/swDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9EOTM5RDlBQkVBNjkxNTcwQTVEODA0QzIwMzE0OUIzMEFE
QTg3MERGOUQzNjhGRTE1QzUzRTU4QjFCNERFM0ZDLzAvREVGQTVDNUFGRTYzRjZC
MDJDM0MzMzM5OUQyQzE5MkUyNERDRjdGQi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9ERUZBNUM1QUZFNjNGNkIwMkMz
QzMzMzk5RDJDMTkyRTI0RENGN0ZCLmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvRDkzOUQ5QUJFQTY5MTU3MEE1RDgwNEMyMDMxNDlCMzBBREE4NzBERjlE
MzY4RkUxNUM1M0U1OEIxQjRERTNGQy8wLzMyMzgzMDMzM2E2NDMyMzAzYTNhMmYz
MzMyMmQzMzMyMjAzZDNlMjAzMjM2MzUzNjM4MzQucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAoAw0gMA0G
CSqGSIb3DQEBCwUAA4IBAQAIAbMqbf3wWKLzVav0PbGHMBp3VmkDSmm0YCT0zPfq
82UylqX5BAp6Bt5eMVZckWb1WRdi9GiCmeIP53wqmW/hnQZCFs+ENxXvEMjMA7ao
io7zQV305B0kW9MiHltFlCzdpFVwtIq9bN4vTbPlUf9+7zWN3cUfkEHq45tAqdul
XJl2zMDwRJsLE5qpH73C+sWQIqDtHbwGA90nLo5JEXGCtSthI/Z51oC7e1LjxjUB
4JCFpmHnaTpIsR/2x5ZuEL3qrvmbi9YMREPrCQwC9ibu2lrh/j5rfyz+LSqOCHxL
IikvIwHCK5tqoIv0BqKrNmOpvL8pcWGc42CxDPcGkDcY
-----END CERTIFICATE-----