Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/DCE028F3FD2E2A68FE4A98F4EBC7C1806009E6F0964B94BA1AF0B56655F5F22B/0/323830333a656336303a3a2f33322d3332203d3e20323637383530.roa
File:                     323830333a656336303a3a2f33322d3332203d3e20323637383530.roa (raw, json)
Hash identifier:          oSkk9LfipEODCq9QkidizqJROnN6tJYJaAmhpqlJRGw=
Subject key identifier:   E9:9D:9C:56:49:A0:01:68:C9:52:E7:66:17:44:7F:67:40:D0:C0:F0
Certificate issuer:       /CN=24CD02F5861A290CB8722F495D087C5FC34EB3A8
Certificate serial:       0AA6891EB6B6ADEF45932DFF8EBFF4D0CC6BEF02
Authority key identifier: 24:CD:02:F5:86:1A:29:0C:B8:72:2F:49:5D:08:7C:5F:C3:4E:B3:A8
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/24CD02F5861A290CB8722F495D087C5FC34EB3A8.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/DCE028F3FD2E2A68FE4A98F4EBC7C1806009E6F0964B94BA1AF0B56655F5F22B/0/323830333a656336303a3a2f33322d3332203d3e20323637383530.roa
Signing time:             Tue 04 Feb 2025 18:03:45 +0000
ROA not before:           Tue 04 Feb 2025 17:58:45 +0000
ROA not after:            Tue 03 Feb 2026 18:03:45 +0000
asID:                     267850
IP address blocks:        2803:ec60::/32 maxlen: 32
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0a:a6:89:1e:b6:b6:ad:ef:45:93:2d:ff:8e:bf:f4:d0:cc:6b:ef:02
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=24CD02F5861A290CB8722F495D087C5FC34EB3A8
        Validity
            Not Before: Feb  4 17:58:45 2025 GMT
            Not After : Feb  3 18:03:45 2026 GMT
        Subject: CN=E99D9C5649A00168C952E76617447F6740D0C0F0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:9a:0f:52:68:b0:4a:ef:e5:71:1c:3f:ca:15:
                    e5:1d:ff:51:14:f4:90:0b:29:e0:27:f5:88:a3:fc:
                    ee:d7:4c:8a:11:fd:de:bd:3a:b0:9b:59:5e:3b:71:
                    77:e9:32:ba:f5:2d:51:02:10:b4:cf:4d:b5:9c:70:
                    77:7a:8f:d1:5b:1b:d3:42:a0:16:87:9b:c3:b5:fe:
                    0c:41:2f:7c:d5:87:a6:fd:db:09:d1:e7:b1:81:db:
                    b2:ab:6a:73:cf:bd:3b:ab:a0:a3:38:19:62:42:45:
                    87:a8:83:50:cd:63:71:93:f1:27:b9:fb:ba:96:c6:
                    a6:8a:8e:00:0b:7c:5c:f1:0a:8d:3b:78:ad:9d:c3:
                    8f:b6:46:55:38:1c:7a:e3:a5:2a:67:52:61:da:ea:
                    17:10:2f:93:75:3a:1b:bd:27:0a:99:4c:cd:b7:7b:
                    39:5e:44:84:3d:f1:e0:74:39:b0:52:b8:22:da:fc:
                    28:6e:51:b2:7f:87:b2:5a:28:74:49:d4:eb:29:29:
                    cc:72:35:ee:2c:40:5c:d0:29:e2:59:6e:07:4c:1a:
                    90:c6:69:8f:02:03:c1:b9:9b:8a:8b:ba:23:ce:25:
                    de:f3:f2:33:da:8c:43:a6:63:24:53:02:4e:0f:8d:
                    91:de:0b:cc:05:5f:c9:62:39:46:21:59:cd:35:19:
                    f5:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E9:9D:9C:56:49:A0:01:68:C9:52:E7:66:17:44:7F:67:40:D0:C0:F0
            X509v3 Authority Key Identifier:
                keyid:24:CD:02:F5:86:1A:29:0C:B8:72:2F:49:5D:08:7C:5F:C3:4E:B3:A8

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/DCE028F3FD2E2A68FE4A98F4EBC7C1806009E6F0964B94BA1AF0B56655F5F22B/0/24CD02F5861A290CB8722F495D087C5FC34EB3A8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/24CD02F5861A290CB8722F495D087C5FC34EB3A8.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/DCE028F3FD2E2A68FE4A98F4EBC7C1806009E6F0964B94BA1AF0B56655F5F22B/0/323830333a656336303a3a2f33322d3332203d3e20323637383530.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2803:ec60::/32

    Signature Algorithm: sha256WithRSAEncryption
         a8:d9:d6:42:c7:5a:6a:6a:6f:2b:18:54:19:47:64:4f:5e:85:
         65:d6:79:65:f6:63:41:3f:a7:4c:01:4c:ec:ba:61:9d:a7:f7:
         79:fc:ee:23:bd:ff:c0:8d:22:3a:ff:b5:4a:c5:ed:06:e3:06:
         2b:72:0c:66:52:35:05:3f:5c:4a:87:46:ef:83:20:49:c1:50:
         63:db:fa:73:51:d4:da:94:c5:a6:6e:ae:44:3f:b8:0a:09:f4:
         65:4c:80:d1:b1:94:79:a1:7b:60:64:56:26:be:b2:59:8b:e5:
         1a:02:65:6d:bf:f8:5b:12:43:0f:7e:52:5e:fb:59:f5:dd:fd:
         f5:1c:78:f1:9b:97:d8:35:6d:de:5f:b3:82:af:e4:ce:bb:f8:
         89:ca:34:dc:95:23:18:ef:6e:02:ed:23:aa:78:65:2d:d2:e5:
         3b:5d:1f:34:74:1a:3f:cb:64:6d:d8:50:26:19:9e:b9:7b:c3:
         a9:e0:64:a4:4e:d3:9c:da:86:db:96:1c:d5:93:40:35:82:64:
         25:e2:9b:c8:46:51:96:46:1c:50:6d:b5:ae:f6:7b:08:f8:d8:
         e1:4e:e1:9f:66:95:2a:7d:b1:f2:d1:08:71:fa:6a:60:2e:ec:
         5a:f9:a4:49:3c:2a:10:d0:7f:10:fb:bf:20:06:66:b1:77:0c:
         0f:93:1d:db
-----BEGIN CERTIFICATE-----
MIIFvzCCBKegAwIBAgIUCqaJHra2re9Fky3/jr/00Mxr7wIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjRDRDAyRjU4NjFBMjkwQ0I4NzIyRjQ5NUQwODdDNUZD
MzRFQjNBODAeFw0yNTAyMDQxNzU4NDVaFw0yNjAyMDMxODAzNDVaMDMxMTAvBgNV
BAMTKEU5OUQ5QzU2NDlBMDAxNjhDOTUyRTc2NjE3NDQ3RjY3NDBEMEMwRjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvmg9SaLBK7+VxHD/KFeUd/1EU
9JALKeAn9Yij/O7XTIoR/d69OrCbWV47cXfpMrr1LVECELTPTbWccHd6j9FbG9NC
oBaHm8O1/gxBL3zVh6b92wnR57GB27KranPPvTuroKM4GWJCRYeog1DNY3GT8Se5
+7qWxqaKjgALfFzxCo07eK2dw4+2RlU4HHrjpSpnUmHa6hcQL5N1Ohu9JwqZTM23
ezleRIQ98eB0ObBSuCLa/ChuUbJ/h7JaKHRJ1OspKcxyNe4sQFzQKeJZbgdMGpDG
aY8CA8G5m4qLuiPOJd7z8jPajEOmYyRTAk4PjZHeC8wFX8liOUYhWc01GfX3AgMB
AAGjggLJMIICxTAdBgNVHQ4EFgQU6Z2cVkmgAWjJUudmF0R/Z0DQwPAwHwYDVR0j
BBgwFoAUJM0C9YYaKQy4ci9JXQh8X8NOs6gwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9EQ0UwMjhGM0ZEMkUyQTY4RkU0QTk4RjRFQkM3QzE4MDYw
MDlFNkYwOTY0Qjk0QkExQUYwQjU2NjU1RjVGMjJCLzAvMjRDRDAyRjU4NjFBMjkw
Q0I4NzIyRjQ5NUQwODdDNUZDMzRFQjNBOC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8yNENEMDJGNTg2MUEyOTBDQjg3
MjJGNDk1RDA4N0M1RkMzNEVCM0E4LmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvRENFMDI4RjNGRDJFMkE2OEZFNEE5OEY0RUJDN0MxODA2MDA5RTZGMDk2
NEI5NEJBMUFGMEI1NjY1NUY1RjIyQi8wLzMyMzgzMDMzM2E2NTYzMzYzMDNhM2Ey
ZjMzMzIyZDMzMzIyMDNkM2UyMDMyMzYzNzM4MzUzMC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACgD7GAw
DQYJKoZIhvcNAQELBQADggEBAKjZ1kLHWmpqbysYVBlHZE9ehWXWeWX2Y0E/p0wB
TOy6YZ2n93n87iO9/8CNIjr/tUrF7QbjBityDGZSNQU/XEqHRu+DIEnBUGPb+nNR
1NqUxaZurkQ/uAoJ9GVMgNGxlHmhe2BkVia+slmL5RoCZW2/+FsSQw9+Ul77WfXd
/fUcePGbl9g1bd5fs4Kv5M67+InKNNyVIxjvbgLtI6p4ZS3S5TtdHzR0Gj/LZG3Y
UCYZnrl7w6ngZKRO05zahtuWHNWTQDWCZCXim8hGUZZGHFBtta72ewj42OFO4Z9m
lSp9sfLRCHH6amAu7Fr5pEk8KhDQfxD7vyAGZrF3DA+THds=
-----END CERTIFICATE-----