Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/EF1C4FB54417F45994F002F6EB83B7CAF5A3F3683B3376EEA623E22FAA172134/0/323830363a3265643a3a2f33322d3332203d3e203238333938.roa
File:                     323830363a3265643a3a2f33322d3332203d3e203238333938.roa (raw, json)
Hash identifier:          YQKtyJ4vmFMrL6AC4QDmz+9CQgT1ahpz4ckVXCIC08w=
Subject key identifier:   20:A2:BB:4F:9A:EB:16:54:18:BC:CD:71:99:F4:D3:66:64:30:8C:5B
Certificate issuer:       /CN=2944F2D96674AA0C160B60053EA3A61E1232E82C
Certificate serial:       02A0C5046CA1E6C0A34A0CEF654F571785D5D932
Authority key identifier: 29:44:F2:D9:66:74:AA:0C:16:0B:60:05:3E:A3:A6:1E:12:32:E8:2C
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/2944F2D96674AA0C160B60053EA3A61E1232E82C.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/EF1C4FB54417F45994F002F6EB83B7CAF5A3F3683B3376EEA623E22FAA172134/0/323830363a3265643a3a2f33322d3332203d3e203238333938.roa
Signing time:             Tue 04 Feb 2025 18:02:13 +0000
ROA not before:           Tue 04 Feb 2025 17:57:13 +0000
ROA not after:            Tue 03 Feb 2026 18:02:13 +0000
asID:                     28398
IP address blocks:        2806:2ed::/32 maxlen: 32
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            02:a0:c5:04:6c:a1:e6:c0:a3:4a:0c:ef:65:4f:57:17:85:d5:d9:32
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2944F2D96674AA0C160B60053EA3A61E1232E82C
        Validity
            Not Before: Feb  4 17:57:13 2025 GMT
            Not After : Feb  3 18:02:13 2026 GMT
        Subject: CN=20A2BB4F9AEB165418BCCD7199F4D36664308C5B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:88:4b:c4:2e:6b:99:b0:c0:66:da:21:c7:75:
                    ce:ed:86:26:04:14:f9:b8:ed:c7:72:84:e9:4b:24:
                    1b:1d:f0:6c:ee:67:07:1f:74:7f:05:32:28:9e:59:
                    75:c7:99:0a:59:5c:88:cb:4f:9d:44:67:18:44:c9:
                    c0:b3:f0:39:7d:db:ec:6c:1f:dc:84:6a:d0:b5:62:
                    4b:d3:b2:dd:5f:43:dd:53:cd:1f:10:fd:57:29:6b:
                    04:df:d4:52:d5:92:95:8d:9d:cb:84:f1:53:82:c9:
                    d2:02:3d:70:e8:3b:8a:ad:ad:bf:ea:bb:34:c8:63:
                    cd:dd:c8:a6:4b:eb:20:18:50:3d:8e:ba:ac:a7:48:
                    7e:ab:a2:99:50:a5:dc:99:e7:67:98:79:8a:31:01:
                    3f:83:14:be:ae:15:d6:9f:55:a5:55:32:3e:ec:29:
                    c1:67:e3:d1:e3:5b:32:95:f7:5e:72:f3:27:95:95:
                    d2:2e:9d:94:be:84:b4:c4:12:88:73:eb:ac:3d:52:
                    48:5b:42:f1:39:b1:37:92:96:ed:37:b8:1c:5f:7f:
                    59:e9:ef:63:3a:27:2f:59:75:20:02:85:09:10:fb:
                    92:bd:90:a6:6f:b4:3c:b0:f4:d8:3d:9d:ca:a4:bb:
                    d0:75:b6:6f:7f:1d:d0:29:52:a5:ca:69:0a:33:c6:
                    97:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                20:A2:BB:4F:9A:EB:16:54:18:BC:CD:71:99:F4:D3:66:64:30:8C:5B
            X509v3 Authority Key Identifier:
                keyid:29:44:F2:D9:66:74:AA:0C:16:0B:60:05:3E:A3:A6:1E:12:32:E8:2C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/EF1C4FB54417F45994F002F6EB83B7CAF5A3F3683B3376EEA623E22FAA172134/0/2944F2D96674AA0C160B60053EA3A61E1232E82C.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/2944F2D96674AA0C160B60053EA3A61E1232E82C.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/EF1C4FB54417F45994F002F6EB83B7CAF5A3F3683B3376EEA623E22FAA172134/0/323830363a3265643a3a2f33322d3332203d3e203238333938.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2806:2ed::/32

    Signature Algorithm: sha256WithRSAEncryption
         49:1e:cf:ef:06:d9:9e:16:fd:2b:6b:d2:d1:6e:3e:d9:6a:17:
         fb:39:3b:ba:5a:ff:d4:f7:32:f6:fa:ed:48:c2:71:ba:8b:fc:
         72:20:45:49:4b:e8:43:32:da:05:5b:28:21:77:12:b3:4c:64:
         5f:3c:62:4a:90:36:83:d0:f7:36:5f:75:fb:13:ff:ec:5d:af:
         af:0e:c3:7d:ab:99:cc:32:36:e5:fc:1e:7f:bf:01:c6:b2:15:
         8e:19:7a:04:74:60:5e:d5:02:db:9e:64:f2:56:9a:24:3d:07:
         1f:78:15:4e:93:04:8d:88:64:71:08:1e:da:73:3a:28:95:b3:
         72:cf:0c:68:81:d2:07:a5:01:37:4c:91:11:53:ad:9a:dc:86:
         28:71:35:e3:2b:fa:0e:61:29:f9:bd:17:9d:83:59:c1:1d:6d:
         19:00:6c:2c:0c:5c:4b:0e:e7:90:2b:b5:50:39:2b:5f:d5:7b:
         3e:04:1c:68:23:57:f8:d8:1a:5d:0d:8d:60:1e:a3:3d:9c:61:
         16:e4:fa:3c:11:79:ad:25:f8:c4:b6:85:ba:5e:8e:5b:52:d9:
         63:38:34:e1:5d:90:6c:5d:0b:f8:ca:d2:3b:0e:f1:fc:44:64:
         52:b9:f5:1b:8d:b5:d3:bd:ef:9e:94:3b:49:3c:f4:91:ad:d2:
         ff:63:65:d6
-----BEGIN CERTIFICATE-----
MIIFuzCCBKOgAwIBAgIUAqDFBGyh5sCjSgzvZU9XF4XV2TIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjk0NEYyRDk2Njc0QUEwQzE2MEI2MDA1M0VBM0E2MUUx
MjMyRTgyQzAeFw0yNTAyMDQxNzU3MTNaFw0yNjAyMDMxODAyMTNaMDMxMTAvBgNV
BAMTKDIwQTJCQjRGOUFFQjE2NTQxOEJDQ0Q3MTk5RjREMzY2NjQzMDhDNUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/iEvELmuZsMBm2iHHdc7thiYE
FPm47cdyhOlLJBsd8GzuZwcfdH8FMiieWXXHmQpZXIjLT51EZxhEycCz8Dl92+xs
H9yEatC1YkvTst1fQ91TzR8Q/VcpawTf1FLVkpWNncuE8VOCydICPXDoO4qtrb/q
uzTIY83dyKZL6yAYUD2OuqynSH6roplQpdyZ52eYeYoxAT+DFL6uFdafVaVVMj7s
KcFn49HjWzKV915y8yeVldIunZS+hLTEEohz66w9UkhbQvE5sTeSlu03uBxff1np
72M6Jy9ZdSAChQkQ+5K9kKZvtDyw9Ng9ncqku9B1tm9/HdApUqXKaQozxpdzAgMB
AAGjggLFMIICwTAdBgNVHQ4EFgQUIKK7T5rrFlQYvM1xmfTTZmQwjFswHwYDVR0j
BBgwFoAUKUTy2WZ0qgwWC2AFPqOmHhIy6CwwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9FRjFDNEZCNTQ0MTdGNDU5OTRGMDAyRjZFQjgzQjdDQUY1
QTNGMzY4M0IzMzc2RUVBNjIzRTIyRkFBMTcyMTM0LzAvMjk0NEYyRDk2Njc0QUEw
QzE2MEI2MDA1M0VBM0E2MUUxMjMyRTgyQy5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8yOTQ0RjJEOTY2NzRBQTBDMTYw
QjYwMDUzRUEzQTYxRTEyMzJFODJDLmNlcjCBwwYIKwYBBQUHAQsEgbYwgbMwgbAG
CCsGAQUFBzALhoGjcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvRUYxQzRGQjU0NDE3RjQ1OTk0RjAwMkY2RUI4M0I3Q0FGNUEzRjM2ODNC
MzM3NkVFQTYyM0UyMkZBQTE3MjEzNC8wLzMyMzgzMDM2M2EzMjY1NjQzYTNhMmYz
MzMyMmQzMzMyMjAzZDNlMjAzMjM4MzMzOTM4LnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKAYC7TANBgkq
hkiG9w0BAQsFAAOCAQEASR7P7wbZnhb9K2vS0W4+2WoX+zk7ulr/1Pcy9vrtSMJx
uov8ciBFSUvoQzLaBVsoIXcSs0xkXzxiSpA2g9D3Nl91+xP/7F2vrw7DfauZzDI2
5fwef78BxrIVjhl6BHRgXtUC255k8laaJD0HH3gVTpMEjYhkcQge2nM6KJWzcs8M
aIHSB6UBN0yREVOtmtyGKHE14yv6DmEp+b0XnYNZwR1tGQBsLAxcSw7nkCu1UDkr
X9V7PgQcaCNX+NgaXQ2NYB6jPZxhFuT6PBF5rSX4xLaFul6OW1LZYzg04V2QbF0L
+MrSOw7x/ERkUrn1G421073vnpQ7STz0ka3S/2Nl1g==
-----END CERTIFICATE-----