Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/F157BD59DABCB6D961AC0F2D00BA596759FAC82A0EAEDE7D129DF241CBEFBF19/0/323830303a3332303a383431343a3a2f34372d3438203d3e203237383832.roa
File:                     323830303a3332303a383431343a3a2f34372d3438203d3e203237383832.roa (raw, json)
Hash identifier:          486A+DTDhkFh/14EoKpSMyGDlRrX6EojFPp6RTbPlFU=
Subject key identifier:   94:CE:4C:FF:D1:DB:94:06:98:EB:C0:64:9E:29:29:33:83:0A:86:E4
Certificate issuer:       /CN=B3866813178FF550E6FCABCD492387DD1D0E08A5
Certificate serial:       3F75F48392BF5BE1C78F5F4706A9F39E4533136D
Authority key identifier: B3:86:68:13:17:8F:F5:50:E6:FC:AB:CD:49:23:87:DD:1D:0E:08:A5
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/B3866813178FF550E6FCABCD492387DD1D0E08A5.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/F157BD59DABCB6D961AC0F2D00BA596759FAC82A0EAEDE7D129DF241CBEFBF19/0/323830303a3332303a383431343a3a2f34372d3438203d3e203237383832.roa
Signing time:             Tue 04 Feb 2025 20:05:43 +0000
ROA not before:           Tue 04 Feb 2025 20:00:43 +0000
ROA not after:            Tue 03 Feb 2026 20:05:43 +0000
asID:                     27882
IP address blocks:        2800:320:8414::/47 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3f:75:f4:83:92:bf:5b:e1:c7:8f:5f:47:06:a9:f3:9e:45:33:13:6d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=B3866813178FF550E6FCABCD492387DD1D0E08A5
        Validity
            Not Before: Feb  4 20:00:43 2025 GMT
            Not After : Feb  3 20:05:43 2026 GMT
        Subject: CN=94CE4CFFD1DB940698EBC0649E292933830A86E4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:44:d4:e3:e4:05:ef:6c:af:f5:e9:4a:9a:3b:
                    49:39:62:0e:19:a1:e2:ea:05:fa:70:ac:92:f7:e7:
                    dd:39:dc:30:03:c2:5e:e2:7e:4e:ec:fa:67:65:c7:
                    26:8c:9e:41:7a:7f:16:29:93:1a:97:64:2d:51:f8:
                    87:f6:87:9c:b5:eb:a1:9e:af:55:eb:c1:6e:8d:52:
                    1c:d3:89:16:f0:ea:d1:97:e4:29:e2:fe:f4:07:8b:
                    8e:c1:0a:ce:90:32:81:66:30:71:4d:13:d4:31:12:
                    74:85:1f:4c:ea:1c:f4:fb:a2:41:78:55:c1:55:27:
                    e9:66:47:3d:0d:18:92:60:d9:cc:07:58:13:46:3c:
                    4b:0b:4d:8d:d1:23:f2:b6:b3:eb:48:8d:2c:01:24:
                    1e:90:0c:3b:59:87:23:b9:56:27:d3:32:ec:fc:ff:
                    06:68:97:36:16:6e:d0:73:5a:b0:67:f2:58:0e:50:
                    d6:79:f8:38:45:ff:a5:9b:b0:d4:78:17:2b:52:bd:
                    4d:36:87:97:39:48:00:d2:23:2d:b1:1a:a7:9a:bb:
                    e9:cf:12:6d:0a:7f:27:12:2d:f5:74:c2:65:07:55:
                    7c:6e:3a:a0:52:8d:b3:da:0b:01:86:67:91:4e:65:
                    b2:51:c1:8b:7a:f7:0d:b7:77:fe:cb:5b:a4:2e:5d:
                    c7:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                94:CE:4C:FF:D1:DB:94:06:98:EB:C0:64:9E:29:29:33:83:0A:86:E4
            X509v3 Authority Key Identifier:
                keyid:B3:86:68:13:17:8F:F5:50:E6:FC:AB:CD:49:23:87:DD:1D:0E:08:A5

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/F157BD59DABCB6D961AC0F2D00BA596759FAC82A0EAEDE7D129DF241CBEFBF19/0/B3866813178FF550E6FCABCD492387DD1D0E08A5.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/B3866813178FF550E6FCABCD492387DD1D0E08A5.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/F157BD59DABCB6D961AC0F2D00BA596759FAC82A0EAEDE7D129DF241CBEFBF19/0/323830303a3332303a383431343a3a2f34372d3438203d3e203237383832.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2800:320:8414::/47

    Signature Algorithm: sha256WithRSAEncryption
         33:12:c0:f6:24:85:d8:d9:4c:ad:bf:9a:7f:d8:0e:31:f0:83:
         f9:fd:43:11:a3:73:04:b1:a8:42:6d:64:14:4b:78:9a:27:65:
         b1:a7:a0:1e:08:4a:0c:07:d9:fd:d7:be:64:1f:1e:59:d2:ec:
         28:d8:d4:e6:14:66:cb:87:34:8f:3b:8b:86:32:42:c6:fa:b5:
         52:a9:ab:44:98:28:6b:66:f1:91:4d:1f:78:57:06:50:10:3b:
         b0:9e:0c:e7:61:af:12:9f:6c:58:95:ec:43:24:f2:d9:fc:00:
         97:30:c4:62:f4:37:fd:d2:ca:fd:df:cd:31:dc:9a:bb:c0:56:
         5b:ab:f9:e7:ff:a6:96:08:25:7f:8a:ec:02:3e:f3:e9:f5:48:
         dd:62:33:2a:c0:54:40:87:f8:bb:be:78:05:df:96:19:70:51:
         6a:05:0c:da:bd:25:0a:96:f4:fb:33:3d:01:a0:c2:3d:76:77:
         b2:fd:96:5c:80:61:cf:39:8d:38:fd:54:0c:e3:a6:f2:4d:2f:
         86:ed:a7:d1:9a:e7:e6:fa:84:79:65:cf:0a:f9:38:9a:dc:b0:
         a7:fb:fa:c8:42:0a:af:a3:46:0a:0d:13:d1:b6:3a:35:93:58:
         26:d8:fc:9f:7e:af:b5:67:fa:54:91:3b:87:0c:49:9e:e9:c5:
         e9:7e:34:75
-----BEGIN CERTIFICATE-----
MIIFxzCCBK+gAwIBAgIUP3X0g5K/W+HHj19HBqnznkUzE20wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQjM4NjY4MTMxNzhGRjU1MEU2RkNBQkNENDkyMzg3REQx
RDBFMDhBNTAeFw0yNTAyMDQyMDAwNDNaFw0yNjAyMDMyMDA1NDNaMDMxMTAvBgNV
BAMTKDk0Q0U0Q0ZGRDFEQjk0MDY5OEVCQzA2NDlFMjkyOTMzODMwQTg2RTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCeRNTj5AXvbK/16UqaO0k5Yg4Z
oeLqBfpwrJL359053DADwl7ifk7s+mdlxyaMnkF6fxYpkxqXZC1R+If2h5y166Ge
r1XrwW6NUhzTiRbw6tGX5Cni/vQHi47BCs6QMoFmMHFNE9QxEnSFH0zqHPT7okF4
VcFVJ+lmRz0NGJJg2cwHWBNGPEsLTY3RI/K2s+tIjSwBJB6QDDtZhyO5VifTMuz8
/wZolzYWbtBzWrBn8lgOUNZ5+DhF/6WbsNR4FytSvU02h5c5SADSIy2xGqeau+nP
Em0KfycSLfV0wmUHVXxuOqBSjbPaCwGGZ5FOZbJRwYt69w23d/7LW6QuXcdtAgMB
AAGjggLRMIICzTAdBgNVHQ4EFgQUlM5M/9HblAaY68BknikpM4MKhuQwHwYDVR0j
BBgwFoAUs4ZoExeP9VDm/KvNSSOH3R0OCKUwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9GMTU3QkQ1OURBQkNCNkQ5NjFBQzBGMkQwMEJBNTk2NzU5
RkFDODJBMEVBRURFN0QxMjlERjI0MUNCRUZCRjE5LzAvQjM4NjY4MTMxNzhGRjU1
MEU2RkNBQkNENDkyMzg3REQxRDBFMDhBNS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9CMzg2NjgxMzE3OEZGNTUwRTZG
Q0FCQ0Q0OTIzODdERDFEMEUwOEE1LmNlcjCBzQYIKwYBBQUHAQsEgcAwgb0wgboG
CCsGAQUFBzALhoGtcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvRjE1N0JENTlEQUJDQjZEOTYxQUMwRjJEMDBCQTU5Njc1OUZBQzgyQTBF
QUVERTdEMTI5REYyNDFDQkVGQkYxOS8wLzMyMzgzMDMwM2EzMzMyMzAzYTM4MzQz
MTM0M2EzYTJmMzQzNzJkMzQzODIwM2QzZTIwMzIzNzM4MzgzMi5yb2EwGAYDVR0g
AQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMH
ASgAAyCEFDANBgkqhkiG9w0BAQsFAAOCAQEAMxLA9iSF2NlMrb+af9gOMfCD+f1D
EaNzBLGoQm1kFEt4midlsaegHghKDAfZ/de+ZB8eWdLsKNjU5hRmy4c0jzuLhjJC
xvq1UqmrRJgoa2bxkU0feFcGUBA7sJ4M52GvEp9sWJXsQyTy2fwAlzDEYvQ3/dLK
/d/NMdyau8BWW6v55/+mlgglf4rsAj7z6fVI3WIzKsBUQIf4u754Bd+WGXBRagUM
2r0lCpb0+zM9AaDCPXZ3sv2WXIBhzzmNOP1UDOOm8k0vhu2n0Zrn5vqEeWXPCvk4
mtywp/v6yEIKr6NGCg0T0bY6NZNYJtj8n36vtWf6VJE7hwxJnunF6X40dQ==
-----END CERTIFICATE-----