Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/F1D809D2B20F2C76C623EC4F4AB847D2E728F3922F03A13EF5267171C2F9A8F9/0/323830313a31353a353830303a3a2f34382d3438203d3e203139343239.roa
File:                     323830313a31353a353830303a3a2f34382d3438203d3e203139343239.roa (raw, json)
Hash identifier:          soMdv6t9RU3oTY2y8UF7mtemBxqLUCx7EYjF+w2xYzA=
Subject key identifier:   9A:05:78:2C:D2:45:EE:9A:4E:C9:DB:F8:FE:C2:25:54:E6:74:CA:1F
Certificate issuer:       /CN=C732566EF9CB668B8EA3B33DA5D9F95C2CD0532B
Certificate serial:       4570013EC7231D66D81C31D132AFB14A7FDA2A0B
Authority key identifier: C7:32:56:6E:F9:CB:66:8B:8E:A3:B3:3D:A5:D9:F9:5C:2C:D0:53:2B
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C732566EF9CB668B8EA3B33DA5D9F95C2CD0532B.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/F1D809D2B20F2C76C623EC4F4AB847D2E728F3922F03A13EF5267171C2F9A8F9/0/323830313a31353a353830303a3a2f34382d3438203d3e203139343239.roa
Signing time:             Tue 04 Feb 2025 17:59:53 +0000
ROA not before:           Tue 04 Feb 2025 17:54:53 +0000
ROA not after:            Tue 03 Feb 2026 17:59:53 +0000
asID:                     19429
IP address blocks:        2801:15:5800::/48 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            45:70:01:3e:c7:23:1d:66:d8:1c:31:d1:32:af:b1:4a:7f:da:2a:0b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=C732566EF9CB668B8EA3B33DA5D9F95C2CD0532B
        Validity
            Not Before: Feb  4 17:54:53 2025 GMT
            Not After : Feb  3 17:59:53 2026 GMT
        Subject: CN=9A05782CD245EE9A4EC9DBF8FEC22554E674CA1F
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:a1:f7:57:f6:9f:6a:f8:19:ab:b9:ec:94:2d:
                    b8:43:a6:74:0b:38:1a:8a:a4:22:10:d4:99:e4:ae:
                    6f:c3:24:cf:60:3b:27:8f:a4:dd:0a:9d:6c:0a:e4:
                    c9:76:18:a9:10:9b:cb:2b:d4:cf:57:98:6b:1b:f7:
                    26:df:d4:6b:7c:e8:8b:65:fc:5e:b1:d3:4f:28:c4:
                    f6:b7:dc:94:e1:2d:a8:42:00:b8:73:fe:da:aa:d8:
                    4a:ce:85:11:fd:cf:a6:04:66:ec:e8:3d:60:b8:c8:
                    83:01:6a:4a:ef:d4:e4:1f:28:2e:f0:38:59:e7:ad:
                    43:8d:bb:78:19:9d:f6:b4:b4:9b:94:f1:d4:5d:15:
                    4e:5c:9e:c5:84:e5:78:75:80:db:1e:b2:05:e8:ac:
                    7d:a1:ce:0a:e9:10:6d:31:b2:bc:4a:bf:9b:e0:e2:
                    25:56:93:8f:49:7a:04:ee:32:72:34:65:53:65:e7:
                    b6:bc:a9:7c:41:31:28:bd:1f:08:47:89:db:e4:9e:
                    41:12:82:1a:13:da:42:9b:71:34:a0:ab:c4:01:e6:
                    de:db:0a:88:35:ef:5a:45:c4:7d:a3:e1:2c:b8:cf:
                    5e:6b:fa:e3:a2:95:36:42:f7:04:4c:2e:ed:66:57:
                    4c:c2:a6:69:b9:88:4f:40:7d:4c:c7:0b:ee:6d:5b:
                    5b:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9A:05:78:2C:D2:45:EE:9A:4E:C9:DB:F8:FE:C2:25:54:E6:74:CA:1F
            X509v3 Authority Key Identifier:
                keyid:C7:32:56:6E:F9:CB:66:8B:8E:A3:B3:3D:A5:D9:F9:5C:2C:D0:53:2B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/F1D809D2B20F2C76C623EC4F4AB847D2E728F3922F03A13EF5267171C2F9A8F9/0/C732566EF9CB668B8EA3B33DA5D9F95C2CD0532B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C732566EF9CB668B8EA3B33DA5D9F95C2CD0532B.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/F1D809D2B20F2C76C623EC4F4AB847D2E728F3922F03A13EF5267171C2F9A8F9/0/323830313a31353a353830303a3a2f34382d3438203d3e203139343239.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2801:15:5800::/48

    Signature Algorithm: sha256WithRSAEncryption
         9c:34:8e:2e:ea:36:d9:5f:d5:72:02:32:9d:d4:04:88:ee:da:
         eb:7b:ff:39:ce:8f:30:00:8f:07:0f:36:f4:30:5a:01:eb:3d:
         fe:13:2d:a3:87:0c:55:00:9c:35:d6:63:e6:d8:1d:3f:a9:f4:
         73:45:1e:3d:d3:f2:9f:c8:f3:07:27:97:7f:d7:ef:9e:5a:60:
         5c:c8:70:dc:82:f9:d8:4a:21:17:f8:87:b9:72:06:dd:11:23:
         28:6e:ad:3d:6d:c9:5a:2d:b7:5c:2a:4d:d8:d1:d4:6b:57:9f:
         36:b5:23:8d:3c:5b:19:2c:8e:d6:01:2b:0d:07:8a:c4:b5:ed:
         c9:32:7a:0f:d8:01:3b:aa:b0:4f:52:32:08:73:d8:0a:11:8f:
         a3:f7:77:e8:02:99:00:84:98:06:18:07:d2:c8:35:3b:84:ff:
         c0:19:97:e5:78:cf:13:10:27:f6:2b:60:c1:57:93:96:84:06:
         fc:5b:64:ed:c9:c3:78:11:46:8c:3a:bf:e2:8c:01:73:f2:c5:
         5d:a5:2c:53:85:08:0d:6b:f1:e4:9d:98:96:33:85:7a:38:6d:
         ee:ae:ee:b3:80:a9:24:ba:2a:94:41:63:11:1f:41:9e:dd:00:
         be:fb:21:19:7e:9d:88:7c:27:8d:76:b8:c9:51:76:62:78:ce:
         08:c1:7d:f7
-----BEGIN CERTIFICATE-----
MIIFxTCCBK2gAwIBAgIURXABPscjHWbYHDHRMq+xSn/aKgswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQzczMjU2NkVGOUNCNjY4QjhFQTNCMzNEQTVEOUY5NUMy
Q0QwNTMyQjAeFw0yNTAyMDQxNzU0NTNaFw0yNjAyMDMxNzU5NTNaMDMxMTAvBgNV
BAMTKDlBMDU3ODJDRDI0NUVFOUE0RUM5REJGOEZFQzIyNTU0RTY3NENBMUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+ofdX9p9q+BmrueyULbhDpnQL
OBqKpCIQ1Jnkrm/DJM9gOyePpN0KnWwK5Ml2GKkQm8sr1M9XmGsb9ybf1Gt86Itl
/F6x008oxPa33JThLahCALhz/tqq2ErOhRH9z6YEZuzoPWC4yIMBakrv1OQfKC7w
OFnnrUONu3gZnfa0tJuU8dRdFU5cnsWE5Xh1gNsesgXorH2hzgrpEG0xsrxKv5vg
4iVWk49JegTuMnI0ZVNl57a8qXxBMSi9HwhHidvknkESghoT2kKbcTSgq8QB5t7b
Cog171pFxH2j4Sy4z15r+uOilTZC9wRMLu1mV0zCpmm5iE9AfUzHC+5tW1vZAgMB
AAGjggLPMIICyzAdBgNVHQ4EFgQUmgV4LNJF7ppOydv4/sIlVOZ0yh8wHwYDVR0j
BBgwFoAUxzJWbvnLZouOo7M9pdn5XCzQUyswDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9GMUQ4MDlEMkIyMEYyQzc2QzYyM0VDNEY0QUI4NDdEMkU3
MjhGMzkyMkYwM0ExM0VGNTI2NzE3MUMyRjlBOEY5LzAvQzczMjU2NkVGOUNCNjY4
QjhFQTNCMzNEQTVEOUY5NUMyQ0QwNTMyQi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9DNzMyNTY2RUY5Q0I2NjhCOEVB
M0IzM0RBNUQ5Rjk1QzJDRDA1MzJCLmNlcjCBywYIKwYBBQUHAQsEgb4wgbswgbgG
CCsGAQUFBzALhoGrcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvRjFEODA5RDJCMjBGMkM3NkM2MjNFQzRGNEFCODQ3RDJFNzI4RjM5MjJG
MDNBMTNFRjUyNjcxNzFDMkY5QThGOS8wLzMyMzgzMDMxM2EzMTM1M2EzNTM4MzAz
MDNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMxMzkzNDMyMzkucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAo
AQAVWAAwDQYJKoZIhvcNAQELBQADggEBAJw0ji7qNtlf1XICMp3UBIju2ut7/znO
jzAAjwcPNvQwWgHrPf4TLaOHDFUAnDXWY+bYHT+p9HNFHj3T8p/I8wcnl3/X755a
YFzIcNyC+dhKIRf4h7lyBt0RIyhurT1tyVott1wqTdjR1GtXnza1I408WxksjtYB
Kw0HisS17ckyeg/YATuqsE9SMghz2AoRj6P3d+gCmQCEmAYYB9LINTuE/8AZl+V4
zxMQJ/YrYMFXk5aEBvxbZO3Jw3gRRow6v+KMAXPyxV2lLFOFCA1r8eSdmJYzhXo4
be6u7rOAqSS6KpRBYxEfQZ7dAL77IRl+nYh8J412uMlRdmJ4zgjBffc=
-----END CERTIFICATE-----