Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/F4D8221D5720392C9C4D58EBE8E647D6916C55C606B2576137A2212C706761A5/0/323830333a393539303a3a2f33362d3336203d3e203532343638.roa
File:                     323830333a393539303a3a2f33362d3336203d3e203532343638.roa (raw, json)
Hash identifier:          qwWIxLaxT6wcisrJIN+At70yuayqEmpQTRrPwzPn99I=
Subject key identifier:   AF:0E:F7:67:94:2F:31:BC:C3:4B:86:9A:61:98:BA:BB:8F:83:22:B1
Certificate issuer:       /CN=21A79D2F0C2D260B1D7DD4819BE255B149917BAD
Certificate serial:       035D1DA9B9217ACA02223EA5A13CCFB351D02200
Authority key identifier: 21:A7:9D:2F:0C:2D:26:0B:1D:7D:D4:81:9B:E2:55:B1:49:91:7B:AD
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/21A79D2F0C2D260B1D7DD4819BE255B149917BAD.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/F4D8221D5720392C9C4D58EBE8E647D6916C55C606B2576137A2212C706761A5/0/323830333a393539303a3a2f33362d3336203d3e203532343638.roa
Signing time:             Tue 05 Mar 2024 18:00:10 +0000
ROA not before:           Tue 05 Mar 2024 17:55:10 +0000
ROA not after:            Tue 04 Mar 2025 18:00:10 +0000
asID:                     52468
IP address blocks:        2803:9590::/36 maxlen: 36

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            03:5d:1d:a9:b9:21:7a:ca:02:22:3e:a5:a1:3c:cf:b3:51:d0:22:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=21A79D2F0C2D260B1D7DD4819BE255B149917BAD
        Validity
            Not Before: Mar  5 17:55:10 2024 GMT
            Not After : Mar  4 18:00:10 2025 GMT
        Subject: CN=AF0EF767942F31BCC34B869A6198BABB8F8322B1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:d5:41:a4:66:fb:60:37:0e:f1:4c:31:a2:42:
                    43:d1:ed:4a:5d:be:c4:63:b1:5f:78:01:9e:e2:4d:
                    4a:3e:e5:ba:0b:5e:91:b3:05:de:4d:86:09:51:14:
                    70:f1:37:39:ee:7a:e1:dd:f8:f0:7d:d5:41:91:21:
                    05:d6:7e:53:8d:1c:86:d6:ae:62:9e:2e:b6:0e:35:
                    17:62:12:16:f3:52:43:d8:fd:fe:87:65:06:b0:e1:
                    d4:9c:64:66:d1:2b:98:67:cc:ea:50:a7:7f:d6:72:
                    80:f0:69:87:0b:76:f7:19:85:38:3c:cb:f4:43:80:
                    2e:19:1a:9c:89:e4:81:41:b7:ad:18:4b:48:a5:0c:
                    3e:1f:8d:de:b1:62:0b:bb:9a:40:3b:6f:74:e4:bb:
                    94:db:58:ef:82:47:35:a4:e1:17:b0:79:4c:e1:ce:
                    b1:37:68:1c:46:3a:61:89:db:85:04:c8:a1:a0:ea:
                    c8:9f:6d:02:3d:71:8f:19:22:b6:af:f8:14:9e:23:
                    41:24:1c:ff:1b:53:57:8e:9e:dd:8d:96:ee:52:4f:
                    ef:46:e4:f4:e4:54:fd:42:af:d8:80:dd:0b:f7:53:
                    29:ba:39:28:10:2a:94:d0:3f:bd:d4:06:95:ac:d2:
                    ad:4b:d6:71:16:24:b6:41:40:4b:f1:f4:c4:a5:1e:
                    37:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AF:0E:F7:67:94:2F:31:BC:C3:4B:86:9A:61:98:BA:BB:8F:83:22:B1
            X509v3 Authority Key Identifier:
                keyid:21:A7:9D:2F:0C:2D:26:0B:1D:7D:D4:81:9B:E2:55:B1:49:91:7B:AD

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/F4D8221D5720392C9C4D58EBE8E647D6916C55C606B2576137A2212C706761A5/0/21A79D2F0C2D260B1D7DD4819BE255B149917BAD.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/21A79D2F0C2D260B1D7DD4819BE255B149917BAD.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/F4D8221D5720392C9C4D58EBE8E647D6916C55C606B2576137A2212C706761A5/0/323830333a393539303a3a2f33362d3336203d3e203532343638.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2803:9590::/36

    Signature Algorithm: sha256WithRSAEncryption
         7d:ad:b1:af:7c:8b:72:8c:da:d4:ba:e5:65:c1:fc:de:43:60:
         c8:a1:76:9e:8d:85:e7:4e:29:52:ca:db:7e:5b:40:7c:eb:f2:
         0d:bb:66:cd:59:5e:5b:1f:38:4c:fc:7d:f5:3f:87:66:11:1b:
         61:7d:7a:20:b4:91:9e:87:98:98:02:9c:1c:ea:71:7f:e0:e5:
         1b:2d:af:6d:77:e5:2c:90:9c:46:ea:43:7b:e0:ef:c4:88:1e:
         47:e3:aa:8f:5f:17:48:52:b9:97:62:d5:99:89:78:d5:a5:26:
         d5:ae:01:b3:b7:86:16:9e:73:ae:19:66:9c:e0:78:37:37:eb:
         c2:c6:51:9c:26:9a:20:76:ee:a0:d9:2c:33:9e:37:56:92:2f:
         28:ed:24:ca:3a:40:35:57:b8:57:09:f0:fb:c3:bf:4f:ed:48:
         ee:38:70:30:55:e8:88:d6:df:d4:c3:ca:3d:a0:1b:ae:f6:9b:
         f1:d2:37:aa:64:68:87:e9:1b:b1:a9:70:29:76:c6:ea:e9:4f:
         44:59:d4:0a:22:de:2b:79:f1:f7:e7:b6:b2:db:cc:00:f2:62:
         1e:01:c9:d7:b1:a8:09:98:18:e8:ef:88:ad:f5:33:a8:08:e0:
         77:ba:92:f7:05:65:88:03:f9:38:4a:b0:81:da:eb:28:7d:8b:
         f7:85:27:8b
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUA10dqbkhesoCIj6loTzPs1HQIgAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjFBNzlEMkYwQzJEMjYwQjFEN0RENDgxOUJFMjU1QjE0
OTkxN0JBRDAeFw0yNDAzMDUxNzU1MTBaFw0yNTAzMDQxODAwMTBaMDMxMTAvBgNV
BAMTKEFGMEVGNzY3OTQyRjMxQkNDMzRCODY5QTYxOThCQUJCOEY4MzIyQjEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDK1UGkZvtgNw7xTDGiQkPR7Upd
vsRjsV94AZ7iTUo+5boLXpGzBd5NhglRFHDxNznueuHd+PB91UGRIQXWflONHIbW
rmKeLrYONRdiEhbzUkPY/f6HZQaw4dScZGbRK5hnzOpQp3/WcoDwaYcLdvcZhTg8
y/RDgC4ZGpyJ5IFBt60YS0ilDD4fjd6xYgu7mkA7b3Tku5TbWO+CRzWk4ReweUzh
zrE3aBxGOmGJ24UEyKGg6sifbQI9cY8ZIrav+BSeI0EkHP8bU1eOnt2Nlu5ST+9G
5PTkVP1Cr9iA3Qv3Uym6OSgQKpTQP73UBpWs0q1L1nEWJLZBQEvx9MSlHjfFAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUrw73Z5QvMbzDS4aaYZi6u4+DIrEwHwYDVR0j
BBgwFoAUIaedLwwtJgsdfdSBm+JVsUmRe60wDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9GNEQ4MjIxRDU3MjAzOTJDOUM0RDU4RUJFOEU2NDdENjkx
NkM1NUM2MDZCMjU3NjEzN0EyMjEyQzcwNjc2MUE1LzAvMjFBNzlEMkYwQzJEMjYw
QjFEN0RENDgxOUJFMjU1QjE0OTkxN0JBRC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8yMUE3OUQyRjBDMkQyNjBCMUQ3
REQ0ODE5QkUyNTVCMTQ5OTE3QkFELmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvRjREODIyMUQ1NzIwMzkyQzlDNEQ1OEVCRThFNjQ3RDY5MTZDNTVDNjA2
QjI1NzYxMzdBMjIxMkM3MDY3NjFBNS8wLzMyMzgzMDMzM2EzOTM1MzkzMDNhM2Ey
ZjMzMzYyZDMzMzYyMDNkM2UyMDM1MzIzNDM2Mzgucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgACMAgDBgQoA5WQADAN
BgkqhkiG9w0BAQsFAAOCAQEAfa2xr3yLcoza1LrlZcH83kNgyKF2no2F504pUsrb
fltAfOvyDbtmzVleWx84TPx99T+HZhEbYX16ILSRnoeYmAKcHOpxf+DlGy2vbXfl
LJCcRupDe+DvxIgeR+Oqj18XSFK5l2LVmYl41aUm1a4Bs7eGFp5zrhlmnOB4Nzfr
wsZRnCaaIHbuoNksM543VpIvKO0kyjpANVe4Vwnw+8O/T+1I7jhwMFXoiNbf1MPK
PaAbrvab8dI3qmRoh+kbsalwKXbG6ulPRFnUCiLeK3nx9+e2stvMAPJiHgHJ17Go
CZgY6O+IrfUzqAjgd7qS9wVliAP5OEqwgdrrKH2L94Uniw==
-----END CERTIFICATE-----