Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/F7B95F1DDB9E3C4242EE36BE0E3B1CE3CCFEB00F89508C1D7E75596D3D112EDE/0/323830333a663836303a3a2f33322d3438203d3e20323732393935.roa
File:                     323830333a663836303a3a2f33322d3438203d3e20323732393935.roa (raw, json)
Hash identifier:          iiAeiDNE2EMv9mdAdSYIE7g2xLLeWM1RN9l63PjgvCo=
Subject key identifier:   30:18:51:D7:77:CC:64:86:01:F9:0E:58:A6:39:96:90:F5:B6:7B:A4
Certificate issuer:       /CN=420B44E3D543CA237CB6BC9020FEC4357D75D278
Certificate serial:       3F36E6E3D129B7463C42B0BFCED12BB1D9DAD95B
Authority key identifier: 42:0B:44:E3:D5:43:CA:23:7C:B6:BC:90:20:FE:C4:35:7D:75:D2:78
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/420B44E3D543CA237CB6BC9020FEC4357D75D278.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/F7B95F1DDB9E3C4242EE36BE0E3B1CE3CCFEB00F89508C1D7E75596D3D112EDE/0/323830333a663836303a3a2f33322d3438203d3e20323732393935.roa
Signing time:             Tue 30 Apr 2024 17:25:00 +0000
ROA not before:           Tue 30 Apr 2024 17:20:00 +0000
ROA not after:            Tue 29 Apr 2025 17:25:00 +0000
asID:                     272995
IP address blocks:        2803:f860::/32 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3f:36:e6:e3:d1:29:b7:46:3c:42:b0:bf:ce:d1:2b:b1:d9:da:d9:5b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=420B44E3D543CA237CB6BC9020FEC4357D75D278
        Validity
            Not Before: Apr 30 17:20:00 2024 GMT
            Not After : Apr 29 17:25:00 2025 GMT
        Subject: CN=301851D777CC648601F90E58A6399690F5B67BA4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:2b:a0:7f:80:d1:69:dc:26:91:43:8c:99:50:
                    11:95:48:65:8e:6d:9b:92:9a:bc:df:3f:26:1c:a0:
                    b0:d6:f8:b9:e8:92:ed:69:4f:f0:d4:a0:d5:39:2a:
                    72:91:9c:fa:d5:d7:6b:1b:b4:98:04:03:42:73:11:
                    ea:6e:37:c6:77:2b:21:e6:ca:16:fc:a8:7c:69:9f:
                    7b:0a:a0:e1:de:ac:68:9d:c9:cf:64:12:8c:28:f9:
                    83:ef:19:9b:d9:d2:af:98:52:32:68:10:2e:96:8e:
                    e0:87:58:a5:dd:f3:e2:d1:c6:5e:1e:aa:70:71:aa:
                    5a:c2:47:ad:a6:fd:2e:da:c8:00:f3:41:c0:1b:13:
                    73:84:50:1a:a4:bb:76:39:4f:b0:9c:0a:4d:8e:c5:
                    3c:60:ee:31:8d:ff:e1:78:3b:43:c7:c9:f9:e9:37:
                    22:dd:fc:85:31:d7:6c:6b:cf:83:18:a2:33:61:de:
                    b3:44:48:60:d7:94:cf:49:f7:d7:3b:7a:ab:b5:ee:
                    a9:cf:2b:61:2a:13:81:e1:70:43:9a:44:5b:7f:95:
                    b7:b5:61:a7:6c:e9:4a:2b:92:90:a8:a3:d5:c1:55:
                    0d:68:00:a8:5f:58:71:22:65:50:7c:13:21:5f:62:
                    64:1f:6c:7a:da:38:be:40:f1:e0:ba:9a:64:b3:d7:
                    74:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                30:18:51:D7:77:CC:64:86:01:F9:0E:58:A6:39:96:90:F5:B6:7B:A4
            X509v3 Authority Key Identifier:
                keyid:42:0B:44:E3:D5:43:CA:23:7C:B6:BC:90:20:FE:C4:35:7D:75:D2:78

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/F7B95F1DDB9E3C4242EE36BE0E3B1CE3CCFEB00F89508C1D7E75596D3D112EDE/0/420B44E3D543CA237CB6BC9020FEC4357D75D278.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/420B44E3D543CA237CB6BC9020FEC4357D75D278.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/F7B95F1DDB9E3C4242EE36BE0E3B1CE3CCFEB00F89508C1D7E75596D3D112EDE/0/323830333a663836303a3a2f33322d3438203d3e20323732393935.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2803:f860::/32

    Signature Algorithm: sha256WithRSAEncryption
         55:ba:45:10:b7:41:d1:d4:1e:fb:f2:b4:63:8d:88:ea:a8:7e:
         91:e7:3d:8f:d5:a6:07:cc:84:c4:f1:4f:71:c5:25:01:3d:63:
         95:0f:2f:e4:bc:4c:1b:16:69:e5:cd:6f:48:14:f6:78:e0:c9:
         67:0e:d9:d4:18:00:3d:eb:43:54:a8:70:ab:c6:f4:14:dd:03:
         36:d5:9d:c5:41:27:5e:16:3b:55:70:44:e9:21:35:98:46:2a:
         c5:f6:6d:7b:f2:d0:07:62:d6:92:eb:c3:52:c0:7a:6a:32:05:
         d3:9b:c2:42:7c:c1:94:27:31:8e:cb:71:65:15:d9:ba:e5:f6:
         19:74:cb:f1:8b:bb:1c:e2:c9:0a:ad:4a:1f:ec:eb:31:87:9f:
         c1:88:3f:24:5d:a8:09:fb:bc:67:5e:a3:10:1b:cf:0a:16:ca:
         e6:5a:d0:bf:1d:c3:df:da:7c:e7:5c:a8:c9:4b:62:7f:d2:b9:
         11:8d:04:49:49:41:5a:dd:e7:73:d0:80:69:2a:55:9d:04:84:
         73:4a:e2:17:76:c0:f7:1c:9c:20:9b:d0:a6:bd:2b:61:bd:30:
         97:9c:99:3c:60:e0:89:25:f3:02:ac:a2:b1:b7:7a:bf:eb:44:
         f9:ab:0b:2e:57:36:bb:30:3f:e4:35:53:ad:97:42:83:f7:19:
         f7:b2:1d:3b
-----BEGIN CERTIFICATE-----
MIIFvzCCBKegAwIBAgIUPzbm49Ept0Y8QrC/ztErsdna2VswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDIwQjQ0RTNENTQzQ0EyMzdDQjZCQzkwMjBGRUM0MzU3
RDc1RDI3ODAeFw0yNDA0MzAxNzIwMDBaFw0yNTA0MjkxNzI1MDBaMDMxMTAvBgNV
BAMTKDMwMTg1MUQ3NzdDQzY0ODYwMUY5MEU1OEE2Mzk5NjkwRjVCNjdCQTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCdK6B/gNFp3CaRQ4yZUBGVSGWO
bZuSmrzfPyYcoLDW+Lnoku1pT/DUoNU5KnKRnPrV12sbtJgEA0JzEepuN8Z3KyHm
yhb8qHxpn3sKoOHerGidyc9kEowo+YPvGZvZ0q+YUjJoEC6WjuCHWKXd8+LRxl4e
qnBxqlrCR62m/S7ayADzQcAbE3OEUBqku3Y5T7CcCk2OxTxg7jGN/+F4O0PHyfnp
NyLd/IUx12xrz4MYojNh3rNESGDXlM9J99c7equ17qnPK2EqE4HhcEOaRFt/lbe1
Yads6UorkpCoo9XBVQ1oAKhfWHEiZVB8EyFfYmQfbHraOL5A8eC6mmSz13S7AgMB
AAGjggLJMIICxTAdBgNVHQ4EFgQUMBhR13fMZIYB+Q5YpjmWkPW2e6QwHwYDVR0j
BBgwFoAUQgtE49VDyiN8tryQIP7ENX110ngwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9GN0I5NUYxRERCOUUzQzQyNDJFRTM2QkUwRTNCMUNFM0ND
RkVCMDBGODk1MDhDMUQ3RTc1NTk2RDNEMTEyRURFLzAvNDIwQjQ0RTNENTQzQ0Ey
MzdDQjZCQzkwMjBGRUM0MzU3RDc1RDI3OC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC80MjBCNDRFM0Q1NDNDQTIzN0NC
NkJDOTAyMEZFQzQzNTdENzVEMjc4LmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvRjdCOTVGMUREQjlFM0M0MjQyRUUzNkJFMEUzQjFDRTNDQ0ZFQjAwRjg5
NTA4QzFEN0U3NTU5NkQzRDExMkVERS8wLzMyMzgzMDMzM2E2NjM4MzYzMDNhM2Ey
ZjMzMzIyZDM0MzgyMDNkM2UyMDMyMzczMjM5MzkzNS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACgD+GAw
DQYJKoZIhvcNAQELBQADggEBAFW6RRC3QdHUHvvytGONiOqofpHnPY/VpgfMhMTx
T3HFJQE9Y5UPL+S8TBsWaeXNb0gU9njgyWcO2dQYAD3rQ1SocKvG9BTdAzbVncVB
J14WO1VwROkhNZhGKsX2bXvy0Adi1pLrw1LAemoyBdObwkJ8wZQnMY7LcWUV2brl
9hl0y/GLuxziyQqtSh/s6zGHn8GIPyRdqAn7vGdeoxAbzwoWyuZa0L8dw9/afOdc
qMlLYn/SuRGNBElJQVrd53PQgGkqVZ0EhHNK4hd2wPccnCCb0Ka9K2G9MJecmTxg
4Ikl8wKsorG3er/rRPmrCy5XNrswP+Q1U62XQoP3GfeyHTs=
-----END CERTIFICATE-----