Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/FDFF1188C2B050BE246E6E28475C838C9DE4134FF2EDA671A2859E02F5C7EE81/0/323830333a626131303a3a2f33322d3438203d3e20323731393334.roa
File:                     323830333a626131303a3a2f33322d3438203d3e20323731393334.roa (raw, json)
Hash identifier:          vIfF3iTxTSbhVx9YDQ4eXWKrW+BBp/lMt1dJqYBIxos=
Subject key identifier:   A5:44:0B:18:E7:5D:0C:75:F8:33:4F:B4:F9:65:54:F4:0D:B4:A6:0B
Certificate issuer:       /CN=C98CBAFA1B63461F7181D20C05CB6C83B4A752B4
Certificate serial:       5C59DC036656E8D81BED4052FA5538DF572F805A
Authority key identifier: C9:8C:BA:FA:1B:63:46:1F:71:81:D2:0C:05:CB:6C:83:B4:A7:52:B4
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C98CBAFA1B63461F7181D20C05CB6C83B4A752B4.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/FDFF1188C2B050BE246E6E28475C838C9DE4134FF2EDA671A2859E02F5C7EE81/0/323830333a626131303a3a2f33322d3438203d3e20323731393334.roa
Signing time:             Tue 04 Feb 2025 18:19:01 +0000
ROA not before:           Tue 04 Feb 2025 18:14:01 +0000
ROA not after:            Tue 03 Feb 2026 18:19:01 +0000
asID:                     271934
IP address blocks:        2803:ba10::/32 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5c:59:dc:03:66:56:e8:d8:1b:ed:40:52:fa:55:38:df:57:2f:80:5a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=C98CBAFA1B63461F7181D20C05CB6C83B4A752B4
        Validity
            Not Before: Feb  4 18:14:01 2025 GMT
            Not After : Feb  3 18:19:01 2026 GMT
        Subject: CN=A5440B18E75D0C75F8334FB4F96554F40DB4A60B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:d0:74:04:3a:d4:95:de:e1:48:aa:48:b2:79:
                    f0:b8:00:09:4e:ea:3d:cc:8f:7a:67:89:f7:c2:01:
                    00:21:46:72:70:d3:c7:ce:9a:5e:c0:d3:c8:10:dc:
                    35:42:25:78:45:e6:8f:f7:6b:6d:d4:2c:9e:bc:05:
                    d2:1c:00:68:94:d3:ab:1e:79:68:a0:13:49:ea:df:
                    d6:43:55:ce:1e:57:f7:10:17:71:93:0a:61:f3:34:
                    c1:f9:cc:20:9e:1e:f3:e5:5a:fe:b9:4d:2e:49:a0:
                    03:c0:af:5f:0f:00:79:c4:51:61:b3:45:6b:e2:1e:
                    26:ce:eb:2f:12:58:5b:25:c0:26:de:8e:5e:01:8c:
                    3d:ba:ce:46:22:85:bf:5a:4b:5d:4a:b6:bc:5c:b3:
                    a9:6e:e6:c4:c2:8a:1c:af:12:f5:b2:1e:e0:38:1c:
                    86:f1:e6:8c:a9:f7:95:64:87:88:b9:58:eb:b3:50:
                    b8:56:79:bb:5a:96:60:1e:aa:cc:eb:eb:35:97:18:
                    f3:00:09:9e:75:29:8d:da:ff:e0:8f:04:c0:c2:1c:
                    04:c7:fa:ba:6a:82:33:34:5e:e6:2b:a3:24:82:65:
                    06:b8:0f:ab:f9:44:1b:d5:42:e1:c6:5d:db:8d:a3:
                    ac:32:e7:95:8a:83:4a:0d:2b:53:7e:09:59:a8:c0:
                    da:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A5:44:0B:18:E7:5D:0C:75:F8:33:4F:B4:F9:65:54:F4:0D:B4:A6:0B
            X509v3 Authority Key Identifier:
                keyid:C9:8C:BA:FA:1B:63:46:1F:71:81:D2:0C:05:CB:6C:83:B4:A7:52:B4

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/FDFF1188C2B050BE246E6E28475C838C9DE4134FF2EDA671A2859E02F5C7EE81/0/C98CBAFA1B63461F7181D20C05CB6C83B4A752B4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/C98CBAFA1B63461F7181D20C05CB6C83B4A752B4.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/FDFF1188C2B050BE246E6E28475C838C9DE4134FF2EDA671A2859E02F5C7EE81/0/323830333a626131303a3a2f33322d3438203d3e20323731393334.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2803:ba10::/32

    Signature Algorithm: sha256WithRSAEncryption
         95:c8:09:4f:3d:ce:cc:e8:7d:ee:48:09:1d:20:58:7a:b2:72:
         af:98:ad:9d:8e:cb:8c:82:ca:33:29:a1:e4:56:7b:22:01:97:
         de:dc:9a:f4:40:b2:67:c6:ad:56:23:77:2f:82:30:b6:88:46:
         7d:a4:05:a0:e1:c4:c2:e8:41:dd:ce:45:1d:1a:3d:63:36:ca:
         b3:d9:8b:b8:54:ac:ed:27:ce:a7:9a:ba:c2:91:0c:1d:d9:4a:
         d3:4a:61:a4:6b:be:92:c1:ed:26:ec:be:73:8f:59:17:cf:b1:
         a4:f2:44:aa:38:c6:af:6d:d5:85:de:9d:30:ec:da:37:f7:77:
         c2:70:be:26:0f:2d:df:3b:1a:ad:b1:5d:c0:76:a7:5f:f3:32:
         cc:47:03:dc:71:6f:c2:ec:7f:77:d4:ad:56:f8:cb:d2:77:99:
         34:63:37:db:f9:d3:44:9a:61:b1:b8:a6:94:3d:94:3f:37:92:
         e4:37:70:ed:17:e5:f6:a2:21:9b:6f:87:ee:dd:b0:4d:f8:b8:
         a6:18:f2:47:3d:dc:04:e3:67:82:8b:9d:42:d7:f8:64:d3:4a:
         4f:f0:dc:69:f8:3c:e9:4d:9c:ea:84:67:80:48:cb:f9:fb:25:
         89:17:ae:a3:d5:7f:60:4b:b5:64:6d:21:f2:06:d2:30:5d:de:
         d7:8f:7f:07
-----BEGIN CERTIFICATE-----
MIIFvzCCBKegAwIBAgIUXFncA2ZW6Ngb7UBS+lU431cvgFowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQzk4Q0JBRkExQjYzNDYxRjcxODFEMjBDMDVDQjZDODNC
NEE3NTJCNDAeFw0yNTAyMDQxODE0MDFaFw0yNjAyMDMxODE5MDFaMDMxMTAvBgNV
BAMTKEE1NDQwQjE4RTc1RDBDNzVGODMzNEZCNEY5NjU1NEY0MERCNEE2MEIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDC0HQEOtSV3uFIqkiyefC4AAlO
6j3Mj3pniffCAQAhRnJw08fOml7A08gQ3DVCJXhF5o/3a23ULJ68BdIcAGiU06se
eWigE0nq39ZDVc4eV/cQF3GTCmHzNMH5zCCeHvPlWv65TS5JoAPAr18PAHnEUWGz
RWviHibO6y8SWFslwCbejl4BjD26zkYihb9aS11Ktrxcs6lu5sTCihyvEvWyHuA4
HIbx5oyp95Vkh4i5WOuzULhWebtalmAeqszr6zWXGPMACZ51KY3a/+CPBMDCHATH
+rpqgjM0XuYroySCZQa4D6v5RBvVQuHGXduNo6wy55WKg0oNK1N+CVmowNqDAgMB
AAGjggLJMIICxTAdBgNVHQ4EFgQUpUQLGOddDHX4M0+0+WVU9A20pgswHwYDVR0j
BBgwFoAUyYy6+htjRh9xgdIMBctsg7SnUrQwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9GREZGMTE4OEMyQjA1MEJFMjQ2RTZFMjg0NzVDODM4QzlE
RTQxMzRGRjJFREE2NzFBMjg1OUUwMkY1QzdFRTgxLzAvQzk4Q0JBRkExQjYzNDYx
RjcxODFEMjBDMDVDQjZDODNCNEE3NTJCNC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9DOThDQkFGQTFCNjM0NjFGNzE4
MUQyMEMwNUNCNkM4M0I0QTc1MkI0LmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvRkRGRjExODhDMkIwNTBCRTI0NkU2RTI4NDc1QzgzOEM5REU0MTM0RkYy
RURBNjcxQTI4NTlFMDJGNUM3RUU4MS8wLzMyMzgzMDMzM2E2MjYxMzEzMDNhM2Ey
ZjMzMzIyZDM0MzgyMDNkM2UyMDMyMzczMTM5MzMzNC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACgDuhAw
DQYJKoZIhvcNAQELBQADggEBAJXICU89zszofe5ICR0gWHqycq+YrZ2Oy4yCyjMp
oeRWeyIBl97cmvRAsmfGrVYjdy+CMLaIRn2kBaDhxMLoQd3ORR0aPWM2yrPZi7hU
rO0nzqeausKRDB3ZStNKYaRrvpLB7SbsvnOPWRfPsaTyRKo4xq9t1YXenTDs2jf3
d8JwviYPLd87Gq2xXcB2p1/zMsxHA9xxb8Lsf3fUrVb4y9J3mTRjN9v500SaYbG4
ppQ9lD83kuQ3cO0X5faiIZtvh+7dsE34uKYY8kc93ATjZ4KLnULX+GTTSk/w3Gn4
POlNnOqEZ4BIy/n7JYkXrqPVf2BLtWRtIfIG0jBd3tePfwc=
-----END CERTIFICATE-----