Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/a2faf746-d171-49c1-880a-6b01fc6abf0a/34c6b89c2af1817e35100c3512301d83847a0e6a.roa
File:                     34c6b89c2af1817e35100c3512301d83847a0e6a.roa (raw, json)
Hash identifier:          hFdUu4b07EeiPOIdsBQUGJZxWyFvyxgBv/FYqyvJUxo=
Subject key identifier:   E2:F2:25:EA:14:E1:CC:BF:93:CF:D4:E6:72:2D:8E:96:C9:E9:CB:E5
Certificate issuer:       /CN=2dd8701adfa698cf087d5033d6ab2b23bbe67c59
Certificate serial:       22C860
Authority key identifier: 81:D3:8B:25:CC:79:CE:E0:94:9E:1F:43:09:0A:4E:E4:C7:49:B8:F7
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/2dd8701adfa698cf087d5033d6ab2b23bbe67c59.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/a2faf746-d171-49c1-880a-6b01fc6abf0a/34c6b89c2af1817e35100c3512301d83847a0e6a.roa
Signing time:             Mon 10 Jul 2023 11:49:42 +0000
ROA not before:           Sun 09 Jul 2023 11:49:42 +0000
ROA not after:            Thu 10 Jul 2025 11:49:42 +0000
asID:                     61508
IP address blocks:        2803:f240::/32 maxlen: 34
                          2803:f240::/36 maxlen: 36
                          2803:f240:1000::/36 maxlen: 36
                          2803:f240:2000::/36 maxlen: 36
                          2803:f240:3000::/36 maxlen: 36
                          2803:f240:4000::/36 maxlen: 36
                          2803:f240:5000::/36 maxlen: 36
                          2803:f240:6000::/36 maxlen: 36
                          2803:f240:7000::/36 maxlen: 36
                          2803:f240:8000::/36 maxlen: 40
                          2803:f240:8100::/40 maxlen: 40
                          2803:f240:9000::/36 maxlen: 36
                          2803:f240:a000::/36 maxlen: 36
                          2803:f240:b000::/36 maxlen: 36
                          2803:f240:c000::/36 maxlen: 36
                          2803:f240:d000::/36 maxlen: 36
                          2803:f240:e000::/36 maxlen: 36
                          2803:f240:f000::/36 maxlen: 36

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2279520 (0x22c860)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2dd8701adfa698cf087d5033d6ab2b23bbe67c59
        Validity
            Not Before: Jul  9 11:49:42 2023 GMT
            Not After : Jul 10 11:49:42 2025 GMT
        Subject: CN=34c6b89c2af1817e35100c3512301d83847a0e6a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:ff:e0:fc:d6:71:db:2e:f2:20:7f:2e:44:d9:
                    20:7c:97:15:2a:32:97:5e:82:0e:7e:44:5b:a3:87:
                    dd:91:62:42:8b:e5:05:1b:45:71:b3:6f:b5:af:1f:
                    7b:7d:2d:7e:9f:85:a3:d1:45:5d:89:eb:f7:97:0f:
                    1d:e1:3c:69:70:af:a3:ab:3a:9f:4f:a6:8a:c1:89:
                    65:64:44:da:69:1a:d1:9e:01:68:a9:ba:19:80:5d:
                    e7:4a:e8:fc:a2:85:16:00:d6:d4:05:23:10:97:4f:
                    0f:62:a3:11:04:41:35:66:1a:12:17:60:a7:67:48:
                    06:01:76:17:67:3d:66:99:77:21:b8:d6:62:ca:6b:
                    9a:f8:b2:39:35:a5:b0:f9:09:06:42:43:a2:f0:3e:
                    b0:bc:ec:d2:e5:53:e5:28:83:37:02:05:4b:ff:a2:
                    bc:fa:04:a1:6b:74:bc:cb:78:b1:49:0d:b4:ba:12:
                    41:92:66:68:11:53:47:46:d8:ca:a6:e6:dc:12:56:
                    f8:e5:98:70:1f:8a:ef:7c:c6:65:1c:82:dd:98:a0:
                    da:17:2a:c6:10:af:27:8b:fc:03:01:a2:e5:60:a5:
                    52:fb:82:56:69:20:c3:b7:77:4f:cf:07:3a:0d:8b:
                    b8:b2:a1:8f:b8:3e:39:e7:d8:ae:7a:59:0b:2e:be:
                    6e:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E2:F2:25:EA:14:E1:CC:BF:93:CF:D4:E6:72:2D:8E:96:C9:E9:CB:E5
            X509v3 Authority Key Identifier:
                keyid:81:D3:8B:25:CC:79:CE:E0:94:9E:1F:43:09:0A:4E:E4:C7:49:B8:F7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/2dd8701adfa698cf087d5033d6ab2b23bbe67c59.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/a2faf746-d171-49c1-880a-6b01fc6abf0a/34c6b89c2af1817e35100c3512301d83847a0e6a.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/a2faf746-d171-49c1-880a-6b01fc6abf0a/2dd8701adfa698cf087d5033d6ab2b23bbe67c59.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2803:f240::/32

    Signature Algorithm: sha256WithRSAEncryption
         24:50:d2:a3:11:d5:b9:fa:9a:3a:37:db:9f:f1:da:f4:b6:21:
         c6:84:e1:05:86:ab:82:ab:3a:94:74:f0:2f:1a:d4:b8:62:a5:
         df:31:1b:66:d0:08:c9:94:99:d5:25:00:06:aa:08:c0:59:d5:
         f2:fd:41:28:29:00:ff:d9:34:fe:bf:88:36:8f:68:c8:62:0e:
         66:83:10:b5:9c:3a:fb:78:ee:c1:a7:de:3a:0a:5c:24:44:e5:
         86:7c:3f:01:28:b2:f2:25:06:6e:bc:29:9e:a4:f6:ef:72:42:
         c0:b9:22:e0:21:fe:4f:6f:3d:92:38:9c:1b:6c:8d:08:97:a1:
         76:96:62:fb:01:06:67:15:bc:43:b9:67:5b:51:24:3a:4d:5f:
         15:c4:67:24:47:25:a9:c9:3a:24:e6:4d:96:23:f0:29:34:a8:
         1d:8d:94:49:f5:92:95:df:b9:37:c2:c9:a6:e5:72:cd:58:96:
         48:23:6e:46:bb:4d:71:c7:8e:92:ef:c6:7d:ab:68:f8:43:2a:
         dd:c5:0c:f1:96:ba:9d:9f:4e:8e:b3:be:a5:49:ed:90:ac:a3:
         d6:05:5f:17:1c:24:97:3f:79:8a:93:10:41:19:55:aa:8f:df:
         11:7a:57:26:99:53:b3:05:36:60:42:23:0d:27:4c:63:08:4e:
         68:f2:52:cc
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgIDIshgMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDJk
ZDg3MDFhZGZhNjk4Y2YwODdkNTAzM2Q2YWIyYjIzYmJlNjdjNTkwHhcNMjMwNzA5
MTE0OTQyWhcNMjUwNzEwMTE0OTQyWjAzMTEwLwYDVQQDEygzNGM2Yjg5YzJhZjE4
MTdlMzUxMDBjMzUxMjMwMWQ4Mzg0N2EwZTZhMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAjf/g/NZx2y7yIH8uRNkgfJcVKjKXXoIOfkRbo4fdkWJCi+UF
G0Vxs2+1rx97fS1+n4Wj0UVdiev3lw8d4TxpcK+jqzqfT6aKwYllZETaaRrRngFo
qboZgF3nSuj8ooUWANbUBSMQl08PYqMRBEE1ZhoSF2CnZ0gGAXYXZz1mmXchuNZi
ymua+LI5NaWw+QkGQkOi8D6wvOzS5VPlKIM3AgVL/6K8+gSha3S8y3ixSQ20uhJB
kmZoEVNHRtjKpubcElb45ZhwH4rvfMZlHILdmKDaFyrGEK8ni/wDAaLlYKVS+4JW
aSDDt3dPzwc6DYu4sqGPuD4559iuelkLLr5u3wIDAQABo4ICXDCCAlgwHQYDVR0O
BBYEFOLyJeoU4cy/k8/U5nItjpbJ6cvlMB8GA1UdIwQYMBaAFIHTiyXMec7glJ4f
QwkKTuTHSbj3MA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvMmRkODcw
MWFkZmE2OThjZjA4N2Q1MDMzZDZhYjJiMjNiYmU2N2M1OS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvYTJmYWY3NDYtZDE3MS00OWMxLTg4MGEtNmIwMWZj
NmFiZjBhLzM0YzZiODljMmFmMTgxN2UzNTEwMGMzNTEyMzAxZDgzODQ3YTBlNmEu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9hMmZhZjc0Ni1kMTcxLTQ5YzEtODgwYS02YjAx
ZmM2YWJmMGEvMmRkODcwMWFkZmE2OThjZjA4N2Q1MDMzZDZhYjJiMjNiYmU2N2M1
OS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQR
MA8wDQQCAAIwBwMFACgD8kAwDQYJKoZIhvcNAQELBQADggEBACRQ0qMR1bn6mjo3
25/x2vS2IcaE4QWGq4KrOpR08C8a1Lhipd8xG2bQCMmUmdUlAAaqCMBZ1fL9QSgp
AP/ZNP6/iDaPaMhiDmaDELWcOvt47sGn3joKXCRE5YZ8PwEosvIlBm68KZ6k9u9y
QsC5IuAh/k9vPZI4nBtsjQiXoXaWYvsBBmcVvEO5Z1tRJDpNXxXEZyRHJanJOiTm
TZYj8Ck0qB2NlEn1kpXfuTfCyablcs1Ylkgjbka7TXHHjpLvxn2raPhDKt3FDPGW
up2fTo6zvqVJ7ZCso9YFXxccJJc/eYqTEEEZVaqP3xF6VyaZU7MFNmBCIw0nTGMI
TmjyUsw=
-----END CERTIFICATE-----