Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/127e4095-2f45-4ec9-8f75-e799385fbad0/445db68931456f4f6ee7f4de95a5108cc8706d11.roa
File:                     445db68931456f4f6ee7f4de95a5108cc8706d11.roa (raw, json)
Hash identifier:          pHaD4BOh8JtmFHSPSOChBjtQK9BHqM6RA/VTI392L/w=
Subject key identifier:   26:6C:24:3A:39:67:C7:08:4F:7C:18:4B:13:43:11:F7:54:05:23:1D
Certificate issuer:       /CN=797fbc6cdda2f3661b2a335060cb84d808706659
Certificate serial:       24AD50
Authority key identifier: 2B:62:77:3F:02:D2:1B:26:DA:9D:06:63:62:D0:AC:29:75:5F:69:49
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/797fbc6cdda2f3661b2a335060cb84d808706659.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/127e4095-2f45-4ec9-8f75-e799385fbad0/445db68931456f4f6ee7f4de95a5108cc8706d11.roa
Signing time:             Fri 21 Jul 2023 20:55:44 +0000
ROA not before:           Thu 20 Jul 2023 20:54:57 +0000
ROA not after:            Mon 21 Jul 2025 20:54:57 +0000
asID:                     52444
IP address blocks:        200.41.121.0/24 maxlen: 24
                          201.234.90.0/24 maxlen: 24
                          201.234.104.0/24 maxlen: 24
                          201.234.100.0/25 maxlen: 25
                          201.234.100.128/26 maxlen: 26
                          201.234.32.0/24 maxlen: 24
                          201.234.46.0/24 maxlen: 24
                          190.216.26.80/28 maxlen: 28
                          200.49.1.0/24 maxlen: 24
                          190.216.61.0/24 maxlen: 24
                          200.41.21.0/24 maxlen: 24
                          200.32.122.128/26 maxlen: 26
                          201.234.152.128/26 maxlen: 26
                          190.216.49.128/26 maxlen: 26

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2403664 (0x24ad50)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=797fbc6cdda2f3661b2a335060cb84d808706659
        Validity
            Not Before: Jul 20 20:54:57 2023 GMT
            Not After : Jul 21 20:54:57 2025 GMT
        Subject: CN=445db68931456f4f6ee7f4de95a5108cc8706d11
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:af:98:3c:9d:0c:de:d3:eb:24:63:71:4f:c7:
                    cd:8b:a3:d8:b6:be:a2:c6:67:95:b9:6f:f0:f8:0f:
                    64:14:8c:b5:04:cd:f0:5c:23:0d:f5:ce:f4:2a:14:
                    92:0c:e2:f7:83:08:e2:fa:e0:49:25:0a:4c:25:8e:
                    7c:d5:96:11:18:57:26:2b:db:56:f4:36:7c:62:57:
                    5e:ae:0a:3c:91:da:38:4e:e1:9f:5a:e5:78:dc:e5:
                    91:1f:c7:18:d8:e8:ff:21:68:7e:1f:3e:ae:b6:d8:
                    bc:cc:5e:f0:2b:b1:4f:1e:d7:82:d2:9b:9f:09:e3:
                    21:8f:cd:4b:d3:c1:d1:ce:2d:81:03:7a:2c:d4:09:
                    af:89:71:28:c1:82:e2:c1:3c:44:24:46:5e:73:2d:
                    64:fa:6b:aa:cd:eb:d2:32:cf:ed:f4:48:bf:c6:62:
                    8b:10:18:0d:df:d0:72:f3:74:f8:64:5e:39:62:9c:
                    14:a6:b5:9e:87:42:17:32:53:08:4c:32:08:96:a9:
                    54:8a:c2:03:a8:b4:a8:39:47:50:66:7e:7f:d6:3e:
                    4c:e7:81:b7:5f:9d:ac:31:40:77:ca:31:fb:b9:e8:
                    fc:d7:92:cb:64:e9:91:a7:ef:f2:91:d4:ec:95:03:
                    a6:f2:b3:59:62:2b:0d:38:de:b2:3f:80:0f:1a:ac:
                    35:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                26:6C:24:3A:39:67:C7:08:4F:7C:18:4B:13:43:11:F7:54:05:23:1D
            X509v3 Authority Key Identifier:
                keyid:2B:62:77:3F:02:D2:1B:26:DA:9D:06:63:62:D0:AC:29:75:5F:69:49

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/797fbc6cdda2f3661b2a335060cb84d808706659.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/127e4095-2f45-4ec9-8f75-e799385fbad0/445db68931456f4f6ee7f4de95a5108cc8706d11.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/127e4095-2f45-4ec9-8f75-e799385fbad0/797fbc6cdda2f3661b2a335060cb84d808706659.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.216.26.80/28
                  190.216.49.128/26
                  190.216.61.0/24
                  200.32.122.128/26
                  200.41.21.0/24
                  200.41.121.0/24
                  200.49.1.0/24
                  201.234.32.0/24
                  201.234.46.0/24
                  201.234.90.0/24
                  201.234.100.0-201.234.100.191
                  201.234.104.0/24
                  201.234.152.128/26

    Signature Algorithm: sha256WithRSAEncryption
         43:8a:5c:4c:84:51:68:c0:a0:d0:f2:59:9a:d7:4c:6d:6d:6a:
         99:68:84:13:63:b6:99:80:f1:8d:b3:64:fa:4c:4b:d0:b2:b3:
         c1:4a:ef:29:e0:2d:5e:94:5a:d2:a7:79:d9:10:93:81:c3:b0:
         87:33:f6:d2:5f:2e:df:2f:20:39:a0:3e:bf:d4:0b:92:32:41:
         dc:cd:47:b2:90:a7:ed:25:8f:8b:39:41:26:c7:46:c0:39:c1:
         b9:0a:d2:90:15:dc:44:43:53:fd:c2:38:d6:9d:70:ac:49:64:
         5c:65:b7:7e:b1:39:2d:7f:24:63:d4:ae:68:69:3b:19:29:5b:
         56:27:4d:48:51:61:e8:f5:97:9e:30:d0:c0:b9:6d:d3:19:47:
         2c:ee:9b:36:1a:c8:64:00:e7:38:d8:46:ff:d7:4f:ba:54:7e:
         25:21:93:b7:73:7a:e2:db:4d:ba:23:1b:31:af:db:c3:b6:26:
         94:3b:11:a0:c6:37:35:8e:fd:0b:fc:9a:51:ec:f3:75:f5:49:
         b3:72:e3:81:76:5d:4d:73:f2:af:f0:05:c0:be:61:ac:3e:e2:
         fa:57:89:3d:0a:60:1d:ad:79:39:56:87:eb:d2:23:f6:10:6c:
         c1:3c:cf:24:cf:99:bc:e3:03:e6:64:77:9d:41:fe:65:4c:b4:
         81:e0:e0:ab
-----BEGIN CERTIFICATE-----
MIIFlTCCBH2gAwIBAgIDJK1QMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDc5
N2ZiYzZjZGRhMmYzNjYxYjJhMzM1MDYwY2I4NGQ4MDg3MDY2NTkwHhcNMjMwNzIw
MjA1NDU3WhcNMjUwNzIxMjA1NDU3WjAzMTEwLwYDVQQDEyg0NDVkYjY4OTMxNDU2
ZjRmNmVlN2Y0ZGU5NWE1MTA4Y2M4NzA2ZDExMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAj6+YPJ0M3tPrJGNxT8fNi6PYtr6ixmeVuW/w+A9kFIy1BM3w
XCMN9c70KhSSDOL3gwji+uBJJQpMJY581ZYRGFcmK9tW9DZ8Yldergo8kdo4TuGf
WuV43OWRH8cY2Oj/IWh+Hz6utti8zF7wK7FPHteC0pufCeMhj81L08HRzi2BA3os
1AmviXEowYLiwTxEJEZecy1k+muqzevSMs/t9Ei/xmKLEBgN39By83T4ZF45YpwU
prWeh0IXMlMITDIIlqlUisIDqLSoOUdQZn5/1j5M54G3X52sMUB3yjH7uej815LL
ZOmRp+/ykdTslQOm8rNZYisNON6yP4APGqw1SwIDAQABo4ICsDCCAqwwHQYDVR0O
BBYEFCZsJDo5Z8cIT3wYSxNDEfdUBSMdMB8GA1UdIwQYMBaAFCtidz8C0hsm2p0G
Y2LQrCl1X2lJMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvNzk3ZmJj
NmNkZGEyZjM2NjFiMmEzMzUwNjBjYjg0ZDgwODcwNjY1OS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMTI3ZTQwOTUtMmY0NS00ZWM5LThmNzUtZTc5OTM4
NWZiYWQwLzQ0NWRiNjg5MzE0NTZmNGY2ZWU3ZjRkZTk1YTUxMDhjYzg3MDZkMTEu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8xMjdlNDA5NS0yZjQ1LTRlYzktOGY3NS1lNzk5
Mzg1ZmJhZDAvNzk3ZmJjNmNkZGEyZjM2NjFiMmEzMzUwNjBjYjg0ZDgwODcwNjY1
OS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjB0BggrBgEFBQcBBwEB/wRl
MGMwYQQCAAEwWwMFBL7YGlADBQa+2DGAAwQAvtg9AwUGyCB6gAMEAMgpFQMEAMgp
eQMEAMgxAQMEAMnqIAMEAMnqLgMEAMnqWjANAwQCyepkAwUGyepkgAMEAMnqaAMF
BsnqmIAwDQYJKoZIhvcNAQELBQADggEBAEOKXEyEUWjAoNDyWZrXTG1taplohBNj
tpmA8Y2zZPpMS9Cys8FK7yngLV6UWtKnedkQk4HDsIcz9tJfLt8vIDmgPr/UC5Iy
QdzNR7KQp+0lj4s5QSbHRsA5wbkK0pAV3ERDU/3CONadcKxJZFxlt36xOS1/JGPU
rmhpOxkpW1YnTUhRYej1l54w0MC5bdMZRyzumzYayGQA5zjYRv/XT7pUfiUhk7dz
euLbTbojGzGv28O2JpQ7EaDGNzWO/Qv8mlHs83X1SbNy44F2XU1z8q/wBcC+Yaw+
4vpXiT0KYB2teTlWh+vSI/YQbME8zyTPmbzjA+Zkd51B/mVMtIHg4Ks=
-----END CERTIFICATE-----