Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/1dae3a98-a428-47cf-942e-c76eecde42aa/e62380f4372c8c11b06013886b9739c9eb924ddf.roa
File:                     e62380f4372c8c11b06013886b9739c9eb924ddf.roa (raw, json)
Hash identifier:          5q9jKh6KWAxAu3gBkOmIBmj6+1mtMHoTM3D2fbpVwd8=
Subject key identifier:   F6:44:F8:47:66:14:7E:A8:D2:7C:2A:A6:4D:CD:A0:C4:70:D9:EA:50
Certificate issuer:       /CN=618d81debd8e70398acd1f9298d63fe47bdc09ff
Certificate serial:       114EBB
Authority key identifier: B6:98:DB:EB:36:C6:DC:92:DA:A3:B7:29:1A:9C:7D:65:8C:62:77:DD
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/618d81debd8e70398acd1f9298d63fe47bdc09ff.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/1dae3a98-a428-47cf-942e-c76eecde42aa/e62380f4372c8c11b06013886b9739c9eb924ddf.roa
Signing time:             Mon 16 Jan 2023 18:33:33 +0000
ROA not before:           Thu 12 Jan 2023 14:34:43 +0000
ROA not after:            Thu 16 Jan 2025 14:34:43 +0000
asID:                     10778
IP address blocks:        200.2.192.0/19 maxlen: 24
                          200.2.224.0/19 maxlen: 24
                          200.14.80.0/24 maxlen: 24
                          200.29.0.0/19 maxlen: 24
                          200.29.64.0/19 maxlen: 24
                          2800:8::/32 maxlen: 48

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1134267 (0x114ebb)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=618d81debd8e70398acd1f9298d63fe47bdc09ff
        Validity
            Not Before: Jan 12 14:34:43 2023 GMT
            Not After : Jan 16 14:34:43 2025 GMT
        Subject: CN=e62380f4372c8c11b06013886b9739c9eb924ddf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:93:17:a3:00:87:ce:fa:d7:a7:25:e3:cb:56:
                    96:95:ec:28:04:b9:75:17:47:81:28:f1:5b:00:3a:
                    27:00:47:bb:69:eb:c9:ea:85:07:dd:b7:20:bb:56:
                    9c:d7:26:3a:cb:ae:9e:0d:39:21:92:50:48:03:e7:
                    97:76:08:23:54:cc:c8:70:a0:03:11:4c:d0:d2:d6:
                    af:44:31:31:5d:08:f6:b0:14:f3:f0:70:dd:e7:3e:
                    5f:62:83:20:2b:ee:81:b6:3e:43:93:f5:93:64:1b:
                    1e:79:25:ef:83:07:6c:12:a7:6d:50:19:b6:e5:04:
                    e3:19:75:1f:bd:dc:1f:28:03:66:2b:18:6f:cc:5b:
                    c2:2d:36:90:b5:d7:4c:f1:ba:7c:27:c7:3f:43:4e:
                    fc:f2:62:69:cf:14:5c:17:47:c8:4b:83:71:4a:96:
                    eb:b4:78:c8:16:00:87:3d:f1:a0:45:91:48:5c:03:
                    4d:7e:7a:8f:58:7b:d8:1f:b8:58:7b:09:61:71:f9:
                    07:fe:c5:9e:d3:2d:d5:73:9e:4f:f3:de:eb:c5:f1:
                    6b:ef:77:3e:36:d2:f3:ef:b2:1f:30:6b:51:fa:c9:
                    e2:a8:60:60:ae:45:dd:d9:b5:0b:7c:71:7c:74:75:
                    80:01:68:87:8f:30:b3:0b:fc:f9:cf:66:37:4e:df:
                    77:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F6:44:F8:47:66:14:7E:A8:D2:7C:2A:A6:4D:CD:A0:C4:70:D9:EA:50
            X509v3 Authority Key Identifier:
                keyid:B6:98:DB:EB:36:C6:DC:92:DA:A3:B7:29:1A:9C:7D:65:8C:62:77:DD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/618d81debd8e70398acd1f9298d63fe47bdc09ff.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/1dae3a98-a428-47cf-942e-c76eecde42aa/e62380f4372c8c11b06013886b9739c9eb924ddf.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/1dae3a98-a428-47cf-942e-c76eecde42aa/618d81debd8e70398acd1f9298d63fe47bdc09ff.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.2.192.0/18
                  200.14.80.0/24
                  200.29.0.0/19
                  200.29.64.0/19
                IPv6:
                  2800:8::/32

    Signature Algorithm: sha256WithRSAEncryption
         5a:93:61:d0:94:f4:28:a4:b7:eb:97:6c:b6:89:20:bd:42:f2:
         76:5d:27:a8:5e:b7:d1:86:f2:26:46:d0:7c:f8:ad:97:97:1d:
         d7:b0:24:7d:d2:fc:c8:64:08:73:ef:40:98:cd:7f:19:fa:61:
         a3:ad:5f:12:a6:65:92:4b:0a:c9:16:64:2f:6f:5c:46:1c:60:
         80:15:dd:c5:e6:6f:dc:26:75:2d:b0:1d:b0:ee:2b:bf:cf:90:
         43:32:56:4e:f6:14:33:56:bb:e9:00:39:ff:4a:2b:a4:2f:9b:
         4d:3a:e7:bc:18:1c:93:2f:b7:e9:5a:3b:8a:22:77:2b:32:e2:
         fe:ea:89:79:4e:54:56:dc:11:3f:28:18:63:de:ab:9b:b9:73:
         b1:63:d8:d8:fc:3b:ee:2e:22:7c:a8:3c:56:0d:01:a0:21:89:
         02:be:26:25:66:dd:c1:97:2e:08:56:3c:c3:1e:34:fa:89:c0:
         3b:01:b0:cc:30:7f:0a:0f:72:ec:b2:1b:27:75:fd:9c:7c:70:
         7f:5f:53:d4:d4:9f:5c:95:e2:f3:8f:58:50:ab:37:be:9c:59:
         b3:f4:09:4c:7a:f8:a4:18:72:6d:51:c2:9d:d6:de:c2:2d:80:
         c6:9b:bc:ca:39:99:50:2f:7e:a5:90:f5:35:a8:ae:50:7b:1b:
         d5:66:8a:e9
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIDEU67MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDYx
OGQ4MWRlYmQ4ZTcwMzk4YWNkMWY5Mjk4ZDYzZmU0N2JkYzA5ZmYwHhcNMjMwMTEy
MTQzNDQzWhcNMjUwMTE2MTQzNDQzWjAzMTEwLwYDVQQDEyhlNjIzODBmNDM3MmM4
YzExYjA2MDEzODg2Yjk3MzljOWViOTI0ZGRmMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA1ZMXowCHzvrXpyXjy1aWlewoBLl1F0eBKPFbADonAEe7aevJ
6oUH3bcgu1ac1yY6y66eDTkhklBIA+eXdggjVMzIcKADEUzQ0tavRDExXQj2sBTz
8HDd5z5fYoMgK+6Btj5Dk/WTZBseeSXvgwdsEqdtUBm25QTjGXUfvdwfKANmKxhv
zFvCLTaQtddM8bp8J8c/Q0788mJpzxRcF0fIS4NxSpbrtHjIFgCHPfGgRZFIXANN
fnqPWHvYH7hYewlhcfkH/sWe0y3Vc55P897rxfFr73c+NtLz77IfMGtR+sniqGBg
rkXd2bULfHF8dHWAAWiHjzCzC/z5z2Y3Tt93ZwIDAQABo4ICfDCCAngwHQYDVR0O
BBYEFPZE+EdmFH6o0nwqpk3NoMRw2epQMB8GA1UdIwQYMBaAFLaY2+s2xtyS2qO3
KRqcfWWMYnfdMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvNjE4ZDgx
ZGViZDhlNzAzOThhY2QxZjkyOThkNjNmZTQ3YmRjMDlmZi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMWRhZTNhOTgtYTQyOC00N2NmLTk0MmUtYzc2ZWVj
ZGU0MmFhL2U2MjM4MGY0MzcyYzhjMTFiMDYwMTM4ODZiOTczOWM5ZWI5MjRkZGYu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8xZGFlM2E5OC1hNDI4LTQ3Y2YtOTQyZS1jNzZl
ZWNkZTQyYWEvNjE4ZDgxZGViZDhlNzAzOThhY2QxZjkyOThkNjNmZTQ3YmRjMDlm
Zi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBABggrBgEFBQcBBwEB/wQx
MC8wHgQCAAEwGAMEBsgCwAMEAMgOUAMEBcgdAAMEBcgdQDANBAIAAjAHAwUAKAAA
CDANBgkqhkiG9w0BAQsFAAOCAQEAWpNh0JT0KKS365dstokgvULydl0nqF630Yby
JkbQfPitl5cd17AkfdL8yGQIc+9AmM1/Gfpho61fEqZlkksKyRZkL29cRhxggBXd
xeZv3CZ1LbAdsO4rv8+QQzJWTvYUM1a76QA5/0orpC+bTTrnvBgcky+36Vo7iiJ3
KzLi/uqJeU5UVtwRPygYY96rm7lzsWPY2Pw77i4ifKg8Vg0BoCGJAr4mJWbdwZcu
CFY8wx40+onAOwGwzDB/Cg9y7LIbJ3X9nHxwf19T1NSfXJXi849YUKs3vpxZs/QJ
THr4pBhybVHCndbewi2Axpu8yjmZUC9+pZD1NaiuUHsb1WaK6Q==
-----END CERTIFICATE-----