Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/1ef4b066-e4d2-4e53-839e-8bdffb17a52b/3db7da8426a6b288faa0928755e69b3d55cb161c.roa
File:                     3db7da8426a6b288faa0928755e69b3d55cb161c.roa (raw, json)
Hash identifier:          8LlSrDsdDLrBYIIfzUTzdmACyFwoWPoYkYFvEgWsRTU=
Subject key identifier:   40:20:14:DB:BA:6E:BC:F6:C1:A7:FF:01:1D:22:B1:39:78:0E:36:00
Certificate issuer:       /CN=ce24136a35f10502f080a99eec6f12882d2f04fa
Certificate serial:       10A596
Authority key identifier: 2B:BF:EF:19:5F:7B:40:83:DF:37:7B:2F:FB:C7:7B:50:DD:10:0A:E3
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ce24136a35f10502f080a99eec6f12882d2f04fa.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/1ef4b066-e4d2-4e53-839e-8bdffb17a52b/3db7da8426a6b288faa0928755e69b3d55cb161c.roa
Signing time:             Wed 03 Nov 2021 14:26:53 +0000
ROA not before:           Tue 13 Apr 2021 03:00:00 +0000
ROA not after:            Thu 13 Apr 2023 03:00:00 +0000
asID:                     40676
IP address blocks:        191.96.68.0/23 maxlen: 24
                          179.61.197.0/24 maxlen: 24
                          181.214.15.0/24 maxlen: 24
                          181.214.105.0/24 maxlen: 24
                          191.96.66.0/24 maxlen: 24
                          191.96.68.0/24 maxlen: 24
                          181.214.250.0/24 maxlen: 24
                          191.101.186.0/24 maxlen: 24
                          181.214.93.0/24 maxlen: 24
                          181.214.94.0/24 maxlen: 24
                          179.61.238.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1090966 (0x10a596)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ce24136a35f10502f080a99eec6f12882d2f04fa
        Validity
            Not Before: Apr 13 03:00:00 2021 GMT
            Not After : Apr 13 03:00:00 2023 GMT
        Subject: CN=3db7da8426a6b288faa0928755e69b3d55cb161c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:84:b7:72:c5:51:b7:e4:d5:ac:f0:1f:74:6a:
                    58:27:c7:29:30:e0:d7:d8:5a:ab:d1:52:68:6d:b8:
                    23:28:1a:e3:7a:e0:ed:3e:d3:c7:53:41:dc:02:3b:
                    fc:b6:67:08:ab:5c:60:10:10:f6:d0:7c:0a:b1:ee:
                    a0:f9:7b:0b:ec:cd:40:dc:4c:34:a5:5c:25:13:1f:
                    c6:ee:da:9b:00:72:78:c9:a4:fb:2e:c5:b7:fa:5d:
                    13:23:9b:47:61:08:ef:07:2e:be:4f:8c:a7:64:47:
                    fa:eb:19:1a:b0:54:e6:69:e0:fd:29:97:52:42:c7:
                    7a:41:90:d2:b5:8e:a3:e8:e2:92:b0:2f:73:43:6b:
                    93:7d:fa:6f:67:ac:fc:e9:ff:53:71:a8:a2:62:00:
                    e0:c5:27:78:7d:54:64:63:cc:16:a1:8e:37:a5:a1:
                    49:22:a9:d7:55:48:a0:d3:09:f7:52:30:4e:1d:88:
                    de:6b:e7:93:f4:b2:14:0e:d7:d1:09:04:dc:8c:e1:
                    e6:e6:33:f6:49:74:83:96:e4:f3:f2:4b:c6:9d:ce:
                    b7:5d:58:29:48:e4:3f:54:ce:26:3d:92:d9:89:2a:
                    e7:23:6c:d5:8a:b2:4b:1c:fa:51:2a:f8:16:04:ad:
                    11:57:0c:41:13:00:52:53:22:93:a9:23:45:21:55:
                    ba:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                40:20:14:DB:BA:6E:BC:F6:C1:A7:FF:01:1D:22:B1:39:78:0E:36:00
            X509v3 Authority Key Identifier:
                keyid:2B:BF:EF:19:5F:7B:40:83:DF:37:7B:2F:FB:C7:7B:50:DD:10:0A:E3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ce24136a35f10502f080a99eec6f12882d2f04fa.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/1ef4b066-e4d2-4e53-839e-8bdffb17a52b/3db7da8426a6b288faa0928755e69b3d55cb161c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/1ef4b066-e4d2-4e53-839e-8bdffb17a52b/ce24136a35f10502f080a99eec6f12882d2f04fa.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  179.61.197.0/24
                  179.61.238.0/24
                  181.214.15.0/24
                  181.214.93.0-181.214.94.255
                  181.214.105.0/24
                  181.214.250.0/24
                  191.96.66.0/24
                  191.96.68.0/23
                  191.101.186.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5a:81:50:5f:39:38:fa:59:5b:ca:ec:77:7a:1f:0e:96:4a:71:
         db:80:d5:2e:19:fb:3e:bb:a9:3d:30:bb:74:1e:ee:9a:5f:83:
         d3:cb:fd:5d:7b:e2:f8:ee:b6:51:2e:a3:81:a1:b4:41:ae:3c:
         de:6f:95:06:a1:5f:ef:67:9e:8a:05:d5:d9:df:e6:df:66:e3:
         53:79:47:a2:ee:a1:d7:86:98:c0:b1:8a:51:d7:7b:98:81:8c:
         a6:6f:8e:43:f9:06:b0:5b:ba:7d:97:86:1a:fc:7a:19:50:58:
         4b:52:7f:f4:66:cd:e2:9a:97:94:9c:13:97:9b:fc:7f:ee:c0:
         0c:e7:a4:fa:7d:2c:2b:87:64:d4:d6:c3:5d:c0:36:2e:cd:11:
         87:00:29:02:50:37:5a:db:8d:b1:15:c0:8c:34:55:e7:10:7e:
         48:b3:17:86:e7:90:3c:ad:3d:07:10:63:fe:76:e2:65:41:0f:
         76:98:e0:c6:87:2e:a7:37:b8:e6:88:f3:51:98:92:98:57:e5:
         9e:21:b2:51:20:db:cf:ff:c3:e0:6d:8e:71:fe:41:fb:2f:95:
         67:e7:a3:8f:9e:4f:df:5e:b2:37:f3:f3:63:09:a1:a8:fa:36:
         22:00:56:73:85:e9:d0:62:d3:f9:92:d0:0b:38:75:69:b3:c1:
         22:aa:87:08
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgIDEKWWMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGNl
MjQxMzZhMzVmMTA1MDJmMDgwYTk5ZWVjNmYxMjg4MmQyZjA0ZmEwHhcNMjEwNDEz
MDMwMDAwWhcNMjMwNDEzMDMwMDAwWjAzMTEwLwYDVQQDEygzZGI3ZGE4NDI2YTZi
Mjg4ZmFhMDkyODc1NWU2OWIzZDU1Y2IxNjFjMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAiIS3csVRt+TVrPAfdGpYJ8cpMODX2Fqr0VJobbgjKBrjeuDt
PtPHU0HcAjv8tmcIq1xgEBD20HwKse6g+XsL7M1A3Ew0pVwlEx/G7tqbAHJ4yaT7
LsW3+l0TI5tHYQjvBy6+T4ynZEf66xkasFTmaeD9KZdSQsd6QZDStY6j6OKSsC9z
Q2uTffpvZ6z86f9TcaiiYgDgxSd4fVRkY8wWoY43paFJIqnXVUig0wn3UjBOHYje
a+eT9LIUDtfRCQTcjOHm5jP2SXSDluTz8kvGnc63XVgpSOQ/VM4mPZLZiSrnI2zV
irJLHPpRKvgWBK0RVwxBEwBSUyKTqSNFIVW6sQIDAQABo4ICkzCCAo8wHQYDVR0O
BBYEFEAgFNu6brz2waf/AR0isTl4DjYAMB8GA1UdIwQYMBaAFCu/7xlfe0CD3zd7
L/vHe1DdEArjMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvY2UyNDEz
NmEzNWYxMDUwMmYwODBhOTllZWM2ZjEyODgyZDJmMDRmYS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMWVmNGIwNjYtZTRkMi00ZTUzLTgzOWUtOGJkZmZi
MTdhNTJiLzNkYjdkYTg0MjZhNmIyODhmYWEwOTI4NzU1ZTY5YjNkNTVjYjE2MWMu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8xZWY0YjA2Ni1lNGQyLTRlNTMtODM5ZS04YmRm
ZmIxN2E1MmIvY2UyNDEzNmEzNWYxMDUwMmYwODBhOTllZWM2ZjEyODgyZDJmMDRm
YS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBXBggrBgEFBQcBBwEB/wRI
MEYwRAQCAAEwPgMEALM9xQMEALM97gMEALXWDzAMAwQAtdZdAwQAtdZeAwQAtdZp
AwQAtdb6AwQAv2BCAwQBv2BEAwQAv2W6MA0GCSqGSIb3DQEBCwUAA4IBAQBagVBf
OTj6WVvK7Hd6Hw6WSnHbgNUuGfs+u6k9MLt0Hu6aX4PTy/1de+L47rZRLqOBobRB
rjzeb5UGoV/vZ56KBdXZ3+bfZuNTeUei7qHXhpjAsYpR13uYgYymb45D+QawW7p9
l4Ya/HoZUFhLUn/0Zs3impeUnBOXm/x/7sAM56T6fSwrh2TU1sNdwDYuzRGHACkC
UDda242xFcCMNFXnEH5IsxeG55A8rT0HEGP+duJlQQ92mODGhy6nN7jmiPNRmJKY
V+WeIbJRINvP/8PgbY5x/kH7L5Vn56OPnk/fXrI38/NjCaGo+jYiAFZzhenQYtP5
ktALOHVps8EiqocI
-----END CERTIFICATE-----