Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/1ef4b066-e4d2-4e53-839e-8bdffb17a52b/577dcef9be7a00ffe722c99d07c99cfbf73c69eb.roa
File:                     577dcef9be7a00ffe722c99d07c99cfbf73c69eb.roa (raw, json)
Hash identifier:          J/IX/pvcuyU/ULNauyQ3XCjBctxXADbmPBTvYiMjiFE=
Subject key identifier:   8D:B8:F9:FD:71:F6:97:AE:A7:E5:09:7E:6C:23:51:DB:DD:6A:D2:6F
Certificate issuer:       /CN=ce24136a35f10502f080a99eec6f12882d2f04fa
Certificate serial:       160311
Authority key identifier: 2B:BF:EF:19:5F:7B:40:83:DF:37:7B:2F:FB:C7:7B:50:DD:10:0A:E3
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ce24136a35f10502f080a99eec6f12882d2f04fa.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/1ef4b066-e4d2-4e53-839e-8bdffb17a52b/577dcef9be7a00ffe722c99d07c99cfbf73c69eb.roa
Signing time:             Thu 10 Feb 2022 19:18:46 +0000
ROA not before:           Tue 13 Apr 2021 03:00:00 +0000
ROA not after:            Thu 13 Apr 2023 03:00:00 +0000
asID:                     40676
IP address blocks:        191.96.68.0/23 maxlen: 24
                          179.61.197.0/24 maxlen: 24
                          181.214.15.0/24 maxlen: 24
                          181.214.105.0/24 maxlen: 24
                          191.96.66.0/24 maxlen: 24
                          191.96.68.0/24 maxlen: 24
                          181.214.250.0/24 maxlen: 24
                          191.101.186.0/24 maxlen: 24
                          181.214.93.0/24 maxlen: 24
                          181.214.94.0/24 maxlen: 24
                          179.61.238.0/24 maxlen: 24
                          179.61.217.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1442577 (0x160311)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ce24136a35f10502f080a99eec6f12882d2f04fa
        Validity
            Not Before: Apr 13 03:00:00 2021 GMT
            Not After : Apr 13 03:00:00 2023 GMT
        Subject: CN=577dcef9be7a00ffe722c99d07c99cfbf73c69eb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:0d:74:ef:37:68:f6:37:99:2f:27:7b:8e:e5:
                    c9:c6:44:43:ae:59:82:b1:08:b0:cb:f4:c5:12:3d:
                    9e:b0:b9:bc:36:46:da:ce:d2:d1:78:cf:e3:f5:1a:
                    c5:01:79:b1:cd:51:e5:42:3b:8d:4b:b9:66:6f:a1:
                    f0:e7:50:f9:b3:e8:ce:72:21:d5:c5:b8:82:3b:aa:
                    ca:cb:20:e9:b0:e1:8c:c1:64:eb:c1:8e:dc:03:64:
                    0e:bb:e1:9c:49:07:c7:6c:e1:38:5c:38:96:7c:28:
                    54:71:17:7a:da:8d:6d:ee:2a:89:f3:6f:a4:e0:a3:
                    7e:88:a4:82:f8:68:24:87:51:7d:ab:ae:fc:bb:4c:
                    e0:e5:88:2e:cd:45:6c:87:ab:ba:2e:60:d9:15:30:
                    5d:6c:86:0c:a4:90:cd:7c:63:30:46:db:4e:de:e3:
                    0a:b0:f1:bd:b2:4f:42:3f:23:67:e0:30:08:df:45:
                    ab:fe:76:7e:e5:49:69:06:01:33:77:50:93:9e:2f:
                    ba:ca:29:90:8c:2d:f7:d0:f4:d9:0e:f9:b6:0e:d0:
                    dc:c8:85:38:ff:eb:d0:e6:ac:36:7b:50:8d:2f:e7:
                    f4:8b:bf:e5:42:d3:70:07:7e:1d:a4:1e:e3:ad:31:
                    ef:e0:5c:07:dd:1d:e4:cb:aa:d4:dd:b0:e8:50:3a:
                    cc:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8D:B8:F9:FD:71:F6:97:AE:A7:E5:09:7E:6C:23:51:DB:DD:6A:D2:6F
            X509v3 Authority Key Identifier:
                keyid:2B:BF:EF:19:5F:7B:40:83:DF:37:7B:2F:FB:C7:7B:50:DD:10:0A:E3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ce24136a35f10502f080a99eec6f12882d2f04fa.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/1ef4b066-e4d2-4e53-839e-8bdffb17a52b/577dcef9be7a00ffe722c99d07c99cfbf73c69eb.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/1ef4b066-e4d2-4e53-839e-8bdffb17a52b/ce24136a35f10502f080a99eec6f12882d2f04fa.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  179.61.197.0/24
                  179.61.217.0/24
                  179.61.238.0/24
                  181.214.15.0/24
                  181.214.93.0-181.214.94.255
                  181.214.105.0/24
                  181.214.250.0/24
                  191.96.66.0/24
                  191.96.68.0/23
                  191.101.186.0/24

    Signature Algorithm: sha256WithRSAEncryption
         85:cd:e3:bd:e1:a4:6f:54:9d:c1:9c:56:72:6d:57:95:c2:f7:
         7d:49:30:2e:80:97:4f:9d:0b:90:e8:0c:05:23:48:63:99:d0:
         58:16:8b:5d:85:e9:28:0d:cc:44:5f:a2:92:2a:8f:85:6d:c8:
         43:21:d6:59:b4:92:e5:2a:f6:b2:0c:18:a1:1b:f0:f6:b3:87:
         ae:80:26:dd:c0:6e:bd:40:89:b2:6c:20:e5:27:2c:cf:a1:c2:
         0a:36:b3:cf:b1:6b:7a:9f:e9:91:3c:21:ea:da:78:98:9e:f9:
         b9:fc:40:39:ef:2c:d9:0f:29:e0:a6:61:04:a2:7d:b2:b5:78:
         74:81:27:1b:3d:13:5c:1d:dd:6e:2c:8f:42:cd:ce:0d:5d:47:
         f6:f3:08:a0:be:3a:ed:43:ba:ef:d9:38:a2:70:22:31:cd:39:
         8f:12:1a:90:ea:fb:f0:c5:8e:e1:c3:c7:3d:ad:15:75:c0:48:
         81:ac:f8:76:88:f4:8e:de:7e:be:ab:58:62:f6:95:7d:a5:88:
         90:86:6c:b9:ab:61:db:e2:e0:cb:8b:7d:fe:ec:69:4a:04:69:
         39:9c:60:e6:e2:14:0b:72:48:22:cf:d7:41:1e:14:ce:d4:88:
         b9:1d:d3:b8:77:b2:00:df:28:8c:fe:ef:8e:88:5a:7a:6c:98:
         ff:13:19:f0
-----BEGIN CERTIFICATE-----
MIIFfjCCBGagAwIBAgIDFgMRMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGNl
MjQxMzZhMzVmMTA1MDJmMDgwYTk5ZWVjNmYxMjg4MmQyZjA0ZmEwHhcNMjEwNDEz
MDMwMDAwWhcNMjMwNDEzMDMwMDAwWjAzMTEwLwYDVQQDEyg1NzdkY2VmOWJlN2Ew
MGZmZTcyMmM5OWQwN2M5OWNmYmY3M2M2OWViMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAuQ107zdo9jeZLyd7juXJxkRDrlmCsQiwy/TFEj2esLm8Nkba
ztLReM/j9RrFAXmxzVHlQjuNS7lmb6Hw51D5s+jOciHVxbiCO6rKyyDpsOGMwWTr
wY7cA2QOu+GcSQfHbOE4XDiWfChUcRd62o1t7iqJ82+k4KN+iKSC+Ggkh1F9q678
u0zg5YguzUVsh6u6LmDZFTBdbIYMpJDNfGMwRttO3uMKsPG9sk9CPyNn4DAI30Wr
/nZ+5UlpBgEzd1CTni+6yimQjC330PTZDvm2DtDcyIU4/+vQ5qw2e1CNL+f0i7/l
QtNwB34dpB7jrTHv4FwH3R3ky6rU3bDoUDrM9wIDAQABo4ICmTCCApUwHQYDVR0O
BBYEFI24+f1x9peup+UJfmwjUdvdatJvMB8GA1UdIwQYMBaAFCu/7xlfe0CD3zd7
L/vHe1DdEArjMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvY2UyNDEz
NmEzNWYxMDUwMmYwODBhOTllZWM2ZjEyODgyZDJmMDRmYS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMWVmNGIwNjYtZTRkMi00ZTUzLTgzOWUtOGJkZmZi
MTdhNTJiLzU3N2RjZWY5YmU3YTAwZmZlNzIyYzk5ZDA3Yzk5Y2ZiZjczYzY5ZWIu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8xZWY0YjA2Ni1lNGQyLTRlNTMtODM5ZS04YmRm
ZmIxN2E1MmIvY2UyNDEzNmEzNWYxMDUwMmYwODBhOTllZWM2ZjEyODgyZDJmMDRm
YS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBggrBgEFBQcBBwEB/wRO
MEwwSgQCAAEwRAMEALM9xQMEALM92QMEALM97gMEALXWDzAMAwQAtdZdAwQAtdZe
AwQAtdZpAwQAtdb6AwQAv2BCAwQBv2BEAwQAv2W6MA0GCSqGSIb3DQEBCwUAA4IB
AQCFzeO94aRvVJ3BnFZybVeVwvd9STAugJdPnQuQ6AwFI0hjmdBYFotdhekoDcxE
X6KSKo+FbchDIdZZtJLlKvayDBihG/D2s4eugCbdwG69QImybCDlJyzPocIKNrPP
sWt6n+mRPCHq2niYnvm5/EA57yzZDyngpmEEon2ytXh0gScbPRNcHd1uLI9Czc4N
XUf28wigvjrtQ7rv2TiicCIxzTmPEhqQ6vvwxY7hw8c9rRV1wEiBrPh2iPSO3n6+
q1hi9pV9pYiQhmy5q2Hb4uDLi33+7GlKBGk5nGDm4hQLckgiz9dBHhTO1Ii5HdO4
d7IA3yiM/u+OiFp6bJj/Exnw
-----END CERTIFICATE-----