Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/9421f502009f65ee28b0cdb0e8b495d17e293226.roa
File:                     9421f502009f65ee28b0cdb0e8b495d17e293226.roa (raw, json)
Hash identifier:          AnoPujzIDXzLZbXrmm33pcVvYtrOldQw9+O0a9JDuA0=
Subject key identifier:   60:EB:20:26:E7:5D:87:51:4F:8D:E7:F8:0D:18:F9:0B:3C:4C:0F:5F
Certificate issuer:       /CN=a883c910f879603b967c0636c6f3e9125b3651b5
Certificate serial:       0D5AE8
Authority key identifier: 47:A6:7F:38:4E:50:5D:26:62:07:3D:AB:35:56:E6:EE:46:F6:2E:71
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/a883c910f879603b967c0636c6f3e9125b3651b5.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/9421f502009f65ee28b0cdb0e8b495d17e293226.roa
Signing time:             Wed 24 Mar 2021 14:38:08 +0000
ROA not before:           Wed 24 Mar 2021 14:38:07 +0000
ROA not after:            Tue 24 Mar 2026 14:38:07 +0000
asID:                     11081
IP address blocks:        190.4.128.0/19 maxlen: 24
                          190.4.160.0/19 maxlen: 24
                          190.88.0.0/18 maxlen: 24
                          190.88.128.0/17 maxlen: 20
                          190.88.64.0/18 maxlen: 18
                          200.26.192.0/20 maxlen: 24
                          200.26.208.0/20 maxlen: 20
                          2800:2e0::/32 maxlen: 32

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 875240 (0xd5ae8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a883c910f879603b967c0636c6f3e9125b3651b5
        Validity
            Not Before: Mar 24 14:38:07 2021 GMT
            Not After : Mar 24 14:38:07 2026 GMT
        Subject: CN=9421f502009f65ee28b0cdb0e8b495d17e293226
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:db:fd:66:5f:65:17:97:1e:43:14:53:37:f6:
                    45:f6:3e:c0:b1:69:be:49:9f:fb:e8:10:f8:84:7a:
                    d8:73:5c:dc:2c:1e:fb:b6:ef:c5:8d:d0:4c:ad:24:
                    8c:d4:07:fb:fd:eb:c6:2d:67:88:02:62:bb:06:10:
                    76:cb:ab:4a:5b:64:9a:b4:6f:14:94:14:03:63:23:
                    5e:d0:1d:ba:78:46:f9:96:cc:1a:ab:74:7a:37:d1:
                    e3:74:e3:86:ef:68:06:6b:50:76:73:23:24:05:8f:
                    5e:b3:ba:cf:d6:3e:25:75:0a:96:59:2a:5c:70:30:
                    81:05:43:02:38:fa:da:21:41:c5:45:b4:9a:b9:de:
                    12:3f:20:05:2d:57:02:9b:d3:90:e5:3f:0a:3a:03:
                    b7:b8:87:4d:e6:10:05:9c:01:48:c8:04:c5:dc:a9:
                    bc:c1:f9:62:6f:33:83:54:ce:e3:8c:d9:68:54:c3:
                    1b:95:4d:98:b5:74:63:a7:4d:7b:32:1b:61:4b:43:
                    a6:9c:eb:57:a6:88:43:07:1a:7a:8f:05:42:bd:cc:
                    bf:0b:fe:0f:6d:ea:a3:25:77:41:e3:6a:8d:17:02:
                    52:67:fa:5e:50:81:91:6f:08:ed:e5:02:dd:4f:07:
                    d3:be:95:d8:55:d8:92:b9:a7:09:6f:62:77:c0:98:
                    c2:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                60:EB:20:26:E7:5D:87:51:4F:8D:E7:F8:0D:18:F9:0B:3C:4C:0F:5F
            X509v3 Authority Key Identifier:
                keyid:47:A6:7F:38:4E:50:5D:26:62:07:3D:AB:35:56:E6:EE:46:F6:2E:71

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/a883c910f879603b967c0636c6f3e9125b3651b5.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/9421f502009f65ee28b0cdb0e8b495d17e293226.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/a883c910f879603b967c0636c6f3e9125b3651b5.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.4.128.0/18
                  190.88.0.0/16
                  200.26.192.0/19
                IPv6:
                  2800:2e0::/32

    Signature Algorithm: sha256WithRSAEncryption
         06:d7:ff:72:7f:59:89:22:2b:f1:26:9d:ca:26:94:5c:a1:a5:
         b1:e2:3f:bc:b6:ba:31:b4:d7:5f:5d:51:bc:46:b6:d8:a1:93:
         b7:9b:72:38:c8:4d:08:c9:d5:17:8c:f0:61:42:70:7d:95:8e:
         b4:cd:f0:ff:52:52:64:72:d0:cc:d6:b6:83:9a:92:3e:ea:54:
         97:3a:0b:1d:8e:ae:bc:f0:9b:e9:c3:3e:e3:8d:64:8a:5b:50:
         8f:1c:43:8a:ea:76:b7:6b:1b:93:5f:d8:04:69:31:7b:15:fb:
         e9:6d:28:01:0d:44:dc:84:af:ac:04:03:be:cf:0d:12:52:06:
         e8:0b:a0:a8:a9:44:d0:d9:ad:da:29:bf:46:c2:ae:9d:33:e6:
         b6:ca:a3:e4:5d:ac:bb:e8:c3:d8:a1:82:1f:25:1f:4a:bf:7a:
         29:e9:7e:f0:59:43:b1:5d:09:b6:4f:1b:48:5c:35:a1:64:49:
         0e:9a:5c:09:5b:5d:59:d1:c2:64:80:ad:d1:f2:00:2c:10:c2:
         2a:2d:a6:1f:cd:d4:8b:14:3a:18:30:69:4e:b7:17:91:e1:84:
         50:25:d0:a8:c2:e4:42:38:9f:47:33:56:be:94:89:14:52:e5:
         15:8d:22:f5:be:1a:46:b4:50:5b:3a:68:ea:20:61:0b:9e:ec:
         3e:4d:89:41
-----BEGIN CERTIFICATE-----
MIIFWjCCBEKgAwIBAgIDDVroMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGE4
ODNjOTEwZjg3OTYwM2I5NjdjMDYzNmM2ZjNlOTEyNWIzNjUxYjUwHhcNMjEwMzI0
MTQzODA3WhcNMjYwMzI0MTQzODA3WjAzMTEwLwYDVQQDEyg5NDIxZjUwMjAwOWY2
NWVlMjhiMGNkYjBlOGI0OTVkMTdlMjkzMjI2MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAztv9Zl9lF5ceQxRTN/ZF9j7AsWm+SZ/76BD4hHrYc1zcLB77
tu/FjdBMrSSM1Af7/evGLWeIAmK7BhB2y6tKW2SatG8UlBQDYyNe0B26eEb5lswa
q3R6N9HjdOOG72gGa1B2cyMkBY9es7rP1j4ldQqWWSpccDCBBUMCOPraIUHFRbSa
ud4SPyAFLVcCm9OQ5T8KOgO3uIdN5hAFnAFIyATF3Km8wflibzODVM7jjNloVMMb
lU2YtXRjp017MhthS0OmnOtXpohDBxp6jwVCvcy/C/4PbeqjJXdB42qNFwJSZ/pe
UIGRbwjt5QLdTwfTvpXYVdiSuacJb2J3wJjCFwIDAQABo4ICdTCCAnEwHQYDVR0O
BBYEFGDrICbnXYdRT43n+A0Y+Qs8TA9fMB8GA1UdIwQYMBaAFEemfzhOUF0mYgc9
qzVW5u5G9i5xMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYTg4M2M5
MTBmODc5NjAzYjk2N2MwNjM2YzZmM2U5MTI1YjM2NTFiNS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMmFiZDZiMzQtODk1My00YzcyLWEwYTItN2VjYjlk
ZThhYWJhLzk0MjFmNTAyMDA5ZjY1ZWUyOGIwY2RiMGU4YjQ5NWQxN2UyOTMyMjYu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8yYWJkNmIzNC04OTUzLTRjNzItYTBhMi03ZWNi
OWRlOGFhYmEvYTg4M2M5MTBmODc5NjAzYjk2N2MwNjM2YzZmM2U5MTI1YjM2NTFi
NS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA5BggrBgEFBQcBBwEB/wQq
MCgwFwQCAAEwEQMEBr4EgAMDAL5YAwQFyBrAMA0EAgACMAcDBQAoAALgMA0GCSqG
SIb3DQEBCwUAA4IBAQAG1/9yf1mJIivxJp3KJpRcoaWx4j+8troxtNdfXVG8RrbY
oZO3m3I4yE0IydUXjPBhQnB9lY60zfD/UlJkctDM1raDmpI+6lSXOgsdjq688Jvp
wz7jjWSKW1CPHEOK6na3axuTX9gEaTF7FfvpbSgBDUTchK+sBAO+zw0SUgboC6Co
qUTQ2a3aKb9Gwq6dM+a2yqPkXay76MPYoYIfJR9Kv3op6X7wWUOxXQm2TxtIXDWh
ZEkOmlwJW11Z0cJkgK3R8gAsEMIqLaYfzdSLFDoYMGlOtxeR4YRQJdCowuRCOJ9H
M1a+lIkUUuUVjSL1vhpGtFBbOmjqIGELnuw+TYlB
-----END CERTIFICATE-----