Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/3930cb5c-6adb-423c-97b4-af3afbe59205/f20902bc54696fb062a3fd1b132dbefefc83349b.roa
File:                     f20902bc54696fb062a3fd1b132dbefefc83349b.roa (raw, json)
Hash identifier:          U5bKTcXzK+MOOZZB3KhO5inY65f94DRk0cUni/YyMvM=
Subject key identifier:   9D:A9:B4:25:E2:51:F1:EA:10:8C:63:A9:E3:4E:73:77:F9:1C:50:D9
Certificate issuer:       /CN=455a0128ffd8e326e1f151fa1ad8365768d0e332
Certificate serial:       01603C
Authority key identifier: B1:D1:95:2A:9B:2E:3A:06:3F:48:2F:2B:5A:36:1D:EA:EE:D9:C9:B3
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/455a0128ffd8e326e1f151fa1ad8365768d0e332.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/3930cb5c-6adb-423c-97b4-af3afbe59205/f20902bc54696fb062a3fd1b132dbefefc83349b.roa
Signing time:             Tue 10 May 2022 15:38:27 +0000
ROA not before:           Wed 16 Mar 2022 03:00:00 +0000
ROA not after:            Sat 16 Mar 2024 03:00:00 +0000
asID:                     272021
IP address blocks:        179.63.8.0/22 maxlen: 24
                          179.63.8.0/24 maxlen: 24
                          179.63.9.0/24 maxlen: 24
                          179.63.10.0/24 maxlen: 24
                          179.63.11.0/24 maxlen: 24
                          2801:1a1::/44 maxlen: 48
                          2801:1a1::/48 maxlen: 48
                          2801:1a1:1::/48 maxlen: 48
                          2801:1a1:2::/48 maxlen: 48
                          2801:1a1:3::/48 maxlen: 48
                          2801:1a1:4::/48 maxlen: 48
                          2801:1a1:5::/48 maxlen: 48
                          2801:1a1:6::/48 maxlen: 48
                          2801:1a1:7::/48 maxlen: 48
                          2801:1a1:8::/48 maxlen: 48
                          2801:1a1:9::/48 maxlen: 48
                          2801:1a1:a::/48 maxlen: 48
                          2801:1a1:b::/48 maxlen: 48
                          2801:1a1:c::/48 maxlen: 48
                          2801:1a1:d::/48 maxlen: 48
                          2801:1a1:e::/48 maxlen: 48
                          2801:1a1:f::/48 maxlen: 48

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 90172 (0x1603c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=455a0128ffd8e326e1f151fa1ad8365768d0e332
        Validity
            Not Before: Mar 16 03:00:00 2022 GMT
            Not After : Mar 16 03:00:00 2024 GMT
        Subject: CN=f20902bc54696fb062a3fd1b132dbefefc83349b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:b9:f4:c3:86:4a:d2:e4:9f:27:84:7c:a3:49:
                    41:87:09:1b:62:fa:c1:09:c0:5c:d3:d7:5b:22:ca:
                    9b:24:db:76:0f:3e:2d:d0:46:74:dc:31:57:2c:c3:
                    7b:d9:07:43:d0:2a:d7:dc:3d:cc:8a:fa:48:2e:1a:
                    42:09:89:42:b1:c3:41:47:51:5a:28:a6:0f:fe:0a:
                    2d:19:73:ab:f5:41:4e:3f:54:36:f5:28:89:e8:72:
                    1c:83:b5:20:e9:e3:24:9b:d7:f1:4e:d9:98:a6:77:
                    c0:fb:b1:36:b5:40:bd:3c:7d:ad:ff:dc:1a:08:f9:
                    56:97:9c:45:76:9a:9a:12:4d:d8:16:7e:e9:8e:1b:
                    63:30:6f:1b:47:55:84:62:5a:7a:bf:eb:5d:27:1b:
                    95:19:b5:9b:03:9d:4c:1c:db:f6:14:4f:89:85:de:
                    59:ab:76:74:41:cc:fb:09:ad:9f:8a:8d:26:69:31:
                    82:01:65:4f:a5:74:cf:40:53:e9:d4:71:13:0b:27:
                    79:96:4b:41:d0:5e:7e:be:5f:3f:1c:19:46:5d:a8:
                    13:3c:0d:78:66:e7:3c:3f:9f:3d:b2:96:71:f9:2b:
                    64:cd:d5:4c:a5:e2:41:ba:cc:72:a4:79:f5:70:79:
                    ad:8f:b0:3f:8b:bc:b9:09:74:9c:72:df:f3:0d:01:
                    f9:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9D:A9:B4:25:E2:51:F1:EA:10:8C:63:A9:E3:4E:73:77:F9:1C:50:D9
            X509v3 Authority Key Identifier:
                keyid:B1:D1:95:2A:9B:2E:3A:06:3F:48:2F:2B:5A:36:1D:EA:EE:D9:C9:B3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/455a0128ffd8e326e1f151fa1ad8365768d0e332.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/3930cb5c-6adb-423c-97b4-af3afbe59205/f20902bc54696fb062a3fd1b132dbefefc83349b.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/3930cb5c-6adb-423c-97b4-af3afbe59205/455a0128ffd8e326e1f151fa1ad8365768d0e332.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  179.63.8.0/22
                IPv6:
                  2801:1a1::/44

    Signature Algorithm: sha256WithRSAEncryption
         8d:93:35:99:07:95:56:18:d4:f6:72:c8:18:a2:36:17:9d:f0:
         0b:51:b2:b6:c9:c9:d0:d1:ba:0b:bd:8a:d8:95:8d:80:e1:5f:
         82:02:2c:8c:53:87:0d:d8:ea:a2:26:cd:19:90:7d:e1:4b:9f:
         4e:36:7e:a1:90:e0:00:94:17:a2:d5:e4:ff:a9:b5:30:60:69:
         e3:d4:6f:4b:1e:b5:3f:ff:77:99:e6:c7:4b:c8:92:db:1e:a7:
         7d:cc:bc:e2:5f:ae:22:1a:1c:c5:12:e0:ce:a3:2a:55:a2:2d:
         ec:79:25:60:d3:3d:ce:33:3a:19:7a:0e:cd:92:fa:ad:1f:5b:
         2c:a8:1f:66:29:c6:27:31:fd:72:2e:e0:36:b0:5c:54:93:ed:
         63:07:57:bb:eb:4d:d8:60:19:ea:cb:c7:b6:a8:7c:3c:ef:05:
         bb:b4:31:e0:f7:c3:06:96:3c:05:a9:0c:e9:f0:99:bd:e5:ab:
         2b:14:e3:1e:65:6b:be:ec:2a:72:6b:2f:5d:ae:0f:d6:51:eb:
         f6:c1:56:96:64:4b:1b:43:53:18:9e:e5:ab:af:30:57:cf:ec:
         b5:c5:a2:4f:7f:f0:ca:6a:dd:87:c2:a3:86:8a:51:82:a1:81:
         13:d4:f9:ff:b7:a3:92:0e:97:20:ba:e4:d1:19:78:0a:e6:a3:
         34:2a:bc:fa
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgIDAWA8MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDQ1
NWEwMTI4ZmZkOGUzMjZlMWYxNTFmYTFhZDgzNjU3NjhkMGUzMzIwHhcNMjIwMzE2
MDMwMDAwWhcNMjQwMzE2MDMwMDAwWjAzMTEwLwYDVQQDEyhmMjA5MDJiYzU0Njk2
ZmIwNjJhM2ZkMWIxMzJkYmVmZWZjODMzNDliMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAsbn0w4ZK0uSfJ4R8o0lBhwkbYvrBCcBc09dbIsqbJNt2Dz4t
0EZ03DFXLMN72QdD0CrX3D3MivpILhpCCYlCscNBR1FaKKYP/gotGXOr9UFOP1Q2
9SiJ6HIcg7Ug6eMkm9fxTtmYpnfA+7E2tUC9PH2t/9waCPlWl5xFdpqaEk3YFn7p
jhtjMG8bR1WEYlp6v+tdJxuVGbWbA51MHNv2FE+Jhd5Zq3Z0Qcz7Ca2fio0maTGC
AWVPpXTPQFPp1HETCyd5lktB0F5+vl8/HBlGXagTPA14Zuc8P589spZx+StkzdVM
peJBusxypHn1cHmtj7A/i7y5CXScct/zDQH56wIDAQABo4ICbDCCAmgwHQYDVR0O
BBYEFJ2ptCXiUfHqEIxjqeNOc3f5HFDZMB8GA1UdIwQYMBaAFLHRlSqbLjoGP0gv
K1o2Heru2cmzMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvNDU1YTAx
MjhmZmQ4ZTMyNmUxZjE1MWZhMWFkODM2NTc2OGQwZTMzMi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMzkzMGNiNWMtNmFkYi00MjNjLTk3YjQtYWYzYWZi
ZTU5MjA1L2YyMDkwMmJjNTQ2OTZmYjA2MmEzZmQxYjEzMmRiZWZlZmM4MzM0OWIu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8zOTMwY2I1Yy02YWRiLTQyM2MtOTdiNC1hZjNh
ZmJlNTkyMDUvNDU1YTAxMjhmZmQ4ZTMyNmUxZjE1MWZhMWFkODM2NTc2OGQwZTMz
Mi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAwBggrBgEFBQcBBwEB/wQh
MB8wDAQCAAEwBgMEArM/CDAPBAIAAjAJAwcEKAEBoQAAMA0GCSqGSIb3DQEBCwUA
A4IBAQCNkzWZB5VWGNT2csgYojYXnfALUbK2ycnQ0boLvYrYlY2A4V+CAiyMU4cN
2OqiJs0ZkH3hS59ONn6hkOAAlBei1eT/qbUwYGnj1G9LHrU//3eZ5sdLyJLbHqd9
zLziX64iGhzFEuDOoypVoi3seSVg0z3OMzoZeg7NkvqtH1ssqB9mKcYnMf1yLuA2
sFxUk+1jB1e7603YYBnqy8e2qHw87wW7tDHg98MGljwFqQzp8Jm95asrFOMeZWu+
7Cpyay9drg/WUev2wVaWZEsbQ1MYnuWrrzBXz+y1xaJPf/DKat2HwqOGilGCoYET
1Pn/t6OSDpcguuTRGXgK5qM0Krz6
-----END CERTIFICATE-----