Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/449ecc19-c291-4fcf-9697-4a9669b30e80/be52f805dd1e2bb7c20646c6b9438f5962226603.roa
File:                     be52f805dd1e2bb7c20646c6b9438f5962226603.roa (raw, json)
Hash identifier:          4KKPZSzbCwTFs81ye5wGlCXIwyVdgPBNpt5Fn12lpAQ=
Subject key identifier:   10:15:8F:A4:D2:4B:15:A0:6B:97:0A:56:C7:A7:E0:77:EF:16:44:70
Certificate issuer:       /CN=5b7dbb1482b4705c4115f4698d018750070bcecb
Certificate serial:       131C5F
Authority key identifier: 2B:3B:AC:72:9D:0E:A7:42:1F:BD:B8:90:D9:23:BD:A4:77:D7:CA:29
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/5b7dbb1482b4705c4115f4698d018750070bcecb.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/449ecc19-c291-4fcf-9697-4a9669b30e80/be52f805dd1e2bb7c20646c6b9438f5962226603.roa
Signing time:             Mon 16 Oct 2023 20:46:15 +0000
ROA not before:           Sun 15 Oct 2023 20:46:15 +0000
ROA not after:            Thu 16 Oct 2025 20:46:15 +0000
asID:                     271891
IP address blocks:        2801:151:d0::/48 maxlen: 48
                          2801:151:100::/48 maxlen: 48
                          2801:151:102::/48 maxlen: 48
                          2801:151:10b::/48 maxlen: 48
                          2801:151:fc::/48 maxlen: 48
                          2801:151:fd::/48 maxlen: 48

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1252447 (0x131c5f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5b7dbb1482b4705c4115f4698d018750070bcecb
        Validity
            Not Before: Oct 15 20:46:15 2023 GMT
            Not After : Oct 16 20:46:15 2025 GMT
        Subject: CN=be52f805dd1e2bb7c20646c6b9438f5962226603
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:00:db:79:21:28:2c:7f:55:98:ea:7e:9e:9a:
                    42:82:0b:1c:33:30:d0:7a:55:58:88:87:2d:16:04:
                    85:86:1a:7d:18:9a:a4:2f:fd:9f:8f:11:97:55:a3:
                    a4:f8:ab:d3:af:f9:c0:27:91:94:fa:4b:63:11:9a:
                    12:55:02:52:83:6b:63:15:c9:e2:d5:c8:53:82:a6:
                    0d:c9:f0:f7:dc:00:0c:ca:b4:55:22:09:c6:32:32:
                    09:72:62:18:d3:46:75:8d:29:18:5a:74:96:60:52:
                    ba:6b:7e:90:18:83:3d:9b:4c:e0:b3:35:9e:98:f7:
                    29:17:5b:c0:ea:10:bb:bb:f1:18:60:20:ed:0a:7c:
                    24:e5:30:09:9d:24:53:5d:77:12:1c:1e:ef:93:51:
                    ab:e3:77:5f:a9:aa:7f:9f:25:90:8d:93:05:a0:e5:
                    26:d8:f0:77:bb:e7:cd:f3:59:6d:58:4c:f1:02:45:
                    4f:55:10:31:70:12:69:55:3f:60:ec:61:f4:0a:d6:
                    5e:e1:5b:90:5a:80:88:0a:b8:3c:84:f9:a0:0b:d3:
                    70:25:d2:4f:ba:3c:66:3d:62:1c:69:36:97:c3:61:
                    55:d9:29:fd:a9:77:e3:0a:8b:81:7a:eb:cc:f4:03:
                    3f:13:59:35:ad:3d:68:f5:f4:81:1c:6e:52:9b:b0:
                    a5:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                10:15:8F:A4:D2:4B:15:A0:6B:97:0A:56:C7:A7:E0:77:EF:16:44:70
            X509v3 Authority Key Identifier:
                keyid:2B:3B:AC:72:9D:0E:A7:42:1F:BD:B8:90:D9:23:BD:A4:77:D7:CA:29

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/5b7dbb1482b4705c4115f4698d018750070bcecb.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/449ecc19-c291-4fcf-9697-4a9669b30e80/be52f805dd1e2bb7c20646c6b9438f5962226603.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/449ecc19-c291-4fcf-9697-4a9669b30e80/5b7dbb1482b4705c4115f4698d018750070bcecb.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2801:151:d0::/48
                  2801:151:fc::/47
                  2801:151:100::/48
                  2801:151:102::/48
                  2801:151:10b::/48

    Signature Algorithm: sha256WithRSAEncryption
         19:d2:d1:e3:79:4b:a2:ac:01:9c:8d:bc:9f:75:0a:fa:60:26:
         aa:79:53:43:cc:e5:0f:05:47:6b:ac:c6:99:09:97:19:8f:2e:
         c5:36:1b:11:96:64:c5:d7:9a:6c:7d:15:a0:bd:8e:86:9d:78:
         98:5c:58:ec:06:96:40:52:39:28:1f:16:9b:9a:b5:57:9c:d8:
         16:fd:f8:0e:a0:05:18:81:33:f8:f3:bf:2f:d1:5f:d4:0c:ec:
         b7:bb:68:55:f9:94:29:a5:4b:d9:10:d8:88:c4:d0:97:14:58:
         5f:5e:39:a7:ba:70:05:5e:4f:7d:a3:0a:66:13:21:1e:c2:0b:
         9a:f2:2d:38:ab:0c:89:9a:94:53:72:1b:15:c5:75:1b:a9:51:
         15:72:f8:be:a7:5c:23:95:d8:07:a8:1f:09:03:e2:7e:ce:5d:
         b7:f7:5d:cc:2b:8b:ca:0c:33:ce:24:df:6c:a5:b8:90:a5:ca:
         17:d5:46:00:9a:38:26:71:78:a8:71:c0:dd:ff:05:c0:2d:bb:
         b8:5c:75:08:0f:1a:17:f0:b3:b6:57:fe:5d:a5:b4:2a:6b:38:
         2c:6a:95:06:7a:dd:96:4c:ce:f5:2c:cd:c0:22:88:21:27:bf:
         cb:0a:61:3d:97:a4:ed:d5:ca:d9:c6:33:d8:8a:75:44:83:95:
         21:53:47:27
-----BEGIN CERTIFICATE-----
MIIFZzCCBE+gAwIBAgIDExxfMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDVi
N2RiYjE0ODJiNDcwNWM0MTE1ZjQ2OThkMDE4NzUwMDcwYmNlY2IwHhcNMjMxMDE1
MjA0NjE1WhcNMjUxMDE2MjA0NjE1WjAzMTEwLwYDVQQDEyhiZTUyZjgwNWRkMWUy
YmI3YzIwNjQ2YzZiOTQzOGY1OTYyMjI2NjAzMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAqgDbeSEoLH9VmOp+nppCggscMzDQelVYiIctFgSFhhp9GJqk
L/2fjxGXVaOk+KvTr/nAJ5GU+ktjEZoSVQJSg2tjFcni1chTgqYNyfD33AAMyrRV
IgnGMjIJcmIY00Z1jSkYWnSWYFK6a36QGIM9m0zgszWemPcpF1vA6hC7u/EYYCDt
Cnwk5TAJnSRTXXcSHB7vk1Gr43dfqap/nyWQjZMFoOUm2PB3u+fN81ltWEzxAkVP
VRAxcBJpVT9g7GH0CtZe4VuQWoCICrg8hPmgC9NwJdJPujxmPWIcaTaXw2FV2Sn9
qXfjCouBeuvM9AM/E1k1rT1o9fSBHG5Sm7CljwIDAQABo4ICgjCCAn4wHQYDVR0O
BBYEFBAVj6TSSxWga5cKVsen4HfvFkRwMB8GA1UdIwQYMBaAFCs7rHKdDqdCH724
kNkjvaR318opMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvNWI3ZGJi
MTQ4MmI0NzA1YzQxMTVmNDY5OGQwMTg3NTAwNzBiY2VjYi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNDQ5ZWNjMTktYzI5MS00ZmNmLTk2OTctNGE5NjY5
YjMwZTgwL2JlNTJmODA1ZGQxZTJiYjdjMjA2NDZjNmI5NDM4ZjU5NjIyMjY2MDMu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy80NDllY2MxOS1jMjkxLTRmY2YtOTY5Ny00YTk2
NjliMzBlODAvNWI3ZGJiMTQ4MmI0NzA1YzQxMTVmNDY5OGQwMTg3NTAwNzBiY2Vj
Yi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBGBggrBgEFBQcBBwEB/wQ3
MDUwMwQCAAIwLQMHACgBAVEA0AMHASgBAVEA/AMHACgBAVEBAAMHACgBAVEBAgMH
ACgBAVEBCzANBgkqhkiG9w0BAQsFAAOCAQEAGdLR43lLoqwBnI28n3UK+mAmqnlT
Q8zlDwVHa6zGmQmXGY8uxTYbEZZkxdeabH0VoL2Ohp14mFxY7AaWQFI5KB8Wm5q1
V5zYFv34DqAFGIEz+PO/L9Ff1Azst7toVfmUKaVL2RDYiMTQlxRYX145p7pwBV5P
faMKZhMhHsILmvItOKsMiZqUU3IbFcV1G6lRFXL4vqdcI5XYB6gfCQPifs5dt/dd
zCuLygwzziTfbKW4kKXKF9VGAJo4JnF4qHHA3f8FwC27uFx1CA8aF/Cztlf+XaW0
Kms4LGqVBnrdlkzO9SzNwCKIISe/ywphPZek7dXK2cYz2Ip1RIOVIVNHJw==
-----END CERTIFICATE-----