Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/532b2097-ea08-4780-b94f-03c338b5aa57/a48586be3a044d4b133a9430bde23b284f8d1bb5.roa
File:                     a48586be3a044d4b133a9430bde23b284f8d1bb5.roa (raw, json)
Hash identifier:          XkTfuPAD3Bh/URh9a9mUgLgZm+G6gIZSeRPfiYrC/rc=
Subject key identifier:   B7:71:FE:13:A1:8C:D2:EB:B7:56:B0:79:F8:BC:7D:71:A4:A1:30:84
Certificate issuer:       /CN=c974409d0c2a70c921dd685e863e9f00cb1e262a
Certificate serial:       2E78A5
Authority key identifier: FB:8E:FC:68:56:00:AB:63:EA:02:4F:A3:0D:1F:15:D5:B5:B0:C1:B1
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/c974409d0c2a70c921dd685e863e9f00cb1e262a.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/532b2097-ea08-4780-b94f-03c338b5aa57/a48586be3a044d4b133a9430bde23b284f8d1bb5.roa
Signing time:             Thu 07 Dec 2023 13:01:35 +0000
ROA not before:           Thu 07 Dec 2023 13:00:46 +0000
ROA not after:            Thu 07 Dec 2028 13:00:46 +0000
asID:                     52444
IP address blocks:        181.15.97.0/24 maxlen: 24
                          181.15.98.0/23 maxlen: 24
                          181.15.100.0/24 maxlen: 24
                          186.153.126.0/23 maxlen: 24
                          181.10.140.0/23 maxlen: 24
                          181.10.142.0/24 maxlen: 24
                          190.136.11.0/24 maxlen: 24
                          186.125.161.0/24 maxlen: 24
                          181.15.195.0/24 maxlen: 24
                          186.125.62.0/23 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3045541 (0x2e78a5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c974409d0c2a70c921dd685e863e9f00cb1e262a
        Validity
            Not Before: Dec  7 13:00:46 2023 GMT
            Not After : Dec  7 13:00:46 2028 GMT
        Subject: CN=a48586be3a044d4b133a9430bde23b284f8d1bb5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:03:91:ba:b0:c5:29:cf:19:cf:dd:b2:ba:68:
                    5a:05:0c:b6:0f:78:68:75:27:f4:70:38:e2:24:f6:
                    a3:4b:f6:51:9f:59:a4:9c:37:62:81:c1:78:45:35:
                    9f:35:00:3c:29:6f:c4:86:06:a5:5c:5b:7e:3a:27:
                    08:8e:28:0e:78:d7:89:69:bb:db:69:6f:b2:66:c7:
                    e8:b2:27:fa:71:a0:da:39:27:39:dd:4e:86:32:67:
                    a8:3b:c1:e6:b4:59:23:47:35:97:97:7e:89:5d:c6:
                    21:8f:93:f0:1d:d3:13:ae:ed:90:63:70:4e:b9:28:
                    c4:09:fb:2d:f8:31:fe:45:4d:75:5c:15:8e:68:4d:
                    5b:70:32:b7:66:99:b5:0c:63:9c:27:54:6d:1c:c4:
                    62:07:d2:c8:60:d3:6b:1c:3a:e9:f1:c9:57:3b:5e:
                    84:4c:c5:56:b5:04:f4:06:ad:5a:01:28:7f:26:bb:
                    f2:14:5a:f7:c1:af:03:31:d6:7f:c5:98:c3:34:1b:
                    19:00:32:7d:77:7c:4c:18:31:52:00:14:7e:d8:c9:
                    b2:b1:ed:5b:37:6a:ed:f4:a2:16:01:89:b4:42:65:
                    70:3a:7b:ca:3e:69:40:ac:4c:2a:5d:a0:73:f0:05:
                    31:9c:e7:dd:92:be:55:07:9b:20:18:e2:0e:ee:75:
                    6b:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B7:71:FE:13:A1:8C:D2:EB:B7:56:B0:79:F8:BC:7D:71:A4:A1:30:84
            X509v3 Authority Key Identifier:
                keyid:FB:8E:FC:68:56:00:AB:63:EA:02:4F:A3:0D:1F:15:D5:B5:B0:C1:B1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/c974409d0c2a70c921dd685e863e9f00cb1e262a.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/532b2097-ea08-4780-b94f-03c338b5aa57/a48586be3a044d4b133a9430bde23b284f8d1bb5.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/532b2097-ea08-4780-b94f-03c338b5aa57/c974409d0c2a70c921dd685e863e9f00cb1e262a.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  181.10.140.0-181.10.142.255
                  181.15.97.0-181.15.100.255
                  181.15.195.0/24
                  186.125.62.0/23
                  186.125.161.0/24
                  186.153.126.0/23
                  190.136.11.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8f:ec:9d:c4:66:fb:e2:1a:45:5d:02:71:16:38:5e:3c:10:97:
         a7:bb:c4:87:1f:fb:6e:42:1c:07:95:f2:34:f7:67:15:bb:38:
         09:11:bd:b0:97:dc:28:f3:28:65:82:ea:22:c6:67:3b:5c:20:
         ca:8c:59:90:f0:29:6d:12:59:0a:cd:3e:79:1b:a1:a1:d2:38:
         86:46:75:c7:3c:37:5c:66:8a:fb:cd:d1:aa:7f:6e:6e:b3:87:
         29:c3:36:c9:fd:03:9f:41:72:ac:08:e9:70:e4:cc:a4:21:2c:
         2b:02:f6:12:b8:0d:ea:49:4a:99:83:2d:6e:dc:00:92:44:8c:
         a9:71:ed:c7:74:ea:ac:af:d1:6e:ca:74:45:b0:be:d1:ae:00:
         53:0c:16:6e:73:2c:c0:d3:97:91:96:79:71:8c:55:88:89:10:
         b4:b0:70:12:59:1a:3f:14:e5:47:af:ee:2f:cc:fa:74:8b:bf:
         b8:a7:de:0d:93:63:6a:46:96:80:ef:d1:16:8b:72:04:38:cd:
         af:da:19:77:3c:61:5a:fd:1f:e4:0d:ff:c6:38:a9:3f:5f:e1:
         25:90:b0:fa:6f:bc:c4:9c:5a:00:ab:35:6d:e8:06:aa:53:fb:
         a8:a4:b7:49:f9:52:8e:64:a8:8b:95:80:16:98:8c:4c:57:29:
         67:0c:43:46
-----BEGIN CERTIFICATE-----
MIIFdDCCBFygAwIBAgIDLnilMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGM5
NzQ0MDlkMGMyYTcwYzkyMWRkNjg1ZTg2M2U5ZjAwY2IxZTI2MmEwHhcNMjMxMjA3
MTMwMDQ2WhcNMjgxMjA3MTMwMDQ2WjAzMTEwLwYDVQQDEyhhNDg1ODZiZTNhMDQ0
ZDRiMTMzYTk0MzBiZGUyM2IyODRmOGQxYmI1MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAtwORurDFKc8Zz92yumhaBQy2D3hodSf0cDjiJPajS/ZRn1mk
nDdigcF4RTWfNQA8KW/EhgalXFt+OicIjigOeNeJabvbaW+yZsfosif6caDaOSc5
3U6GMmeoO8HmtFkjRzWXl36JXcYhj5PwHdMTru2QY3BOuSjECfst+DH+RU11XBWO
aE1bcDK3Zpm1DGOcJ1RtHMRiB9LIYNNrHDrp8clXO16ETMVWtQT0Bq1aASh/Jrvy
FFr3wa8DMdZ/xZjDNBsZADJ9d3xMGDFSABR+2Mmyse1bN2rt9KIWAYm0QmVwOnvK
PmlArEwqXaBz8AUxnOfdkr5VB5sgGOIO7nVrpQIDAQABo4ICjzCCAoswHQYDVR0O
BBYEFLdx/hOhjNLrt1awefi8fXGkoTCEMB8GA1UdIwQYMBaAFPuO/GhWAKtj6gJP
ow0fFdW1sMGxMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYzk3NDQw
OWQwYzJhNzBjOTIxZGQ2ODVlODYzZTlmMDBjYjFlMjYyYS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNTMyYjIwOTctZWEwOC00NzgwLWI5NGYtMDNjMzM4
YjVhYTU3L2E0ODU4NmJlM2EwNDRkNGIxMzNhOTQzMGJkZTIzYjI4NGY4ZDFiYjUu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy81MzJiMjA5Ny1lYTA4LTQ3ODAtYjk0Zi0wM2Mz
MzhiNWFhNTcvYzk3NDQwOWQwYzJhNzBjOTIxZGQ2ODVlODYzZTlmMDBjYjFlMjYy
YS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBTBggrBgEFBQcBBwEB/wRE
MEIwQAQCAAEwOjAMAwQCtQqMAwQAtQqOMAwDBAC1D2EDBAC1D2QDBAC1D8MDBAG6
fT4DBAC6faEDBAG6mX4DBAC+iAswDQYJKoZIhvcNAQELBQADggEBAI/sncRm++Ia
RV0CcRY4XjwQl6e7xIcf+25CHAeV8jT3ZxW7OAkRvbCX3CjzKGWC6iLGZztcIMqM
WZDwKW0SWQrNPnkboaHSOIZGdcc8N1xmivvN0ap/bm6zhynDNsn9A59BcqwI6XDk
zKQhLCsC9hK4DepJSpmDLW7cAJJEjKlx7cd06qyv0W7KdEWwvtGuAFMMFm5zLMDT
l5GWeXGMVYiJELSwcBJZGj8U5Uev7i/M+nSLv7in3g2TY2pGloDv0RaLcgQ4za/a
GXc8YVr9H+QN/8Y4qT9f4SWQsPpvvMScWgCrNW3oBqpT+6ikt0n5Uo5kqIuVgBaY
jExXKWcMQ0Y=
-----END CERTIFICATE-----