Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/3e1111be3a913958948b0d1cf83b79e0b2f923c1.roa
File:                     3e1111be3a913958948b0d1cf83b79e0b2f923c1.roa (raw, json)
Hash identifier:          v6/32HyyObd8AOD10h8gywdF0iNwIhrXRIwkYRQnRDI=
Subject key identifier:   50:14:F8:80:AB:CB:BE:F3:6E:17:79:7E:CA:88:86:2B:B3:38:1A:13
Certificate issuer:       /CN=bfbb4d3a6dd5e649a6554c4817ce0ed277429136
Certificate serial:       1195A8
Authority key identifier: 76:7F:42:4D:48:34:06:C4:20:E5:DF:19:BE:BE:99:3F:72:5A:F7:B6
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/3e1111be3a913958948b0d1cf83b79e0b2f923c1.roa
Signing time:             Mon 27 Nov 2023 19:51:40 +0000
ROA not before:           Mon 27 Nov 2023 19:51:40 +0000
ROA not after:            Thu 27 Nov 2025 19:51:40 +0000
asID:                     27754
IP address blocks:        201.251.73.0/24 maxlen: 24
                          186.38.89.0/24 maxlen: 24
                          186.38.90.0/23 maxlen: 24
                          186.38.92.0/24 maxlen: 24
                          186.38.108.0/24 maxlen: 24
                          186.38.110.0/24 maxlen: 24
                          186.56.39.0/24 maxlen: 24
                          186.56.50.0/24 maxlen: 24
                          201.251.249.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1152424 (0x1195a8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bfbb4d3a6dd5e649a6554c4817ce0ed277429136
        Validity
            Not Before: Nov 27 19:51:40 2023 GMT
            Not After : Nov 27 19:51:40 2025 GMT
        Subject: CN=3e1111be3a913958948b0d1cf83b79e0b2f923c1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:31:a2:69:87:e6:b3:2c:dc:b9:20:f2:27:f2:
                    83:f2:71:de:c7:df:19:97:21:f4:db:b3:0a:87:98:
                    a6:35:78:b5:ff:5e:61:97:b8:60:b3:77:f2:09:3d:
                    a5:58:87:03:13:c2:72:fa:e3:2f:d0:b1:1e:88:ed:
                    5b:21:80:80:c9:c3:02:5e:59:88:a0:fa:92:67:66:
                    ba:66:78:99:45:5e:a2:0c:3e:b9:55:71:e8:3b:73:
                    95:59:e5:56:40:93:3f:32:1e:6b:53:99:80:59:1e:
                    cd:51:4c:99:33:3a:98:e5:d6:c7:f1:c5:63:44:ae:
                    0b:0b:1a:ec:62:87:ca:64:99:f9:55:d9:11:f9:29:
                    9a:0c:84:5a:94:f9:00:0f:e5:fe:49:ef:be:2a:b5:
                    22:d3:26:4b:ad:b5:54:a1:73:de:d6:d8:41:8d:9e:
                    45:6c:de:1b:d7:ef:63:28:c9:70:90:e6:fa:4e:c4:
                    a4:2d:ae:cc:da:10:1f:46:64:06:ee:68:76:18:53:
                    0b:b3:56:b8:3d:1d:8f:5e:88:a8:2e:77:86:19:a6:
                    22:de:08:db:9a:46:ff:ee:8d:e0:92:65:19:0d:fa:
                    4d:c7:8e:4e:bb:6d:ce:e4:03:99:c5:89:ab:69:7a:
                    fe:51:c3:4a:8b:42:bd:94:b4:56:d6:ba:59:f1:36:
                    a9:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                50:14:F8:80:AB:CB:BE:F3:6E:17:79:7E:CA:88:86:2B:B3:38:1A:13
            X509v3 Authority Key Identifier:
                keyid:76:7F:42:4D:48:34:06:C4:20:E5:DF:19:BE:BE:99:3F:72:5A:F7:B6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/3e1111be3a913958948b0d1cf83b79e0b2f923c1.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  186.38.89.0-186.38.92.255
                  186.38.108.0/24
                  186.38.110.0/24
                  186.56.39.0/24
                  186.56.50.0/24
                  201.251.73.0/24
                  201.251.249.0/24

    Signature Algorithm: sha256WithRSAEncryption
         66:c2:4a:3e:3e:c3:46:a6:73:f5:7f:b7:db:a8:e1:c7:38:f6:
         68:70:af:34:ee:8a:21:dc:0f:8b:99:31:39:40:3c:a8:47:a7:
         b2:0c:91:f9:02:b6:ee:f3:0b:8c:19:e8:4d:07:62:f3:8f:cd:
         d5:22:f6:e4:c4:4a:76:81:eb:73:5a:49:b1:24:4a:d6:57:19:
         e4:45:14:4b:80:88:c7:41:f7:e5:64:ce:5f:72:88:f0:5c:79:
         36:3c:c8:a9:d4:00:1d:d2:03:33:cd:aa:11:aa:3a:ad:bc:ab:
         7c:a5:64:ba:c6:d0:a1:13:d0:8e:55:be:83:dc:e9:85:d5:b0:
         45:7f:0e:ec:63:af:42:93:5b:89:ff:ee:90:30:ca:90:76:cc:
         f6:e0:e2:c6:53:2d:9b:0e:13:25:b2:92:e4:d9:a2:6b:1f:44:
         7c:5e:64:b8:71:c7:7c:89:e6:d6:16:03:25:6b:05:59:3e:a2:
         d2:6c:cb:64:39:e1:76:1d:0b:ff:87:35:57:d4:e4:63:54:1a:
         88:39:33:59:b7:c9:33:b4:99:e9:47:17:cb:17:6f:d3:2f:34:
         5b:ba:a9:19:64:a4:f6:3d:0d:1d:aa:76:51:0f:f7:78:62:c3:
         45:40:7d:76:e4:99:3c:5d:9f:63:81:62:be:e4:f3:b2:45:54:
         86:b2:db:8c
-----BEGIN CERTIFICATE-----
MIIFbDCCBFSgAwIBAgIDEZWoMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGJm
YmI0ZDNhNmRkNWU2NDlhNjU1NGM0ODE3Y2UwZWQyNzc0MjkxMzYwHhcNMjMxMTI3
MTk1MTQwWhcNMjUxMTI3MTk1MTQwWjAzMTEwLwYDVQQDEygzZTExMTFiZTNhOTEz
OTU4OTQ4YjBkMWNmODNiNzllMGIyZjkyM2MxMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAkTGiaYfmsyzcuSDyJ/KD8nHex98ZlyH027MKh5imNXi1/15h
l7hgs3fyCT2lWIcDE8Jy+uMv0LEeiO1bIYCAycMCXlmIoPqSZ2a6ZniZRV6iDD65
VXHoO3OVWeVWQJM/Mh5rU5mAWR7NUUyZMzqY5dbH8cVjRK4LCxrsYofKZJn5VdkR
+SmaDIRalPkAD+X+Se++KrUi0yZLrbVUoXPe1thBjZ5FbN4b1+9jKMlwkOb6TsSk
La7M2hAfRmQG7mh2GFMLs1a4PR2PXoioLneGGaYi3gjbmkb/7o3gkmUZDfpNx45O
u23O5AOZxYmraXr+UcNKi0K9lLRW1rpZ8TapaQIDAQABo4IChzCCAoMwHQYDVR0O
BBYEFFAU+ICry77zbhd5fsqIhiuzOBoTMB8GA1UdIwQYMBaAFHZ/Qk1INAbEIOXf
Gb6+mT9yWve2MA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYmZiYjRk
M2E2ZGQ1ZTY0OWE2NTU0YzQ4MTdjZTBlZDI3NzQyOTEzNi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNTM3NWJjZmMtOGI4Ni00NTJlLTg1MGQtODNjZmUz
YjUwZjA2LzNlMTExMWJlM2E5MTM5NTg5NDhiMGQxY2Y4M2I3OWUwYjJmOTIzYzEu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy81Mzc1YmNmYy04Yjg2LTQ1MmUtODUwZC04M2Nm
ZTNiNTBmMDYvYmZiYjRkM2E2ZGQ1ZTY0OWE2NTU0YzQ4MTdjZTBlZDI3NzQyOTEz
Ni5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBLBggrBgEFBQcBBwEB/wQ8
MDowOAQCAAEwMjAMAwQAuiZZAwQAuiZcAwQAuiZsAwQAuiZuAwQAujgnAwQAujgy
AwQAyftJAwQAyfv5MA0GCSqGSIb3DQEBCwUAA4IBAQBmwko+PsNGpnP1f7fbqOHH
OPZocK807ooh3A+LmTE5QDyoR6eyDJH5Arbu8wuMGehNB2Lzj83VIvbkxEp2getz
WkmxJErWVxnkRRRLgIjHQfflZM5fcojwXHk2PMip1AAd0gMzzaoRqjqtvKt8pWS6
xtChE9COVb6D3OmF1bBFfw7sY69Ck1uJ/+6QMMqQdsz24OLGUy2bDhMlspLk2aJr
H0R8XmS4ccd8iebWFgMlawVZPqLSbMtkOeF2HQv/hzVX1ORjVBqIOTNZt8kztJnp
RxfLF2/TLzRbuqkZZKT2PQ0dqnZRD/d4YsNFQH125Jk8XZ9jgWK+5POyRVSGstuM
-----END CERTIFICATE-----