Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/920e493d-fbf3-4b8b-8101-12143aac3aa3/f59c1adb30ab1e3ddca4b4602b7fa324ebb5d4d4.roa
File:                     f59c1adb30ab1e3ddca4b4602b7fa324ebb5d4d4.roa (raw, json)
Hash identifier:          2tzRdCFVGNjx5QfTRFJ5dDC62BP1pdi9X5Byca2q3zI=
Subject key identifier:   05:24:AB:77:8D:59:A9:B1:51:0D:6E:B8:86:17:1E:53:84:16:90:92
Certificate issuer:       /CN=90272e637424ef29984c32a598a292deb8ecfe24
Certificate serial:       0D3FA0
Authority key identifier: 49:26:B9:13:98:56:73:ED:E6:66:A7:C3:2C:24:23:DB:4C:75:40:C0
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/90272e637424ef29984c32a598a292deb8ecfe24.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/920e493d-fbf3-4b8b-8101-12143aac3aa3/f59c1adb30ab1e3ddca4b4602b7fa324ebb5d4d4.roa
Signing time:             Wed 24 Mar 2021 14:35:10 +0000
ROA not before:           Wed 24 Mar 2021 14:35:10 +0000
ROA not after:            Tue 24 Mar 2026 14:35:10 +0000
asID:                     27695
IP address blocks:        138.97.56.0/22 maxlen: 22
                          181.232.0.0/17 maxlen: 17
                          186.43.0.0/17 maxlen: 17
                          186.159.0.0/18 maxlen: 18
                          186.159.64.0/19 maxlen: 19
                          190.3.192.0/19 maxlen: 19
                          190.3.224.0/19 maxlen: 19
                          190.109.128.0/19 maxlen: 19
                          190.109.160.0/19 maxlen: 19
                          191.103.128.0/17 maxlen: 17
                          200.35.32.0/20 maxlen: 20
                          200.35.48.0/20 maxlen: 20
                          2800:580::/32 maxlen: 32

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 868256 (0xd3fa0)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=90272e637424ef29984c32a598a292deb8ecfe24
        Validity
            Not Before: Mar 24 14:35:10 2021 GMT
            Not After : Mar 24 14:35:10 2026 GMT
        Subject: CN=f59c1adb30ab1e3ddca4b4602b7fa324ebb5d4d4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:61:d9:61:6b:aa:11:3a:7c:df:fa:d5:3b:41:
                    56:32:91:b9:1d:92:67:99:90:b8:04:63:91:a4:4e:
                    20:a9:7f:d1:3a:68:13:c6:79:3d:3c:e5:26:46:a1:
                    18:9d:0d:a7:b1:27:2a:10:5a:73:ec:d5:3f:f8:46:
                    65:9f:48:de:75:0c:8c:3e:d2:b8:41:db:e5:71:db:
                    b0:f1:2b:ee:f7:f4:43:9f:bc:73:42:02:eb:72:99:
                    c1:c4:14:4d:f2:a7:e8:5b:07:55:63:05:e1:3c:a8:
                    64:de:b7:58:99:7a:3b:08:a4:b5:ff:16:4e:25:7b:
                    63:8b:1a:ff:48:15:f4:bd:4d:53:3c:b0:15:8c:e9:
                    84:ae:a3:d3:3c:8b:24:fa:10:5e:6c:f8:99:a7:7b:
                    5b:be:92:35:38:83:a3:83:bf:44:82:b7:d7:35:da:
                    97:d6:b8:3a:d5:f6:4f:e3:9e:73:2e:1d:4c:40:18:
                    6a:06:08:ac:2b:7d:86:c2:4d:63:19:45:65:53:a1:
                    f3:3d:ca:92:9d:d7:24:1d:75:b2:b9:2c:dc:56:9e:
                    65:27:f2:3e:94:a2:ef:a6:7e:37:a8:42:06:f0:3e:
                    97:08:bb:5d:48:00:1c:e7:4c:44:4b:b5:b8:6b:75:
                    3d:67:b1:d2:c8:ec:3d:20:0c:dc:dc:4d:c1:b2:83:
                    7e:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                05:24:AB:77:8D:59:A9:B1:51:0D:6E:B8:86:17:1E:53:84:16:90:92
            X509v3 Authority Key Identifier:
                keyid:49:26:B9:13:98:56:73:ED:E6:66:A7:C3:2C:24:23:DB:4C:75:40:C0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/90272e637424ef29984c32a598a292deb8ecfe24.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/920e493d-fbf3-4b8b-8101-12143aac3aa3/f59c1adb30ab1e3ddca4b4602b7fa324ebb5d4d4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/920e493d-fbf3-4b8b-8101-12143aac3aa3/90272e637424ef29984c32a598a292deb8ecfe24.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  138.97.56.0/22
                  181.232.0.0/17
                  186.43.0.0/17
                  186.159.0.0-186.159.95.255
                  190.3.192.0/18
                  190.109.128.0/18
                  191.103.128.0/17
                  200.35.32.0/19
                IPv6:
                  2800:580::/32

    Signature Algorithm: sha256WithRSAEncryption
         96:5e:fe:35:29:4f:8a:6b:56:a6:2e:f5:65:e6:48:01:70:a0:
         67:f7:42:d9:c5:2c:c7:c7:e3:c6:d9:b5:7b:cc:55:d5:8c:42:
         7e:32:2f:f3:25:ec:a2:f5:91:27:5e:aa:be:aa:7b:6b:13:1d:
         dd:b6:b8:aa:21:20:90:d1:5e:5d:42:f9:d9:c5:4e:62:92:51:
         25:18:3e:a2:ef:39:16:c3:b7:6c:25:21:30:85:bd:14:19:53:
         ea:61:fa:70:ee:ff:0b:60:5c:27:4d:8b:20:cc:5d:98:c5:d5:
         9c:2a:38:17:4d:49:a9:a3:09:f5:8a:15:57:b3:06:fd:41:94:
         66:e9:76:2c:88:2b:8c:8e:01:b0:23:78:a5:1f:7d:80:88:d9:
         78:e4:df:d9:f4:4f:25:2c:05:e3:06:f7:f5:81:1b:a0:42:96:
         91:78:f1:67:31:bf:79:cf:f3:a4:78:6c:15:69:49:f7:db:c2:
         0b:94:85:00:e2:49:ad:ce:9e:f0:ec:8d:14:b9:da:21:a3:55:
         15:ce:9e:d0:08:98:48:79:81:c7:f1:26:7d:76:fe:b9:8c:1c:
         c0:ed:af:36:c6:47:76:d8:61:75:f9:62:c2:66:d3:19:fc:2e:
         3e:c6:96:7b:24:40:91:7d:40:9c:9f:1a:dc:87:ce:bf:22:2f:
         1c:09:42:d4
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgIDDT+gMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDkw
MjcyZTYzNzQyNGVmMjk5ODRjMzJhNTk4YTI5MmRlYjhlY2ZlMjQwHhcNMjEwMzI0
MTQzNTEwWhcNMjYwMzI0MTQzNTEwWjAzMTEwLwYDVQQDEyhmNTljMWFkYjMwYWIx
ZTNkZGNhNGI0NjAyYjdmYTMyNGViYjVkNGQ0MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAvmHZYWuqETp83/rVO0FWMpG5HZJnmZC4BGORpE4gqX/ROmgT
xnk9POUmRqEYnQ2nsScqEFpz7NU/+EZln0jedQyMPtK4Qdvlcduw8Svu9/RDn7xz
QgLrcpnBxBRN8qfoWwdVYwXhPKhk3rdYmXo7CKS1/xZOJXtjixr/SBX0vU1TPLAV
jOmErqPTPIsk+hBebPiZp3tbvpI1OIOjg79EgrfXNdqX1rg61fZP455zLh1MQBhq
BgisK32Gwk1jGUVlU6HzPcqSndckHXWyuSzcVp5lJ/I+lKLvpn43qEIG8D6XCLtd
SAAc50xES7W4a3U9Z7HSyOw9IAzc3E3BsoN+gwIDAQABo4ICmzCCApcwHQYDVR0O
BBYEFAUkq3eNWamxUQ1uuIYXHlOEFpCSMB8GA1UdIwQYMBaAFEkmuROYVnPt5man
wywkI9tMdUDAMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvOTAyNzJl
NjM3NDI0ZWYyOTk4NGMzMmE1OThhMjkyZGViOGVjZmUyNC5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvOTIwZTQ5M2QtZmJmMy00YjhiLTgxMDEtMTIxNDNh
YWMzYWEzL2Y1OWMxYWRiMzBhYjFlM2RkY2E0YjQ2MDJiN2ZhMzI0ZWJiNWQ0ZDQu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy85MjBlNDkzZC1mYmYzLTRiOGItODEwMS0xMjE0
M2FhYzNhYTMvOTAyNzJlNjM3NDI0ZWYyOTk4NGMzMmE1OThhMjkyZGViOGVjZmUy
NC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBfBggrBgEFBQcBBwEB/wRQ
ME4wPQQCAAEwNwMEAophOAMEB7XoAAMEB7orADALAwMAup8DBAW6n0ADBAa+A8AD
BAa+bYADBAe/Z4ADBAXIIyAwDQQCAAIwBwMFACgABYAwDQYJKoZIhvcNAQELBQAD
ggEBAJZe/jUpT4prVqYu9WXmSAFwoGf3QtnFLMfH48bZtXvMVdWMQn4yL/Ml7KL1
kSdeqr6qe2sTHd22uKohIJDRXl1C+dnFTmKSUSUYPqLvORbDt2wlITCFvRQZU+ph
+nDu/wtgXCdNiyDMXZjF1ZwqOBdNSamjCfWKFVezBv1BlGbpdiyIK4yOAbAjeKUf
fYCI2Xjk39n0TyUsBeMG9/WBG6BClpF48Wcxv3nP86R4bBVpSffbwguUhQDiSa3O
nvDsjRS52iGjVRXOntAImEh5gcfxJn12/rmMHMDtrzbGR3bYYXX5YsJm0xn8Lj7G
lnskQJF9QJyfGtyHzr8iLxwJQtQ=
-----END CERTIFICATE-----