Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/a73917d3-7581-4880-a4fe-1222139e4167/76753f1d5ee6f84a08b5a0bf06561c9ed54e6bd4.roa
File:                     76753f1d5ee6f84a08b5a0bf06561c9ed54e6bd4.roa (raw, json)
Hash identifier:          e6oGFLlyh+koHfzkiaPyP9nCxsJNHyLW8ShC2hQtazQ=
Subject key identifier:   1B:28:77:3A:5F:9A:A7:81:B2:EA:3B:B3:64:D3:AC:4E:EA:58:82:52
Certificate issuer:       /CN=c1d902de4502f1d62715799d87d20d2fe6b20d52
Certificate serial:       1D6B20
Authority key identifier: 5D:8A:17:7E:7B:71:01:03:1C:D2:0D:A5:C1:65:44:88:A4:D2:C1:78
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/c1d902de4502f1d62715799d87d20d2fe6b20d52.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/a73917d3-7581-4880-a4fe-1222139e4167/76753f1d5ee6f84a08b5a0bf06561c9ed54e6bd4.roa
Signing time:             Wed 18 Jan 2023 18:17:46 +0000
ROA not before:           Sat 10 Apr 2021 03:00:00 +0000
ROA not after:            Tue 11 Apr 2023 03:00:00 +0000
asID:                     28458
IP address blocks:        138.122.96.0/22 maxlen: 22
                          138.122.96.0/24 maxlen: 24
                          138.122.97.0/24 maxlen: 24
                          138.122.98.0/24 maxlen: 24
                          138.122.99.0/24 maxlen: 24
                          170.239.148.0/22 maxlen: 22
                          170.239.148.0/24 maxlen: 24
                          170.239.149.0/24 maxlen: 24
                          170.239.150.0/24 maxlen: 24
                          170.239.151.0/24 maxlen: 24
                          2806:202::/32 maxlen: 32
                          2806:202:800::/37 maxlen: 37

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1927968 (0x1d6b20)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c1d902de4502f1d62715799d87d20d2fe6b20d52
        Validity
            Not Before: Apr 10 03:00:00 2021 GMT
            Not After : Apr 11 03:00:00 2023 GMT
        Subject: CN=76753f1d5ee6f84a08b5a0bf06561c9ed54e6bd4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:05:07:c6:9a:d0:c3:11:f1:dc:8c:08:01:12:
                    24:fa:e1:06:85:3d:0a:ed:15:d4:f1:bb:f6:95:71:
                    84:ca:a9:52:bf:95:d6:71:70:9b:6f:f1:a0:2d:f8:
                    91:fc:09:75:c4:22:2f:61:4b:0d:fe:34:81:f8:0b:
                    cc:57:af:93:7e:eb:4e:19:76:7a:5f:36:29:29:ff:
                    81:54:5b:1f:3b:22:f9:93:43:d8:75:7e:97:b5:4c:
                    6b:aa:25:91:a2:c9:2d:f1:80:33:bb:34:2a:10:28:
                    fc:df:5a:4c:35:34:16:76:61:43:05:75:0f:b5:48:
                    fe:62:27:70:62:58:d8:d8:32:5d:93:72:94:50:c1:
                    ce:79:3a:5d:d2:f9:8d:09:9b:31:01:bf:15:d8:00:
                    a1:80:11:49:43:6d:63:71:a7:bb:c5:ef:41:7a:4c:
                    12:76:b3:08:80:e1:ad:e6:32:b9:b9:f5:0d:23:88:
                    be:b6:90:6d:76:0a:f4:cc:3e:bd:8b:64:da:97:68:
                    0b:37:97:b0:ea:cd:5a:94:8e:6a:43:49:87:6e:13:
                    f0:58:3b:77:b4:1f:57:b1:51:06:aa:93:4f:de:1f:
                    68:be:18:a2:0e:c1:6c:ba:bd:34:23:0e:b5:6d:55:
                    1f:36:d8:33:81:30:6d:75:f9:28:a9:08:00:b6:dd:
                    39:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1B:28:77:3A:5F:9A:A7:81:B2:EA:3B:B3:64:D3:AC:4E:EA:58:82:52
            X509v3 Authority Key Identifier:
                keyid:5D:8A:17:7E:7B:71:01:03:1C:D2:0D:A5:C1:65:44:88:A4:D2:C1:78

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/c1d902de4502f1d62715799d87d20d2fe6b20d52.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/a73917d3-7581-4880-a4fe-1222139e4167/76753f1d5ee6f84a08b5a0bf06561c9ed54e6bd4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/a73917d3-7581-4880-a4fe-1222139e4167/c1d902de4502f1d62715799d87d20d2fe6b20d52.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  138.122.96.0/22
                  170.239.148.0/22
                IPv6:
                  2806:202::/32

    Signature Algorithm: sha256WithRSAEncryption
         4b:cd:1b:cf:5c:ed:19:b2:c8:1d:a5:8f:18:80:9f:17:2a:05:
         66:95:b6:67:d8:74:28:6d:37:be:a6:04:a8:8a:01:58:fe:a8:
         69:19:94:ae:f8:ba:55:9f:62:2b:6d:1a:c8:3d:7b:f6:61:3a:
         36:a6:a3:7a:e0:ae:c2:9d:00:51:75:aa:32:87:0d:2f:7e:bc:
         35:34:c9:99:46:09:b3:09:53:68:1a:dd:e0:67:b5:6e:b2:14:
         f8:c6:58:a9:f4:56:e3:59:f9:f5:b5:8d:39:2f:f4:57:d1:80:
         ff:b8:04:be:6e:cc:be:8d:e8:93:1f:e1:88:9f:3b:39:0e:de:
         b3:e2:b4:c2:d6:b6:ee:6c:77:7d:2c:d3:72:a2:d5:d5:62:2e:
         19:53:ba:13:10:34:62:0e:e9:18:a2:a7:de:eb:0b:e5:9d:18:
         21:55:5a:68:8d:b6:91:f6:cb:7c:36:bf:19:b1:03:f2:5c:43:
         5e:19:b4:d8:87:8c:9d:86:92:54:6f:62:85:64:65:90:9c:c4:
         e4:77:30:28:e2:bf:5b:df:00:05:3c:35:43:10:29:22:2c:b0:
         5d:37:07:79:b0:d7:ac:23:af:5f:cf:49:8a:a8:24:47:5f:46:
         12:8a:86:16:ea:7d:08:b0:57:cd:62:11:94:06:b6:4d:2b:fd:
         3c:ff:20:8f
-----BEGIN CERTIFICATE-----
MIIFVTCCBD2gAwIBAgIDHWsgMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGMx
ZDkwMmRlNDUwMmYxZDYyNzE1Nzk5ZDg3ZDIwZDJmZTZiMjBkNTIwHhcNMjEwNDEw
MDMwMDAwWhcNMjMwNDExMDMwMDAwWjAzMTEwLwYDVQQDEyg3Njc1M2YxZDVlZTZm
ODRhMDhiNWEwYmYwNjU2MWM5ZWQ1NGU2YmQ0MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAkQUHxprQwxHx3IwIARIk+uEGhT0K7RXU8bv2lXGEyqlSv5XW
cXCbb/GgLfiR/Al1xCIvYUsN/jSB+AvMV6+TfutOGXZ6XzYpKf+BVFsfOyL5k0PY
dX6XtUxrqiWRoskt8YAzuzQqECj831pMNTQWdmFDBXUPtUj+YidwYljY2DJdk3KU
UMHOeTpd0vmNCZsxAb8V2AChgBFJQ21jcae7xe9BekwSdrMIgOGt5jK5ufUNI4i+
tpBtdgr0zD69i2Tal2gLN5ew6s1alI5qQ0mHbhPwWDt3tB9XsVEGqpNP3h9ovhii
DsFsur00Iw61bVUfNtgzgTBtdfkoqQgAtt05DwIDAQABo4ICcDCCAmwwHQYDVR0O
BBYEFBsodzpfmqeBsuo7s2TTrE7qWIJSMB8GA1UdIwQYMBaAFF2KF357cQEDHNIN
pcFlRIik0sF4MA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYzFkOTAy
ZGU0NTAyZjFkNjI3MTU3OTlkODdkMjBkMmZlNmIyMGQ1Mi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvYTczOTE3ZDMtNzU4MS00ODgwLWE0ZmUtMTIyMjEz
OWU0MTY3Lzc2NzUzZjFkNWVlNmY4NGEwOGI1YTBiZjA2NTYxYzllZDU0ZTZiZDQu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9hNzM5MTdkMy03NTgxLTQ4ODAtYTRmZS0xMjIy
MTM5ZTQxNjcvYzFkOTAyZGU0NTAyZjFkNjI3MTU3OTlkODdkMjBkMmZlNmIyMGQ1
Mi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0BggrBgEFBQcBBwEB/wQl
MCMwEgQCAAEwDAMEAop6YAMEAqrvlDANBAIAAjAHAwUAKAYCAjANBgkqhkiG9w0B
AQsFAAOCAQEAS80bz1ztGbLIHaWPGICfFyoFZpW2Z9h0KG03vqYEqIoBWP6oaRmU
rvi6VZ9iK20ayD179mE6NqajeuCuwp0AUXWqMocNL368NTTJmUYJswlTaBrd4Ge1
brIU+MZYqfRW41n59bWNOS/0V9GA/7gEvm7Mvo3okx/hiJ87OQ7es+K0wta27mx3
fSzTcqLV1WIuGVO6ExA0Yg7pGKKn3usL5Z0YIVVaaI22kfbLfDa/GbED8lxDXhm0
2IeMnYaSVG9ihWRlkJzE5HcwKOK/W98ABTw1QxApIiywXTcHebDXrCOvX89Jiqgk
R19GEoqGFup9CLBXzWIRlAa2TSv9PP8gjw==
-----END CERTIFICATE-----