Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/af428568-fa34-47c2-a3b4-af3236f8789c/ae48dc9e9b350b432e7cef0d8b8953084a3056db.roa
File:                     ae48dc9e9b350b432e7cef0d8b8953084a3056db.roa (raw, json)
Hash identifier:          kgz9YbHM18N9bNwjPOkhV+yl7xTTTcF4cRQo/zUPK6c=
Subject key identifier:   7A:56:96:87:7A:A0:3E:DA:85:AD:55:F7:1E:F1:7A:67:A9:58:0E:81
Certificate issuer:       /CN=0e2555d6d6cd9849fdcea4cd3f4d423880fbd420
Certificate serial:       1B8297
Authority key identifier: 38:2C:BB:1B:5E:B4:5B:2C:41:12:FB:09:8A:5D:5A:FE:89:5B:B3:D7
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/0e2555d6d6cd9849fdcea4cd3f4d423880fbd420.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/af428568-fa34-47c2-a3b4-af3236f8789c/ae48dc9e9b350b432e7cef0d8b8953084a3056db.roa
Signing time:             Fri 24 Mar 2023 08:31:37 +0000
ROA not before:           Thu 23 Mar 2023 08:31:37 +0000
ROA not after:            Sat 22 Mar 2025 08:31:37 +0000
asID:                     52271
IP address blocks:        167.250.208.0/24 maxlen: 24
                          167.250.209.0/24 maxlen: 24
                          167.250.210.0/24 maxlen: 24
                          167.250.211.0/24 maxlen: 24
                          170.239.48.0/24 maxlen: 24
                          170.239.49.0/24 maxlen: 24
                          170.239.50.0/24 maxlen: 24
                          170.239.51.0/24 maxlen: 24
                          190.112.56.0/24 maxlen: 24
                          190.112.57.0/24 maxlen: 24
                          190.112.58.0/24 maxlen: 24
                          190.112.59.0/24 maxlen: 24
                          190.112.60.0/24 maxlen: 24
                          190.112.61.0/24 maxlen: 24
                          190.112.62.0/24 maxlen: 24
                          190.112.63.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1802903 (0x1b8297)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0e2555d6d6cd9849fdcea4cd3f4d423880fbd420
        Validity
            Not Before: Mar 23 08:31:37 2023 GMT
            Not After : Mar 22 08:31:37 2025 GMT
        Subject: CN=ae48dc9e9b350b432e7cef0d8b8953084a3056db
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:e0:c0:42:fc:ec:55:f1:0c:74:12:30:60:c1:
                    43:8a:d2:de:9f:da:7e:6a:73:d1:a0:48:99:c9:9a:
                    1a:1d:03:bd:32:8a:a1:cf:fb:b8:71:5a:9d:d2:f7:
                    ca:a6:09:eb:a2:2a:2f:05:72:3e:21:59:03:22:92:
                    2e:d4:b8:99:a3:b5:8b:f5:99:63:20:bc:60:b9:25:
                    63:df:16:77:83:6b:f6:14:f0:26:7d:e1:93:53:b1:
                    65:e5:53:1b:bd:e9:6e:8d:d4:9e:c7:b6:55:c8:55:
                    96:0d:57:1b:86:54:77:d6:72:3d:45:7f:bc:b9:c1:
                    10:ef:ca:6c:3a:75:fe:9a:c1:53:f8:d6:0d:4a:db:
                    39:40:98:ef:f5:7b:d6:f0:bc:24:5b:5e:e6:73:e4:
                    06:76:82:4e:8d:f1:f7:8d:73:7a:75:74:3a:bf:89:
                    49:40:fc:2d:10:1f:10:84:51:59:8c:60:65:b5:26:
                    f0:b7:da:2a:7d:61:3b:e5:c0:93:9b:56:9c:aa:cc:
                    8e:39:19:5a:56:95:77:78:5f:e1:6e:ee:15:48:6a:
                    78:bb:91:33:21:c6:2d:05:32:de:09:45:f1:85:fe:
                    0a:24:d5:81:2d:8c:85:6d:f9:52:f6:b6:7c:a2:e9:
                    ed:52:1e:6f:6f:d5:f2:89:f1:2c:72:81:67:a3:ff:
                    a8:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7A:56:96:87:7A:A0:3E:DA:85:AD:55:F7:1E:F1:7A:67:A9:58:0E:81
            X509v3 Authority Key Identifier:
                keyid:38:2C:BB:1B:5E:B4:5B:2C:41:12:FB:09:8A:5D:5A:FE:89:5B:B3:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/0e2555d6d6cd9849fdcea4cd3f4d423880fbd420.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/af428568-fa34-47c2-a3b4-af3236f8789c/ae48dc9e9b350b432e7cef0d8b8953084a3056db.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/af428568-fa34-47c2-a3b4-af3236f8789c/0e2555d6d6cd9849fdcea4cd3f4d423880fbd420.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  167.250.208.0/22
                  170.239.48.0/22
                  190.112.56.0/21

    Signature Algorithm: sha256WithRSAEncryption
         6b:fa:04:df:9c:86:8b:3b:fc:11:b9:82:04:ff:60:ef:07:98:
         86:5f:88:db:53:c5:50:d7:8b:78:8a:aa:4e:3b:83:4a:5e:c5:
         23:90:29:26:16:35:f1:17:20:32:89:90:6c:18:8a:68:20:1e:
         ab:04:89:d4:4b:7d:10:ac:2b:76:60:e1:fc:4e:a7:42:b6:6e:
         95:ce:27:d1:37:9a:80:95:24:f4:fc:ee:87:fb:25:25:6a:07:
         64:f7:db:c4:59:26:58:81:d0:6c:eb:1e:6c:72:6d:ee:32:77:
         de:c3:8f:a7:71:fc:20:ae:3c:0f:f3:29:d4:2d:d6:fc:50:96:
         a1:87:73:a7:66:4f:1d:cf:9b:33:6e:11:30:6b:e7:3e:a1:1f:
         68:3a:99:dd:7a:4a:2b:44:b9:1a:25:a1:ea:ed:b2:c4:f4:25:
         0b:66:77:cc:8e:68:d9:83:35:b6:96:ea:e3:61:ae:43:b8:1b:
         53:2d:5a:66:a6:eb:38:a3:d1:55:97:b0:63:e8:ff:c5:d7:74:
         97:85:37:a5:de:b5:48:59:3d:77:1f:2c:ec:9b:56:e5:3a:1c:
         77:31:a0:94:6d:79:df:bf:d6:d3:a8:c2:57:e3:d5:e5:b1:bd:
         72:2a:ae:e7:d3:2b:df:7e:26:49:a1:2b:88:6f:87:b4:fe:99:
         34:28:a1:0a
-----BEGIN CERTIFICATE-----
MIIFTDCCBDSgAwIBAgIDG4KXMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDBl
MjU1NWQ2ZDZjZDk4NDlmZGNlYTRjZDNmNGQ0MjM4ODBmYmQ0MjAwHhcNMjMwMzIz
MDgzMTM3WhcNMjUwMzIyMDgzMTM3WjAzMTEwLwYDVQQDEyhhZTQ4ZGM5ZTliMzUw
YjQzMmU3Y2VmMGQ4Yjg5NTMwODRhMzA1NmRiMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAs+DAQvzsVfEMdBIwYMFDitLen9p+anPRoEiZyZoaHQO9Moqh
z/u4cVqd0vfKpgnroiovBXI+IVkDIpIu1LiZo7WL9ZljILxguSVj3xZ3g2v2FPAm
feGTU7Fl5VMbvelujdSex7ZVyFWWDVcbhlR31nI9RX+8ucEQ78psOnX+msFT+NYN
Sts5QJjv9XvW8LwkW17mc+QGdoJOjfH3jXN6dXQ6v4lJQPwtEB8QhFFZjGBltSbw
t9oqfWE75cCTm1acqsyOORlaVpV3eF/hbu4VSGp4u5EzIcYtBTLeCUXxhf4KJNWB
LYyFbflS9rZ8ountUh5vb9XyifEscoFno/+odwIDAQABo4ICZzCCAmMwHQYDVR0O
BBYEFHpWlod6oD7aha1V9x7xemepWA6BMB8GA1UdIwQYMBaAFDgsuxtetFssQRL7
CYpdWv6JW7PXMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvMGUyNTU1
ZDZkNmNkOTg0OWZkY2VhNGNkM2Y0ZDQyMzg4MGZiZDQyMC5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvYWY0Mjg1NjgtZmEzNC00N2MyLWEzYjQtYWYzMjM2
Zjg3ODljL2FlNDhkYzllOWIzNTBiNDMyZTdjZWYwZDhiODk1MzA4NGEzMDU2ZGIu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9hZjQyODU2OC1mYTM0LTQ3YzItYTNiNC1hZjMy
MzZmODc4OWMvMGUyNTU1ZDZkNmNkOTg0OWZkY2VhNGNkM2Y0ZDQyMzg4MGZiZDQy
MC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjArBggrBgEFBQcBBwEB/wQc
MBowGAQCAAEwEgMEAqf60AMEAqrvMAMEA75wODANBgkqhkiG9w0BAQsFAAOCAQEA
a/oE35yGizv8EbmCBP9g7weYhl+I21PFUNeLeIqqTjuDSl7FI5ApJhY18RcgMomQ
bBiKaCAeqwSJ1Et9EKwrdmDh/E6nQrZulc4n0TeagJUk9Pzuh/slJWoHZPfbxFkm
WIHQbOsebHJt7jJ33sOPp3H8IK48D/Mp1C3W/FCWoYdzp2ZPHc+bM24RMGvnPqEf
aDqZ3XpKK0S5GiWh6u2yxPQlC2Z3zI5o2YM1tpbq42GuQ7gbUy1aZqbrOKPRVZew
Y+j/xdd0l4U3pd61SFk9dx8s7JtW5TocdzGglG1537/W06jCV+PV5bG9ciqu59Mr
334mSaEriG+HtP6ZNCihCg==
-----END CERTIFICATE-----