Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/c20b558a-89e0-4c9e-b6c8-d7c694632120/b0117b7b69ab06e2d35b5fb8177fe1dcad095b59.roa
File:                     b0117b7b69ab06e2d35b5fb8177fe1dcad095b59.roa (raw, json)
Hash identifier:          GQf7OPA8gQSmJ0tzUN6bUXQzZ/5CNKhYYzGtgt4clJM=
Subject key identifier:   86:E4:EB:20:86:6D:13:D5:47:1D:4E:CF:6A:BE:35:FE:6C:50:CC:FD
Certificate issuer:       /CN=b3580078f4f897fcfdbaa0d90c2ec6f460e33222
Certificate serial:       1BBDD8
Authority key identifier: DF:C6:CA:8D:51:39:32:97:96:38:74:4C:37:8C:B3:A0:43:0E:95:B5
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/b3580078f4f897fcfdbaa0d90c2ec6f460e33222.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/c20b558a-89e0-4c9e-b6c8-d7c694632120/b0117b7b69ab06e2d35b5fb8177fe1dcad095b59.roa
Signing time:             Mon 26 Sep 2022 15:17:31 +0000
ROA not before:           Mon 26 Sep 2022 15:15:42 +0000
ROA not after:            Thu 26 Sep 2024 15:15:42 +0000
asID:                     3816
IP address blocks:        152.200.0.0/17 maxlen: 17
                          152.200.128.0/20 maxlen: 20
                          152.200.144.0/22 maxlen: 22
                          152.200.148.0/22 maxlen: 22
                          152.200.152.0/22 maxlen: 22
                          152.200.156.0/22 maxlen: 22
                          152.200.160.0/22 maxlen: 22
                          152.200.164.0/22 maxlen: 22
                          152.200.168.0/22 maxlen: 22
                          152.200.172.0/22 maxlen: 22
                          152.200.176.0/20 maxlen: 20
                          152.202.0.0/19 maxlen: 19
                          152.202.32.0/19 maxlen: 19
                          152.202.64.0/19 maxlen: 19
                          152.202.96.0/19 maxlen: 19
                          152.202.128.0/19 maxlen: 19
                          152.202.160.0/19 maxlen: 19
                          152.202.192.0/19 maxlen: 19
                          152.202.224.0/19 maxlen: 19
                          152.203.0.0/20 maxlen: 20
                          152.203.64.0/18 maxlen: 18

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1818072 (0x1bbdd8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b3580078f4f897fcfdbaa0d90c2ec6f460e33222
        Validity
            Not Before: Sep 26 15:15:42 2022 GMT
            Not After : Sep 26 15:15:42 2024 GMT
        Subject: CN=b0117b7b69ab06e2d35b5fb8177fe1dcad095b59
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:65:0f:8e:fc:ce:15:5f:a0:db:b5:26:7d:41:
                    83:a9:53:5f:45:44:6d:de:77:15:a8:bb:62:78:75:
                    0d:b2:2f:33:a9:d4:72:23:c0:c5:9d:b3:e8:9b:e4:
                    5c:43:e9:d9:97:92:80:de:ac:c3:ae:df:f4:6d:29:
                    05:47:f6:00:75:aa:ec:87:fe:57:dd:36:8b:67:7a:
                    32:ec:d0:18:45:cb:08:c8:4e:78:24:d1:e6:5a:38:
                    cd:ef:c9:ab:b2:44:1c:bc:da:51:dd:a1:2d:55:3f:
                    2d:63:dd:9c:a1:5d:52:ca:bd:72:d3:d2:3f:9f:7f:
                    d5:78:c3:72:6e:7a:72:81:fd:49:03:01:b9:62:0d:
                    83:55:6d:bb:b5:51:fe:ea:ec:93:6d:fb:47:0b:98:
                    3f:87:fb:64:9c:76:9b:d4:99:ed:6f:fb:37:79:ed:
                    ec:32:01:5d:93:b3:d5:07:8a:4f:5b:9b:d9:7a:68:
                    0c:13:5c:27:e4:9a:42:f7:41:ce:d3:c8:5c:54:42:
                    bd:a0:9e:ab:06:c1:ca:d6:75:cb:7e:7e:26:cf:d8:
                    2f:51:d6:e1:70:d7:ed:08:68:81:42:49:8c:d3:b3:
                    c1:e7:4d:4b:9a:cf:e0:56:03:1f:73:ba:d9:5c:3b:
                    9d:0a:7c:19:a8:f4:a5:3c:33:6d:64:3f:34:7b:1e:
                    20:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                86:E4:EB:20:86:6D:13:D5:47:1D:4E:CF:6A:BE:35:FE:6C:50:CC:FD
            X509v3 Authority Key Identifier:
                keyid:DF:C6:CA:8D:51:39:32:97:96:38:74:4C:37:8C:B3:A0:43:0E:95:B5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/b3580078f4f897fcfdbaa0d90c2ec6f460e33222.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/c20b558a-89e0-4c9e-b6c8-d7c694632120/b0117b7b69ab06e2d35b5fb8177fe1dcad095b59.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/c20b558a-89e0-4c9e-b6c8-d7c694632120/b3580078f4f897fcfdbaa0d90c2ec6f460e33222.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  152.200.0.0-152.200.191.255
                  152.202.0.0-152.203.15.255
                  152.203.64.0/18

    Signature Algorithm: sha256WithRSAEncryption
         65:fc:26:1a:cd:c4:c8:7e:5f:b2:fa:90:7c:e3:8a:29:e3:41:
         a6:e6:ca:ba:10:87:8c:5b:09:cf:85:ea:72:a0:3b:db:d2:6d:
         cc:11:81:4b:70:22:f0:28:ec:94:07:85:5f:6a:7d:0c:cd:34:
         0a:bf:b5:17:82:54:a0:d4:15:0e:12:8b:e9:52:4f:31:79:12:
         a7:7f:b0:8f:a1:f4:43:c6:e9:7d:df:7e:28:c8:e4:bc:f6:73:
         2d:7f:2f:82:d1:7c:56:a0:dd:74:99:b5:84:83:9f:cb:94:10:
         c1:4c:67:f1:50:4b:ee:b3:b2:9d:fa:c1:2e:bc:8b:bd:a1:06:
         b3:a1:4a:ee:ce:c1:e2:4e:55:1b:91:de:03:db:06:92:d9:fc:
         77:74:10:1f:1a:52:73:aa:32:47:52:ad:c2:5b:20:0f:2e:46:
         d7:f3:35:8b:89:92:8e:f2:a3:1e:81:ef:cc:84:0f:67:62:c6:
         e6:fb:c4:0c:b3:17:17:e1:9c:52:47:3d:75:31:40:1c:a8:35:
         da:91:52:8e:4d:59:d1:da:c0:1b:06:72:fa:2c:fe:5d:3e:b4:
         de:46:1b:2f:8c:cf:ed:92:66:46:8d:7a:ae:6e:d7:1e:4b:f2:
         43:f9:7b:8c:12:ad:91:7a:cb:8b:01:5d:4e:27:e6:13:4d:10:
         04:e9:a4:78
-----BEGIN CERTIFICATE-----
MIIFWjCCBEKgAwIBAgIDG73YMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGIz
NTgwMDc4ZjRmODk3ZmNmZGJhYTBkOTBjMmVjNmY0NjBlMzMyMjIwHhcNMjIwOTI2
MTUxNTQyWhcNMjQwOTI2MTUxNTQyWjAzMTEwLwYDVQQDEyhiMDExN2I3YjY5YWIw
NmUyZDM1YjVmYjgxNzdmZTFkY2FkMDk1YjU5MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAhWUPjvzOFV+g27UmfUGDqVNfRURt3ncVqLtieHUNsi8zqdRy
I8DFnbPom+RcQ+nZl5KA3qzDrt/0bSkFR/YAdarsh/5X3TaLZ3oy7NAYRcsIyE54
JNHmWjjN78mrskQcvNpR3aEtVT8tY92coV1Syr1y09I/n3/VeMNybnpygf1JAwG5
Yg2DVW27tVH+6uyTbftHC5g/h/tknHab1Jntb/s3ee3sMgFdk7PVB4pPW5vZemgM
E1wn5JpC90HO08hcVEK9oJ6rBsHK1nXLfn4mz9gvUdbhcNftCGiBQkmM07PB501L
ms/gVgMfc7rZXDudCnwZqPSlPDNtZD80ex4gHwIDAQABo4ICdTCCAnEwHQYDVR0O
BBYEFIbk6yCGbRPVRx1Oz2q+Nf5sUMz9MB8GA1UdIwQYMBaAFN/Gyo1ROTKXljh0
TDeMs6BDDpW1MA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYjM1ODAw
NzhmNGY4OTdmY2ZkYmFhMGQ5MGMyZWM2ZjQ2MGUzMzIyMi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvYzIwYjU1OGEtODllMC00YzllLWI2YzgtZDdjNjk0
NjMyMTIwL2IwMTE3YjdiNjlhYjA2ZTJkMzViNWZiODE3N2ZlMWRjYWQwOTViNTku
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9jMjBiNTU4YS04OWUwLTRjOWUtYjZjOC1kN2M2
OTQ2MzIxMjAvYjM1ODAwNzhmNGY4OTdmY2ZkYmFhMGQ5MGMyZWM2ZjQ2MGUzMzIy
Mi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA5BggrBgEFBQcBBwEB/wQq
MCgwJgQCAAEwIDALAwMDmMgDBAaYyIAwCwMDAZjKAwQEmMsAAwQGmMtAMA0GCSqG
SIb3DQEBCwUAA4IBAQBl/CYazcTIfl+y+pB844op40Gm5sq6EIeMWwnPhepyoDvb
0m3MEYFLcCLwKOyUB4Vfan0MzTQKv7UXglSg1BUOEovpUk8xeRKnf7CPofRDxul9
334oyOS89nMtfy+C0XxWoN10mbWEg5/LlBDBTGfxUEvus7Kd+sEuvIu9oQazoUru
zsHiTlUbkd4D2waS2fx3dBAfGlJzqjJHUq3CWyAPLkbX8zWLiZKO8qMege/MhA9n
Ysbm+8QMsxcX4ZxSRz11MUAcqDXakVKOTVnR2sAbBnL6LP5dPrTeRhsvjM/tkmZG
jXqubtceS/JD+XuMEq2ResuLAV1OJ+YTTRAE6aR4
-----END CERTIFICATE-----