Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/e4ad68e3-a7f0-4d51-8658-ccf9c26d3ea7/c298b360aae90bb8be9ff45a8b6e31065d39615d.roa
File:                     c298b360aae90bb8be9ff45a8b6e31065d39615d.roa (raw, json)
Hash identifier:          cgvdEx+a9Pl/+vOJVOTHS+Tmk1pmZ1S0+ZxlzHxDL4o=
Subject key identifier:   8B:10:DD:FA:71:EA:6C:D4:0A:B9:2A:70:10:F5:4E:47:9E:DD:6C:D9
Certificate issuer:       /CN=9469fb387befc96f019d014c6e5234d0955553a9
Certificate serial:       111955
Authority key identifier: 0C:85:05:14:47:68:0B:DB:20:29:0F:24:74:35:15:B5:E6:12:6A:7F
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/9469fb387befc96f019d014c6e5234d0955553a9.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/e4ad68e3-a7f0-4d51-8658-ccf9c26d3ea7/c298b360aae90bb8be9ff45a8b6e31065d39615d.roa
Signing time:             Wed 12 Jul 2023 13:00:55 +0000
ROA not before:           Tue 11 Jul 2023 13:00:53 +0000
ROA not after:            Sat 12 Jul 2025 13:00:53 +0000
asID:                     27768
IP address blocks:        201.217.16.0/22 maxlen: 24
                          201.217.21.0/24 maxlen: 24
                          201.217.22.0/23 maxlen: 24
                          201.217.29.0/24 maxlen: 24
                          201.217.30.0/23 maxlen: 24
                          201.217.32.0/22 maxlen: 24
                          201.217.40.0/22 maxlen: 24
                          201.217.49.0/24 maxlen: 24
                          201.217.50.0/24 maxlen: 24
                          201.217.52.0/23 maxlen: 24
                          201.217.59.0/24 maxlen: 24
                          201.217.0.0/21 maxlen: 24
                          201.217.8.0/22 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1120597 (0x111955)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9469fb387befc96f019d014c6e5234d0955553a9
        Validity
            Not Before: Jul 11 13:00:53 2023 GMT
            Not After : Jul 12 13:00:53 2025 GMT
        Subject: CN=c298b360aae90bb8be9ff45a8b6e31065d39615d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:d1:43:59:51:b9:b4:cb:5c:75:e5:16:25:80:
                    46:fd:47:4c:1c:98:ba:bc:51:dc:55:7e:bf:af:ed:
                    ce:d0:fe:8b:35:8f:b6:0d:79:b5:47:7b:af:7e:f6:
                    1d:33:e1:7f:d9:ae:ae:b3:af:35:93:24:1a:e9:df:
                    c8:84:ae:a4:27:69:ca:6a:d6:77:8d:00:4e:28:2f:
                    78:c2:eb:9d:a1:ee:ca:53:71:07:64:4b:a1:c1:ae:
                    55:b7:88:4b:0a:c3:58:4f:cf:75:46:d5:35:21:0d:
                    84:10:ff:ad:c4:54:dc:05:84:95:be:a4:d5:2e:7d:
                    49:c0:24:77:ac:3d:48:69:18:ad:7a:4d:4a:8a:10:
                    0f:43:6a:63:96:dc:20:16:2e:3d:c1:4a:30:d1:50:
                    f8:ef:09:72:e3:5a:0d:51:7e:6d:ba:1a:20:0b:9a:
                    d6:6f:ae:7e:f2:2c:41:69:9d:ed:02:d5:ad:ed:b9:
                    1e:f6:02:1c:78:cd:80:0b:52:90:98:cc:af:06:83:
                    36:b9:37:cb:2f:e3:b9:f1:62:4f:13:9a:56:77:aa:
                    ab:e1:cc:1c:1d:8d:4c:d7:e2:c0:85:a5:54:e6:ec:
                    1a:a0:6b:11:ce:48:02:f6:20:47:9b:5f:d6:2c:e0:
                    28:3f:22:40:84:fd:6e:37:d4:70:dc:68:16:2f:2b:
                    b6:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8B:10:DD:FA:71:EA:6C:D4:0A:B9:2A:70:10:F5:4E:47:9E:DD:6C:D9
            X509v3 Authority Key Identifier:
                keyid:0C:85:05:14:47:68:0B:DB:20:29:0F:24:74:35:15:B5:E6:12:6A:7F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/9469fb387befc96f019d014c6e5234d0955553a9.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/e4ad68e3-a7f0-4d51-8658-ccf9c26d3ea7/c298b360aae90bb8be9ff45a8b6e31065d39615d.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/e4ad68e3-a7f0-4d51-8658-ccf9c26d3ea7/9469fb387befc96f019d014c6e5234d0955553a9.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  201.217.0.0-201.217.11.255
                  201.217.16.0/22
                  201.217.21.0-201.217.23.255
                  201.217.29.0-201.217.35.255
                  201.217.40.0/22
                  201.217.49.0-201.217.50.255
                  201.217.52.0/23
                  201.217.59.0/24

    Signature Algorithm: sha256WithRSAEncryption
         92:dc:1f:0c:e6:95:67:aa:d2:93:ea:84:b8:f4:6e:70:ff:57:
         ea:a7:ef:21:89:0f:61:ba:bd:77:30:f9:d5:3f:28:02:9e:4a:
         35:5d:ab:21:e8:6f:92:59:0a:98:7a:9f:c6:16:06:64:3f:8d:
         b2:1f:39:fa:4a:b3:43:88:c5:8e:3f:60:60:b4:33:a9:70:62:
         ca:05:dc:1a:c8:fd:63:bf:75:0b:07:68:2a:1b:d4:a0:45:d7:
         55:ff:02:34:6f:a7:d2:7b:ae:4a:6b:2d:a7:91:60:8c:8d:31:
         4c:21:1c:47:4f:08:9a:c1:fd:40:18:d5:94:4b:2e:11:a6:cb:
         e6:46:a0:15:d3:1f:94:9b:9a:d4:f2:a6:08:70:ca:e7:8e:6f:
         0d:f5:c4:4b:af:e8:8d:51:d0:a2:eb:ed:99:dc:ae:76:4c:9c:
         cb:1e:af:52:c4:8f:cf:dc:dd:c5:d8:1c:4a:dd:b5:bb:27:a8:
         dc:5a:ea:d0:a2:59:24:c7:47:05:23:6c:fc:5f:18:20:af:59:
         54:e4:f0:95:f6:67:0e:8f:f8:9d:3a:12:c5:5b:1b:70:09:17:
         53:9d:60:19:6c:2b:e4:10:60:90:f8:76:d5:38:a7:ed:15:be:
         ff:6c:d3:bc:78:0e:a4:eb:a7:ad:0d:c4:9c:46:09:c3:81:92:
         cd:37:8e:78
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgIDERlVMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDk0
NjlmYjM4N2JlZmM5NmYwMTlkMDE0YzZlNTIzNGQwOTU1NTUzYTkwHhcNMjMwNzEx
MTMwMDUzWhcNMjUwNzEyMTMwMDUzWjAzMTEwLwYDVQQDEyhjMjk4YjM2MGFhZTkw
YmI4YmU5ZmY0NWE4YjZlMzEwNjVkMzk2MTVkMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAjtFDWVG5tMtcdeUWJYBG/UdMHJi6vFHcVX6/r+3O0P6LNY+2
DXm1R3uvfvYdM+F/2a6us681kyQa6d/IhK6kJ2nKatZ3jQBOKC94wuudoe7KU3EH
ZEuhwa5Vt4hLCsNYT891RtU1IQ2EEP+txFTcBYSVvqTVLn1JwCR3rD1IaRitek1K
ihAPQ2pjltwgFi49wUow0VD47wly41oNUX5tuhogC5rWb65+8ixBaZ3tAtWt7bke
9gIceM2AC1KQmMyvBoM2uTfLL+O58WJPE5pWd6qr4cwcHY1M1+LAhaVU5uwaoGsR
zkgC9iBHm1/WLOAoPyJAhP1uN9Rw3GgWLyu20QIDAQABo4ICpDCCAqAwHQYDVR0O
BBYEFIsQ3fpx6mzUCrkqcBD1Tkee3WzZMB8GA1UdIwQYMBaAFAyFBRRHaAvbICkP
JHQ1FbXmEmp/MA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvOTQ2OWZi
Mzg3YmVmYzk2ZjAxOWQwMTRjNmU1MjM0ZDA5NTU1NTNhOS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvZTRhZDY4ZTMtYTdmMC00ZDUxLTg2NTgtY2NmOWMy
NmQzZWE3L2MyOThiMzYwYWFlOTBiYjhiZTlmZjQ1YThiNmUzMTA2NWQzOTYxNWQu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9lNGFkNjhlMy1hN2YwLTRkNTEtODY1OC1jY2Y5
YzI2ZDNlYTcvOTQ2OWZiMzg3YmVmYzk2ZjAxOWQwMTRjNmU1MjM0ZDA5NTU1NTNh
OS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBoBggrBgEFBQcBBwEB/wRZ
MFcwVQQCAAEwTzALAwMAydkDBALJ2QgDBALJ2RAwDAMEAMnZFQMEA8nZEDAMAwQA
ydkdAwQCydkgAwQCydkoMAwDBADJ2TEDBADJ2TIDBAHJ2TQDBADJ2TswDQYJKoZI
hvcNAQELBQADggEBAJLcHwzmlWeq0pPqhLj0bnD/V+qn7yGJD2G6vXcw+dU/KAKe
SjVdqyHob5JZCph6n8YWBmQ/jbIfOfpKs0OIxY4/YGC0M6lwYsoF3BrI/WO/dQsH
aCob1KBF11X/AjRvp9J7rkprLaeRYIyNMUwhHEdPCJrB/UAY1ZRLLhGmy+ZGoBXT
H5SbmtTypghwyueObw31xEuv6I1R0KLr7ZncrnZMnMser1LEj8/c3cXYHErdtbsn
qNxa6tCiWSTHRwUjbPxfGCCvWVTk8JX2Zw6P+J06EsVbG3AJF1OdYBlsK+QQYJD4
dtU4p+0Vvv9s07x4DqTrp60NxJxGCcOBks03jng=
-----END CERTIFICATE-----