Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/f015c46b-1540-49eb-b969-0f3c40e00140/8029320a75fcaab150ba1c6ded0885fad7a08fb0.roa
File:                     8029320a75fcaab150ba1c6ded0885fad7a08fb0.roa (raw, json)
Hash identifier:          3ZACu+oLfowGgd8+/QNsFPJYdY7JlZE0KeYjw9efDO4=
Subject key identifier:   BA:27:81:C6:4F:F6:32:21:D2:7F:03:13:E1:63:FF:90:AB:0C:50:16
Certificate issuer:       /CN=88d3b38fb9bfced57c6ad5eb160c130acf32641c
Certificate serial:       0E064F
Authority key identifier: FB:1B:2A:C1:49:DD:65:34:44:95:86:34:F9:B3:B7:A7:B7:69:E9:F8
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/88d3b38fb9bfced57c6ad5eb160c130acf32641c.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/f015c46b-1540-49eb-b969-0f3c40e00140/8029320a75fcaab150ba1c6ded0885fad7a08fb0.roa
Signing time:             Wed 24 Mar 2021 14:29:00 +0000
ROA not before:           Wed 24 Mar 2021 14:28:59 +0000
ROA not after:            Tue 24 Mar 2026 14:28:59 +0000
asID:                     28075
IP address blocks:        190.113.128.0/20 maxlen: 24
                          190.113.159.0/24 maxlen: 24
                          190.113.163.0/24 maxlen: 24
                          190.113.172.0/22 maxlen: 23
                          201.190.255.0/24 maxlen: 24
                          2803:6600::/34 maxlen: 34
                          2803:6602::/33 maxlen: 34
                          2803:6602:c000::/34 maxlen: 34
                          2803:6603:4000::/34 maxlen: 34
                          2803:6603:c000::/34 maxlen: 34
                          2803:6604:6000::/35 maxlen: 48
                          2803:6604:a000::/35 maxlen: 48

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 919119 (0xe064f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=88d3b38fb9bfced57c6ad5eb160c130acf32641c
        Validity
            Not Before: Mar 24 14:28:59 2021 GMT
            Not After : Mar 24 14:28:59 2026 GMT
        Subject: CN=8029320a75fcaab150ba1c6ded0885fad7a08fb0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:27:44:1a:51:36:7f:f5:ba:f1:2c:a1:f9:27:
                    aa:f4:39:7c:c1:c7:68:43:09:99:d0:93:85:91:92:
                    1e:6a:e3:f8:0d:f6:be:dd:2e:35:0c:a5:a8:4b:11:
                    71:03:56:1e:bb:66:0d:50:78:71:59:56:d5:53:ce:
                    a5:28:4c:77:00:d2:2c:1a:c3:98:4a:a6:a8:d1:39:
                    88:51:76:80:e0:87:2d:3c:3c:7b:86:7e:24:e5:e4:
                    9d:da:ce:65:b1:d2:08:77:d3:c5:1b:45:b6:6c:a4:
                    82:5d:92:c7:03:c9:66:6c:c3:9a:a3:a8:56:6d:a5:
                    f6:4a:0e:74:3b:7c:d7:04:f7:4b:d5:5d:a9:b2:ef:
                    f5:c8:3d:ae:f3:b3:82:08:20:9b:08:1d:3d:85:b0:
                    83:ff:51:f3:ef:d1:ac:28:b0:61:58:6c:c6:01:1e:
                    3a:89:e9:a4:4a:2d:ea:58:9e:bb:07:67:e0:c5:8a:
                    dc:3b:a4:a9:9a:78:cb:f8:22:9e:02:a0:6a:d8:48:
                    b6:2e:c3:d0:74:d4:aa:7b:42:b4:79:06:ce:ef:ab:
                    12:a3:4f:de:45:27:8a:7c:3e:af:1c:76:3b:2c:29:
                    f2:47:f2:84:2b:e8:83:9f:f8:52:43:81:cb:fd:bf:
                    ec:6e:26:a5:3a:1d:a0:8e:da:2c:43:d8:ae:61:bf:
                    ee:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BA:27:81:C6:4F:F6:32:21:D2:7F:03:13:E1:63:FF:90:AB:0C:50:16
            X509v3 Authority Key Identifier:
                keyid:FB:1B:2A:C1:49:DD:65:34:44:95:86:34:F9:B3:B7:A7:B7:69:E9:F8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/88d3b38fb9bfced57c6ad5eb160c130acf32641c.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/f015c46b-1540-49eb-b969-0f3c40e00140/8029320a75fcaab150ba1c6ded0885fad7a08fb0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/f015c46b-1540-49eb-b969-0f3c40e00140/88d3b38fb9bfced57c6ad5eb160c130acf32641c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.113.128.0/20
                  190.113.159.0/24
                  190.113.163.0/24
                  190.113.172.0/22
                  201.190.255.0/24
                IPv6:
                  2803:6600::/34
                  2803:6602::/33
                  2803:6602:c000::/34
                  2803:6603:4000::/34
                  2803:6603:c000::/34
                  2803:6604:6000::/35
                  2803:6604:a000::/35

    Signature Algorithm: sha256WithRSAEncryption
         0a:06:47:4c:b8:e0:05:a6:32:55:50:3b:c1:f7:c9:61:de:09:
         86:9d:76:20:76:5b:a4:1a:c8:e8:55:c4:b4:5f:c4:57:cc:c4:
         e8:36:5f:e0:8c:f0:42:f9:e6:05:bd:a8:03:df:20:8b:4f:08:
         84:f5:b8:32:27:f2:27:1d:99:5c:95:a5:a7:44:db:35:8f:88:
         80:a2:20:e3:aa:f4:6c:03:2b:35:aa:cd:9a:8f:b8:cc:2d:36:
         8d:c4:be:02:16:52:fe:38:29:71:ac:00:f7:f2:47:6b:25:4e:
         3c:62:7e:59:4b:eb:99:3f:46:38:f0:18:35:a1:48:39:13:77:
         6e:f9:ef:98:10:ff:b1:77:81:e6:17:ee:46:65:ef:e7:cc:82:
         fa:1b:b7:63:8f:87:a6:9f:70:d4:ed:c9:50:c7:97:bf:9f:0d:
         67:aa:9a:05:7f:1f:a9:79:6a:a2:9f:72:42:64:b5:18:55:79:
         a1:70:d1:dd:63:76:63:9e:77:c5:5c:09:62:d3:35:52:2d:37:
         cd:9a:ce:80:67:ea:0f:a2:82:a5:bc:af:ab:f8:ac:33:ad:06:
         1e:dc:ca:6e:23:52:c8:43:60:e1:a0:a7:c7:16:63:a4:11:7a:
         79:ee:2f:90:1c:33:ac:00:95:56:4a:f0:aa:4d:27:68:73:0a:
         eb:53:0d:46
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgIDDgZPMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDg4
ZDNiMzhmYjliZmNlZDU3YzZhZDVlYjE2MGMxMzBhY2YzMjY0MWMwHhcNMjEwMzI0
MTQyODU5WhcNMjYwMzI0MTQyODU5WjAzMTEwLwYDVQQDEyg4MDI5MzIwYTc1ZmNh
YWIxNTBiYTFjNmRlZDA4ODVmYWQ3YTA4ZmIwMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA4CdEGlE2f/W68Syh+Seq9Dl8wcdoQwmZ0JOFkZIeauP4Dfa+
3S41DKWoSxFxA1Yeu2YNUHhxWVbVU86lKEx3ANIsGsOYSqao0TmIUXaA4IctPDx7
hn4k5eSd2s5lsdIId9PFG0W2bKSCXZLHA8lmbMOao6hWbaX2Sg50O3zXBPdL1V2p
su/1yD2u87OCCCCbCB09hbCD/1Hz79GsKLBhWGzGAR46iemkSi3qWJ67B2fgxYrc
O6SpmnjL+CKeAqBq2Ei2LsPQdNSqe0K0eQbO76sSo0/eRSeKfD6vHHY7LCnyR/KE
K+iDn/hSQ4HL/b/sbialOh2gjtosQ9iuYb/ufwIDAQABo4ICszCCAq8wHQYDVR0O
BBYEFLongcZP9jIh0n8DE+Fj/5CrDFAWMB8GA1UdIwQYMBaAFPsbKsFJ3WU0RJWG
NPmzt6e3aen4MA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvODhkM2Iz
OGZiOWJmY2VkNTdjNmFkNWViMTYwYzEzMGFjZjMyNjQxYy5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvZjAxNWM0NmItMTU0MC00OWViLWI5NjktMGYzYzQw
ZTAwMTQwLzgwMjkzMjBhNzVmY2FhYjE1MGJhMWM2ZGVkMDg4NWZhZDdhMDhmYjAu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9mMDE1YzQ2Yi0xNTQwLTQ5ZWItYjk2OS0wZjNj
NDBlMDAxNDAvODhkM2IzOGZiOWJmY2VkNTdjNmFkNWViMTYwYzEzMGFjZjMyNjQx
Yy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjB3BggrBgEFBQcBBwEB/wRo
MGYwJAQCAAEwHgMEBL5xgAMEAL5xnwMEAL5xowMEAr5xrAMEAMm+/zA+BAIAAjA4
AwYGKANmAAADBgcoA2YCAAMGBigDZgLAAwYGKANmA0ADBgYoA2YDwAMGBSgDZgRg
AwYFKANmBKAwDQYJKoZIhvcNAQELBQADggEBAAoGR0y44AWmMlVQO8H3yWHeCYad
diB2W6QayOhVxLRfxFfMxOg2X+CM8EL55gW9qAPfIItPCIT1uDIn8icdmVyVpadE
2zWPiICiIOOq9GwDKzWqzZqPuMwtNo3EvgIWUv44KXGsAPfyR2slTjxifllL65k/
RjjwGDWhSDkTd27575gQ/7F3geYX7kZl7+fMgvobt2OPh6afcNTtyVDHl7+fDWeq
mgV/H6l5aqKfckJktRhVeaFw0d1jdmOed8VcCWLTNVItN82azoBn6g+igqW8r6v4
rDOtBh7cym4jUshDYOGgp8cWY6QRennuL5AcM6wAlVZK8KpNJ2hzCutTDUY=
-----END CERTIFICATE-----