Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/1821806c-0e82-4204-8b3c-dde7c0fc8d62/4a0b53d82bd3f5591682e964468b7cd779ef9c99.roa
File:                     4a0b53d82bd3f5591682e964468b7cd779ef9c99.roa (raw, json)
Hash identifier:          ShxxtH+eDTxQK9qiqH8FLmP8DAyVTwiXji7DDPfUpfc=
Subject key identifier:   55:8A:53:F1:04:18:5F:21:DE:12:71:A5:CC:A6:31:71:33:FD:B0:97
Certificate issuer:       /CN=a68aca945e5b4e0fa575bbe03b1af65146ef0b6f
Certificate serial:       2074BD
Authority key identifier: 5C:50:E5:03:69:FD:9F:99:A6:92:F6:88:B9:62:BC:77:AC:8A:A9:CB
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/a68aca945e5b4e0fa575bbe03b1af65146ef0b6f.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/1821806c-0e82-4204-8b3c-dde7c0fc8d62/4a0b53d82bd3f5591682e964468b7cd779ef9c99.roa
Signing time:             Fri 12 May 2023 16:49:28 +0000
ROA not before:           Thu 11 May 2023 16:49:28 +0000
ROA not after:            Mon 12 May 2025 16:49:28 +0000
asID:                     14080
IP address blocks:        191.156.23.0/24 maxlen: 24
                          2800:800:930::/48 maxlen: 48
                          2800:800:940::/48 maxlen: 48
                          2800:800:950::/48 maxlen: 48
                          2800:800:960::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/1821806c-0e82-4204-8b3c-dde7c0fc8d62/a68aca945e5b4e0fa575bbe03b1af65146ef0b6f.crl
                          rsync://repository.lacnic.net/rpki/lacnic/1821806c-0e82-4204-8b3c-dde7c0fc8d62/a68aca945e5b4e0fa575bbe03b1af65146ef0b6f.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/a68aca945e5b4e0fa575bbe03b1af65146ef0b6f.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 12:22:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2127037 (0x2074bd)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a68aca945e5b4e0fa575bbe03b1af65146ef0b6f
        Validity
            Not Before: May 11 16:49:28 2023 GMT
            Not After : May 12 16:49:28 2025 GMT
        Subject: CN=4a0b53d82bd3f5591682e964468b7cd779ef9c99
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:b2:9b:9d:7a:87:09:37:28:d0:0a:b3:51:5c:
                    8c:55:47:53:a1:8e:18:06:d1:8a:7d:01:24:6c:47:
                    96:58:97:b3:10:99:8c:6a:b2:4f:6d:a8:3e:89:0e:
                    e0:99:a6:6b:a8:1f:b5:0d:38:26:90:13:73:1d:24:
                    b4:a8:93:77:c6:c7:e8:d8:03:37:93:67:e7:33:4e:
                    e2:ca:2c:d2:d2:dd:e8:c3:2f:37:b6:bb:78:b4:b2:
                    b3:bd:d5:ca:dd:4f:84:5a:e8:c3:06:11:18:22:67:
                    30:64:35:ee:5f:f6:42:e0:62:81:c0:e9:cd:5f:e7:
                    63:0c:49:cb:94:4f:85:60:f5:0a:ff:8f:30:6e:e9:
                    b4:57:27:25:be:01:98:39:e2:19:17:c9:63:ef:f3:
                    21:eb:9b:70:6d:ef:d5:bb:89:2d:c7:59:05:95:62:
                    11:1f:e3:63:c3:9a:40:af:96:0d:8b:9b:81:d3:36:
                    37:6b:9e:9e:ac:9e:2e:17:38:44:ae:92:5f:9a:f6:
                    df:50:f2:b1:b6:8d:07:4e:c8:ee:3a:bd:5c:77:ce:
                    19:9a:7e:3a:7b:66:d2:a5:a8:08:79:b8:03:ce:14:
                    52:20:fc:98:f6:28:66:eb:67:c4:dd:66:20:95:db:
                    d8:7e:c4:a4:e3:83:af:4b:88:ee:f2:a2:46:72:91:
                    9a:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                55:8A:53:F1:04:18:5F:21:DE:12:71:A5:CC:A6:31:71:33:FD:B0:97
            X509v3 Authority Key Identifier:
                keyid:5C:50:E5:03:69:FD:9F:99:A6:92:F6:88:B9:62:BC:77:AC:8A:A9:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/a68aca945e5b4e0fa575bbe03b1af65146ef0b6f.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/1821806c-0e82-4204-8b3c-dde7c0fc8d62/4a0b53d82bd3f5591682e964468b7cd779ef9c99.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/1821806c-0e82-4204-8b3c-dde7c0fc8d62/a68aca945e5b4e0fa575bbe03b1af65146ef0b6f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  191.156.23.0/24
                IPv6:
                  2800:800:930::/48
                  2800:800:940::/48
                  2800:800:950::/48
                  2800:800:960::/48

    Signature Algorithm: sha256WithRSAEncryption
         37:a8:13:e9:a3:4b:2b:13:04:7e:f1:34:9e:9e:06:2c:e5:82:
         c9:57:b6:cd:72:fc:2e:be:7f:2a:ae:7c:17:93:0d:06:af:83:
         34:56:d0:af:94:7d:5b:67:09:b8:23:15:9e:1e:2e:7d:61:4b:
         fa:32:fd:69:d8:6f:cf:60:bd:d2:4d:e3:39:c6:76:0a:e4:46:
         20:18:02:e6:f9:95:a8:4e:38:7f:26:50:44:01:84:64:5b:df:
         f8:7a:39:51:ef:69:0a:c6:3f:70:55:17:2a:1b:4a:71:ad:14:
         33:1b:7b:e3:c4:e1:d7:10:37:1f:3b:de:3f:f0:f5:4b:16:e5:
         6d:73:4f:d0:27:21:50:ad:90:b2:e1:79:78:2e:ea:32:ed:06:
         8d:8f:2b:da:76:a6:24:18:fe:8d:d9:49:3d:7a:8a:6b:7a:a5:
         67:6c:07:5f:17:5d:ec:e6:69:b7:4e:34:2c:09:a2:35:50:8b:
         0a:2a:4f:c0:42:b5:d9:27:07:aa:12:53:31:8b:52:31:ea:5a:
         92:ab:43:fe:1f:f8:84:dd:02:b0:23:e4:5e:69:7b:bb:67:7c:
         52:ce:19:e7:f2:94:ab:d8:d9:74:e1:64:4d:0b:93:68:a6:6e:
         4b:8f:18:23:ba:7d:65:bb:b6:60:7b:7e:af:4c:a2:70:b3:50:
         18:dc:cb:e2
-----BEGIN CERTIFICATE-----
MIIFbDCCBFSgAwIBAgIDIHS9MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGE2
OGFjYTk0NWU1YjRlMGZhNTc1YmJlMDNiMWFmNjUxNDZlZjBiNmYwHhcNMjMwNTEx
MTY0OTI4WhcNMjUwNTEyMTY0OTI4WjAzMTEwLwYDVQQDEyg0YTBiNTNkODJiZDNm
NTU5MTY4MmU5NjQ0NjhiN2NkNzc5ZWY5Yzk5MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAiLKbnXqHCTco0AqzUVyMVUdToY4YBtGKfQEkbEeWWJezEJmM
arJPbag+iQ7gmaZrqB+1DTgmkBNzHSS0qJN3xsfo2AM3k2fnM07iyizS0t3owy83
trt4tLKzvdXK3U+EWujDBhEYImcwZDXuX/ZC4GKBwOnNX+djDEnLlE+FYPUK/48w
bum0VyclvgGYOeIZF8lj7/Mh65twbe/Vu4ktx1kFlWIRH+Njw5pAr5YNi5uB0zY3
a56erJ4uFzhErpJfmvbfUPKxto0HTsjuOr1cd84Zmn46e2bSpagIebgDzhRSIPyY
9ihm62fE3WYgldvYfsSk44OvS4ju8qJGcpGanQIDAQABo4IChzCCAoMwHQYDVR0O
BBYEFFWKU/EEGF8h3hJxpcymMXEz/bCXMB8GA1UdIwQYMBaAFFxQ5QNp/Z+ZppL2
iLlivHesiqnLMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYTY4YWNh
OTQ1ZTViNGUwZmE1NzViYmUwM2IxYWY2NTE0NmVmMGI2Zi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMTgyMTgwNmMtMGU4Mi00MjA0LThiM2MtZGRlN2Mw
ZmM4ZDYyLzRhMGI1M2Q4MmJkM2Y1NTkxNjgyZTk2NDQ2OGI3Y2Q3NzllZjljOTku
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8xODIxODA2Yy0wZTgyLTQyMDQtOGIzYy1kZGU3
YzBmYzhkNjIvYTY4YWNhOTQ1ZTViNGUwZmE1NzViYmUwM2IxYWY2NTE0NmVmMGI2
Zi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBLBggrBgEFBQcBBwEB/wQ8
MDowDAQCAAEwBgMEAL+cFzAqBAIAAjAkAwcAKAAIAAkwAwcAKAAIAAlAAwcAKAAI
AAlQAwcAKAAIAAlgMA0GCSqGSIb3DQEBCwUAA4IBAQA3qBPpo0srEwR+8TSengYs
5YLJV7bNcvwuvn8qrnwXkw0Gr4M0VtCvlH1bZwm4IxWeHi59YUv6Mv1p2G/PYL3S
TeM5xnYK5EYgGALm+ZWoTjh/JlBEAYRkW9/4ejlR72kKxj9wVRcqG0pxrRQzG3vj
xOHXEDcfO94/8PVLFuVtc0/QJyFQrZCy4Xl4Luoy7QaNjyvadqYkGP6N2Uk9eopr
eqVnbAdfF13s5mm3TjQsCaI1UIsKKk/AQrXZJweqElMxi1Ix6lqSq0P+H/iE3QKw
I+ReaXu7Z3xSzhnn8pSr2Nl04WRNC5Nopm5Ljxgjun1lu7Zge36vTKJws1AY3Mvi
-----END CERTIFICATE-----
Generated at Thu Mar 28 16:42:20 2024 by rpki-client on console-fra.rpki-client.org