Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/1821806c-0e82-4204-8b3c-dde7c0fc8d62/ca7c58cd18aa3b38d223b4668dc3972fba787e8e.roa
File:                     ca7c58cd18aa3b38d223b4668dc3972fba787e8e.roa (raw, json)
Hash identifier:          ALKfE8VgLaeOpdJX9hNQ/ek+7imbLJRztNWEsPHRGwo=
Subject key identifier:   D8:4D:90:5F:BE:D7:96:5E:CB:28:CA:DB:F6:E5:6B:61:B4:BB:47:CC
Certificate issuer:       /CN=a68aca945e5b4e0fa575bbe03b1af65146ef0b6f
Certificate serial:       207656
Authority key identifier: 5C:50:E5:03:69:FD:9F:99:A6:92:F6:88:B9:62:BC:77:AC:8A:A9:CB
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/a68aca945e5b4e0fa575bbe03b1af65146ef0b6f.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/1821806c-0e82-4204-8b3c-dde7c0fc8d62/ca7c58cd18aa3b38d223b4668dc3972fba787e8e.roa
Signing time:             Fri 12 May 2023 16:49:29 +0000
ROA not before:           Thu 11 May 2023 16:49:28 +0000
ROA not after:            Mon 12 May 2025 16:49:28 +0000
asID:                     26611
IP address blocks:        191.144.0.0/13 maxlen: 24
                          191.156.0.0/20 maxlen: 24
                          191.156.16.0/24 maxlen: 24
                          191.156.24.0/21 maxlen: 22
                          190.127.128.0/21 maxlen: 21
                          191.156.32.0/19 maxlen: 22
                          190.127.208.0/20 maxlen: 21
                          190.127.224.0/21 maxlen: 21
                          191.156.128.0/18 maxlen: 24
                          190.127.234.0/24 maxlen: 24
                          190.127.237.0/24 maxlen: 24
                          190.127.241.0/24 maxlen: 24
                          190.127.249.0/24 maxlen: 24
                          190.127.250.0/23 maxlen: 24
                          190.127.252.0/24 maxlen: 24
                          181.144.0.0/12 maxlen: 17
                          181.240.0.0/12 maxlen: 17
                          191.156.64.0/20 maxlen: 22
                          190.126.0.0/16 maxlen: 17
                          190.127.192.0/24 maxlen: 24
                          191.156.96.0/20 maxlen: 21
                          191.158.0.0/15 maxlen: 21
                          191.156.216.0/23 maxlen: 24
                          191.156.224.0/19 maxlen: 21
                          190.125.0.0/16 maxlen: 17
                          191.157.0.0/16 maxlen: 21
                          190.127.254.0/23 maxlen: 24
                          191.156.192.0/20 maxlen: 24
                          191.156.208.0/21 maxlen: 24
                          190.130.80.0/20 maxlen: 24
                          190.130.96.0/20 maxlen: 24
                          190.130.112.0/24 maxlen: 24
                          190.130.114.0/23 maxlen: 24
                          190.130.116.0/22 maxlen: 24
                          190.130.123.0/24 maxlen: 24
                          190.130.125.0/24 maxlen: 24
                          191.64.0.0/12 maxlen: 17
                          190.243.0.0/16 maxlen: 16
                          191.152.0.0/14 maxlen: 24
                          190.130.72.0/21 maxlen: 24
                          2800:800::/36 maxlen: 48

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/1821806c-0e82-4204-8b3c-dde7c0fc8d62/a68aca945e5b4e0fa575bbe03b1af65146ef0b6f.crl
                          rsync://repository.lacnic.net/rpki/lacnic/1821806c-0e82-4204-8b3c-dde7c0fc8d62/a68aca945e5b4e0fa575bbe03b1af65146ef0b6f.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/a68aca945e5b4e0fa575bbe03b1af65146ef0b6f.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 15 Apr 2024 06:03:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2127446 (0x207656)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a68aca945e5b4e0fa575bbe03b1af65146ef0b6f
        Validity
            Not Before: May 11 16:49:28 2023 GMT
            Not After : May 12 16:49:28 2025 GMT
        Subject: CN=ca7c58cd18aa3b38d223b4668dc3972fba787e8e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:ba:de:7f:51:d6:65:9c:9a:3e:ec:52:87:3c:
                    4b:e3:59:a3:c4:0f:03:d3:52:0a:c3:94:74:a8:cd:
                    12:05:a0:dc:2a:dd:ee:71:c3:46:ce:5a:2a:83:d2:
                    bd:a5:b6:17:8c:bb:32:d1:c4:6f:c2:83:cb:ec:1a:
                    64:9f:ee:bc:68:5a:27:07:fc:76:91:09:14:b8:2f:
                    69:82:20:34:c8:1b:81:ae:3f:78:3e:66:09:e4:77:
                    19:c1:a4:47:a5:7b:03:7e:84:b8:eb:9e:54:8d:23:
                    57:81:71:98:06:d6:a0:e0:20:03:e8:26:cf:f8:69:
                    23:b5:af:eb:17:7a:67:b3:ba:66:73:69:82:36:6d:
                    08:b3:6c:1c:15:6d:65:98:fe:a0:f8:09:d2:28:33:
                    c5:a5:72:a5:ba:8a:40:a0:44:8c:b2:66:60:65:ea:
                    83:1a:b9:e6:8a:37:5e:86:59:3e:90:09:c3:6a:cf:
                    3d:83:27:20:76:72:22:f8:d9:a8:05:e5:07:cd:a7:
                    ef:0b:5c:4c:2b:89:f7:02:6c:d1:67:5b:ab:58:b8:
                    71:13:91:8b:1d:15:a3:eb:f5:ef:76:9d:f8:1a:0f:
                    8a:3e:97:92:6c:ca:29:6a:73:47:e6:16:30:86:36:
                    23:17:d8:69:fe:4f:0b:4a:c4:29:21:fa:a8:e9:f1:
                    b8:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D8:4D:90:5F:BE:D7:96:5E:CB:28:CA:DB:F6:E5:6B:61:B4:BB:47:CC
            X509v3 Authority Key Identifier:
                keyid:5C:50:E5:03:69:FD:9F:99:A6:92:F6:88:B9:62:BC:77:AC:8A:A9:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/a68aca945e5b4e0fa575bbe03b1af65146ef0b6f.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/1821806c-0e82-4204-8b3c-dde7c0fc8d62/ca7c58cd18aa3b38d223b4668dc3972fba787e8e.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/1821806c-0e82-4204-8b3c-dde7c0fc8d62/a68aca945e5b4e0fa575bbe03b1af65146ef0b6f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  181.144.0.0/12
                  181.240.0.0/12
                  190.125.0.0-190.126.255.255
                  190.127.128.0/21
                  190.127.192.0/24
                  190.127.208.0-190.127.231.255
                  190.127.234.0/24
                  190.127.237.0/24
                  190.127.241.0/24
                  190.127.249.0-190.127.252.255
                  190.127.254.0/23
                  190.130.72.0-190.130.112.255
                  190.130.114.0-190.130.119.255
                  190.130.123.0/24
                  190.130.125.0/24
                  190.243.0.0/16
                  191.64.0.0/12
                  191.144.0.0-191.156.16.255
                  191.156.24.0-191.156.79.255
                  191.156.96.0/20
                  191.156.128.0-191.156.217.255
                  191.156.224.0-191.159.255.255
                IPv6:
                  2800:800::/36

    Signature Algorithm: sha256WithRSAEncryption
         4b:f8:49:f8:be:72:50:cb:6d:e5:6a:d2:5c:86:66:46:97:63:
         6a:a1:e6:33:13:c6:ad:aa:98:cd:00:c2:4f:fd:1e:e9:3c:f9:
         5e:97:a8:48:01:18:0a:94:a6:83:82:35:4e:25:1e:ff:b7:d0:
         6d:fe:85:8f:a8:da:41:5e:a8:95:19:08:2d:d5:89:84:23:88:
         ab:34:a9:31:d3:53:ee:59:2b:eb:12:76:27:76:ac:f0:19:81:
         30:ce:5a:9d:6d:8c:69:59:41:fc:15:8d:e8:e7:a2:3b:ec:75:
         6c:ac:d9:f9:60:15:7b:be:75:a7:d7:c5:6b:27:10:ae:fc:79:
         cd:b7:42:02:93:0c:be:f8:12:aa:18:b7:97:d7:bb:fd:cc:a4:
         23:cc:4c:bb:a3:e9:b9:7c:1b:4a:3f:f9:8b:9d:19:3e:0f:3c:
         0b:01:16:4b:88:3d:e6:d0:2f:2c:8c:fc:f6:c0:b0:94:eb:16:
         1b:ed:d9:91:15:06:75:51:38:a7:e6:34:82:85:e6:ba:f0:4b:
         b6:1f:c5:cc:30:d9:2b:73:3f:55:52:e2:c5:ec:fd:14:ca:91:
         bb:cb:f8:4c:86:9b:14:0d:76:c5:ad:c0:9c:c4:2b:ce:a5:49:
         b1:c2:65:b1:32:9d:00:1b:b0:99:77:d1:c6:50:bc:65:89:4e:
         f3:b7:87:36
-----BEGIN CERTIFICATE-----
MIIGEzCCBPugAwIBAgIDIHZWMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGE2
OGFjYTk0NWU1YjRlMGZhNTc1YmJlMDNiMWFmNjUxNDZlZjBiNmYwHhcNMjMwNTEx
MTY0OTI4WhcNMjUwNTEyMTY0OTI4WjAzMTEwLwYDVQQDEyhjYTdjNThjZDE4YWEz
YjM4ZDIyM2I0NjY4ZGMzOTcyZmJhNzg3ZThlMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAhbref1HWZZyaPuxShzxL41mjxA8D01IKw5R0qM0SBaDcKt3u
ccNGzloqg9K9pbYXjLsy0cRvwoPL7Bpkn+68aFonB/x2kQkUuC9pgiA0yBuBrj94
PmYJ5HcZwaRHpXsDfoS4655UjSNXgXGYBtag4CAD6CbP+Gkjta/rF3pns7pmc2mC
Nm0Is2wcFW1lmP6g+AnSKDPFpXKluopAoESMsmZgZeqDGrnmijdehlk+kAnDas89
gycgdnIi+NmoBeUHzafvC1xMK4n3AmzRZ1urWLhxE5GLHRWj6/Xvdp34Gg+KPpeS
bMopanNH5hYwhjYjF9hp/k8LSsQpIfqo6fG4TwIDAQABo4IDLjCCAyowHQYDVR0O
BBYEFNhNkF++15ZeyyjK2/bla2G0u0fMMB8GA1UdIwQYMBaAFFxQ5QNp/Z+ZppL2
iLlivHesiqnLMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYTY4YWNh
OTQ1ZTViNGUwZmE1NzViYmUwM2IxYWY2NTE0NmVmMGI2Zi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMTgyMTgwNmMtMGU4Mi00MjA0LThiM2MtZGRlN2Mw
ZmM4ZDYyL2NhN2M1OGNkMThhYTNiMzhkMjIzYjQ2NjhkYzM5NzJmYmE3ODdlOGUu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8xODIxODA2Yy0wZTgyLTQyMDQtOGIzYy1kZGU3
YzBmYzhkNjIvYTY4YWNhOTQ1ZTViNGUwZmE1NzViYmUwM2IxYWY2NTE0NmVmMGI2
Zi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB8QYIKwYBBQUHAQcBAf8E
geEwgd4wgcsEAgABMIHEAwMEtZADAwS18DAKAwMAvn0DAwC+fgMEA75/gAMEAL5/
wDAMAwQEvn/QAwQDvn/gAwQAvn/qAwQAvn/tAwQAvn/xMAwDBAC+f/kDBAC+f/wD
BAG+f/4wDAMEA76CSAMEAL6CcDAMAwQBvoJyAwQDvoJwAwQAvoJ7AwQAvoJ9AwMA
vvMDAwS/QDALAwMEv5ADBAC/nBAwDAMEA7+cGAMEBL+cQAMEBL+cYDAMAwQHv5yA
AwQBv5zYMAsDBAW/nOADAwW/gDAOBAIAAjAIAwYEKAAIAAAwDQYJKoZIhvcNAQEL
BQADggEBAEv4Sfi+clDLbeVq0lyGZkaXY2qh5jMTxq2qmM0Awk/9Huk8+V6XqEgB
GAqUpoOCNU4lHv+30G3+hY+o2kFeqJUZCC3ViYQjiKs0qTHTU+5ZK+sSdid2rPAZ
gTDOWp1tjGlZQfwVjejnojvsdWys2flgFXu+dafXxWsnEK78ec23QgKTDL74EqoY
t5fXu/3MpCPMTLuj6bl8G0o/+YudGT4PPAsBFkuIPebQLyyM/PbAsJTrFhvt2ZEV
BnVROKfmNIKF5rrwS7Yfxcww2StzP1VS4sXs/RTKkbvL+EyGmxQNdsWtwJzEK86l
SbHCZbEynQAbsJl30cZQvGWJTvO3hzY=
-----END CERTIFICATE-----
Generated at Fri Apr 12 07:43:43 2024 by rpki-client on console-ams.rpki-client.org