Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/1865a074-ac31-4cf7-9a92-5fa934dbd6ed/2bf8a976d1f854f70cbe299badf75ac4e7fd6881.roa
File:                     2bf8a976d1f854f70cbe299badf75ac4e7fd6881.roa (raw, json)
Hash identifier:          Q6XNBkHKsaDhMpc/jncfBHqIKrzMxxRHJoOHuw/slhM=
Subject key identifier:   E8:2A:B7:20:9F:27:26:50:DF:59:0F:D4:51:46:68:17:F8:70:FC:EA
Certificate issuer:       /CN=6700d78d2e18243ea736c1288c50a9461ced8b3c
Certificate serial:       1FF793
Authority key identifier: 6D:16:7E:D1:DD:2E:65:DE:1D:97:BA:EC:8C:20:55:AD:DC:17:37:C8
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/6700d78d2e18243ea736c1288c50a9461ced8b3c.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/1865a074-ac31-4cf7-9a92-5fa934dbd6ed/2bf8a976d1f854f70cbe299badf75ac4e7fd6881.roa
Signing time:             Wed 01 Feb 2023 20:31:01 +0000
ROA not before:           Tue 31 Jan 2023 20:30:05 +0000
ROA not after:            Sat 01 Feb 2025 20:30:05 +0000
asID:                     262171
IP address blocks:        190.93.170.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/1865a074-ac31-4cf7-9a92-5fa934dbd6ed/6700d78d2e18243ea736c1288c50a9461ced8b3c.crl
                          rsync://repository.lacnic.net/rpki/lacnic/1865a074-ac31-4cf7-9a92-5fa934dbd6ed/6700d78d2e18243ea736c1288c50a9461ced8b3c.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/6700d78d2e18243ea736c1288c50a9461ced8b3c.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 01:33:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2094995 (0x1ff793)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6700d78d2e18243ea736c1288c50a9461ced8b3c
        Validity
            Not Before: Jan 31 20:30:05 2023 GMT
            Not After : Feb  1 20:30:05 2025 GMT
        Subject: CN=2bf8a976d1f854f70cbe299badf75ac4e7fd6881
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:1d:af:af:cd:2d:c2:b4:62:f1:36:72:a9:6f:
                    1e:43:f2:7b:a0:5d:94:5d:5d:b6:95:99:9e:d2:a7:
                    79:f7:e2:88:c3:89:fd:56:f3:c9:eb:c6:b1:3d:76:
                    05:26:94:41:29:f9:78:aa:7c:74:c8:71:3f:67:a7:
                    dd:22:7e:49:94:15:a7:6f:af:8d:69:09:a3:4f:4b:
                    d6:51:19:f2:2e:d5:f1:29:1b:ef:3a:90:cb:3c:9e:
                    11:e4:7a:1d:48:4d:27:31:97:c7:73:bb:bb:f8:ed:
                    05:31:5e:17:92:67:e0:9d:34:68:e2:e2:9f:67:53:
                    d0:69:0d:2a:13:d6:4a:93:58:31:0a:6c:a7:6e:45:
                    26:7e:cb:c8:0d:8c:91:9d:a3:8c:43:d8:74:e1:91:
                    1a:e0:66:72:61:37:c3:a2:33:a1:ac:e4:0d:9e:92:
                    07:59:db:b3:b1:b8:1b:d2:4a:d0:50:d0:c3:02:e8:
                    96:be:47:f2:53:bc:64:d8:fd:c6:ac:c3:2c:52:7e:
                    40:07:d8:4a:b8:55:97:cd:c9:d3:bc:0a:2b:5a:07:
                    ba:d2:a4:a2:e9:59:d5:7b:eb:d3:77:8b:ca:1b:ab:
                    11:fe:0e:23:96:b6:74:5e:49:32:d6:22:e6:ec:28:
                    06:10:e4:03:25:a0:03:16:a7:a6:cc:61:a5:13:e6:
                    4a:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E8:2A:B7:20:9F:27:26:50:DF:59:0F:D4:51:46:68:17:F8:70:FC:EA
            X509v3 Authority Key Identifier:
                keyid:6D:16:7E:D1:DD:2E:65:DE:1D:97:BA:EC:8C:20:55:AD:DC:17:37:C8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/6700d78d2e18243ea736c1288c50a9461ced8b3c.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/1865a074-ac31-4cf7-9a92-5fa934dbd6ed/2bf8a976d1f854f70cbe299badf75ac4e7fd6881.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/1865a074-ac31-4cf7-9a92-5fa934dbd6ed/6700d78d2e18243ea736c1288c50a9461ced8b3c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.93.170.0/24

    Signature Algorithm: sha256WithRSAEncryption
         42:00:dd:ef:6d:0d:f7:5d:77:dc:c9:53:da:3d:42:3c:71:e5:
         5f:2d:55:6e:3f:1c:b5:37:1d:8a:fa:0d:54:10:4c:ea:25:78:
         c9:94:f1:a4:aa:89:18:62:79:2c:68:ef:8d:0d:3c:61:6d:53:
         15:59:c6:3e:75:c5:ab:e5:5f:07:fd:16:f7:52:70:8f:ee:86:
         cc:08:23:6f:55:73:aa:6a:ec:7b:4a:e2:26:32:41:22:ab:67:
         8b:10:7f:a8:db:2d:31:67:f2:91:89:97:8f:f8:86:34:18:b0:
         67:dd:08:94:49:55:f3:e0:d4:d2:c6:fb:11:0c:70:59:a2:5c:
         3a:80:22:7e:b6:2b:c3:d3:34:44:4c:2a:b3:97:85:c3:2f:12:
         e3:c9:f5:37:39:62:7c:42:68:d2:f0:b0:ad:31:b3:7b:3d:64:
         e6:f5:e6:bd:fa:46:ac:e4:62:b7:98:20:2e:58:bf:81:c4:90:
         4d:82:ad:5c:56:ef:39:93:b6:a6:b5:fc:25:32:48:87:6c:71:
         da:f6:4b:37:af:64:58:39:b2:80:51:20:b5:eb:46:af:f7:57:
         58:54:ed:af:42:cf:3b:32:77:f9:7b:0b:22:55:cc:32:39:66:
         69:93:15:96:83:6f:4e:4d:b6:5e:c2:69:c0:4d:9e:39:ad:95:
         9f:cb:8c:13
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDH/eTMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDY3
MDBkNzhkMmUxODI0M2VhNzM2YzEyODhjNTBhOTQ2MWNlZDhiM2MwHhcNMjMwMTMx
MjAzMDA1WhcNMjUwMjAxMjAzMDA1WjAzMTEwLwYDVQQDEygyYmY4YTk3NmQxZjg1
NGY3MGNiZTI5OWJhZGY3NWFjNGU3ZmQ2ODgxMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAlB2vr80twrRi8TZyqW8eQ/J7oF2UXV22lZme0qd59+KIw4n9
VvPJ68axPXYFJpRBKfl4qnx0yHE/Z6fdIn5JlBWnb6+NaQmjT0vWURnyLtXxKRvv
OpDLPJ4R5HodSE0nMZfHc7u7+O0FMV4XkmfgnTRo4uKfZ1PQaQ0qE9ZKk1gxCmyn
bkUmfsvIDYyRnaOMQ9h04ZEa4GZyYTfDojOhrOQNnpIHWduzsbgb0krQUNDDAuiW
vkfyU7xk2P3GrMMsUn5AB9hKuFWXzcnTvAorWge60qSi6VnVe+vTd4vKG6sR/g4j
lrZ0Xkky1iLm7CgGEOQDJaADFqemzGGlE+ZK/QIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFOgqtyCfJyZQ31kP1FFGaBf4cPzqMB8GA1UdIwQYMBaAFG0WftHdLmXeHZe6
7IwgVa3cFzfIMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvNjcwMGQ3
OGQyZTE4MjQzZWE3MzZjMTI4OGM1MGE5NDYxY2VkOGIzYy5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMTg2NWEwNzQtYWMzMS00Y2Y3LTlhOTItNWZhOTM0
ZGJkNmVkLzJiZjhhOTc2ZDFmODU0ZjcwY2JlMjk5YmFkZjc1YWM0ZTdmZDY4ODEu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8xODY1YTA3NC1hYzMxLTRjZjctOWE5Mi01ZmE5
MzRkYmQ2ZWQvNjcwMGQ3OGQyZTE4MjQzZWE3MzZjMTI4OGM1MGE5NDYxY2VkOGIz
Yy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAL5dqjANBgkqhkiG9w0BAQsFAAOCAQEAQgDd720N91133MlT
2j1CPHHlXy1Vbj8ctTcdivoNVBBM6iV4yZTxpKqJGGJ5LGjvjQ08YW1TFVnGPnXF
q+VfB/0W91Jwj+6GzAgjb1Vzqmrse0riJjJBIqtnixB/qNstMWfykYmXj/iGNBiw
Z90IlElV8+DU0sb7EQxwWaJcOoAifrYrw9M0REwqs5eFwy8S48n1NzlifEJo0vCw
rTGzez1k5vXmvfpGrORit5ggLli/gcSQTYKtXFbvOZO2prX8JTJIh2xx2vZLN69k
WDmygFEgtetGr/dXWFTtr0LPOzJ3+XsLIlXMMjlmaZMVloNvTk22XsJpwE2eOa2V
n8uMEw==
-----END CERTIFICATE-----
Generated at Thu Mar 28 02:02:57 2024 by rpki-client on console-ams.rpki-client.org