Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/191c01fe-5e02-4280-b2c3-e3be1f20c06d/04606374628bef466fab3f43518d85f2e65efdc2.roa
File:                     04606374628bef466fab3f43518d85f2e65efdc2.roa (raw, json)
Hash identifier:          cfFx98Z8L8AR+xsIhYxQ7+XqPoUWpUZfF00aDJq6Njo=
Subject key identifier:   0E:BC:CE:16:E6:6F:D5:A2:25:79:8B:2D:C2:CF:BC:46:84:12:2A:86
Certificate issuer:       /CN=c5ef86124a38f3fc46e85e51e01411db37fdb204
Certificate serial:       0D7D3A
Authority key identifier: 86:56:69:72:80:4D:BD:ED:14:7F:F3:A0:38:C2:B6:95:AD:C2:C8:6B
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/c5ef86124a38f3fc46e85e51e01411db37fdb204.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/191c01fe-5e02-4280-b2c3-e3be1f20c06d/04606374628bef466fab3f43518d85f2e65efdc2.roa
Signing time:             Sun 14 May 2023 16:26:53 +0000
ROA not before:           Sat 13 May 2023 16:26:53 +0000
ROA not after:            Wed 14 May 2025 16:26:53 +0000
asID:                     272086
IP address blocks:        189.85.40.0/22 maxlen: 32

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/191c01fe-5e02-4280-b2c3-e3be1f20c06d/c5ef86124a38f3fc46e85e51e01411db37fdb204.crl
                          rsync://repository.lacnic.net/rpki/lacnic/191c01fe-5e02-4280-b2c3-e3be1f20c06d/c5ef86124a38f3fc46e85e51e01411db37fdb204.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/c5ef86124a38f3fc46e85e51e01411db37fdb204.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 12:22:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 884026 (0xd7d3a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c5ef86124a38f3fc46e85e51e01411db37fdb204
        Validity
            Not Before: May 13 16:26:53 2023 GMT
            Not After : May 14 16:26:53 2025 GMT
        Subject: CN=04606374628bef466fab3f43518d85f2e65efdc2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:76:07:1b:c2:56:fa:c5:1b:b4:1e:6f:6e:91:
                    f8:9d:8a:dd:fb:c8:29:3d:30:f3:e0:fd:ba:f7:cf:
                    1a:53:a8:ce:f8:2c:bc:4c:d3:66:ad:12:83:3b:db:
                    a8:f6:14:7a:5e:71:86:db:77:1b:52:06:cc:c9:cf:
                    c1:7c:6d:b5:e7:92:00:29:51:68:c2:c4:64:a2:d0:
                    3f:2a:73:db:0d:d2:aa:bc:89:1e:6e:d9:47:ec:93:
                    82:d2:9c:e4:87:86:d3:f1:15:5f:8e:84:4d:c5:a5:
                    f3:26:1d:c8:00:b2:4f:89:cb:9e:fd:99:e7:b5:e1:
                    4b:2a:9d:35:7a:8c:c5:00:17:56:5a:51:6c:8c:d3:
                    5b:63:db:82:00:0e:fa:6a:3d:55:b5:5b:31:0d:d1:
                    c4:b2:72:c7:09:e0:88:a5:d5:be:a5:47:37:32:44:
                    a9:2a:85:9e:34:6c:1b:77:69:bb:5c:bc:dd:51:86:
                    eb:0c:b0:94:9a:49:29:ea:3d:e1:e6:a3:82:aa:b1:
                    c0:b0:ec:cf:f3:fa:37:47:e3:b2:3b:61:67:50:ef:
                    41:af:94:70:d1:a3:63:6b:b1:db:8b:cf:52:38:8a:
                    6f:4e:5d:b8:b4:20:ba:23:ed:82:9b:ec:ae:ce:df:
                    30:44:c1:15:06:dd:d1:cc:8b:d1:fc:7a:45:90:9f:
                    cd:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0E:BC:CE:16:E6:6F:D5:A2:25:79:8B:2D:C2:CF:BC:46:84:12:2A:86
            X509v3 Authority Key Identifier:
                keyid:86:56:69:72:80:4D:BD:ED:14:7F:F3:A0:38:C2:B6:95:AD:C2:C8:6B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/c5ef86124a38f3fc46e85e51e01411db37fdb204.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/191c01fe-5e02-4280-b2c3-e3be1f20c06d/04606374628bef466fab3f43518d85f2e65efdc2.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/191c01fe-5e02-4280-b2c3-e3be1f20c06d/c5ef86124a38f3fc46e85e51e01411db37fdb204.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  189.85.40.0/22

    Signature Algorithm: sha256WithRSAEncryption
         48:75:55:5e:dc:46:a5:e4:4f:f2:98:b7:95:8f:5d:51:02:0d:
         62:0d:1f:f9:4c:32:0d:00:65:b2:4e:64:5a:96:c0:64:15:ae:
         e9:1e:89:38:e7:40:c4:91:59:f6:8b:ad:46:74:93:96:ee:97:
         7c:93:b8:bc:20:6b:da:e7:de:59:80:7b:73:17:1c:8a:d2:34:
         47:65:cc:57:1c:4d:cc:7c:07:0f:4c:13:68:64:09:27:09:7f:
         db:3d:78:4f:67:83:7b:cd:ee:77:f3:a2:05:4d:fa:cf:ee:e1:
         a2:ac:da:1f:76:e2:77:af:4a:33:d1:2a:23:9c:15:41:bf:94:
         38:b6:58:28:c0:3c:d4:2f:61:09:70:e0:31:1b:21:d4:a7:67:
         35:4a:e8:88:e3:88:ea:ac:44:66:58:90:b0:6b:eb:dd:05:d7:
         48:f4:b8:ad:3e:78:38:2b:79:34:2e:48:63:d0:42:a5:56:91:
         8c:50:31:6f:b1:c7:ae:6c:93:10:b5:df:dd:8f:8f:01:ed:9a:
         a4:02:5d:5f:7c:be:43:0e:21:5f:b6:7d:48:20:53:1b:7d:22:
         94:d9:ec:f3:8d:d3:3a:e4:94:00:13:90:37:cd:6a:f9:86:81:
         a3:9f:21:c1:d2:87:99:de:da:13:30:8c:df:22:d0:38:57:79:
         5a:e7:3a:a7
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDDX06MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGM1
ZWY4NjEyNGEzOGYzZmM0NmU4NWU1MWUwMTQxMWRiMzdmZGIyMDQwHhcNMjMwNTEz
MTYyNjUzWhcNMjUwNTE0MTYyNjUzWjAzMTEwLwYDVQQDEygwNDYwNjM3NDYyOGJl
ZjQ2NmZhYjNmNDM1MThkODVmMmU2NWVmZGMyMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAt3YHG8JW+sUbtB5vbpH4nYrd+8gpPTDz4P26988aU6jO+Cy8
TNNmrRKDO9uo9hR6XnGG23cbUgbMyc/BfG2155IAKVFowsRkotA/KnPbDdKqvIke
btlH7JOC0pzkh4bT8RVfjoRNxaXzJh3IALJPicue/ZnnteFLKp01eozFABdWWlFs
jNNbY9uCAA76aj1VtVsxDdHEsnLHCeCIpdW+pUc3MkSpKoWeNGwbd2m7XLzdUYbr
DLCUmkkp6j3h5qOCqrHAsOzP8/o3R+OyO2FnUO9Br5Rw0aNja7Hbi89SOIpvTl24
tCC6I+2Cm+yuzt8wRMEVBt3RzIvR/HpFkJ/NlQIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFA68zhbmb9WiJXmLLcLPvEaEEiqGMB8GA1UdIwQYMBaAFIZWaXKATb3tFH/z
oDjCtpWtwshrMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYzVlZjg2
MTI0YTM4ZjNmYzQ2ZTg1ZTUxZTAxNDExZGIzN2ZkYjIwNC5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMTkxYzAxZmUtNWUwMi00MjgwLWIyYzMtZTNiZTFm
MjBjMDZkLzA0NjA2Mzc0NjI4YmVmNDY2ZmFiM2Y0MzUxOGQ4NWYyZTY1ZWZkYzIu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8xOTFjMDFmZS01ZTAyLTQyODAtYjJjMy1lM2Jl
MWYyMGMwNmQvYzVlZjg2MTI0YTM4ZjNmYzQ2ZTg1ZTUxZTAxNDExZGIzN2ZkYjIw
NC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAr1VKDANBgkqhkiG9w0BAQsFAAOCAQEASHVVXtxGpeRP8pi3
lY9dUQINYg0f+UwyDQBlsk5kWpbAZBWu6R6JOOdAxJFZ9outRnSTlu6XfJO4vCBr
2ufeWYB7cxccitI0R2XMVxxNzHwHD0wTaGQJJwl/2z14T2eDe83ud/OiBU36z+7h
oqzaH3bid69KM9EqI5wVQb+UOLZYKMA81C9hCXDgMRsh1KdnNUroiOOI6qxEZliQ
sGvr3QXXSPS4rT54OCt5NC5IY9BCpVaRjFAxb7HHrmyTELXf3Y+PAe2apAJdX3y+
Qw4hX7Z9SCBTG30ilNns843TOuSUABOQN81q+YaBo58hwdKHmd7aEzCM3yLQOFd5
Wuc6pw==
-----END CERTIFICATE-----
Generated at Thu Mar 28 13:27:48 2024 by rpki-client on console-ams.rpki-client.org