Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/1b7924a2-bf21-496d-a8e0-cf890812a577/ef5f4f09c918369d9e673f4dc3caa14190bc45b6.roa
File:                     ef5f4f09c918369d9e673f4dc3caa14190bc45b6.roa (raw, json)
Hash identifier:          Tjm9z6w1EiuJYuGrrNlO0UJQ6xkQSBrHo1JUMQ1dzlw=
Subject key identifier:   F6:50:C0:20:92:A2:0F:70:66:91:B7:3E:05:C5:9C:40:CA:E4:48:E6
Certificate issuer:       /CN=e4c05daa3a6e5aa60346bc5b6a8b22c4c14ccb2c
Certificate serial:       0D1C4F
Authority key identifier: 17:73:3B:88:7C:39:A9:14:85:6A:EE:36:19:17:FC:E1:34:73:86:CD
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/e4c05daa3a6e5aa60346bc5b6a8b22c4c14ccb2c.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/1b7924a2-bf21-496d-a8e0-cf890812a577/ef5f4f09c918369d9e673f4dc3caa14190bc45b6.roa
Signing time:             Wed 24 Mar 2021 14:39:14 +0000
ROA not before:           Wed 24 Mar 2021 14:39:13 +0000
ROA not after:            Tue 24 Mar 2026 14:39:13 +0000
asID:                     23487
IP address blocks:        190.63.0.0/16 maxlen: 24
                          190.111.64.0/20 maxlen: 24
                          190.111.80.0/20 maxlen: 24
                          200.25.192.0/20 maxlen: 24
                          200.25.208.0/20 maxlen: 24
                          2800:430::/32 maxlen: 48

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/1b7924a2-bf21-496d-a8e0-cf890812a577/e4c05daa3a6e5aa60346bc5b6a8b22c4c14ccb2c.crl
                          rsync://repository.lacnic.net/rpki/lacnic/1b7924a2-bf21-496d-a8e0-cf890812a577/e4c05daa3a6e5aa60346bc5b6a8b22c4c14ccb2c.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/e4c05daa3a6e5aa60346bc5b6a8b22c4c14ccb2c.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Thu 29 Feb 2024 02:37:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 859215 (0xd1c4f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e4c05daa3a6e5aa60346bc5b6a8b22c4c14ccb2c
        Validity
            Not Before: Mar 24 14:39:13 2021 GMT
            Not After : Mar 24 14:39:13 2026 GMT
        Subject: CN=ef5f4f09c918369d9e673f4dc3caa14190bc45b6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:8e:41:14:05:a4:19:3f:a7:31:e7:9f:1f:74:
                    8d:8f:16:a4:76:22:43:c3:db:22:08:6c:6e:4c:37:
                    2c:16:eb:28:d3:37:97:3b:eb:67:ee:39:31:fb:d9:
                    da:08:8e:da:97:8a:28:92:6b:29:7a:44:ad:2a:a2:
                    4c:a6:b9:d9:f4:2a:44:1c:7a:77:3f:37:ee:6f:90:
                    d4:d1:48:a2:1e:e2:a3:24:da:ad:d6:17:1c:75:f3:
                    15:4f:ae:58:cc:6d:fa:a1:d8:8d:49:6f:d4:ca:9f:
                    aa:f7:2f:76:5d:7e:13:1a:39:bf:aa:80:a6:b1:bd:
                    b9:d1:45:56:71:c2:b8:c4:1c:f3:c8:9a:e0:a7:c1:
                    23:10:46:a3:6a:6c:d8:18:b8:3b:98:34:13:c0:0b:
                    00:9a:b8:c1:fd:a7:b3:15:8c:58:9f:e3:b4:77:67:
                    2f:24:ba:76:16:29:71:1e:73:a8:11:5e:43:4a:ca:
                    2d:96:f9:c8:32:a8:90:68:6e:27:fe:15:47:a8:1a:
                    7c:10:66:eb:ef:52:16:d6:5c:19:d7:94:af:d1:a1:
                    22:b8:bd:51:eb:17:43:ed:84:d5:d3:16:b2:56:20:
                    27:c6:95:90:05:8f:35:b5:85:f2:da:42:14:b9:de:
                    11:86:0d:15:c6:77:6d:60:c9:0e:90:f9:c3:72:d8:
                    9d:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F6:50:C0:20:92:A2:0F:70:66:91:B7:3E:05:C5:9C:40:CA:E4:48:E6
            X509v3 Authority Key Identifier:
                keyid:17:73:3B:88:7C:39:A9:14:85:6A:EE:36:19:17:FC:E1:34:73:86:CD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/e4c05daa3a6e5aa60346bc5b6a8b22c4c14ccb2c.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/1b7924a2-bf21-496d-a8e0-cf890812a577/ef5f4f09c918369d9e673f4dc3caa14190bc45b6.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/1b7924a2-bf21-496d-a8e0-cf890812a577/e4c05daa3a6e5aa60346bc5b6a8b22c4c14ccb2c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.63.0.0/16
                  190.111.64.0/19
                  200.25.192.0/19
                IPv6:
                  2800:430::/32

    Signature Algorithm: sha256WithRSAEncryption
         20:6b:49:a1:1d:d6:66:22:98:96:42:b7:b6:cc:2d:7e:51:77:
         12:df:46:e4:77:79:75:74:51:4a:13:e6:6a:ed:37:36:80:5f:
         ad:4f:76:2b:2e:51:f4:2c:33:49:4b:c3:f6:ce:c1:16:9d:ac:
         6c:f3:ed:c2:8f:75:fd:9c:fb:20:82:40:3c:dc:b9:08:4c:3d:
         81:d6:ba:1d:19:76:2a:78:9a:61:4b:3e:10:1d:08:12:d1:65:
         d5:d2:fb:b8:e9:46:d2:8d:db:1c:be:c0:fb:c4:18:8d:77:49:
         dd:c4:9d:6c:b2:78:02:53:4a:69:43:28:43:5b:8e:c5:aa:47:
         5a:17:c1:ea:5a:1b:e2:48:cc:1a:a9:76:55:8d:1a:a3:da:b6:
         17:d1:b1:fa:b0:b9:06:a8:42:39:03:cb:24:b3:45:18:0f:fd:
         66:bb:79:b1:57:e1:13:9d:0c:3b:87:0e:4f:fc:1c:68:29:85:
         36:a9:59:17:b9:1c:37:e6:27:10:a0:6e:f3:52:c4:bd:8a:c8:
         07:a7:da:8c:36:93:e8:24:18:ce:47:17:4a:d6:63:4f:29:06:
         af:f3:f1:3f:76:1a:e9:c6:49:ed:48:6d:e5:13:1c:25:0e:e2:
         b9:73:13:fb:f5:26:c8:55:8a:c8:fe:76:8f:69:86:61:2d:0c:
         13:01:e7:b4
-----BEGIN CERTIFICATE-----
MIIFWjCCBEKgAwIBAgIDDRxPMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGU0
YzA1ZGFhM2E2ZTVhYTYwMzQ2YmM1YjZhOGIyMmM0YzE0Y2NiMmMwHhcNMjEwMzI0
MTQzOTEzWhcNMjYwMzI0MTQzOTEzWjAzMTEwLwYDVQQDEyhlZjVmNGYwOWM5MTgz
NjlkOWU2NzNmNGRjM2NhYTE0MTkwYmM0NWI2MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA3Y5BFAWkGT+nMeefH3SNjxakdiJDw9siCGxuTDcsFuso0zeX
O+tn7jkx+9naCI7al4ookmspekStKqJMprnZ9CpEHHp3Pzfub5DU0UiiHuKjJNqt
1hccdfMVT65YzG36odiNSW/Uyp+q9y92XX4TGjm/qoCmsb250UVWccK4xBzzyJrg
p8EjEEajamzYGLg7mDQTwAsAmrjB/aezFYxYn+O0d2cvJLp2FilxHnOoEV5DSsot
lvnIMqiQaG4n/hVHqBp8EGbr71IW1lwZ15Sv0aEiuL1R6xdD7YTV0xayViAnxpWQ
BY81tYXy2kIUud4Rhg0VxndtYMkOkPnDctid4wIDAQABo4ICdTCCAnEwHQYDVR0O
BBYEFPZQwCCSog9wZpG3PgXFnEDK5EjmMB8GA1UdIwQYMBaAFBdzO4h8OakUhWru
NhkX/OE0c4bNMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvZTRjMDVk
YWEzYTZlNWFhNjAzNDZiYzViNmE4YjIyYzRjMTRjY2IyYy5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMWI3OTI0YTItYmYyMS00OTZkLWE4ZTAtY2Y4OTA4
MTJhNTc3L2VmNWY0ZjA5YzkxODM2OWQ5ZTY3M2Y0ZGMzY2FhMTQxOTBiYzQ1YjYu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8xYjc5MjRhMi1iZjIxLTQ5NmQtYThlMC1jZjg5
MDgxMmE1NzcvZTRjMDVkYWEzYTZlNWFhNjAzNDZiYzViNmE4YjIyYzRjMTRjY2Iy
Yy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA5BggrBgEFBQcBBwEB/wQq
MCgwFwQCAAEwEQMDAL4/AwQFvm9AAwQFyBnAMA0EAgACMAcDBQAoAAQwMA0GCSqG
SIb3DQEBCwUAA4IBAQAga0mhHdZmIpiWQre2zC1+UXcS30bkd3l1dFFKE+Zq7Tc2
gF+tT3YrLlH0LDNJS8P2zsEWnaxs8+3Cj3X9nPsggkA83LkITD2B1rodGXYqeJph
Sz4QHQgS0WXV0vu46UbSjdscvsD7xBiNd0ndxJ1ssngCU0ppQyhDW47FqkdaF8Hq
WhviSMwaqXZVjRqj2rYX0bH6sLkGqEI5A8sks0UYD/1mu3mxV+ETnQw7hw5P/Bxo
KYU2qVkXuRw35icQoG7zUsS9isgHp9qMNpPoJBjORxdK1mNPKQav8/E/dhrpxknt
SG3lExwlDuK5cxP79SbIVYrI/naPaYZhLQwTAee0
-----END CERTIFICATE-----
Generated at Mon Feb 26 06:06:09 2024 by rpki-client on console-ams.rpki-client.org