Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/1b7924a2-bf21-496d-a8e0-cf890812a577/f60a0b12897a5bdec4b90c47fd0d539c70d72086.roa
File:                     f60a0b12897a5bdec4b90c47fd0d539c70d72086.roa (raw, json)
Hash identifier:          K4M18ZtytoxbpEv0Hkas1SevrDNocPEh3TrhokYnnjE=
Subject key identifier:   18:57:32:8A:BF:62:F8:D0:3B:64:4A:2E:E7:BB:B1:44:3B:3B:95:1B
Certificate issuer:       /CN=e4c05daa3a6e5aa60346bc5b6a8b22c4c14ccb2c
Certificate serial:       0D1F55
Authority key identifier: 17:73:3B:88:7C:39:A9:14:85:6A:EE:36:19:17:FC:E1:34:73:86:CD
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/e4c05daa3a6e5aa60346bc5b6a8b22c4c14ccb2c.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/1b7924a2-bf21-496d-a8e0-cf890812a577/f60a0b12897a5bdec4b90c47fd0d539c70d72086.roa
Signing time:             Wed 24 Mar 2021 14:39:14 +0000
ROA not before:           Wed 24 Mar 2021 14:39:13 +0000
ROA not after:            Tue 24 Mar 2026 14:39:13 +0000
asID:                     23487
IP address blocks:        190.63.0.0/16 maxlen: 24
                          190.111.64.0/20 maxlen: 24
                          190.111.80.0/20 maxlen: 24
                          200.25.192.0/20 maxlen: 24
                          200.25.208.0/20 maxlen: 24
                          2800:430::/32 maxlen: 48

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/1b7924a2-bf21-496d-a8e0-cf890812a577/e4c05daa3a6e5aa60346bc5b6a8b22c4c14ccb2c.crl
                          rsync://repository.lacnic.net/rpki/lacnic/1b7924a2-bf21-496d-a8e0-cf890812a577/e4c05daa3a6e5aa60346bc5b6a8b22c4c14ccb2c.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/e4c05daa3a6e5aa60346bc5b6a8b22c4c14ccb2c.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Tue 27 Feb 2024 12:23:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 859989 (0xd1f55)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e4c05daa3a6e5aa60346bc5b6a8b22c4c14ccb2c
        Validity
            Not Before: Mar 24 14:39:13 2021 GMT
            Not After : Mar 24 14:39:13 2026 GMT
        Subject: CN=f60a0b12897a5bdec4b90c47fd0d539c70d72086
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:eb:ea:21:82:f0:16:cd:48:33:67:b7:7f:59:a2:
                    e4:24:20:fe:ba:eb:28:a8:d2:6d:3c:ee:50:0c:59:
                    99:ab:d7:52:17:3b:c4:24:7a:46:86:fd:3c:c2:b3:
                    cc:c7:91:03:cf:c7:cc:1f:06:0c:be:09:e6:41:6f:
                    08:cb:e5:69:5a:1f:90:84:0d:e7:24:00:64:18:08:
                    3a:98:09:07:a3:3b:e2:42:f4:4a:c0:4e:c7:f6:a0:
                    a3:82:f5:5a:ee:db:28:43:45:df:9c:13:95:7b:1f:
                    2e:73:50:a7:83:c8:ce:21:06:0f:64:7f:a8:69:d9:
                    8c:6b:00:90:2f:4c:da:30:01:61:1c:c1:89:4e:ed:
                    f5:e3:03:43:37:6b:4c:52:f0:16:b3:d2:a3:05:66:
                    24:a9:2b:b3:f8:92:c5:83:8c:1e:06:44:0f:57:bd:
                    fe:70:05:f3:b7:1b:53:7b:2a:74:59:01:b6:3c:00:
                    83:a9:4c:c8:ac:24:65:a1:3c:c5:76:f1:1f:34:90:
                    d7:21:fb:28:86:ef:e1:57:24:c6:96:0a:4a:84:1f:
                    04:d6:61:f0:a9:8e:0c:45:44:06:ee:99:2e:8c:f9:
                    68:15:3f:95:6f:da:9c:9f:14:06:97:e9:f7:7b:eb:
                    04:a1:a2:2b:b2:6b:51:3c:e0:7e:f6:01:f1:c6:b5:
                    94:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                18:57:32:8A:BF:62:F8:D0:3B:64:4A:2E:E7:BB:B1:44:3B:3B:95:1B
            X509v3 Authority Key Identifier:
                keyid:17:73:3B:88:7C:39:A9:14:85:6A:EE:36:19:17:FC:E1:34:73:86:CD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/e4c05daa3a6e5aa60346bc5b6a8b22c4c14ccb2c.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/1b7924a2-bf21-496d-a8e0-cf890812a577/f60a0b12897a5bdec4b90c47fd0d539c70d72086.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/1b7924a2-bf21-496d-a8e0-cf890812a577/e4c05daa3a6e5aa60346bc5b6a8b22c4c14ccb2c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.63.0.0/16
                  190.111.64.0/19
                  200.25.192.0/19
                IPv6:
                  2800:430::/32

    Signature Algorithm: sha256WithRSAEncryption
         0d:c4:df:c2:01:98:d2:fb:e2:0a:fa:c4:52:69:1d:d8:2f:34:
         45:41:65:f2:99:47:b5:e2:d1:b5:65:e4:5a:cf:20:17:e1:19:
         c5:ce:15:6f:13:1f:e0:a7:e7:de:b7:3b:1b:3c:17:08:e6:50:
         32:0f:29:3c:fd:f8:f6:c5:fb:4e:7a:87:ae:8b:e4:96:e9:50:
         bc:e0:7b:93:9b:1a:b7:f3:23:a1:18:b0:4d:91:2e:1e:57:34:
         9b:2e:69:c3:15:00:1f:5c:c8:19:aa:60:6f:b3:15:f8:ab:50:
         49:1f:8d:63:71:a3:bd:20:94:79:c2:9b:b4:60:f6:2c:de:5a:
         ca:aa:45:52:b9:27:8a:82:7c:12:f7:43:26:72:53:66:5e:39:
         a1:c0:49:83:2a:49:88:7b:10:45:13:19:74:54:7b:c3:b6:f0:
         fe:93:79:ec:da:6f:bd:0c:81:13:c5:ce:6f:4e:3f:41:b7:d0:
         13:49:93:b7:8a:87:a9:a7:e1:04:e8:ee:66:2e:a6:3e:4a:ac:
         e0:95:af:05:f3:eb:c4:b5:4f:d5:3f:31:d6:39:86:31:27:58:
         1d:d2:8e:1f:e9:da:c1:02:4e:fc:30:c2:5b:97:f7:2e:15:ed:
         a2:27:50:ec:f4:e5:0a:c7:21:8d:50:80:6f:a1:53:63:e4:71:
         27:5b:f0:2a
-----BEGIN CERTIFICATE-----
MIIFWjCCBEKgAwIBAgIDDR9VMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGU0
YzA1ZGFhM2E2ZTVhYTYwMzQ2YmM1YjZhOGIyMmM0YzE0Y2NiMmMwHhcNMjEwMzI0
MTQzOTEzWhcNMjYwMzI0MTQzOTEzWjAzMTEwLwYDVQQDEyhmNjBhMGIxMjg5N2E1
YmRlYzRiOTBjNDdmZDBkNTM5YzcwZDcyMDg2MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA6+ohgvAWzUgzZ7d/WaLkJCD+uusoqNJtPO5QDFmZq9dSFzvE
JHpGhv08wrPMx5EDz8fMHwYMvgnmQW8Iy+VpWh+QhA3nJABkGAg6mAkHozviQvRK
wE7H9qCjgvVa7tsoQ0XfnBOVex8uc1Cng8jOIQYPZH+oadmMawCQL0zaMAFhHMGJ
Tu314wNDN2tMUvAWs9KjBWYkqSuz+JLFg4weBkQPV73+cAXztxtTeyp0WQG2PACD
qUzIrCRloTzFdvEfNJDXIfsohu/hVyTGlgpKhB8E1mHwqY4MRUQG7pkujPloFT+V
b9qcnxQGl+n3e+sEoaIrsmtRPOB+9gHxxrWUJQIDAQABo4ICdTCCAnEwHQYDVR0O
BBYEFBhXMoq/YvjQO2RKLue7sUQ7O5UbMB8GA1UdIwQYMBaAFBdzO4h8OakUhWru
NhkX/OE0c4bNMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvZTRjMDVk
YWEzYTZlNWFhNjAzNDZiYzViNmE4YjIyYzRjMTRjY2IyYy5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMWI3OTI0YTItYmYyMS00OTZkLWE4ZTAtY2Y4OTA4
MTJhNTc3L2Y2MGEwYjEyODk3YTViZGVjNGI5MGM0N2ZkMGQ1MzljNzBkNzIwODYu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8xYjc5MjRhMi1iZjIxLTQ5NmQtYThlMC1jZjg5
MDgxMmE1NzcvZTRjMDVkYWEzYTZlNWFhNjAzNDZiYzViNmE4YjIyYzRjMTRjY2Iy
Yy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA5BggrBgEFBQcBBwEB/wQq
MCgwFwQCAAEwEQMDAL4/AwQFvm9AAwQFyBnAMA0EAgACMAcDBQAoAAQwMA0GCSqG
SIb3DQEBCwUAA4IBAQANxN/CAZjS++IK+sRSaR3YLzRFQWXymUe14tG1ZeRazyAX
4RnFzhVvEx/gp+fetzsbPBcI5lAyDyk8/fj2xftOeoeui+SW6VC84HuTmxq38yOh
GLBNkS4eVzSbLmnDFQAfXMgZqmBvsxX4q1BJH41jcaO9IJR5wpu0YPYs3lrKqkVS
uSeKgnwS90MmclNmXjmhwEmDKkmIexBFExl0VHvDtvD+k3ns2m+9DIETxc5vTj9B
t9ATSZO3ioepp+EE6O5mLqY+Sqzgla8F8+vEtU/VPzHWOYYxJ1gd0o4f6drBAk78
MMJbl/cuFe2iJ1Ds9OUKxyGNUIBvoVNj5HEnW/Aq
-----END CERTIFICATE-----
Generated at Sat Feb 24 15:43:04 2024 by rpki-client on console-fra.rpki-client.org