Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/26664231-e1d4-4661-8929-960141976395/67dd218b282486c3e1fd50a38acdf924c3568d9d.roa
File:                     67dd218b282486c3e1fd50a38acdf924c3568d9d.roa (raw, json)
Hash identifier:          p+/r9T0oXbn8VWI5dReK93OJY2nymig87+7/rClWrIk=
Subject key identifier:   7A:E8:27:90:8A:17:66:D5:28:B2:68:A6:0E:5B:3D:6B:6D:EE:AD:F9
Certificate issuer:       /CN=9e80312a4e397bf8e492d8f250b4fd13f79161cc
Certificate serial:       0D4525
Authority key identifier: 63:B8:26:B4:00:81:35:2C:5C:3A:AE:19:94:70:FF:95:11:5F:C6:7D
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/9e80312a4e397bf8e492d8f250b4fd13f79161cc.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/26664231-e1d4-4661-8929-960141976395/67dd218b282486c3e1fd50a38acdf924c3568d9d.roa
Signing time:             Wed 24 Mar 2021 14:32:43 +0000
ROA not before:           Wed 24 Mar 2021 14:32:43 +0000
ROA not after:            Tue 24 Mar 2026 14:32:43 +0000
asID:                     262208
IP address blocks:        190.13.217.0/24 maxlen: 24
                          190.13.218.0/23 maxlen: 24
                          190.13.223.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/26664231-e1d4-4661-8929-960141976395/9e80312a4e397bf8e492d8f250b4fd13f79161cc.crl
                          rsync://repository.lacnic.net/rpki/lacnic/26664231-e1d4-4661-8929-960141976395/9e80312a4e397bf8e492d8f250b4fd13f79161cc.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/9e80312a4e397bf8e492d8f250b4fd13f79161cc.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 19:38:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 869669 (0xd4525)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9e80312a4e397bf8e492d8f250b4fd13f79161cc
        Validity
            Not Before: Mar 24 14:32:43 2021 GMT
            Not After : Mar 24 14:32:43 2026 GMT
        Subject: CN=67dd218b282486c3e1fd50a38acdf924c3568d9d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:6a:b8:d0:e3:b7:9f:db:77:75:04:39:15:62:
                    60:90:50:f8:86:83:d2:8e:ae:8d:df:de:14:f8:81:
                    30:df:54:4a:d7:ff:6a:56:d8:4f:e0:ec:f3:d6:7d:
                    db:4b:b1:0e:83:de:30:c1:9e:8b:92:b6:5e:e8:0c:
                    77:9f:a9:c6:98:77:d4:a0:ae:8c:fb:43:fd:ed:70:
                    9d:7a:6c:05:a2:d5:c1:72:31:75:6b:34:f8:49:26:
                    a0:99:7f:13:47:a2:7e:68:e6:f2:08:02:d4:6f:fe:
                    52:c5:df:a3:82:39:9a:63:0d:4c:8f:1d:6f:15:8e:
                    89:00:cb:42:96:e9:40:a4:92:22:41:fe:44:fb:c4:
                    c4:c6:28:02:21:34:e9:89:3a:27:b6:1a:d5:e0:51:
                    d7:fb:c3:95:25:14:d3:d6:54:1f:cd:9b:2c:99:f7:
                    33:88:ac:85:55:a8:ad:21:41:c3:ab:b7:58:f4:5c:
                    70:5f:3a:6a:77:88:58:48:89:2a:e9:2f:9d:63:a4:
                    fd:52:be:25:2f:84:b2:af:f1:2e:8c:43:71:04:a2:
                    4d:e7:3f:51:6d:c1:1d:7f:15:0e:9e:ea:03:b6:da:
                    67:48:f9:9d:9d:94:70:2b:26:e2:44:b7:63:23:44:
                    0a:fb:03:67:61:94:a7:bd:99:f6:66:6b:d2:04:0a:
                    cc:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7A:E8:27:90:8A:17:66:D5:28:B2:68:A6:0E:5B:3D:6B:6D:EE:AD:F9
            X509v3 Authority Key Identifier:
                keyid:63:B8:26:B4:00:81:35:2C:5C:3A:AE:19:94:70:FF:95:11:5F:C6:7D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/9e80312a4e397bf8e492d8f250b4fd13f79161cc.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/26664231-e1d4-4661-8929-960141976395/67dd218b282486c3e1fd50a38acdf924c3568d9d.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/26664231-e1d4-4661-8929-960141976395/9e80312a4e397bf8e492d8f250b4fd13f79161cc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.13.217.0-190.13.219.255
                  190.13.223.0/24

    Signature Algorithm: sha256WithRSAEncryption
         18:a9:98:27:cd:ed:08:93:d8:fb:b5:a1:28:97:58:11:c4:94:
         38:46:d2:21:2f:ef:39:38:86:40:c3:d8:e9:a8:d1:e5:52:e0:
         a2:cb:2c:ad:60:70:5c:83:1f:6e:6c:2a:d2:aa:bc:3a:8a:34:
         d2:eb:e4:e3:2d:5f:b1:a8:98:55:55:d7:96:3f:dc:8d:e1:66:
         60:53:a1:7b:63:3e:f5:23:cf:51:f2:4f:a1:61:4d:8d:2c:e4:
         55:c6:eb:71:97:91:85:af:7b:8b:b8:bc:81:21:7a:73:70:bf:
         14:29:90:c7:23:f8:16:63:e8:81:d6:f1:93:2d:e9:0b:5e:37:
         01:0d:71:16:ea:ba:f0:03:b9:73:dc:e1:9e:b5:a7:91:61:e1:
         cb:d3:bc:2f:bd:ba:1b:21:d7:5d:70:71:0d:1a:c5:7d:58:ee:
         d1:2c:98:a4:7e:4b:74:ee:b0:fc:e6:a3:4c:e5:e1:b0:c7:9e:
         34:43:7d:73:b4:7e:b6:b8:8d:08:a2:11:e8:e2:3b:d7:b9:92:
         e5:f9:bd:d9:ac:47:2b:50:44:0e:36:78:e6:8a:15:c7:53:6e:
         77:cf:a8:d0:66:0a:42:e7:a4:17:7f:b1:f8:43:7e:b5:39:d1:
         77:23:4f:d9:95:5c:65:28:1f:08:3b:f8:21:b9:e1:50:7f:45:
         5b:ae:24:43
-----BEGIN CERTIFICATE-----
MIIFTjCCBDagAwIBAgIDDUUlMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDll
ODAzMTJhNGUzOTdiZjhlNDkyZDhmMjUwYjRmZDEzZjc5MTYxY2MwHhcNMjEwMzI0
MTQzMjQzWhcNMjYwMzI0MTQzMjQzWjAzMTEwLwYDVQQDEyg2N2RkMjE4YjI4MjQ4
NmMzZTFmZDUwYTM4YWNkZjkyNGMzNTY4ZDlkMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAx2q40OO3n9t3dQQ5FWJgkFD4hoPSjq6N394U+IEw31RK1/9q
VthP4Ozz1n3bS7EOg94wwZ6LkrZe6Ax3n6nGmHfUoK6M+0P97XCdemwFotXBcjF1
azT4SSagmX8TR6J+aObyCALUb/5Sxd+jgjmaYw1Mjx1vFY6JAMtClulApJIiQf5E
+8TExigCITTpiTonthrV4FHX+8OVJRTT1lQfzZssmfcziKyFVaitIUHDq7dY9Fxw
Xzpqd4hYSIkq6S+dY6T9Ur4lL4Syr/EujENxBKJN5z9RbcEdfxUOnuoDttpnSPmd
nZRwKybiRLdjI0QK+wNnYZSnvZn2ZmvSBArMcQIDAQABo4ICaTCCAmUwHQYDVR0O
BBYEFHroJ5CKF2bVKLJopg5bPWtt7q35MB8GA1UdIwQYMBaAFGO4JrQAgTUsXDqu
GZRw/5URX8Z9MA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvOWU4MDMx
MmE0ZTM5N2JmOGU0OTJkOGYyNTBiNGZkMTNmNzkxNjFjYy5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMjY2NjQyMzEtZTFkNC00NjYxLTg5MjktOTYwMTQx
OTc2Mzk1LzY3ZGQyMThiMjgyNDg2YzNlMWZkNTBhMzhhY2RmOTI0YzM1NjhkOWQu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8yNjY2NDIzMS1lMWQ0LTQ2NjEtODkyOS05NjAx
NDE5NzYzOTUvOWU4MDMxMmE0ZTM5N2JmOGU0OTJkOGYyNTBiNGZkMTNmNzkxNjFj
Yy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAtBggrBgEFBQcBBwEB/wQe
MBwwGgQCAAEwFDAMAwQAvg3ZAwQCvg3YAwQAvg3fMA0GCSqGSIb3DQEBCwUAA4IB
AQAYqZgnze0Ik9j7taEol1gRxJQ4RtIhL+85OIZAw9jpqNHlUuCiyyytYHBcgx9u
bCrSqrw6ijTS6+TjLV+xqJhVVdeWP9yN4WZgU6F7Yz71I89R8k+hYU2NLORVxutx
l5GFr3uLuLyBIXpzcL8UKZDHI/gWY+iB1vGTLekLXjcBDXEW6rrwA7lz3OGetaeR
YeHL07wvvbobIdddcHENGsV9WO7RLJikfkt07rD85qNM5eGwx540Q31ztH62uI0I
ohHo4jvXuZLl+b3ZrEcrUEQONnjmihXHU253z6jQZgpC56QXf7H4Q361OdF3I0/Z
lVxlKB8IO/ghueFQf0VbriRD
-----END CERTIFICATE-----
Generated at Fri Mar 29 03:23:51 2024 by rpki-client on console-ams.rpki-client.org