Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/2964f583f5c308cd4c4107437185b7f3b99efe41.roa
File:                     2964f583f5c308cd4c4107437185b7f3b99efe41.roa (raw, json)
Hash identifier:          f+tEtVhwNneoh04gZu0a+TmwpesP07nA2D9B6Zwpf/U=
Subject key identifier:   EE:E1:00:16:3F:3E:9C:9D:82:9B:E1:26:0D:1F:61:DB:A5:C0:01:7B
Certificate issuer:       /CN=a883c910f879603b967c0636c6f3e9125b3651b5
Certificate serial:       196C2B
Authority key identifier: 47:A6:7F:38:4E:50:5D:26:62:07:3D:AB:35:56:E6:EE:46:F6:2E:71
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/a883c910f879603b967c0636c6f3e9125b3651b5.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/2964f583f5c308cd4c4107437185b7f3b99efe41.roa
Signing time:             Sun 17 Jul 2022 19:57:06 +0000
ROA not before:           Wed 24 Mar 2021 03:00:00 +0000
ROA not after:            Tue 24 Mar 2026 03:00:00 +0000
asID:                     52233
IP address blocks:        190.88.49.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/a883c910f879603b967c0636c6f3e9125b3651b5.crl
                          rsync://repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/a883c910f879603b967c0636c6f3e9125b3651b5.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/a883c910f879603b967c0636c6f3e9125b3651b5.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 15 Apr 2024 13:34:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1666091 (0x196c2b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a883c910f879603b967c0636c6f3e9125b3651b5
        Validity
            Not Before: Mar 24 03:00:00 2021 GMT
            Not After : Mar 24 03:00:00 2026 GMT
        Subject: CN=2964f583f5c308cd4c4107437185b7f3b99efe41
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:7e:57:be:c2:6a:61:5e:0b:88:f2:08:e2:1f:
                    93:23:a4:68:b9:a0:95:7f:13:90:40:94:10:91:3b:
                    dd:04:d8:71:7d:3f:43:30:54:a5:69:36:f2:7d:d2:
                    57:76:db:1a:a7:7a:cf:68:71:35:fc:c6:4c:53:e4:
                    8b:f0:8d:e5:3e:12:a7:94:a3:26:45:d7:cd:eb:6f:
                    27:a2:62:23:43:d2:0a:60:58:04:ce:06:5e:aa:dc:
                    a9:ab:ee:05:8e:d8:cf:63:fa:3a:c7:47:4d:d1:ff:
                    ff:10:f2:88:7b:59:44:c2:15:aa:f6:9d:6c:18:f2:
                    51:36:a9:ca:d4:bc:8d:65:79:9c:64:f1:57:a4:d9:
                    ed:fb:22:0f:f4:df:dc:c4:60:1d:28:71:36:b5:4a:
                    6f:aa:65:f1:aa:2c:9e:46:82:0f:06:72:f1:08:ae:
                    7b:6f:17:27:82:44:39:35:9a:2e:25:d7:98:31:9d:
                    37:1f:94:a1:a8:0f:ff:3e:95:38:05:77:fe:3e:b9:
                    df:bc:38:17:81:88:19:61:95:0a:ac:b1:62:a7:47:
                    87:f3:e4:9e:a7:f5:88:21:e8:ef:19:9b:e8:cb:f8:
                    3f:52:38:ca:1e:36:3c:b0:c3:ff:2b:55:13:5a:f6:
                    dc:ce:6a:63:bf:71:eb:b7:9f:49:d2:1e:b5:82:1a:
                    56:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EE:E1:00:16:3F:3E:9C:9D:82:9B:E1:26:0D:1F:61:DB:A5:C0:01:7B
            X509v3 Authority Key Identifier:
                keyid:47:A6:7F:38:4E:50:5D:26:62:07:3D:AB:35:56:E6:EE:46:F6:2E:71

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/a883c910f879603b967c0636c6f3e9125b3651b5.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/2964f583f5c308cd4c4107437185b7f3b99efe41.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/a883c910f879603b967c0636c6f3e9125b3651b5.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.88.49.0/24

    Signature Algorithm: sha256WithRSAEncryption
         94:dc:c9:e6:4a:51:3b:43:4d:e6:92:98:f8:23:32:8a:e2:d8:
         67:76:2c:7e:20:1d:86:3f:44:76:a9:91:75:4b:f2:d4:d2:f9:
         0a:02:e9:c9:ef:bf:b6:21:7a:da:dc:d3:d1:5a:e4:4d:eb:30:
         31:2e:07:50:64:98:2a:de:35:96:85:d6:98:2f:a2:fa:aa:4a:
         24:4d:a2:4a:36:50:4b:8a:fb:66:b6:1f:92:ea:3f:c9:78:d3:
         4e:01:b2:a5:65:78:f3:d0:3a:66:d2:77:db:13:ec:f5:fa:c6:
         c4:a3:8f:6d:82:3d:33:cf:22:4c:e6:96:42:5d:15:eb:c1:56:
         49:1c:1e:57:4c:68:78:d6:c9:3d:7b:3a:5b:88:ed:dc:f9:d2:
         fc:17:e9:70:c8:d9:cf:e1:b6:cf:9c:db:f5:fb:2e:25:80:60:
         ee:c8:92:6c:27:1d:63:69:5d:22:5a:05:b1:7c:75:ba:34:ff:
         96:e4:12:fa:cb:17:80:ef:1b:82:d0:98:5f:ac:b4:33:1f:53:
         91:4c:14:f0:0d:20:ab:d1:66:eb:db:65:24:a4:ba:5a:d4:33:
         87:ee:6f:20:56:c1:8f:cc:48:9f:81:d5:32:48:f6:51:84:b7:
         37:64:a7:b8:0e:7f:5b:39:4c:f1:b2:44:96:59:96:d6:83:9d:
         63:ee:3b:ee
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDGWwrMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGE4
ODNjOTEwZjg3OTYwM2I5NjdjMDYzNmM2ZjNlOTEyNWIzNjUxYjUwHhcNMjEwMzI0
MDMwMDAwWhcNMjYwMzI0MDMwMDAwWjAzMTEwLwYDVQQDEygyOTY0ZjU4M2Y1YzMw
OGNkNGM0MTA3NDM3MTg1YjdmM2I5OWVmZTQxMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEArX5XvsJqYV4LiPII4h+TI6RouaCVfxOQQJQQkTvdBNhxfT9D
MFSlaTbyfdJXdtsap3rPaHE1/MZMU+SL8I3lPhKnlKMmRdfN628nomIjQ9IKYFgE
zgZeqtypq+4FjtjPY/o6x0dN0f//EPKIe1lEwhWq9p1sGPJRNqnK1LyNZXmcZPFX
pNnt+yIP9N/cxGAdKHE2tUpvqmXxqiyeRoIPBnLxCK57bxcngkQ5NZouJdeYMZ03
H5ShqA//PpU4BXf+PrnfvDgXgYgZYZUKrLFip0eH8+Sep/WIIejvGZvoy/g/UjjK
HjY8sMP/K1UTWvbczmpjv3Hrt59J0h61ghpWOQIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFO7hABY/PpydgpvhJg0fYdulwAF7MB8GA1UdIwQYMBaAFEemfzhOUF0mYgc9
qzVW5u5G9i5xMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYTg4M2M5
MTBmODc5NjAzYjk2N2MwNjM2YzZmM2U5MTI1YjM2NTFiNS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMmFiZDZiMzQtODk1My00YzcyLWEwYTItN2VjYjlk
ZThhYWJhLzI5NjRmNTgzZjVjMzA4Y2Q0YzQxMDc0MzcxODViN2YzYjk5ZWZlNDEu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8yYWJkNmIzNC04OTUzLTRjNzItYTBhMi03ZWNi
OWRlOGFhYmEvYTg4M2M5MTBmODc5NjAzYjk2N2MwNjM2YzZmM2U5MTI1YjM2NTFi
NS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAL5YMTANBgkqhkiG9w0BAQsFAAOCAQEAlNzJ5kpRO0NN5pKY
+CMyiuLYZ3YsfiAdhj9EdqmRdUvy1NL5CgLpye+/tiF62tzT0VrkTeswMS4HUGSY
Kt41loXWmC+i+qpKJE2iSjZQS4r7ZrYfkuo/yXjTTgGypWV489A6ZtJ32xPs9frG
xKOPbYI9M88iTOaWQl0V68FWSRweV0xoeNbJPXs6W4jt3PnS/BfpcMjZz+G2z5zb
9fsuJYBg7siSbCcdY2ldIloFsXx1ujT/luQS+ssXgO8bgtCYX6y0Mx9TkUwU8A0g
q9Fm69tlJKS6WtQzh+5vIFbBj8xIn4HVMkj2UYS3N2SnuA5/WzlM8bJEllmW1oOd
Y+477g==
-----END CERTIFICATE-----
Generated at Fri Apr 12 15:32:11 2024 by rpki-client on console-ams.rpki-client.org