Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/3256138bba72f4b8df94910400e2a6d214856e1c.roa
File:                     3256138bba72f4b8df94910400e2a6d214856e1c.roa (raw, json)
Hash identifier:          2in0miDejAkSyvvUDZfJPjdt008k1mK2OkqD+RuQqCQ=
Subject key identifier:   63:39:B9:5B:F6:CC:F3:D4:51:E7:08:61:30:65:91:56:A6:E5:95:B1
Certificate issuer:       /CN=a883c910f879603b967c0636c6f3e9125b3651b5
Certificate serial:       197742
Authority key identifier: 47:A6:7F:38:4E:50:5D:26:62:07:3D:AB:35:56:E6:EE:46:F6:2E:71
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/a883c910f879603b967c0636c6f3e9125b3651b5.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/3256138bba72f4b8df94910400e2a6d214856e1c.roa
Signing time:             Sun 17 Jul 2022 19:59:24 +0000
ROA not before:           Wed 24 Mar 2021 03:00:00 +0000
ROA not after:            Tue 24 Mar 2026 03:00:00 +0000
asID:                     52233
IP address blocks:        190.4.154.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/a883c910f879603b967c0636c6f3e9125b3651b5.crl
                          rsync://repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/a883c910f879603b967c0636c6f3e9125b3651b5.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/a883c910f879603b967c0636c6f3e9125b3651b5.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 14 Apr 2024 19:18:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1668930 (0x197742)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a883c910f879603b967c0636c6f3e9125b3651b5
        Validity
            Not Before: Mar 24 03:00:00 2021 GMT
            Not After : Mar 24 03:00:00 2026 GMT
        Subject: CN=3256138bba72f4b8df94910400e2a6d214856e1c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:28:f0:8b:18:1e:d3:28:36:e1:b1:3e:eb:3d:
                    14:df:34:d4:25:6a:49:37:b5:34:dc:e9:01:57:ad:
                    0d:b1:45:2c:2f:36:e1:24:a3:79:1d:98:37:69:bd:
                    2b:ed:e1:74:78:9b:f0:56:c7:5c:c8:dc:77:b1:f8:
                    a5:a3:1f:b3:99:3f:bb:8b:64:47:aa:23:fd:8e:e5:
                    cc:da:d7:e9:01:35:be:f2:97:97:b6:e4:0c:b5:c9:
                    15:f3:cb:19:58:56:31:6d:24:9b:0c:66:5c:7b:bc:
                    70:73:a8:18:79:3e:88:ec:e7:9b:7f:45:6f:c7:36:
                    a4:3c:a2:e0:cc:6f:17:5a:a2:63:53:90:09:f8:13:
                    1e:87:5a:ae:84:5f:7a:3c:ab:b5:53:d8:7a:14:9c:
                    a4:e7:59:70:45:62:ee:b0:57:5c:71:f8:33:3f:84:
                    47:12:2d:2b:a6:25:9e:64:e2:8e:78:03:91:29:c9:
                    8a:e3:3a:5f:09:36:c8:47:1c:d6:54:05:4c:66:1c:
                    44:7a:3e:de:6c:02:62:4c:1b:dd:f3:68:4c:f2:c6:
                    03:4d:72:fe:90:1f:6b:64:16:f9:42:80:2b:08:91:
                    b4:8f:31:15:cc:4a:b4:85:c8:4d:66:2a:24:41:33:
                    b7:d3:b2:65:ec:45:0b:cf:b1:67:d3:ed:71:ee:e9:
                    b2:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                63:39:B9:5B:F6:CC:F3:D4:51:E7:08:61:30:65:91:56:A6:E5:95:B1
            X509v3 Authority Key Identifier:
                keyid:47:A6:7F:38:4E:50:5D:26:62:07:3D:AB:35:56:E6:EE:46:F6:2E:71

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/a883c910f879603b967c0636c6f3e9125b3651b5.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/3256138bba72f4b8df94910400e2a6d214856e1c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/a883c910f879603b967c0636c6f3e9125b3651b5.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.4.154.0/24

    Signature Algorithm: sha256WithRSAEncryption
         78:db:d5:a4:fd:02:03:e4:9a:b1:4e:fa:51:74:d7:98:d4:b6:
         04:2a:ca:05:79:03:43:f0:10:bb:4b:c9:5b:0f:1f:fc:fa:a7:
         f9:66:20:3a:e4:3c:56:32:7b:ac:14:2a:67:0a:2f:35:4d:43:
         f7:64:dd:ca:95:0b:93:fc:1b:3c:f7:1e:70:59:6d:4f:c9:99:
         64:6b:cd:79:b4:22:95:23:2b:40:06:61:a1:92:2d:98:be:70:
         04:c7:65:9b:60:d7:dd:28:0f:6b:58:7f:18:7e:ed:c2:d4:75:
         f5:ea:0a:d0:93:31:da:0b:f7:38:e7:4e:3d:24:e9:3a:dd:af:
         33:28:fd:66:a3:60:57:0c:dc:c6:85:e7:35:ef:e3:6b:c7:1d:
         20:4f:2c:cd:8b:f1:fd:9a:5b:2b:3a:4c:10:18:23:d0:03:de:
         60:ca:e3:0a:2a:52:48:ce:df:55:63:99:3f:00:64:6c:47:e5:
         63:a4:7c:12:38:19:7d:21:ec:0a:41:7c:04:14:8d:8e:8b:29:
         08:a0:5d:cf:ee:73:83:ca:d9:44:4c:5c:e3:ce:f9:7d:24:63:
         70:bc:32:2f:e9:ef:4d:ff:18:cb:d1:45:47:04:1b:a1:db:bc:
         69:74:4e:ec:d7:b0:a8:67:c9:4a:6d:fb:0f:3d:d3:22:69:22:
         8f:25:56:50
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDGXdCMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGE4
ODNjOTEwZjg3OTYwM2I5NjdjMDYzNmM2ZjNlOTEyNWIzNjUxYjUwHhcNMjEwMzI0
MDMwMDAwWhcNMjYwMzI0MDMwMDAwWjAzMTEwLwYDVQQDEygzMjU2MTM4YmJhNzJm
NGI4ZGY5NDkxMDQwMGUyYTZkMjE0ODU2ZTFjMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAhyjwixge0yg24bE+6z0U3zTUJWpJN7U03OkBV60NsUUsLzbh
JKN5HZg3ab0r7eF0eJvwVsdcyNx3sfilox+zmT+7i2RHqiP9juXM2tfpATW+8peX
tuQMtckV88sZWFYxbSSbDGZce7xwc6gYeT6I7Oebf0VvxzakPKLgzG8XWqJjU5AJ
+BMeh1quhF96PKu1U9h6FJyk51lwRWLusFdccfgzP4RHEi0rpiWeZOKOeAORKcmK
4zpfCTbIRxzWVAVMZhxEej7ebAJiTBvd82hM8sYDTXL+kB9rZBb5QoArCJG0jzEV
zEq0hchNZiokQTO307Jl7EULz7Fn0+1x7umyaQIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFGM5uVv2zPPUUecIYTBlkVam5ZWxMB8GA1UdIwQYMBaAFEemfzhOUF0mYgc9
qzVW5u5G9i5xMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYTg4M2M5
MTBmODc5NjAzYjk2N2MwNjM2YzZmM2U5MTI1YjM2NTFiNS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMmFiZDZiMzQtODk1My00YzcyLWEwYTItN2VjYjlk
ZThhYWJhLzMyNTYxMzhiYmE3MmY0YjhkZjk0OTEwNDAwZTJhNmQyMTQ4NTZlMWMu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8yYWJkNmIzNC04OTUzLTRjNzItYTBhMi03ZWNi
OWRlOGFhYmEvYTg4M2M5MTBmODc5NjAzYjk2N2MwNjM2YzZmM2U5MTI1YjM2NTFi
NS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAL4EmjANBgkqhkiG9w0BAQsFAAOCAQEAeNvVpP0CA+SasU76
UXTXmNS2BCrKBXkDQ/AQu0vJWw8f/Pqn+WYgOuQ8VjJ7rBQqZwovNU1D92TdypUL
k/wbPPcecFltT8mZZGvNebQilSMrQAZhoZItmL5wBMdlm2DX3SgPa1h/GH7twtR1
9eoK0JMx2gv3OOdOPSTpOt2vMyj9ZqNgVwzcxoXnNe/ja8cdIE8szYvx/ZpbKzpM
EBgj0APeYMrjCipSSM7fVWOZPwBkbEflY6R8EjgZfSHsCkF8BBSNjospCKBdz+5z
g8rZRExc4875fSRjcLwyL+nvTf8Yy9FFRwQbodu8aXRO7NewqGfJSm37Dz3TImki
jyVWUA==
-----END CERTIFICATE-----
Generated at Fri Apr 12 03:03:44 2024 by rpki-client on console-ams.rpki-client.org