Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/32d711f80494c68bc308f5ddf06e91384d1ac31d.roa
File:                     32d711f80494c68bc308f5ddf06e91384d1ac31d.roa (raw, json)
Hash identifier:          L1A/JlRNJAL5tjXI4XG3UMADN22FmfZtLM5ysaMwwU0=
Subject key identifier:   26:D7:40:AC:65:61:BB:30:BC:C0:1F:C8:10:67:17:B7:0E:45:EF:9C
Certificate issuer:       /CN=a883c910f879603b967c0636c6f3e9125b3651b5
Certificate serial:       107E13
Authority key identifier: 47:A6:7F:38:4E:50:5D:26:62:07:3D:AB:35:56:E6:EE:46:F6:2E:71
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/a883c910f879603b967c0636c6f3e9125b3651b5.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/32d711f80494c68bc308f5ddf06e91384d1ac31d.roa
Signing time:             Wed 28 Jul 2021 20:40:28 +0000
ROA not before:           Wed 28 Jul 2021 03:00:00 +0000
ROA not after:            Tue 24 Mar 2026 03:00:00 +0000
asID:                     52233
IP address blocks:        190.4.148.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/a883c910f879603b967c0636c6f3e9125b3651b5.crl
                          rsync://repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/a883c910f879603b967c0636c6f3e9125b3651b5.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/a883c910f879603b967c0636c6f3e9125b3651b5.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 15 Apr 2024 06:03:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1080851 (0x107e13)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a883c910f879603b967c0636c6f3e9125b3651b5
        Validity
            Not Before: Jul 28 03:00:00 2021 GMT
            Not After : Mar 24 03:00:00 2026 GMT
        Subject: CN=32d711f80494c68bc308f5ddf06e91384d1ac31d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:9f:e0:cc:12:b0:f8:cd:4b:1b:23:ae:18:56:
                    68:5d:54:62:8b:1b:b6:3e:d7:88:c4:1c:7d:78:04:
                    e0:13:01:bc:11:08:21:91:30:97:6f:f7:9d:5e:63:
                    69:e1:74:36:b6:f6:d0:97:a5:22:3e:f6:f8:3b:f9:
                    9c:56:70:c9:03:77:af:34:05:e3:f2:b7:a0:b9:58:
                    12:76:3f:64:01:4d:6c:d6:69:a9:20:b5:92:cf:32:
                    fa:f7:fd:bf:b6:07:b8:79:45:a0:43:92:96:8f:5b:
                    88:5b:c5:89:32:0f:ff:ef:f9:2f:72:a4:11:20:ae:
                    34:db:7f:0c:9e:53:26:7f:94:90:c8:32:58:5e:97:
                    75:cf:4a:99:ea:7a:e9:dc:eb:75:ad:34:62:07:72:
                    70:74:d6:40:d6:e2:0a:2e:b1:36:d9:0c:bf:0f:2a:
                    bb:54:9f:58:1d:fc:5e:60:c6:b6:c4:3e:38:b3:01:
                    f0:a4:9f:0c:5b:59:91:ad:7f:71:f3:fd:4f:c8:5b:
                    98:73:9a:7c:70:08:97:87:ac:e8:bf:f2:84:65:a7:
                    d6:40:1b:66:d1:2d:11:16:e5:f6:40:8d:4d:90:15:
                    e1:ac:6c:2e:37:c7:9e:93:cb:33:02:ef:0d:35:b0:
                    ad:3a:37:2a:d2:7c:78:fb:14:53:6a:2a:0b:18:ec:
                    e2:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                26:D7:40:AC:65:61:BB:30:BC:C0:1F:C8:10:67:17:B7:0E:45:EF:9C
            X509v3 Authority Key Identifier:
                keyid:47:A6:7F:38:4E:50:5D:26:62:07:3D:AB:35:56:E6:EE:46:F6:2E:71

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/a883c910f879603b967c0636c6f3e9125b3651b5.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/32d711f80494c68bc308f5ddf06e91384d1ac31d.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/a883c910f879603b967c0636c6f3e9125b3651b5.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.4.148.0/22

    Signature Algorithm: sha256WithRSAEncryption
         a4:27:0e:66:47:04:4e:a6:a1:eb:b0:9c:a5:15:28:91:dc:23:
         af:c0:54:e3:07:25:94:1d:ab:63:15:7b:5d:db:e6:9a:9f:aa:
         d7:1d:29:f4:8a:5a:23:a2:4d:3d:84:f4:9f:5b:a6:e5:b6:c6:
         11:3b:60:e0:4a:c1:b6:68:f5:78:dd:8d:11:84:55:e3:ef:6e:
         b2:c0:ce:63:e9:3b:6f:6f:58:30:ad:4c:d5:ce:95:40:3b:da:
         ed:6e:e8:25:9a:0a:5b:b1:6c:9f:4d:f7:94:7f:70:2e:ba:a9:
         53:15:38:39:8b:8b:5c:9f:aa:5a:de:65:fb:62:53:17:d2:fd:
         bc:73:8a:45:be:41:2a:e5:87:71:09:50:69:ec:b6:ab:3c:09:
         74:7e:65:e5:dc:5c:d6:a7:14:b6:84:aa:80:ff:d9:32:b2:68:
         15:86:db:b6:13:a7:12:0e:39:30:71:af:49:aa:05:2a:d2:cd:
         87:01:c1:ea:b8:f8:45:24:b3:00:38:7e:d4:f3:b8:27:ed:5c:
         af:d2:5f:3c:2b:33:78:ec:23:8d:5e:58:46:8c:c9:91:e9:fd:
         c6:4f:2b:52:82:c3:65:33:05:4e:4f:d9:ce:8e:48:8d:b9:84:
         df:85:6c:39:fd:49:c1:5b:47:1e:89:23:89:ed:a9:b4:ba:86:
         5f:0e:00:46
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDEH4TMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGE4
ODNjOTEwZjg3OTYwM2I5NjdjMDYzNmM2ZjNlOTEyNWIzNjUxYjUwHhcNMjEwNzI4
MDMwMDAwWhcNMjYwMzI0MDMwMDAwWjAzMTEwLwYDVQQDEygzMmQ3MTFmODA0OTRj
NjhiYzMwOGY1ZGRmMDZlOTEzODRkMWFjMzFkMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA45/gzBKw+M1LGyOuGFZoXVRiixu2PteIxBx9eATgEwG8EQgh
kTCXb/edXmNp4XQ2tvbQl6UiPvb4O/mcVnDJA3evNAXj8reguVgSdj9kAU1s1mmp
ILWSzzL69/2/tge4eUWgQ5KWj1uIW8WJMg//7/kvcqQRIK40238MnlMmf5SQyDJY
Xpd1z0qZ6nrp3Ot1rTRiB3JwdNZA1uIKLrE22Qy/Dyq7VJ9YHfxeYMa2xD44swHw
pJ8MW1mRrX9x8/1PyFuYc5p8cAiXh6zov/KEZafWQBtm0S0RFuX2QI1NkBXhrGwu
N8eek8szAu8NNbCtOjcq0nx4+xRTaioLGOziuwIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFCbXQKxlYbswvMAfyBBnF7cORe+cMB8GA1UdIwQYMBaAFEemfzhOUF0mYgc9
qzVW5u5G9i5xMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYTg4M2M5
MTBmODc5NjAzYjk2N2MwNjM2YzZmM2U5MTI1YjM2NTFiNS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMmFiZDZiMzQtODk1My00YzcyLWEwYTItN2VjYjlk
ZThhYWJhLzMyZDcxMWY4MDQ5NGM2OGJjMzA4ZjVkZGYwNmU5MTM4NGQxYWMzMWQu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8yYWJkNmIzNC04OTUzLTRjNzItYTBhMi03ZWNi
OWRlOGFhYmEvYTg4M2M5MTBmODc5NjAzYjk2N2MwNjM2YzZmM2U5MTI1YjM2NTFi
NS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAr4ElDANBgkqhkiG9w0BAQsFAAOCAQEApCcOZkcETqah67Cc
pRUokdwjr8BU4wcllB2rYxV7Xdvmmp+q1x0p9IpaI6JNPYT0n1um5bbGETtg4ErB
tmj1eN2NEYRV4+9ussDOY+k7b29YMK1M1c6VQDva7W7oJZoKW7Fsn033lH9wLrqp
UxU4OYuLXJ+qWt5l+2JTF9L9vHOKRb5BKuWHcQlQaey2qzwJdH5l5dxc1qcUtoSq
gP/ZMrJoFYbbthOnEg45MHGvSaoFKtLNhwHB6rj4RSSzADh+1PO4J+1cr9JfPCsz
eOwjjV5YRozJken9xk8rUoLDZTMFTk/Zzo5IjbmE34VsOf1JwVtHHokjie2ptLqG
Xw4ARg==
-----END CERTIFICATE-----
Generated at Fri Apr 12 13:15:03 2024 by rpki-client on console-fra.rpki-client.org