Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/336156e89cf858441a23d561f9a9b7221fbedbdc.roa
File:                     336156e89cf858441a23d561f9a9b7221fbedbdc.roa (raw, json)
Hash identifier:          84N9Bq4cNCpVea1kkDVEfbg0iFbkLRf+GDR3jujGLSE=
Subject key identifier:   E2:D3:EE:CB:F9:B9:5A:B4:60:9D:41:9E:C8:F7:31:19:B8:72:05:B5
Certificate issuer:       /CN=a883c910f879603b967c0636c6f3e9125b3651b5
Certificate serial:       1084B5
Authority key identifier: 47:A6:7F:38:4E:50:5D:26:62:07:3D:AB:35:56:E6:EE:46:F6:2E:71
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/a883c910f879603b967c0636c6f3e9125b3651b5.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/336156e89cf858441a23d561f9a9b7221fbedbdc.roa
Signing time:             Wed 28 Jul 2021 20:41:28 +0000
ROA not before:           Wed 28 Jul 2021 03:00:00 +0000
ROA not after:            Tue 24 Mar 2026 03:00:00 +0000
asID:                     52233
IP address blocks:        190.4.168.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/a883c910f879603b967c0636c6f3e9125b3651b5.crl
                          rsync://repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/a883c910f879603b967c0636c6f3e9125b3651b5.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/a883c910f879603b967c0636c6f3e9125b3651b5.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 14 Apr 2024 19:18:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1082549 (0x1084b5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a883c910f879603b967c0636c6f3e9125b3651b5
        Validity
            Not Before: Jul 28 03:00:00 2021 GMT
            Not After : Mar 24 03:00:00 2026 GMT
        Subject: CN=336156e89cf858441a23d561f9a9b7221fbedbdc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:7c:34:4f:0d:86:8e:10:98:69:17:f5:9e:5f:
                    f1:ff:a2:fa:e3:9b:5a:18:cc:b1:63:04:56:1a:f6:
                    87:dd:10:69:78:1e:f2:11:f1:26:72:9f:73:80:89:
                    42:ab:fa:f9:1d:ce:dd:db:e5:9f:18:b3:14:f0:09:
                    49:1c:4e:53:70:87:45:66:1d:66:38:27:ac:fa:6e:
                    d5:af:d5:3e:49:a8:9f:dc:21:4c:40:06:52:fc:09:
                    8e:ef:42:71:76:6e:13:d7:6c:3a:5e:b4:9e:fa:8f:
                    8b:30:bd:20:32:5e:c4:6e:23:85:83:be:06:6f:2a:
                    57:a7:78:8a:f3:71:3f:f2:80:fd:0e:90:2f:8c:e7:
                    08:4b:a5:a5:ea:35:74:94:c2:c1:99:67:64:bb:e8:
                    6b:9b:95:4d:ed:a2:6b:80:81:46:94:ed:43:ce:90:
                    c7:ed:34:34:57:d8:57:9c:26:d0:8f:3b:aa:9a:6a:
                    a5:22:f3:68:07:cc:1d:b3:87:45:78:2e:94:e7:54:
                    95:42:ee:0d:95:d0:99:3f:36:42:98:76:9c:76:ea:
                    dc:4e:37:48:78:9d:92:27:50:c7:60:b8:e4:d1:7f:
                    4d:b0:29:eb:3e:cc:0f:7e:d6:e0:da:99:e5:07:75:
                    e5:35:88:d4:a9:cb:de:ad:bc:ba:e3:b2:bc:f2:95:
                    8e:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E2:D3:EE:CB:F9:B9:5A:B4:60:9D:41:9E:C8:F7:31:19:B8:72:05:B5
            X509v3 Authority Key Identifier:
                keyid:47:A6:7F:38:4E:50:5D:26:62:07:3D:AB:35:56:E6:EE:46:F6:2E:71

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/a883c910f879603b967c0636c6f3e9125b3651b5.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/336156e89cf858441a23d561f9a9b7221fbedbdc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/a883c910f879603b967c0636c6f3e9125b3651b5.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.4.168.0/22

    Signature Algorithm: sha256WithRSAEncryption
         ab:e8:aa:76:5d:5b:cc:61:e9:73:e7:e0:6b:6b:cb:f8:4a:6c:
         c8:b3:ed:88:78:22:5c:29:b7:d0:b0:fb:77:11:a9:79:e8:a0:
         c5:7a:5e:ee:b8:d8:20:3f:30:9c:b0:8b:88:ee:83:53:f4:3c:
         40:67:f4:c1:8a:88:6e:8b:12:0d:c3:49:e6:e4:b7:32:b7:09:
         29:07:a9:75:7b:46:09:1d:a2:38:26:71:95:50:e4:b6:5a:c1:
         62:14:95:a7:19:6f:11:80:08:8a:3a:c4:62:57:33:fd:78:93:
         0c:dd:84:08:ac:d1:f4:de:4e:f9:e4:93:af:b9:cc:42:69:33:
         4a:37:2d:13:a7:cb:a9:1f:48:a0:d4:0f:c6:db:71:5b:41:ba:
         2d:d9:a3:ef:44:65:d8:3f:8f:09:1c:f0:24:62:02:5b:32:35:
         60:c3:e8:68:ec:ee:0b:f6:50:75:7b:b3:ae:c5:33:59:5d:11:
         d3:c8:77:30:b5:13:c5:64:7c:02:2c:43:3b:cf:af:fc:be:21:
         1f:5c:e2:68:a4:b6:fe:fa:64:c3:f3:df:d9:f1:6e:ca:11:c4:
         55:09:98:bf:5f:cd:77:af:a3:cf:c0:c5:c6:e7:5f:ec:a2:8b:
         ad:1e:76:6b:1f:9b:1c:c5:4d:4f:3f:7f:aa:fa:d5:a7:6a:8f:
         c9:75:23:69
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDEIS1MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGE4
ODNjOTEwZjg3OTYwM2I5NjdjMDYzNmM2ZjNlOTEyNWIzNjUxYjUwHhcNMjEwNzI4
MDMwMDAwWhcNMjYwMzI0MDMwMDAwWjAzMTEwLwYDVQQDEygzMzYxNTZlODljZjg1
ODQ0MWEyM2Q1NjFmOWE5YjcyMjFmYmVkYmRjMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAn3w0Tw2GjhCYaRf1nl/x/6L645taGMyxYwRWGvaH3RBpeB7y
EfEmcp9zgIlCq/r5Hc7d2+WfGLMU8AlJHE5TcIdFZh1mOCes+m7Vr9U+Saif3CFM
QAZS/AmO70Jxdm4T12w6XrSe+o+LML0gMl7EbiOFg74GbypXp3iK83E/8oD9DpAv
jOcIS6Wl6jV0lMLBmWdku+hrm5VN7aJrgIFGlO1DzpDH7TQ0V9hXnCbQjzuqmmql
IvNoB8wds4dFeC6U51SVQu4NldCZPzZCmHacdurcTjdIeJ2SJ1DHYLjk0X9NsCnr
PswPftbg2pnlB3XlNYjUqcverby647K88pWOvQIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFOLT7sv5uVq0YJ1Bnsj3MRm4cgW1MB8GA1UdIwQYMBaAFEemfzhOUF0mYgc9
qzVW5u5G9i5xMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYTg4M2M5
MTBmODc5NjAzYjk2N2MwNjM2YzZmM2U5MTI1YjM2NTFiNS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMmFiZDZiMzQtODk1My00YzcyLWEwYTItN2VjYjlk
ZThhYWJhLzMzNjE1NmU4OWNmODU4NDQxYTIzZDU2MWY5YTliNzIyMWZiZWRiZGMu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8yYWJkNmIzNC04OTUzLTRjNzItYTBhMi03ZWNi
OWRlOGFhYmEvYTg4M2M5MTBmODc5NjAzYjk2N2MwNjM2YzZmM2U5MTI1YjM2NTFi
NS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAr4EqDANBgkqhkiG9w0BAQsFAAOCAQEAq+iqdl1bzGHpc+fg
a2vL+EpsyLPtiHgiXCm30LD7dxGpeeigxXpe7rjYID8wnLCLiO6DU/Q8QGf0wYqI
bosSDcNJ5uS3MrcJKQepdXtGCR2iOCZxlVDktlrBYhSVpxlvEYAIijrEYlcz/XiT
DN2ECKzR9N5O+eSTr7nMQmkzSjctE6fLqR9IoNQPxttxW0G6Ldmj70Rl2D+PCRzw
JGICWzI1YMPoaOzuC/ZQdXuzrsUzWV0R08h3MLUTxWR8AixDO8+v/L4hH1ziaKS2
/vpkw/Pf2fFuyhHEVQmYv1/Nd6+jz8DFxudf7KKLrR52ax+bHMVNTz9/qvrVp2qP
yXUjaQ==
-----END CERTIFICATE-----
Generated at Fri Apr 12 03:03:44 2024 by rpki-client on console-ams.rpki-client.org