Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/4cbb20e550abd7c3524d675eccdae28c957ebdc8.roa
File:                     4cbb20e550abd7c3524d675eccdae28c957ebdc8.roa (raw, json)
Hash identifier:          RQzW89dEXH4KtYnEdED7stkRwYK79qW9YQBck8nVHZg=
Subject key identifier:   DE:C6:2C:B7:D7:78:1F:62:B8:DC:56:63:0E:82:8C:68:1E:A8:7E:67
Certificate issuer:       /CN=a883c910f879603b967c0636c6f3e9125b3651b5
Certificate serial:       0D76E1
Authority key identifier: 47:A6:7F:38:4E:50:5D:26:62:07:3D:AB:35:56:E6:EE:46:F6:2E:71
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/a883c910f879603b967c0636c6f3e9125b3651b5.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/4cbb20e550abd7c3524d675eccdae28c957ebdc8.roa
Signing time:             Wed 24 Mar 2021 14:38:08 +0000
ROA not before:           Wed 24 Mar 2021 14:38:07 +0000
ROA not after:            Tue 24 Mar 2026 14:38:07 +0000
asID:                     52233
IP address blocks:        190.4.160.0/21 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/a883c910f879603b967c0636c6f3e9125b3651b5.crl
                          rsync://repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/a883c910f879603b967c0636c6f3e9125b3651b5.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/a883c910f879603b967c0636c6f3e9125b3651b5.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 15 Apr 2024 06:03:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 882401 (0xd76e1)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a883c910f879603b967c0636c6f3e9125b3651b5
        Validity
            Not Before: Mar 24 14:38:07 2021 GMT
            Not After : Mar 24 14:38:07 2026 GMT
        Subject: CN=4cbb20e550abd7c3524d675eccdae28c957ebdc8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:b6:e2:c0:e6:0e:1b:c0:cf:e1:2e:a1:4b:bc:
                    ee:d2:96:12:b0:91:0a:11:f0:e9:2c:49:20:07:0a:
                    c7:70:1c:3c:d3:b9:79:d1:1a:0b:5c:29:6d:b8:be:
                    81:63:fc:61:6d:58:66:42:4f:f1:09:9c:01:06:56:
                    bc:a5:6c:0b:23:69:bc:fa:30:cb:56:54:74:3b:f2:
                    d0:0a:27:d3:1a:b0:99:23:2d:87:af:7d:13:04:b3:
                    2f:62:ac:df:48:6c:57:0a:82:2c:5e:8d:79:fc:51:
                    e4:db:8b:c3:3c:44:e4:39:ef:2a:15:7b:3f:45:59:
                    c5:b4:26:6f:f1:fa:9a:d8:75:15:17:90:26:b9:98:
                    df:0c:3b:51:f5:e3:c8:1c:86:f2:41:0d:47:a4:4b:
                    e1:ac:6c:06:2f:f9:9b:cc:a5:fb:29:8b:95:83:2e:
                    4e:d0:f3:e0:9a:05:9f:4a:2f:2e:bf:6d:03:77:f2:
                    a0:70:5b:33:b6:8f:de:ac:3f:7c:2f:31:71:7d:6b:
                    f4:2f:57:9f:23:61:d2:ef:6c:aa:22:76:f6:d6:a4:
                    2b:b8:73:cc:24:d9:87:7c:a3:dc:ae:da:d5:64:33:
                    b9:a6:24:1e:57:45:e6:57:36:9f:14:bd:05:e2:93:
                    44:d6:26:3f:89:78:ad:7b:d1:48:34:fe:b8:58:a8:
                    97:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DE:C6:2C:B7:D7:78:1F:62:B8:DC:56:63:0E:82:8C:68:1E:A8:7E:67
            X509v3 Authority Key Identifier:
                keyid:47:A6:7F:38:4E:50:5D:26:62:07:3D:AB:35:56:E6:EE:46:F6:2E:71

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/a883c910f879603b967c0636c6f3e9125b3651b5.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/4cbb20e550abd7c3524d675eccdae28c957ebdc8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/a883c910f879603b967c0636c6f3e9125b3651b5.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.4.160.0/21

    Signature Algorithm: sha256WithRSAEncryption
         71:88:ea:3e:bc:0e:dd:db:59:20:33:ed:34:d3:06:59:53:02:
         c8:7f:54:c6:ee:6b:af:ad:3a:65:b8:05:5b:36:ba:b5:49:2e:
         53:69:69:a2:9c:95:90:a8:be:76:85:1f:5b:d5:50:3c:9e:58:
         02:b1:1b:4d:c5:2c:a4:49:fc:3a:13:9d:46:69:93:07:0b:50:
         1c:79:9c:14:ef:10:07:0b:71:c5:aa:2a:27:bb:5a:f0:6f:76:
         d2:86:81:cd:fb:7f:e1:ac:9d:ef:03:8f:fa:9e:45:9f:d7:b6:
         bb:74:83:ad:c6:85:03:d1:80:11:64:21:55:70:19:4c:39:b8:
         f0:fd:4e:3f:99:6c:59:07:82:2d:49:36:a6:87:3b:1f:b1:05:
         fb:11:3b:4d:c9:a6:bc:f8:41:58:02:8a:24:97:65:76:b0:73:
         7b:f6:1a:d5:7a:1a:ce:f0:77:04:5c:7f:9f:7d:87:e4:88:54:
         42:2d:bb:af:65:65:80:73:97:82:a0:66:d1:2f:4e:6c:41:e8:
         57:1e:d5:b8:ff:6f:e4:d0:80:a4:67:1c:41:4e:42:d3:c9:af:
         5d:4b:86:e6:ee:c6:4c:20:7e:d6:1e:0d:ad:98:95:8e:38:04:
         2d:45:95:37:b4:9c:a1:ce:8b:1a:60:dd:b6:ec:d2:ca:da:3c:
         0e:ce:71:49
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDDXbhMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGE4
ODNjOTEwZjg3OTYwM2I5NjdjMDYzNmM2ZjNlOTEyNWIzNjUxYjUwHhcNMjEwMzI0
MTQzODA3WhcNMjYwMzI0MTQzODA3WjAzMTEwLwYDVQQDEyg0Y2JiMjBlNTUwYWJk
N2MzNTI0ZDY3NWVjY2RhZTI4Yzk1N2ViZGM4MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAibbiwOYOG8DP4S6hS7zu0pYSsJEKEfDpLEkgBwrHcBw807l5
0RoLXCltuL6BY/xhbVhmQk/xCZwBBla8pWwLI2m8+jDLVlR0O/LQCifTGrCZIy2H
r30TBLMvYqzfSGxXCoIsXo15/FHk24vDPETkOe8qFXs/RVnFtCZv8fqa2HUVF5Am
uZjfDDtR9ePIHIbyQQ1HpEvhrGwGL/mbzKX7KYuVgy5O0PPgmgWfSi8uv20Dd/Kg
cFszto/erD98LzFxfWv0L1efI2HS72yqInb21qQruHPMJNmHfKPcrtrVZDO5piQe
V0XmVzafFL0F4pNE1iY/iXite9FINP64WKiXpQIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFN7GLLfXeB9iuNxWYw6CjGgeqH5nMB8GA1UdIwQYMBaAFEemfzhOUF0mYgc9
qzVW5u5G9i5xMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYTg4M2M5
MTBmODc5NjAzYjk2N2MwNjM2YzZmM2U5MTI1YjM2NTFiNS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMmFiZDZiMzQtODk1My00YzcyLWEwYTItN2VjYjlk
ZThhYWJhLzRjYmIyMGU1NTBhYmQ3YzM1MjRkNjc1ZWNjZGFlMjhjOTU3ZWJkYzgu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8yYWJkNmIzNC04OTUzLTRjNzItYTBhMi03ZWNi
OWRlOGFhYmEvYTg4M2M5MTBmODc5NjAzYjk2N2MwNjM2YzZmM2U5MTI1YjM2NTFi
NS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEA74EoDANBgkqhkiG9w0BAQsFAAOCAQEAcYjqPrwO3dtZIDPt
NNMGWVMCyH9Uxu5rr606ZbgFWza6tUkuU2lpopyVkKi+doUfW9VQPJ5YArEbTcUs
pEn8OhOdRmmTBwtQHHmcFO8QBwtxxaoqJ7ta8G920oaBzft/4ayd7wOP+p5Fn9e2
u3SDrcaFA9GAEWQhVXAZTDm48P1OP5lsWQeCLUk2poc7H7EF+xE7TcmmvPhBWAKK
JJdldrBze/Ya1XoazvB3BFx/n32H5IhUQi27r2VlgHOXgqBm0S9ObEHoVx7VuP9v
5NCApGccQU5C08mvXUuG5u7GTCB+1h4NrZiVjjgELUWVN7Scoc6LGmDdtuzSyto8
Ds5xSQ==
-----END CERTIFICATE-----
Generated at Fri Apr 12 13:15:03 2024 by rpki-client on console-fra.rpki-client.org