Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/5c92645ba9b836a1fe6fdf7f8ae81fe2b5b92297.roa
File:                     5c92645ba9b836a1fe6fdf7f8ae81fe2b5b92297.roa (raw, json)
Hash identifier:          6vRTE2An/o4jbn1LRFRQeHPBHkYWNIxxz/pJNuacL1g=
Subject key identifier:   0B:62:88:77:15:0B:2E:B3:75:D1:77:FC:20:C4:6F:EF:74:31:1C:F1
Certificate issuer:       /CN=a883c910f879603b967c0636c6f3e9125b3651b5
Certificate serial:       0D6C09
Authority key identifier: 47:A6:7F:38:4E:50:5D:26:62:07:3D:AB:35:56:E6:EE:46:F6:2E:71
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/a883c910f879603b967c0636c6f3e9125b3651b5.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/5c92645ba9b836a1fe6fdf7f8ae81fe2b5b92297.roa
Signing time:             Wed 24 Mar 2021 14:38:08 +0000
ROA not before:           Wed 24 Mar 2021 14:38:07 +0000
ROA not after:            Tue 24 Mar 2026 14:38:07 +0000
asID:                     52233
IP address blocks:        190.88.0.0/20 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/a883c910f879603b967c0636c6f3e9125b3651b5.crl
                          rsync://repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/a883c910f879603b967c0636c6f3e9125b3651b5.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/a883c910f879603b967c0636c6f3e9125b3651b5.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 15 Apr 2024 06:03:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 879625 (0xd6c09)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a883c910f879603b967c0636c6f3e9125b3651b5
        Validity
            Not Before: Mar 24 14:38:07 2021 GMT
            Not After : Mar 24 14:38:07 2026 GMT
        Subject: CN=5c92645ba9b836a1fe6fdf7f8ae81fe2b5b92297
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:9a:eb:f5:fa:9f:e0:5c:3d:10:00:8b:ba:ba:
                    cd:8c:27:a9:25:87:e8:dc:10:94:88:70:f3:a7:35:
                    cf:0e:14:35:6f:52:72:8d:5c:99:ca:0f:7b:52:e4:
                    32:2c:68:e6:eb:b6:4b:e0:ae:ab:1c:4b:84:30:91:
                    4e:04:89:64:12:6e:9a:c9:bf:33:63:4b:d0:0f:24:
                    fa:b1:ae:8c:61:c3:21:a1:36:11:c0:1b:bf:60:86:
                    72:94:f8:2f:4a:ae:86:81:8d:45:91:32:ff:71:60:
                    0e:29:0c:ed:e9:ef:6f:0a:21:83:17:c6:e7:a3:d3:
                    9e:ed:60:07:94:63:b9:7d:92:43:91:a2:25:6f:74:
                    00:0c:60:d5:0d:78:df:9d:f9:f5:79:0f:ee:74:ef:
                    78:8e:3d:8b:e9:3e:04:39:5a:56:42:0f:c9:86:d1:
                    7e:91:ad:8a:5f:74:95:8b:a7:40:9f:05:f9:8b:31:
                    02:b4:23:32:1b:b3:a9:02:45:5d:71:ad:0c:9f:4b:
                    17:86:b5:e1:6b:b1:b1:08:b2:a7:ce:d0:07:0c:26:
                    e4:b6:e2:96:3a:94:b3:6a:72:0f:e3:5f:bc:02:8e:
                    29:0b:f1:73:20:d6:b5:f5:0b:ad:f3:5f:0c:d5:06:
                    ee:c0:ac:fa:b9:61:4f:9d:a8:59:b1:1d:79:8c:15:
                    76:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0B:62:88:77:15:0B:2E:B3:75:D1:77:FC:20:C4:6F:EF:74:31:1C:F1
            X509v3 Authority Key Identifier:
                keyid:47:A6:7F:38:4E:50:5D:26:62:07:3D:AB:35:56:E6:EE:46:F6:2E:71

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/a883c910f879603b967c0636c6f3e9125b3651b5.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/5c92645ba9b836a1fe6fdf7f8ae81fe2b5b92297.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/a883c910f879603b967c0636c6f3e9125b3651b5.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.88.0.0/20

    Signature Algorithm: sha256WithRSAEncryption
         25:b5:4d:1a:4f:ca:47:ba:18:48:1d:11:83:55:88:ad:72:fd:
         70:b4:e3:db:30:25:2c:39:a9:29:bc:8c:a9:e7:f8:ff:56:54:
         4d:f3:7a:76:47:a3:37:17:51:3f:ce:d4:bc:17:22:f9:3f:98:
         fc:be:a5:26:c9:c0:81:1d:f8:00:a7:c0:77:34:c8:13:b3:d8:
         63:82:ae:0b:8c:2c:fe:11:a6:34:05:e2:00:8c:46:19:64:64:
         20:76:8d:9c:b4:88:d2:c3:88:45:e2:4f:c6:66:00:6e:9e:84:
         7d:2d:43:1d:ce:66:40:69:90:bb:aa:59:b6:1d:52:2f:0e:cc:
         bf:94:cc:cd:ca:30:62:55:26:6e:ff:18:66:16:2f:06:b7:6b:
         f0:c9:f5:12:57:19:44:31:ab:b8:e2:3f:26:19:e6:c2:88:71:
         71:1f:2a:95:c7:3f:d0:96:7c:36:14:49:a5:0a:0b:12:4d:3a:
         0c:64:6c:c5:41:38:d2:a3:bd:e9:36:32:5f:a3:33:f0:21:13:
         67:1e:3f:71:66:9d:8b:c7:16:f0:90:a1:be:83:02:20:31:ea:
         2d:87:53:07:8a:21:93:ad:70:00:1f:17:2f:13:0e:7c:14:73:
         b4:ad:13:4e:57:47:54:5b:cf:b9:c6:9a:e7:df:1d:5c:70:0a:
         ea:b9:07:9e
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDDWwJMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGE4
ODNjOTEwZjg3OTYwM2I5NjdjMDYzNmM2ZjNlOTEyNWIzNjUxYjUwHhcNMjEwMzI0
MTQzODA3WhcNMjYwMzI0MTQzODA3WjAzMTEwLwYDVQQDEyg1YzkyNjQ1YmE5Yjgz
NmExZmU2ZmRmN2Y4YWU4MWZlMmI1YjkyMjk3MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA1Zrr9fqf4Fw9EACLurrNjCepJYfo3BCUiHDzpzXPDhQ1b1Jy
jVyZyg97UuQyLGjm67ZL4K6rHEuEMJFOBIlkEm6ayb8zY0vQDyT6sa6MYcMhoTYR
wBu/YIZylPgvSq6GgY1FkTL/cWAOKQzt6e9vCiGDF8bno9Oe7WAHlGO5fZJDkaIl
b3QADGDVDXjfnfn1eQ/udO94jj2L6T4EOVpWQg/JhtF+ka2KX3SVi6dAnwX5izEC
tCMyG7OpAkVdca0Mn0sXhrXha7GxCLKnztAHDCbktuKWOpSzanIP41+8Ao4pC/Fz
INa19Qut818M1QbuwKz6uWFPnahZsR15jBV2AwIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFAtiiHcVCy6zddF3/CDEb+90MRzxMB8GA1UdIwQYMBaAFEemfzhOUF0mYgc9
qzVW5u5G9i5xMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYTg4M2M5
MTBmODc5NjAzYjk2N2MwNjM2YzZmM2U5MTI1YjM2NTFiNS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMmFiZDZiMzQtODk1My00YzcyLWEwYTItN2VjYjlk
ZThhYWJhLzVjOTI2NDViYTliODM2YTFmZTZmZGY3ZjhhZTgxZmUyYjViOTIyOTcu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8yYWJkNmIzNC04OTUzLTRjNzItYTBhMi03ZWNi
OWRlOGFhYmEvYTg4M2M5MTBmODc5NjAzYjk2N2MwNjM2YzZmM2U5MTI1YjM2NTFi
NS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEBL5YADANBgkqhkiG9w0BAQsFAAOCAQEAJbVNGk/KR7oYSB0R
g1WIrXL9cLTj2zAlLDmpKbyMqef4/1ZUTfN6dkejNxdRP87UvBci+T+Y/L6lJsnA
gR34AKfAdzTIE7PYY4KuC4ws/hGmNAXiAIxGGWRkIHaNnLSI0sOIReJPxmYAbp6E
fS1DHc5mQGmQu6pZth1SLw7Mv5TMzcowYlUmbv8YZhYvBrdr8Mn1ElcZRDGruOI/
JhnmwohxcR8qlcc/0JZ8NhRJpQoLEk06DGRsxUE40qO96TYyX6Mz8CETZx4/cWad
i8cW8JChvoMCIDHqLYdTB4ohk61wAB8XLxMOfBRztK0TTldHVFvPucaa598dXHAK
6rkHng==
-----END CERTIFICATE-----
Generated at Fri Apr 12 13:15:03 2024 by rpki-client on console-fra.rpki-client.org