Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/683f52fbf0babb50a52ad35b2bc4587cf19c7ac1.roa
File:                     683f52fbf0babb50a52ad35b2bc4587cf19c7ac1.roa (raw, json)
Hash identifier:          eqYYDmeLtUum8y7IX1l9YfcUB7IYFtu4excW29hDy8g=
Subject key identifier:   30:82:9C:C7:4D:79:77:1C:B5:E4:A0:A7:DD:C8:8F:2B:96:9D:C8:97
Certificate issuer:       /CN=a883c910f879603b967c0636c6f3e9125b3651b5
Certificate serial:       27D640
Authority key identifier: 47:A6:7F:38:4E:50:5D:26:62:07:3D:AB:35:56:E6:EE:46:F6:2E:71
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/a883c910f879603b967c0636c6f3e9125b3651b5.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/683f52fbf0babb50a52ad35b2bc4587cf19c7ac1.roa
Signing time:             Fri 26 Jan 2024 19:18:32 +0000
ROA not before:           Fri 26 Jan 2024 19:18:32 +0000
ROA not after:            Mon 26 Jan 2026 19:18:32 +0000
asID:                     52233
IP address blocks:        190.88.131.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/a883c910f879603b967c0636c6f3e9125b3651b5.crl
                          rsync://repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/a883c910f879603b967c0636c6f3e9125b3651b5.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/a883c910f879603b967c0636c6f3e9125b3651b5.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 15 Apr 2024 06:03:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2610752 (0x27d640)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a883c910f879603b967c0636c6f3e9125b3651b5
        Validity
            Not Before: Jan 26 19:18:32 2024 GMT
            Not After : Jan 26 19:18:32 2026 GMT
        Subject: CN=683f52fbf0babb50a52ad35b2bc4587cf19c7ac1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:cb:96:8d:ca:6c:78:6a:f2:31:f7:49:e2:a5:
                    e6:22:a4:43:65:be:88:d0:36:57:23:51:3b:f2:17:
                    98:5a:d1:85:91:9e:2c:43:40:d6:f6:a7:d5:83:44:
                    f4:ba:39:26:8b:f0:75:63:b4:9c:e4:7c:36:1b:ff:
                    f3:1c:a3:51:5b:10:a9:23:7d:05:fb:d4:92:b1:3a:
                    aa:1b:7c:5a:7d:ff:bd:3e:2b:c1:e4:c5:cd:b9:1a:
                    fa:8f:25:82:dd:56:3a:8e:c3:d3:4e:30:c5:b5:91:
                    71:85:61:99:23:26:b0:84:87:2d:a0:bf:82:89:27:
                    e3:79:44:03:9b:cc:9b:1f:d4:9a:3b:f2:d6:b2:bb:
                    87:d6:a3:d7:ad:4b:b8:95:05:3a:e2:47:85:c0:ae:
                    14:46:af:1e:16:08:be:33:47:e8:7a:42:f1:18:b2:
                    9c:e2:73:90:7f:71:0b:1d:d8:8a:3c:97:0f:7f:0b:
                    34:b0:b0:42:03:65:20:42:64:f1:e1:c5:11:91:10:
                    04:4a:5a:49:80:55:99:50:35:05:f5:4d:39:56:17:
                    62:97:6f:de:0c:03:9f:f3:e3:57:af:08:3a:06:d2:
                    90:6c:81:3b:a6:fe:cb:45:7c:1a:66:40:af:fc:a6:
                    21:77:4d:82:4b:5e:22:be:b8:56:4c:6b:b0:24:3f:
                    aa:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                30:82:9C:C7:4D:79:77:1C:B5:E4:A0:A7:DD:C8:8F:2B:96:9D:C8:97
            X509v3 Authority Key Identifier:
                keyid:47:A6:7F:38:4E:50:5D:26:62:07:3D:AB:35:56:E6:EE:46:F6:2E:71

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/a883c910f879603b967c0636c6f3e9125b3651b5.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/683f52fbf0babb50a52ad35b2bc4587cf19c7ac1.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/a883c910f879603b967c0636c6f3e9125b3651b5.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.88.131.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1b:4a:e9:07:45:3a:bf:2a:26:46:b2:85:8e:03:61:50:7f:2e:
         cd:29:8e:7b:05:27:f6:dc:99:bd:ee:51:be:c7:32:3b:f2:67:
         64:19:7f:43:c7:79:05:c8:6a:25:04:7b:ef:60:a1:b5:2b:9f:
         6d:de:42:e5:84:85:61:0b:70:7f:7c:61:53:75:bc:99:d8:25:
         a9:85:f8:e8:fe:66:f3:09:f1:54:fc:5b:1f:ea:84:c0:84:2e:
         3f:30:ab:97:88:92:f5:82:18:06:cc:af:8f:0c:a6:b1:e8:b6:
         97:b7:4e:d7:93:1e:12:6b:c2:f5:42:f2:46:57:d7:d6:33:d1:
         63:19:71:03:df:43:8b:1f:99:de:a4:a2:92:b1:c5:50:68:43:
         13:e0:48:f2:ed:dc:3d:7e:7c:b2:c5:4e:d9:1d:35:9e:ed:43:
         ef:83:77:31:4f:6c:fc:b9:96:80:79:79:89:c8:75:59:c4:b2:
         cc:5a:f3:01:66:68:31:b4:c6:2d:95:83:1f:93:37:a3:f4:9f:
         47:8d:05:1a:1d:6a:72:61:97:3b:1d:91:f7:3e:cd:7e:3f:74:
         c4:60:62:df:78:d6:01:8f:f5:ed:31:89:9b:82:f2:aa:8d:1d:
         e0:de:88:a2:c4:3f:18:78:5a:f1:c1:fd:4d:a6:5e:e8:70:f6:
         cb:8c:ac:b5
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDJ9ZAMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGE4
ODNjOTEwZjg3OTYwM2I5NjdjMDYzNmM2ZjNlOTEyNWIzNjUxYjUwHhcNMjQwMTI2
MTkxODMyWhcNMjYwMTI2MTkxODMyWjAzMTEwLwYDVQQDEyg2ODNmNTJmYmYwYmFi
YjUwYTUyYWQzNWIyYmM0NTg3Y2YxOWM3YWMxMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEApcuWjcpseGryMfdJ4qXmIqRDZb6I0DZXI1E78heYWtGFkZ4s
Q0DW9qfVg0T0ujkmi/B1Y7Sc5Hw2G//zHKNRWxCpI30F+9SSsTqqG3xaff+9PivB
5MXNuRr6jyWC3VY6jsPTTjDFtZFxhWGZIyawhIctoL+CiSfjeUQDm8ybH9SaO/LW
sruH1qPXrUu4lQU64keFwK4URq8eFgi+M0foekLxGLKc4nOQf3ELHdiKPJcPfws0
sLBCA2UgQmTx4cURkRAESlpJgFWZUDUF9U05Vhdil2/eDAOf8+NXrwg6BtKQbIE7
pv7LRXwaZkCv/KYhd02CS14ivrhWTGuwJD+qCwIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFDCCnMdNeXccteSgp93IjyuWnciXMB8GA1UdIwQYMBaAFEemfzhOUF0mYgc9
qzVW5u5G9i5xMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYTg4M2M5
MTBmODc5NjAzYjk2N2MwNjM2YzZmM2U5MTI1YjM2NTFiNS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMmFiZDZiMzQtODk1My00YzcyLWEwYTItN2VjYjlk
ZThhYWJhLzY4M2Y1MmZiZjBiYWJiNTBhNTJhZDM1YjJiYzQ1ODdjZjE5YzdhYzEu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8yYWJkNmIzNC04OTUzLTRjNzItYTBhMi03ZWNi
OWRlOGFhYmEvYTg4M2M5MTBmODc5NjAzYjk2N2MwNjM2YzZmM2U5MTI1YjM2NTFi
NS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAL5YgzANBgkqhkiG9w0BAQsFAAOCAQEAG0rpB0U6vyomRrKF
jgNhUH8uzSmOewUn9tyZve5RvscyO/JnZBl/Q8d5BchqJQR772ChtSufbd5C5YSF
YQtwf3xhU3W8mdglqYX46P5m8wnxVPxbH+qEwIQuPzCrl4iS9YIYBsyvjwymsei2
l7dO15MeEmvC9ULyRlfX1jPRYxlxA99Dix+Z3qSikrHFUGhDE+BI8u3cPX58ssVO
2R01nu1D74N3MU9s/LmWgHl5ich1WcSyzFrzAWZoMbTGLZWDH5M3o/SfR40FGh1q
cmGXOx2R9z7Nfj90xGBi33jWAY/17TGJm4Lyqo0d4N6IosQ/GHha8cH9TaZe6HD2
y4ystQ==
-----END CERTIFICATE-----
Generated at Fri Apr 12 13:15:03 2024 by rpki-client on console-fra.rpki-client.org