Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/97ee95b52614dbd4165ab0c73d3e5ae3e6a5a7c9.roa
File:                     97ee95b52614dbd4165ab0c73d3e5ae3e6a5a7c9.roa (raw, json)
Hash identifier:          IPLa6lQFMCYjnWDDg/QP4M6afWEpFZ/MaH6qGMdl/dI=
Subject key identifier:   80:6F:95:78:0E:9B:FA:B2:0F:D3:B9:BC:11:CA:8B:26:97:7E:C3:0C
Certificate issuer:       /CN=a883c910f879603b967c0636c6f3e9125b3651b5
Certificate serial:       17FA01
Authority key identifier: 47:A6:7F:38:4E:50:5D:26:62:07:3D:AB:35:56:E6:EE:46:F6:2E:71
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/a883c910f879603b967c0636c6f3e9125b3651b5.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/97ee95b52614dbd4165ab0c73d3e5ae3e6a5a7c9.roa
Signing time:             Fri 27 May 2022 00:27:28 +0000
ROA not before:           Thu 26 May 2022 03:00:00 +0000
ROA not after:            Tue 24 Mar 2026 03:00:00 +0000
asID:                     52233
IP address blocks:        190.4.172.0/23 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/a883c910f879603b967c0636c6f3e9125b3651b5.crl
                          rsync://repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/a883c910f879603b967c0636c6f3e9125b3651b5.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/a883c910f879603b967c0636c6f3e9125b3651b5.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 14 Apr 2024 19:18:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1571329 (0x17fa01)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a883c910f879603b967c0636c6f3e9125b3651b5
        Validity
            Not Before: May 26 03:00:00 2022 GMT
            Not After : Mar 24 03:00:00 2026 GMT
        Subject: CN=97ee95b52614dbd4165ab0c73d3e5ae3e6a5a7c9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:25:2e:f1:ac:7b:7b:1b:31:36:9c:ce:b7:8a:
                    86:71:92:84:81:d8:21:6e:1b:db:92:f6:c0:ce:ec:
                    5f:1f:ae:97:06:1f:02:c7:75:2f:ff:0d:d1:c6:f1:
                    a0:72:bc:a9:70:fc:26:99:57:52:1d:2f:b7:4a:41:
                    35:5c:78:ac:6b:e8:a3:35:e2:b4:92:17:81:50:3d:
                    cb:43:42:21:4e:89:ea:d6:fb:28:12:dc:58:7c:f6:
                    83:86:cd:27:0f:e2:b5:f5:05:7c:43:2b:7a:6b:15:
                    8f:66:bd:29:ec:ec:b2:fd:62:c5:24:38:ba:87:71:
                    b7:f4:5c:0b:1d:cf:82:2f:08:f2:07:aa:d8:56:47:
                    57:f3:84:98:6a:ea:ab:00:2f:a9:29:a1:e8:8b:5a:
                    f2:80:7a:d2:1f:6c:e4:08:35:b5:b9:ed:dd:cf:e5:
                    38:8b:e7:e6:15:ac:fb:f4:f3:96:c0:0b:20:79:0c:
                    4a:f7:ee:a5:0c:c6:31:c2:c5:62:8f:73:84:bf:53:
                    06:44:de:4b:81:5b:28:82:20:85:d5:b2:7e:c1:e1:
                    be:e3:98:94:76:43:ba:0e:83:65:64:fa:eb:81:3d:
                    d2:48:53:32:1a:53:3e:f8:68:f2:69:1a:db:54:8b:
                    62:af:43:3d:20:87:8f:d4:f4:15:3a:16:63:0e:91:
                    58:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                80:6F:95:78:0E:9B:FA:B2:0F:D3:B9:BC:11:CA:8B:26:97:7E:C3:0C
            X509v3 Authority Key Identifier:
                keyid:47:A6:7F:38:4E:50:5D:26:62:07:3D:AB:35:56:E6:EE:46:F6:2E:71

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/a883c910f879603b967c0636c6f3e9125b3651b5.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/97ee95b52614dbd4165ab0c73d3e5ae3e6a5a7c9.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/a883c910f879603b967c0636c6f3e9125b3651b5.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.4.172.0/23

    Signature Algorithm: sha256WithRSAEncryption
         09:3d:e3:53:17:7e:02:70:3c:5d:83:c6:06:9f:4e:c0:89:94:
         d0:fa:54:b7:3b:22:c3:5a:69:3b:8e:87:98:bb:e6:93:bd:be:
         3a:61:83:af:13:e8:8c:fd:bb:36:0c:d4:97:fc:eb:2e:c7:be:
         b4:50:07:cc:62:da:c6:aa:34:b3:10:68:d8:98:53:60:b0:4d:
         02:ce:9d:a1:f8:e6:98:f2:fc:47:c1:47:3c:70:c0:6a:ac:12:
         a0:20:0f:62:eb:cc:8b:00:67:8d:59:94:85:c8:1c:3d:99:a6:
         8d:22:cd:54:b7:70:d0:75:ec:dc:7b:6e:20:c4:2a:a1:fb:63:
         fe:6a:6a:05:3c:0d:32:de:06:1a:db:85:3d:07:6f:cf:b3:d0:
         4a:25:63:3d:d4:69:3f:2c:41:eb:36:de:d1:39:40:17:b1:df:
         7e:39:4e:b1:12:d4:4b:8c:71:7b:bb:2b:21:64:73:fc:2f:53:
         dc:2c:82:c3:07:f2:71:10:5d:86:4c:67:31:14:23:bc:2c:66:
         74:c0:8c:f5:bf:1a:c9:74:c1:55:43:05:c7:8e:74:7f:1a:d3:
         3a:1c:b4:a6:dc:94:61:15:33:c1:14:80:2c:f6:a6:27:89:4c:
         89:36:23:ef:e6:b2:8b:50:d7:32:ba:91:46:56:cb:39:0b:49:
         59:8b:09:ef
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDF/oBMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGE4
ODNjOTEwZjg3OTYwM2I5NjdjMDYzNmM2ZjNlOTEyNWIzNjUxYjUwHhcNMjIwNTI2
MDMwMDAwWhcNMjYwMzI0MDMwMDAwWjAzMTEwLwYDVQQDEyg5N2VlOTViNTI2MTRk
YmQ0MTY1YWIwYzczZDNlNWFlM2U2YTVhN2M5MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAiyUu8ax7exsxNpzOt4qGcZKEgdghbhvbkvbAzuxfH66XBh8C
x3Uv/w3RxvGgcrypcPwmmVdSHS+3SkE1XHisa+ijNeK0kheBUD3LQ0IhTonq1vso
EtxYfPaDhs0nD+K19QV8Qyt6axWPZr0p7Oyy/WLFJDi6h3G39FwLHc+CLwjyB6rY
VkdX84SYauqrAC+pKaHoi1rygHrSH2zkCDW1ue3dz+U4i+fmFaz79POWwAsgeQxK
9+6lDMYxwsVij3OEv1MGRN5LgVsogiCF1bJ+weG+45iUdkO6DoNlZPrrgT3SSFMy
GlM++GjyaRrbVItir0M9IIeP1PQVOhZjDpFYyQIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFIBvlXgOm/qyD9O5vBHKiyaXfsMMMB8GA1UdIwQYMBaAFEemfzhOUF0mYgc9
qzVW5u5G9i5xMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYTg4M2M5
MTBmODc5NjAzYjk2N2MwNjM2YzZmM2U5MTI1YjM2NTFiNS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMmFiZDZiMzQtODk1My00YzcyLWEwYTItN2VjYjlk
ZThhYWJhLzk3ZWU5NWI1MjYxNGRiZDQxNjVhYjBjNzNkM2U1YWUzZTZhNWE3Yzku
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8yYWJkNmIzNC04OTUzLTRjNzItYTBhMi03ZWNi
OWRlOGFhYmEvYTg4M2M5MTBmODc5NjAzYjk2N2MwNjM2YzZmM2U5MTI1YjM2NTFi
NS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAb4ErDANBgkqhkiG9w0BAQsFAAOCAQEACT3jUxd+AnA8XYPG
Bp9OwImU0PpUtzsiw1ppO46HmLvmk72+OmGDrxPojP27NgzUl/zrLse+tFAHzGLa
xqo0sxBo2JhTYLBNAs6dofjmmPL8R8FHPHDAaqwSoCAPYuvMiwBnjVmUhcgcPZmm
jSLNVLdw0HXs3HtuIMQqoftj/mpqBTwNMt4GGtuFPQdvz7PQSiVjPdRpPyxB6zbe
0TlAF7HffjlOsRLUS4xxe7srIWRz/C9T3CyCwwfycRBdhkxnMRQjvCxmdMCM9b8a
yXTBVUMFx450fxrTOhy0ptyUYRUzwRSALPamJ4lMiTYj7+ayi1DXMrqRRlbLOQtJ
WYsJ7w==
-----END CERTIFICATE-----
Generated at Fri Apr 12 03:03:44 2024 by rpki-client on console-ams.rpki-client.org