Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/a0b7c5c3111a843e7f3007770ae58a8fb7549ace.roa
File:                     a0b7c5c3111a843e7f3007770ae58a8fb7549ace.roa (raw, json)
Hash identifier:          FR8B4MDAGRz3v+KjgwaVWSjYi6fVQ+xhRiIctTvVgB8=
Subject key identifier:   74:13:8B:E3:0B:1B:2B:86:94:C9:EB:47:0F:6B:0B:36:8C:51:51:98
Certificate issuer:       /CN=a883c910f879603b967c0636c6f3e9125b3651b5
Certificate serial:       1801A0
Authority key identifier: 47:A6:7F:38:4E:50:5D:26:62:07:3D:AB:35:56:E6:EE:46:F6:2E:71
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/a883c910f879603b967c0636c6f3e9125b3651b5.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/a0b7c5c3111a843e7f3007770ae58a8fb7549ace.roa
Signing time:             Fri 27 May 2022 00:29:42 +0000
ROA not before:           Thu 26 May 2022 03:00:00 +0000
ROA not after:            Tue 24 Mar 2026 03:00:00 +0000
asID:                     52233
IP address blocks:        190.88.58.0/23 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/a883c910f879603b967c0636c6f3e9125b3651b5.crl
                          rsync://repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/a883c910f879603b967c0636c6f3e9125b3651b5.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/a883c910f879603b967c0636c6f3e9125b3651b5.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 15 Apr 2024 13:34:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1573280 (0x1801a0)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a883c910f879603b967c0636c6f3e9125b3651b5
        Validity
            Not Before: May 26 03:00:00 2022 GMT
            Not After : Mar 24 03:00:00 2026 GMT
        Subject: CN=a0b7c5c3111a843e7f3007770ae58a8fb7549ace
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:f4:fb:6f:48:95:a9:91:32:d6:33:55:14:f7:
                    23:99:ea:da:8a:69:29:dc:f6:00:52:22:a9:31:b1:
                    1e:d2:1e:31:56:37:34:07:30:30:ea:2d:2f:51:81:
                    ee:65:8b:37:2d:41:2d:ca:c4:86:1a:ac:3a:6c:1b:
                    c7:1e:bf:a3:ee:48:ef:97:29:39:67:82:b4:00:73:
                    9c:34:b3:1d:5d:75:3c:54:37:d5:71:5c:da:ef:df:
                    42:47:54:14:cf:98:9a:be:57:2e:7b:9f:84:a1:55:
                    22:50:67:77:b9:4f:fc:65:3d:94:a0:ae:52:a1:d9:
                    b4:f8:31:a4:13:01:bf:97:b5:4f:ce:dc:64:d4:ff:
                    3b:a5:8e:4b:d1:31:dd:e4:e1:35:98:75:66:e1:57:
                    a6:63:13:4b:d8:d1:a2:27:95:22:39:17:de:30:42:
                    c2:51:1f:61:98:ff:1b:cb:53:dd:e5:e4:09:07:94:
                    a1:6c:99:46:82:0d:f2:09:7c:c9:c8:17:cd:80:c0:
                    7b:be:42:8f:7c:10:56:5c:9f:51:23:8b:2e:4a:9f:
                    30:45:e4:03:e9:5b:30:c0:e4:13:96:a1:b2:15:72:
                    20:cb:9f:e6:84:80:79:08:d5:2e:29:7e:9e:d4:9f:
                    f5:f4:2b:39:64:78:4a:c3:fa:f0:db:c3:1b:9f:3c:
                    1f:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                74:13:8B:E3:0B:1B:2B:86:94:C9:EB:47:0F:6B:0B:36:8C:51:51:98
            X509v3 Authority Key Identifier:
                keyid:47:A6:7F:38:4E:50:5D:26:62:07:3D:AB:35:56:E6:EE:46:F6:2E:71

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/a883c910f879603b967c0636c6f3e9125b3651b5.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/a0b7c5c3111a843e7f3007770ae58a8fb7549ace.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/a883c910f879603b967c0636c6f3e9125b3651b5.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.88.58.0/23

    Signature Algorithm: sha256WithRSAEncryption
         9d:6b:1b:f2:78:ef:90:03:ea:1a:9e:d7:40:bf:e7:98:50:d1:
         1e:eb:be:61:0d:a0:e4:c6:44:ce:3c:17:4b:d9:d5:29:73:5e:
         4d:6e:c1:47:93:ec:01:5d:d3:1e:1b:82:4f:67:87:ae:ae:fc:
         92:00:90:54:75:61:46:b4:8e:43:b1:19:27:f3:d9:f5:5a:8b:
         3a:77:9d:9a:2c:28:70:6f:e4:ea:28:b0:b8:16:36:5b:0c:e6:
         0e:95:70:6a:8e:29:9f:32:2b:89:37:fe:14:6e:4e:f7:67:dc:
         90:6e:16:84:3b:4c:bd:45:17:56:ed:a5:ea:6d:01:dd:18:af:
         73:73:8d:ce:16:c8:04:0d:a9:f8:3e:dd:da:23:04:5a:1a:0c:
         f6:fb:e2:a9:86:ff:48:0c:6a:69:58:97:86:bf:44:1d:96:21:
         d6:44:34:c9:33:8e:91:db:ba:44:14:10:57:7e:48:b9:3b:78:
         ec:7e:a8:75:4f:03:90:0c:7e:28:4b:d7:10:bd:98:bf:fd:b4:
         b7:b3:06:98:3d:16:e9:33:b3:5b:57:c7:00:e0:46:5a:93:4f:
         66:61:27:6e:91:6f:97:1b:f8:01:e0:47:c6:8a:bb:42:8a:43:
         fd:25:ef:f9:65:e3:6e:e9:df:f0:48:b4:ac:6b:10:e9:e5:fb:
         56:3f:ed:d2
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDGAGgMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGE4
ODNjOTEwZjg3OTYwM2I5NjdjMDYzNmM2ZjNlOTEyNWIzNjUxYjUwHhcNMjIwNTI2
MDMwMDAwWhcNMjYwMzI0MDMwMDAwWjAzMTEwLwYDVQQDEyhhMGI3YzVjMzExMWE4
NDNlN2YzMDA3NzcwYWU1OGE4ZmI3NTQ5YWNlMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAr/T7b0iVqZEy1jNVFPcjmeraimkp3PYAUiKpMbEe0h4xVjc0
BzAw6i0vUYHuZYs3LUEtysSGGqw6bBvHHr+j7kjvlyk5Z4K0AHOcNLMdXXU8VDfV
cVza799CR1QUz5iavlcue5+EoVUiUGd3uU/8ZT2UoK5Sodm0+DGkEwG/l7VPztxk
1P87pY5L0THd5OE1mHVm4VemYxNL2NGiJ5UiORfeMELCUR9hmP8by1Pd5eQJB5Sh
bJlGgg3yCXzJyBfNgMB7vkKPfBBWXJ9RI4suSp8wReQD6VswwOQTlqGyFXIgy5/m
hIB5CNUuKX6e1J/19Cs5ZHhKw/rw28MbnzwfkQIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFHQTi+MLGyuGlMnrRw9rCzaMUVGYMB8GA1UdIwQYMBaAFEemfzhOUF0mYgc9
qzVW5u5G9i5xMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYTg4M2M5
MTBmODc5NjAzYjk2N2MwNjM2YzZmM2U5MTI1YjM2NTFiNS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMmFiZDZiMzQtODk1My00YzcyLWEwYTItN2VjYjlk
ZThhYWJhL2EwYjdjNWMzMTExYTg0M2U3ZjMwMDc3NzBhZTU4YThmYjc1NDlhY2Uu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8yYWJkNmIzNC04OTUzLTRjNzItYTBhMi03ZWNi
OWRlOGFhYmEvYTg4M2M5MTBmODc5NjAzYjk2N2MwNjM2YzZmM2U5MTI1YjM2NTFi
NS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAb5YOjANBgkqhkiG9w0BAQsFAAOCAQEAnWsb8njvkAPqGp7X
QL/nmFDRHuu+YQ2g5MZEzjwXS9nVKXNeTW7BR5PsAV3THhuCT2eHrq78kgCQVHVh
RrSOQ7EZJ/PZ9VqLOnedmiwocG/k6iiwuBY2WwzmDpVwao4pnzIriTf+FG5O92fc
kG4WhDtMvUUXVu2l6m0B3Rivc3ONzhbIBA2p+D7d2iMEWhoM9vviqYb/SAxqaViX
hr9EHZYh1kQ0yTOOkdu6RBQQV35IuTt47H6odU8DkAx+KEvXEL2Yv/20t7MGmD0W
6TOzW1fHAOBGWpNPZmEnbpFvlxv4AeBHxoq7QopD/SXv+WXjbunf8Ei0rGsQ6eX7
Vj/t0g==
-----END CERTIFICATE-----
Generated at Fri Apr 12 15:32:11 2024 by rpki-client on console-ams.rpki-client.org