Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/a0d00b087068ec5426925a3ca6d7a92e9e351f93.roa
File:                     a0d00b087068ec5426925a3ca6d7a92e9e351f93.roa (raw, json)
Hash identifier:          TZYTdF8H/XTP1sVhPfsj5aIPOvLkrRIBxAeBCEtNpeI=
Subject key identifier:   23:AA:75:EB:31:A2:C1:2F:83:7B:3F:82:D7:38:2D:3C:64:74:F5:A7
Certificate issuer:       /CN=a883c910f879603b967c0636c6f3e9125b3651b5
Certificate serial:       0DFE68
Authority key identifier: 47:A6:7F:38:4E:50:5D:26:62:07:3D:AB:35:56:E6:EE:46:F6:2E:71
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/a883c910f879603b967c0636c6f3e9125b3651b5.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/a0d00b087068ec5426925a3ca6d7a92e9e351f93.roa
Signing time:             Fri 16 Apr 2021 14:55:01 +0000
ROA not before:           Fri 16 Apr 2021 03:00:00 +0000
ROA not after:            Thu 16 Apr 2026 03:00:00 +0000
asID:                     52233
IP address blocks:        190.88.16.0/20 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/a883c910f879603b967c0636c6f3e9125b3651b5.crl
                          rsync://repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/a883c910f879603b967c0636c6f3e9125b3651b5.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/a883c910f879603b967c0636c6f3e9125b3651b5.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 15 Apr 2024 06:03:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 917096 (0xdfe68)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a883c910f879603b967c0636c6f3e9125b3651b5
        Validity
            Not Before: Apr 16 03:00:00 2021 GMT
            Not After : Apr 16 03:00:00 2026 GMT
        Subject: CN=a0d00b087068ec5426925a3ca6d7a92e9e351f93
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:b2:7b:c4:6c:d0:9b:00:b0:73:54:2f:8a:16:
                    3c:21:33:09:36:cb:b4:fe:c1:fa:f1:6e:f1:db:78:
                    5c:00:1a:37:8e:73:d7:74:8e:4f:4a:85:9d:83:ea:
                    20:a2:ac:f5:56:ee:9e:fb:5d:01:78:77:01:3e:2b:
                    38:5c:46:1c:7d:5a:73:2b:3e:e0:7f:8e:59:09:d2:
                    b7:4f:d7:54:93:2e:5e:4f:55:f1:f2:42:a4:09:48:
                    34:ee:4d:13:87:f0:dc:cc:b6:8f:57:14:f9:87:83:
                    3d:d7:87:d3:1d:84:99:e0:3f:ca:4c:d9:3e:4b:61:
                    c7:c9:9b:dd:9b:52:7e:cb:9b:53:96:99:f2:99:42:
                    49:43:24:a4:ae:d5:49:73:ff:3c:bc:90:b6:eb:0e:
                    0d:78:e3:32:2f:ec:56:66:5b:f8:ef:76:49:96:1e:
                    71:f5:20:23:17:14:70:a7:08:45:d0:47:5f:04:04:
                    a0:61:f9:7b:5f:c0:c6:bd:eb:a6:36:df:8a:b0:04:
                    54:dc:1a:6e:37:36:7d:b6:d1:30:cd:36:37:25:cd:
                    48:da:4e:ad:49:3f:43:85:c6:2f:80:ab:14:6c:1a:
                    c7:15:e2:3b:93:96:dd:c5:c6:4d:bc:ae:b7:40:6f:
                    46:68:88:02:56:28:e5:50:3d:30:95:fd:99:9c:1c:
                    7e:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                23:AA:75:EB:31:A2:C1:2F:83:7B:3F:82:D7:38:2D:3C:64:74:F5:A7
            X509v3 Authority Key Identifier:
                keyid:47:A6:7F:38:4E:50:5D:26:62:07:3D:AB:35:56:E6:EE:46:F6:2E:71

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/a883c910f879603b967c0636c6f3e9125b3651b5.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/a0d00b087068ec5426925a3ca6d7a92e9e351f93.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/a883c910f879603b967c0636c6f3e9125b3651b5.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.88.16.0/20

    Signature Algorithm: sha256WithRSAEncryption
         a3:f7:4a:a8:e5:da:9e:7f:6e:0f:77:96:82:3f:67:f9:db:b4:
         3b:00:71:af:b1:43:71:b9:b2:24:ca:2a:36:38:ae:48:5a:77:
         f8:60:35:3c:6e:9f:3b:47:51:8e:2c:23:4c:53:44:be:82:63:
         42:f2:aa:58:c9:70:6c:60:5d:aa:36:e2:1c:27:09:28:75:d1:
         0f:27:13:d6:2b:cb:d0:9a:05:36:c4:2e:59:fb:76:c1:d1:c6:
         15:b0:6b:20:dd:9a:8d:49:cc:eb:3d:76:d9:a3:b9:3b:bb:2c:
         a8:79:42:3e:67:33:2b:b8:67:73:30:79:26:ce:8e:ec:3f:95:
         15:f2:43:f0:77:79:5d:54:c0:cc:f2:11:4d:1a:00:15:74:b6:
         ec:2f:2f:10:e5:cf:d7:f6:42:6b:9d:9d:71:a0:cc:c8:46:50:
         0e:3e:c9:19:33:ab:48:7e:01:14:da:66:b5:e3:c5:63:91:43:
         9f:a7:a3:0f:b4:9d:3b:d1:68:b4:77:13:09:75:b9:b5:ec:79:
         82:ed:5a:b0:80:95:a3:7a:d0:70:ad:3b:f9:bd:81:11:b5:ab:
         c9:16:a3:7f:37:16:c3:ce:90:96:cd:68:93:21:58:fc:e0:77:
         e8:7e:ad:32:34:86:35:d3:3d:d8:ae:25:af:2a:f0:36:fd:a9:
         4b:66:77:99
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDDf5oMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGE4
ODNjOTEwZjg3OTYwM2I5NjdjMDYzNmM2ZjNlOTEyNWIzNjUxYjUwHhcNMjEwNDE2
MDMwMDAwWhcNMjYwNDE2MDMwMDAwWjAzMTEwLwYDVQQDEyhhMGQwMGIwODcwNjhl
YzU0MjY5MjVhM2NhNmQ3YTkyZTllMzUxZjkzMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAjbJ7xGzQmwCwc1QvihY8ITMJNsu0/sH68W7x23hcABo3jnPX
dI5PSoWdg+ogoqz1Vu6e+10BeHcBPis4XEYcfVpzKz7gf45ZCdK3T9dUky5eT1Xx
8kKkCUg07k0Th/DczLaPVxT5h4M914fTHYSZ4D/KTNk+S2HHyZvdm1J+y5tTlpny
mUJJQySkrtVJc/88vJC26w4NeOMyL+xWZlv473ZJlh5x9SAjFxRwpwhF0EdfBASg
Yfl7X8DGveumNt+KsARU3BpuNzZ9ttEwzTY3Jc1I2k6tST9DhcYvgKsUbBrHFeI7
k5bdxcZNvK63QG9GaIgCVijlUD0wlf2ZnBx+LQIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFCOqdesxosEvg3s/gtc4LTxkdPWnMB8GA1UdIwQYMBaAFEemfzhOUF0mYgc9
qzVW5u5G9i5xMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYTg4M2M5
MTBmODc5NjAzYjk2N2MwNjM2YzZmM2U5MTI1YjM2NTFiNS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMmFiZDZiMzQtODk1My00YzcyLWEwYTItN2VjYjlk
ZThhYWJhL2EwZDAwYjA4NzA2OGVjNTQyNjkyNWEzY2E2ZDdhOTJlOWUzNTFmOTMu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8yYWJkNmIzNC04OTUzLTRjNzItYTBhMi03ZWNi
OWRlOGFhYmEvYTg4M2M5MTBmODc5NjAzYjk2N2MwNjM2YzZmM2U5MTI1YjM2NTFi
NS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEBL5YEDANBgkqhkiG9w0BAQsFAAOCAQEAo/dKqOXann9uD3eW
gj9n+du0OwBxr7FDcbmyJMoqNjiuSFp3+GA1PG6fO0dRjiwjTFNEvoJjQvKqWMlw
bGBdqjbiHCcJKHXRDycT1ivL0JoFNsQuWft2wdHGFbBrIN2ajUnM6z122aO5O7ss
qHlCPmczK7hnczB5Js6O7D+VFfJD8Hd5XVTAzPIRTRoAFXS27C8vEOXP1/ZCa52d
caDMyEZQDj7JGTOrSH4BFNpmtePFY5FDn6ejD7SdO9FotHcTCXW5tex5gu1asICV
o3rQcK07+b2BEbWryRajfzcWw86Qls1okyFY/OB36H6tMjSGNdM92K4lryrwNv2p
S2Z3mQ==
-----END CERTIFICATE-----
Generated at Fri Apr 12 13:15:04 2024 by rpki-client on console-fra.rpki-client.org