Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/af34393d60cfb41eac3c2940adf97a6a7f772a74.roa
File:                     af34393d60cfb41eac3c2940adf97a6a7f772a74.roa (raw, json)
Hash identifier:          SkyvuOoGZ/M7lVXFIT7JacZ8J+0CGEO1P19kpeua+zk=
Subject key identifier:   A0:7F:4D:A0:3F:F9:E7:64:56:EF:81:55:0C:F4:81:E3:E9:35:9C:5C
Certificate issuer:       /CN=a883c910f879603b967c0636c6f3e9125b3651b5
Certificate serial:       27D227
Authority key identifier: 47:A6:7F:38:4E:50:5D:26:62:07:3D:AB:35:56:E6:EE:46:F6:2E:71
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/a883c910f879603b967c0636c6f3e9125b3651b5.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/af34393d60cfb41eac3c2940adf97a6a7f772a74.roa
Signing time:             Fri 26 Jan 2024 19:17:48 +0000
ROA not before:           Fri 26 Jan 2024 19:17:48 +0000
ROA not after:            Mon 26 Jan 2026 19:17:48 +0000
asID:                     52233
IP address blocks:        190.88.130.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/a883c910f879603b967c0636c6f3e9125b3651b5.crl
                          rsync://repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/a883c910f879603b967c0636c6f3e9125b3651b5.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/a883c910f879603b967c0636c6f3e9125b3651b5.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 15 Apr 2024 13:34:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2609703 (0x27d227)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a883c910f879603b967c0636c6f3e9125b3651b5
        Validity
            Not Before: Jan 26 19:17:48 2024 GMT
            Not After : Jan 26 19:17:48 2026 GMT
        Subject: CN=af34393d60cfb41eac3c2940adf97a6a7f772a74
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:13:e5:69:5a:89:b3:25:db:4e:83:99:a3:bf:
                    2d:24:d6:5a:68:6b:dd:b6:b6:9b:ad:37:00:f8:d9:
                    05:c5:5d:90:c4:5f:ed:74:eb:d2:a2:b0:39:74:f8:
                    b3:ca:d0:3e:85:01:ff:35:b0:d0:02:08:ac:8f:d2:
                    79:06:06:2f:7d:76:11:59:d6:e9:45:e3:f2:94:29:
                    c4:53:11:f8:c1:59:53:ae:88:ac:02:aa:23:be:27:
                    c1:0a:58:a5:17:1f:09:fb:c4:d4:ca:1f:c3:81:8f:
                    81:a3:ae:75:cf:a5:25:ff:9d:c8:9a:71:d2:6c:5d:
                    89:b0:60:0f:f6:79:45:44:58:4a:42:84:04:be:3f:
                    22:51:9f:8e:49:8b:f7:d4:42:9b:70:b2:14:0e:db:
                    5f:50:8a:76:c3:f4:b4:40:03:3d:a6:83:41:48:2a:
                    0f:c8:29:de:42:42:53:fa:4f:1d:60:35:42:12:8e:
                    f0:49:b0:ca:27:11:d6:b7:1e:52:a0:9f:b4:ce:bc:
                    fe:fa:26:40:09:6c:85:d3:41:71:35:9c:a7:5f:38:
                    0e:9c:03:52:05:82:a6:e7:f0:d8:c6:6f:20:11:75:
                    e0:d4:c8:ed:5d:33:4e:40:f1:32:cd:81:33:94:94:
                    8c:75:7d:e7:d0:f7:4f:94:42:68:61:8a:ea:17:ff:
                    d9:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A0:7F:4D:A0:3F:F9:E7:64:56:EF:81:55:0C:F4:81:E3:E9:35:9C:5C
            X509v3 Authority Key Identifier:
                keyid:47:A6:7F:38:4E:50:5D:26:62:07:3D:AB:35:56:E6:EE:46:F6:2E:71

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/a883c910f879603b967c0636c6f3e9125b3651b5.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/af34393d60cfb41eac3c2940adf97a6a7f772a74.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/a883c910f879603b967c0636c6f3e9125b3651b5.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.88.130.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3c:7d:75:57:c6:c8:8a:9a:ce:d2:44:96:46:06:d5:43:27:1a:
         05:47:1c:c5:15:7e:05:32:22:7c:6a:7d:f6:38:fc:a2:e1:ff:
         5b:7a:81:4e:99:37:ae:8a:97:6a:ea:84:88:5e:58:68:a9:fb:
         82:4c:fd:f1:cd:4c:d5:28:95:8c:bf:b3:a4:84:fc:23:a9:2e:
         17:ef:ed:af:3d:74:3a:b6:ef:ac:b8:83:2d:cc:8e:46:9b:58:
         39:bd:90:9b:8a:21:5e:9e:7e:bf:22:1e:38:4b:4c:70:65:1f:
         df:79:80:e7:4d:f2:ca:80:01:c9:5b:7a:33:55:96:ff:79:61:
         a5:72:da:2e:d9:e0:fd:75:3f:5d:0b:d4:f9:ae:80:4b:86:f9:
         74:86:ae:7a:ec:c8:f5:c2:b0:0a:03:86:e5:53:36:d8:bc:29:
         04:14:95:b6:c5:6d:d3:14:ff:c2:51:20:c4:60:45:0a:d7:da:
         d0:20:c7:26:e4:75:a4:be:a8:49:4b:96:db:75:d9:94:89:38:
         a3:17:2a:53:c6:df:75:6f:7f:c3:b4:7a:f6:1e:a4:0a:14:c7:
         57:d0:41:a5:5e:8c:49:2b:6a:16:ec:3a:53:0e:af:a5:72:b7:
         7e:48:fe:2c:e4:8a:64:04:86:9f:f7:de:a5:a7:c0:4b:44:13:
         4a:22:dd:8d
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDJ9InMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGE4
ODNjOTEwZjg3OTYwM2I5NjdjMDYzNmM2ZjNlOTEyNWIzNjUxYjUwHhcNMjQwMTI2
MTkxNzQ4WhcNMjYwMTI2MTkxNzQ4WjAzMTEwLwYDVQQDEyhhZjM0MzkzZDYwY2Zi
NDFlYWMzYzI5NDBhZGY5N2E2YTdmNzcyYTc0MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAvhPlaVqJsyXbToOZo78tJNZaaGvdtrabrTcA+NkFxV2QxF/t
dOvSorA5dPizytA+hQH/NbDQAgisj9J5BgYvfXYRWdbpRePylCnEUxH4wVlTrois
AqojvifBClilFx8J+8TUyh/DgY+Bo651z6Ul/53ImnHSbF2JsGAP9nlFRFhKQoQE
vj8iUZ+OSYv31EKbcLIUDttfUIp2w/S0QAM9poNBSCoPyCneQkJT+k8dYDVCEo7w
SbDKJxHWtx5SoJ+0zrz++iZACWyF00FxNZynXzgOnANSBYKm5/DYxm8gEXXg1Mjt
XTNOQPEyzYEzlJSMdX3n0PdPlEJoYYrqF//ZwwIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFKB/TaA/+edkVu+BVQz0gePpNZxcMB8GA1UdIwQYMBaAFEemfzhOUF0mYgc9
qzVW5u5G9i5xMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYTg4M2M5
MTBmODc5NjAzYjk2N2MwNjM2YzZmM2U5MTI1YjM2NTFiNS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMmFiZDZiMzQtODk1My00YzcyLWEwYTItN2VjYjlk
ZThhYWJhL2FmMzQzOTNkNjBjZmI0MWVhYzNjMjk0MGFkZjk3YTZhN2Y3NzJhNzQu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8yYWJkNmIzNC04OTUzLTRjNzItYTBhMi03ZWNi
OWRlOGFhYmEvYTg4M2M5MTBmODc5NjAzYjk2N2MwNjM2YzZmM2U5MTI1YjM2NTFi
NS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAL5YgjANBgkqhkiG9w0BAQsFAAOCAQEAPH11V8bIiprO0kSW
RgbVQycaBUccxRV+BTIifGp99jj8ouH/W3qBTpk3roqXauqEiF5YaKn7gkz98c1M
1SiVjL+zpIT8I6kuF+/trz10OrbvrLiDLcyORptYOb2Qm4ohXp5+vyIeOEtMcGUf
33mA503yyoAByVt6M1WW/3lhpXLaLtng/XU/XQvU+a6AS4b5dIaueuzI9cKwCgOG
5VM22LwpBBSVtsVt0xT/wlEgxGBFCtfa0CDHJuR1pL6oSUuW23XZlIk4oxcqU8bf
dW9/w7R69h6kChTHV9BBpV6MSStqFuw6Uw6vpXK3fkj+LOSKZASGn/fepafAS0QT
SiLdjQ==
-----END CERTIFICATE-----
Generated at Fri Apr 12 15:32:11 2024 by rpki-client on console-ams.rpki-client.org