Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/b179532d2dce1acecefd3cf4dec20607a3f2be81.roa
File:                     b179532d2dce1acecefd3cf4dec20607a3f2be81.roa (raw, json)
Hash identifier:          jgGcMMBgJGTaN8qT4RA2ovkYhlN5soZGUs93MpRhnpI=
Subject key identifier:   F8:FF:39:D0:CD:DB:04:E5:21:85:BF:21:0D:8A:FE:66:E8:47:7F:78
Certificate issuer:       /CN=a883c910f879603b967c0636c6f3e9125b3651b5
Certificate serial:       27CA60
Authority key identifier: 47:A6:7F:38:4E:50:5D:26:62:07:3D:AB:35:56:E6:EE:46:F6:2E:71
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/a883c910f879603b967c0636c6f3e9125b3651b5.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/b179532d2dce1acecefd3cf4dec20607a3f2be81.roa
Signing time:             Fri 26 Jan 2024 19:13:40 +0000
ROA not before:           Fri 26 Jan 2024 19:13:40 +0000
ROA not after:            Mon 26 Jan 2026 19:13:40 +0000
asID:                     52233
IP address blocks:        190.88.128.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/a883c910f879603b967c0636c6f3e9125b3651b5.crl
                          rsync://repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/a883c910f879603b967c0636c6f3e9125b3651b5.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/a883c910f879603b967c0636c6f3e9125b3651b5.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 15 Apr 2024 06:03:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2607712 (0x27ca60)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a883c910f879603b967c0636c6f3e9125b3651b5
        Validity
            Not Before: Jan 26 19:13:40 2024 GMT
            Not After : Jan 26 19:13:40 2026 GMT
        Subject: CN=b179532d2dce1acecefd3cf4dec20607a3f2be81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:8f:e9:22:06:5e:bb:90:18:49:4c:1c:e0:bd:
                    8c:fe:e9:0a:da:fc:81:d5:e8:30:e1:62:e4:5c:67:
                    dc:38:c4:bc:d2:75:e5:ac:8c:94:0d:af:a1:98:e2:
                    7b:e1:1d:e9:53:3b:5a:a4:74:1f:cd:53:0f:29:3a:
                    98:b3:19:21:c9:33:48:4c:37:29:8b:e5:01:82:3d:
                    6a:17:f6:14:16:89:46:82:85:6c:2f:b4:90:42:d7:
                    6a:8a:f1:20:d6:95:d8:fb:81:19:1c:be:a2:1a:e0:
                    2f:ac:3f:81:2c:d5:38:71:7d:ca:94:e9:33:0a:cb:
                    a1:10:cb:e8:66:c2:7c:50:4f:66:a7:28:40:f0:32:
                    fe:94:bc:4e:86:54:6a:f6:b7:4e:e3:75:db:3c:52:
                    8c:eb:9b:f2:4c:b8:75:18:4c:2f:5f:1a:df:70:7e:
                    f7:11:06:8d:1d:1a:5c:af:39:97:91:bb:50:fa:b0:
                    5d:62:11:06:fd:8d:0d:c9:b5:c4:77:20:d9:ad:b7:
                    c0:7a:04:56:bc:ad:ac:00:a1:cb:da:31:83:8a:e4:
                    8e:09:10:5e:66:73:31:03:f6:80:8b:6c:fd:f4:2b:
                    82:b4:9d:f3:91:c8:19:4f:01:1c:8e:a7:7d:80:21:
                    80:b9:90:55:f6:f9:0f:41:74:09:4d:02:0d:be:3f:
                    70:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F8:FF:39:D0:CD:DB:04:E5:21:85:BF:21:0D:8A:FE:66:E8:47:7F:78
            X509v3 Authority Key Identifier:
                keyid:47:A6:7F:38:4E:50:5D:26:62:07:3D:AB:35:56:E6:EE:46:F6:2E:71

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/a883c910f879603b967c0636c6f3e9125b3651b5.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/b179532d2dce1acecefd3cf4dec20607a3f2be81.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/a883c910f879603b967c0636c6f3e9125b3651b5.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.88.128.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6b:81:93:c0:9c:eb:e8:cb:3a:fb:4e:5a:ef:28:93:80:cd:ff:
         2c:23:91:93:50:9f:d3:76:14:a1:5f:fe:ea:ab:ea:03:1a:ab:
         57:ae:dc:9d:7b:45:fa:fe:2d:a9:84:02:82:58:f8:84:50:eb:
         24:ee:48:86:c0:8b:f4:4d:3e:83:ec:52:d2:a3:f6:2a:ae:ce:
         81:ea:32:58:80:f9:3e:23:b6:93:04:64:0e:21:93:2b:3a:4a:
         68:45:be:d8:d3:c0:64:7d:df:c0:f7:09:5a:4a:77:f4:19:42:
         75:b9:89:54:63:a4:d3:04:4e:ea:b7:97:80:62:d0:89:c9:86:
         fe:03:fc:33:23:64:eb:2a:3f:d9:8b:28:eb:6d:9e:f9:08:ff:
         cf:0c:ca:d5:0b:2c:41:26:af:d9:dc:af:fe:9a:19:46:85:25:
         36:91:9f:5e:55:a6:64:be:fe:10:bc:98:bc:0d:d0:9a:b2:00:
         87:91:a2:48:2d:4d:30:3a:8c:8c:94:cb:c7:39:a0:0d:fd:c0:
         36:c0:94:4d:d2:65:c8:2e:1c:4e:4f:80:37:18:dd:e3:7a:c7:
         31:7c:36:d1:86:7b:63:d0:2e:13:97:14:17:6d:db:ce:1d:e9:
         dc:c1:53:32:9f:9e:95:d7:4e:9f:13:37:24:fb:45:b7:68:96:
         32:a1:54:7c
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDJ8pgMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGE4
ODNjOTEwZjg3OTYwM2I5NjdjMDYzNmM2ZjNlOTEyNWIzNjUxYjUwHhcNMjQwMTI2
MTkxMzQwWhcNMjYwMTI2MTkxMzQwWjAzMTEwLwYDVQQDEyhiMTc5NTMyZDJkY2Ux
YWNlY2VmZDNjZjRkZWMyMDYwN2EzZjJiZTgxMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAno/pIgZeu5AYSUwc4L2M/ukK2vyB1egw4WLkXGfcOMS80nXl
rIyUDa+hmOJ74R3pUztapHQfzVMPKTqYsxkhyTNITDcpi+UBgj1qF/YUFolGgoVs
L7SQQtdqivEg1pXY+4EZHL6iGuAvrD+BLNU4cX3KlOkzCsuhEMvoZsJ8UE9mpyhA
8DL+lLxOhlRq9rdO43XbPFKM65vyTLh1GEwvXxrfcH73EQaNHRpcrzmXkbtQ+rBd
YhEG/Y0NybXEdyDZrbfAegRWvK2sAKHL2jGDiuSOCRBeZnMxA/aAi2z99CuCtJ3z
kcgZTwEcjqd9gCGAuZBV9vkPQXQJTQINvj9waQIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFPj/OdDN2wTlIYW/IQ2K/mboR394MB8GA1UdIwQYMBaAFEemfzhOUF0mYgc9
qzVW5u5G9i5xMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYTg4M2M5
MTBmODc5NjAzYjk2N2MwNjM2YzZmM2U5MTI1YjM2NTFiNS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMmFiZDZiMzQtODk1My00YzcyLWEwYTItN2VjYjlk
ZThhYWJhL2IxNzk1MzJkMmRjZTFhY2VjZWZkM2NmNGRlYzIwNjA3YTNmMmJlODEu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8yYWJkNmIzNC04OTUzLTRjNzItYTBhMi03ZWNi
OWRlOGFhYmEvYTg4M2M5MTBmODc5NjAzYjk2N2MwNjM2YzZmM2U5MTI1YjM2NTFi
NS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAL5YgDANBgkqhkiG9w0BAQsFAAOCAQEAa4GTwJzr6Ms6+05a
7yiTgM3/LCORk1Cf03YUoV/+6qvqAxqrV67cnXtF+v4tqYQCglj4hFDrJO5IhsCL
9E0+g+xS0qP2Kq7OgeoyWID5PiO2kwRkDiGTKzpKaEW+2NPAZH3fwPcJWkp39BlC
dbmJVGOk0wRO6reXgGLQicmG/gP8MyNk6yo/2Yso622e+Qj/zwzK1QssQSav2dyv
/poZRoUlNpGfXlWmZL7+ELyYvA3QmrIAh5GiSC1NMDqMjJTLxzmgDf3ANsCUTdJl
yC4cTk+ANxjd43rHMXw20YZ7Y9AuE5cUF23bzh3p3MFTMp+elddOnxM3JPtFt2iW
MqFUfA==
-----END CERTIFICATE-----
Generated at Fri Apr 12 13:15:04 2024 by rpki-client on console-fra.rpki-client.org