Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/b535b9115f385ec951e07edd080145f656ad98fb.roa
File:                     b535b9115f385ec951e07edd080145f656ad98fb.roa (raw, json)
Hash identifier:          9mXkH/v9lt4+e/r1YMwS/WN+lZ4q6sdcYBM8UnSwIjw=
Subject key identifier:   A3:16:31:11:04:B7:7C:2B:F2:95:D3:11:60:EA:65:C1:53:58:1F:E9
Certificate issuer:       /CN=a883c910f879603b967c0636c6f3e9125b3651b5
Certificate serial:       1A06B0
Authority key identifier: 47:A6:7F:38:4E:50:5D:26:62:07:3D:AB:35:56:E6:EE:46:F6:2E:71
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/a883c910f879603b967c0636c6f3e9125b3651b5.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/b535b9115f385ec951e07edd080145f656ad98fb.roa
Signing time:             Wed 03 Aug 2022 23:46:39 +0000
ROA not before:           Wed 24 Mar 2021 03:00:00 +0000
ROA not after:            Tue 24 Mar 2026 03:00:00 +0000
asID:                     52233
IP address blocks:        190.4.147.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/a883c910f879603b967c0636c6f3e9125b3651b5.crl
                          rsync://repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/a883c910f879603b967c0636c6f3e9125b3651b5.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/a883c910f879603b967c0636c6f3e9125b3651b5.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 15 Apr 2024 13:34:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1705648 (0x1a06b0)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a883c910f879603b967c0636c6f3e9125b3651b5
        Validity
            Not Before: Mar 24 03:00:00 2021 GMT
            Not After : Mar 24 03:00:00 2026 GMT
        Subject: CN=b535b9115f385ec951e07edd080145f656ad98fb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:1e:a3:76:31:13:73:85:c1:6a:13:69:7d:33:
                    cd:9c:44:aa:c1:01:c8:00:6a:97:eb:a8:03:8f:57:
                    1b:3f:81:45:d1:38:23:93:e0:44:e9:f5:c5:5c:6b:
                    d0:66:c3:65:36:80:a8:75:36:39:57:f2:f6:3f:48:
                    8b:ca:63:72:fa:bd:17:b4:43:6b:d6:3d:9a:49:ff:
                    47:14:d0:41:f3:33:fe:a5:54:dd:0d:bf:62:5d:73:
                    84:c2:d7:36:9c:e0:0f:b0:f8:41:8a:1e:c2:25:50:
                    4c:8a:fe:2b:be:e3:18:67:d3:95:34:ab:bd:a5:1a:
                    6a:0f:00:62:dc:ad:94:59:8d:69:6a:4e:79:4e:81:
                    fa:d9:ab:eb:26:d2:56:b2:0b:65:e5:ca:69:93:00:
                    b7:c8:38:31:1e:f4:61:7f:9b:09:c7:cc:7f:46:49:
                    e0:80:c1:8d:6c:90:a1:90:b8:85:3c:77:81:1d:67:
                    6a:04:dd:5b:99:ba:94:c2:c3:9d:47:97:f5:12:09:
                    11:08:1a:ff:bc:27:bf:11:fd:c3:67:90:88:ea:cb:
                    e7:17:d7:60:c8:3c:79:0a:92:d0:86:c7:73:60:23:
                    51:15:3f:a9:78:c9:09:6e:35:67:8f:a8:10:97:18:
                    46:c4:aa:62:4f:33:57:82:11:18:28:4c:59:f1:a6:
                    8e:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A3:16:31:11:04:B7:7C:2B:F2:95:D3:11:60:EA:65:C1:53:58:1F:E9
            X509v3 Authority Key Identifier:
                keyid:47:A6:7F:38:4E:50:5D:26:62:07:3D:AB:35:56:E6:EE:46:F6:2E:71

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/a883c910f879603b967c0636c6f3e9125b3651b5.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/b535b9115f385ec951e07edd080145f656ad98fb.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/a883c910f879603b967c0636c6f3e9125b3651b5.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.4.147.0/24

    Signature Algorithm: sha256WithRSAEncryption
         05:7d:85:84:f4:86:3f:ab:ad:2a:10:00:61:7f:41:29:b8:70:
         98:37:5c:fd:2e:68:ce:15:0e:38:30:b9:8f:d4:73:7b:b9:70:
         25:92:19:ce:2d:eb:ca:c6:68:9e:3f:a5:ed:89:0f:68:ef:b5:
         34:ea:29:21:00:fc:2c:77:82:e6:a6:8e:b6:0e:03:59:02:ae:
         43:7e:49:b4:a6:22:f3:5c:37:fc:9d:2b:02:de:c8:85:72:9e:
         2b:b2:4d:49:17:19:01:73:66:bc:f1:cc:e2:02:69:b7:fe:57:
         3a:13:c9:2c:e6:1d:79:f8:ed:e4:ad:1a:c3:7c:19:65:6b:e4:
         c3:da:9d:56:c3:c0:e9:ee:18:21:34:aa:e4:be:97:9d:12:51:
         d7:57:0b:ce:6c:76:a2:1c:c3:64:cf:81:5a:a0:2c:1d:90:47:
         cd:d2:ae:25:f3:95:22:3a:e1:3b:bc:4f:8f:b4:f2:a7:fd:5b:
         23:17:3f:30:e9:29:c2:dd:2a:b0:06:dc:e8:30:2c:61:84:a0:
         3f:88:c6:08:56:28:17:9b:a0:0e:a4:a1:6e:5b:d2:77:f1:ed:
         46:66:69:b8:d8:af:cd:95:e9:5c:89:cd:95:be:6b:0e:86:5f:
         d7:aa:0f:52:6a:c9:ec:7d:1c:05:f6:c2:05:e5:9e:fc:c7:e0:
         20:5c:36:8b
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDGgawMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGE4
ODNjOTEwZjg3OTYwM2I5NjdjMDYzNmM2ZjNlOTEyNWIzNjUxYjUwHhcNMjEwMzI0
MDMwMDAwWhcNMjYwMzI0MDMwMDAwWjAzMTEwLwYDVQQDEyhiNTM1YjkxMTVmMzg1
ZWM5NTFlMDdlZGQwODAxNDVmNjU2YWQ5OGZiMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEArB6jdjETc4XBahNpfTPNnESqwQHIAGqX66gDj1cbP4FF0Tgj
k+BE6fXFXGvQZsNlNoCodTY5V/L2P0iLymNy+r0XtENr1j2aSf9HFNBB8zP+pVTd
Db9iXXOEwtc2nOAPsPhBih7CJVBMiv4rvuMYZ9OVNKu9pRpqDwBi3K2UWY1pak55
ToH62avrJtJWsgtl5cppkwC3yDgxHvRhf5sJx8x/RknggMGNbJChkLiFPHeBHWdq
BN1bmbqUwsOdR5f1EgkRCBr/vCe/Ef3DZ5CI6svnF9dgyDx5CpLQhsdzYCNRFT+p
eMkJbjVnj6gQlxhGxKpiTzNXghEYKExZ8aaOOQIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFKMWMREEt3wr8pXTEWDqZcFTWB/pMB8GA1UdIwQYMBaAFEemfzhOUF0mYgc9
qzVW5u5G9i5xMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYTg4M2M5
MTBmODc5NjAzYjk2N2MwNjM2YzZmM2U5MTI1YjM2NTFiNS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMmFiZDZiMzQtODk1My00YzcyLWEwYTItN2VjYjlk
ZThhYWJhL2I1MzViOTExNWYzODVlYzk1MWUwN2VkZDA4MDE0NWY2NTZhZDk4ZmIu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8yYWJkNmIzNC04OTUzLTRjNzItYTBhMi03ZWNi
OWRlOGFhYmEvYTg4M2M5MTBmODc5NjAzYjk2N2MwNjM2YzZmM2U5MTI1YjM2NTFi
NS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAL4EkzANBgkqhkiG9w0BAQsFAAOCAQEABX2FhPSGP6utKhAA
YX9BKbhwmDdc/S5ozhUOODC5j9Rze7lwJZIZzi3rysZonj+l7YkPaO+1NOopIQD8
LHeC5qaOtg4DWQKuQ35JtKYi81w3/J0rAt7IhXKeK7JNSRcZAXNmvPHM4gJpt/5X
OhPJLOYdefjt5K0aw3wZZWvkw9qdVsPA6e4YITSq5L6XnRJR11cLzmx2ohzDZM+B
WqAsHZBHzdKuJfOVIjrhO7xPj7Typ/1bIxc/MOkpwt0qsAbc6DAsYYSgP4jGCFYo
F5ugDqShblvSd/HtRmZpuNivzZXpXInNlb5rDoZf16oPUmrJ7H0cBfbCBeWe/Mfg
IFw2iw==
-----END CERTIFICATE-----
Generated at Fri Apr 12 15:32:11 2024 by rpki-client on console-ams.rpki-client.org