Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/bfe7d5a3f137aeb23f38bd9941ae2bf3bdd788f3.roa
File:                     bfe7d5a3f137aeb23f38bd9941ae2bf3bdd788f3.roa (raw, json)
Hash identifier:          j/jegisF3yG8KRa9ZKesyXf0Ese5gHHI97r18vN2p8s=
Subject key identifier:   DB:55:95:12:55:79:D2:BC:BE:A0:7F:DA:20:3A:2B:6F:C4:6D:FE:B5
Certificate issuer:       /CN=a883c910f879603b967c0636c6f3e9125b3651b5
Certificate serial:       0DD835
Authority key identifier: 47:A6:7F:38:4E:50:5D:26:62:07:3D:AB:35:56:E6:EE:46:F6:2E:71
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/a883c910f879603b967c0636c6f3e9125b3651b5.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/bfe7d5a3f137aeb23f38bd9941ae2bf3bdd788f3.roa
Signing time:             Fri 09 Apr 2021 23:55:21 +0000
ROA not before:           Fri 09 Apr 2021 03:00:00 +0000
ROA not after:            Tue 24 Mar 2026 03:00:00 +0000
asID:                     52233
IP address blocks:        190.88.40.0/21 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/a883c910f879603b967c0636c6f3e9125b3651b5.crl
                          rsync://repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/a883c910f879603b967c0636c6f3e9125b3651b5.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/a883c910f879603b967c0636c6f3e9125b3651b5.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 15 Apr 2024 13:34:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 907317 (0xdd835)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a883c910f879603b967c0636c6f3e9125b3651b5
        Validity
            Not Before: Apr  9 03:00:00 2021 GMT
            Not After : Mar 24 03:00:00 2026 GMT
        Subject: CN=bfe7d5a3f137aeb23f38bd9941ae2bf3bdd788f3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:4e:5f:16:c9:0f:82:c6:8d:43:b3:28:6d:0f:
                    0e:be:2c:75:aa:ac:51:ff:05:7b:8a:13:18:8d:e2:
                    b6:75:57:26:78:c7:f6:56:25:fc:88:00:88:90:52:
                    1d:ab:7e:51:46:a7:ce:9f:3d:73:13:5b:e2:a5:1e:
                    f3:cd:dc:30:01:3b:94:36:2e:3c:ad:81:0f:e2:e0:
                    7e:6c:94:13:99:35:36:8d:b0:74:a1:43:7a:1a:6b:
                    fd:67:9d:8f:f0:bc:3c:1a:d8:de:ea:82:d2:68:c4:
                    6f:0b:dc:d2:91:c7:1f:56:39:fa:0e:19:a9:22:bf:
                    12:2f:70:a5:cf:1e:6f:1b:65:77:c8:8e:6b:9a:7c:
                    b1:eb:e6:b2:12:3e:1f:19:ac:6e:a5:4f:8b:31:13:
                    c1:3d:ea:40:26:4d:db:2b:94:ce:3f:6c:ab:c8:73:
                    14:2f:26:fd:c1:b4:ac:42:75:5d:6a:fa:75:b6:2d:
                    08:bd:36:7e:79:07:29:50:14:c4:e1:7c:b9:25:62:
                    b7:d8:e1:e0:25:af:f4:5b:2b:58:84:7e:00:f0:bf:
                    13:b7:88:69:9a:0d:4b:8c:1c:fe:ed:d6:14:5d:e4:
                    e7:1d:5f:d3:9d:2b:4d:94:75:d2:02:46:5c:7f:3a:
                    67:4a:b3:df:8f:6d:1c:cb:bb:29:71:b4:83:6f:0d:
                    81:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DB:55:95:12:55:79:D2:BC:BE:A0:7F:DA:20:3A:2B:6F:C4:6D:FE:B5
            X509v3 Authority Key Identifier:
                keyid:47:A6:7F:38:4E:50:5D:26:62:07:3D:AB:35:56:E6:EE:46:F6:2E:71

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/a883c910f879603b967c0636c6f3e9125b3651b5.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/bfe7d5a3f137aeb23f38bd9941ae2bf3bdd788f3.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/a883c910f879603b967c0636c6f3e9125b3651b5.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.88.40.0/21

    Signature Algorithm: sha256WithRSAEncryption
         17:bd:34:1b:b2:ee:d5:f1:e1:e1:7b:08:e0:6e:41:0d:48:46:
         ab:9e:3d:0c:90:9d:1e:4f:88:af:0e:75:6f:de:a4:d7:ad:98:
         ff:44:07:f4:7f:f7:8a:5a:5b:a3:bd:da:f2:d6:5f:3b:46:f7:
         3e:26:f2:3a:75:de:7d:81:61:62:d0:d1:e6:dc:f2:d4:23:e7:
         11:15:78:a3:7f:21:0b:ba:be:7b:e0:5e:07:03:d8:39:1b:05:
         09:a0:61:38:eb:ad:5b:a6:b5:f6:c1:c0:c1:10:28:bc:5c:41:
         f3:86:2c:7f:dc:e5:52:11:5b:21:f9:f5:71:4b:3c:d9:27:38:
         3c:c8:63:09:c2:9e:55:83:e1:39:fe:3c:69:65:06:5e:89:f9:
         8c:9b:d5:39:5c:0f:bd:af:44:ce:55:f2:8d:1a:cf:fc:d9:b2:
         39:e4:36:5d:0f:0f:70:f9:cd:fc:93:24:56:a5:60:e1:32:19:
         3f:6b:e1:93:6b:c7:3f:ed:98:5b:8d:c2:70:db:6a:4b:5c:8a:
         58:8c:be:5f:63:3b:e7:ed:20:5c:94:fb:f0:ac:f9:28:59:50:
         21:f8:c1:16:0b:c1:c4:57:57:8e:60:a7:7d:d9:95:db:72:d2:
         1c:05:57:9c:f1:17:e1:1c:3f:2d:11:68:98:b4:b0:21:87:f7:
         0e:1f:87:21
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDDdg1MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGE4
ODNjOTEwZjg3OTYwM2I5NjdjMDYzNmM2ZjNlOTEyNWIzNjUxYjUwHhcNMjEwNDA5
MDMwMDAwWhcNMjYwMzI0MDMwMDAwWjAzMTEwLwYDVQQDEyhiZmU3ZDVhM2YxMzdh
ZWIyM2YzOGJkOTk0MWFlMmJmM2JkZDc4OGYzMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAkk5fFskPgsaNQ7MobQ8Ovix1qqxR/wV7ihMYjeK2dVcmeMf2
ViX8iACIkFIdq35RRqfOnz1zE1vipR7zzdwwATuUNi48rYEP4uB+bJQTmTU2jbB0
oUN6Gmv9Z52P8Lw8Gtje6oLSaMRvC9zSkccfVjn6DhmpIr8SL3Clzx5vG2V3yI5r
mnyx6+ayEj4fGaxupU+LMRPBPepAJk3bK5TOP2yryHMULyb9wbSsQnVdavp1ti0I
vTZ+eQcpUBTE4Xy5JWK32OHgJa/0WytYhH4A8L8Tt4hpmg1LjBz+7dYUXeTnHV/T
nStNlHXSAkZcfzpnSrPfj20cy7spcbSDbw2BdwIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFNtVlRJVedK8vqB/2iA6K2/Ebf61MB8GA1UdIwQYMBaAFEemfzhOUF0mYgc9
qzVW5u5G9i5xMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYTg4M2M5
MTBmODc5NjAzYjk2N2MwNjM2YzZmM2U5MTI1YjM2NTFiNS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMmFiZDZiMzQtODk1My00YzcyLWEwYTItN2VjYjlk
ZThhYWJhL2JmZTdkNWEzZjEzN2FlYjIzZjM4YmQ5OTQxYWUyYmYzYmRkNzg4ZjMu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8yYWJkNmIzNC04OTUzLTRjNzItYTBhMi03ZWNi
OWRlOGFhYmEvYTg4M2M5MTBmODc5NjAzYjk2N2MwNjM2YzZmM2U5MTI1YjM2NTFi
NS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEA75YKDANBgkqhkiG9w0BAQsFAAOCAQEAF700G7Lu1fHh4XsI
4G5BDUhGq549DJCdHk+Irw51b96k162Y/0QH9H/3ilpbo73a8tZfO0b3PibyOnXe
fYFhYtDR5tzy1CPnERV4o38hC7q+e+BeBwPYORsFCaBhOOutW6a19sHAwRAovFxB
84Ysf9zlUhFbIfn1cUs82Sc4PMhjCcKeVYPhOf48aWUGXon5jJvVOVwPva9EzlXy
jRrP/NmyOeQ2XQ8PcPnN/JMkVqVg4TIZP2vhk2vHP+2YW43CcNtqS1yKWIy+X2M7
5+0gXJT78Kz5KFlQIfjBFgvBxFdXjmCnfdmV23LSHAVXnPEX4Rw/LRFomLSwIYf3
Dh+HIQ==
-----END CERTIFICATE-----
Generated at Fri Apr 12 15:32:11 2024 by rpki-client on console-ams.rpki-client.org