Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/cd96d4e7f54d205ec9d18b43cbdd8b7fc7c0c9c5.roa
File:                     cd96d4e7f54d205ec9d18b43cbdd8b7fc7c0c9c5.roa (raw, json)
Hash identifier:          9s32cPym52xQNk6ShArUSHX9Dvdj6+rTCZ3hL1HaSSg=
Subject key identifier:   0E:5E:36:A5:1C:16:36:88:98:EF:AC:9A:E8:24:46:80:47:E0:29:6A
Certificate issuer:       /CN=a883c910f879603b967c0636c6f3e9125b3651b5
Certificate serial:       1A0A87
Authority key identifier: 47:A6:7F:38:4E:50:5D:26:62:07:3D:AB:35:56:E6:EE:46:F6:2E:71
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/a883c910f879603b967c0636c6f3e9125b3651b5.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/cd96d4e7f54d205ec9d18b43cbdd8b7fc7c0c9c5.roa
Signing time:             Wed 03 Aug 2022 23:47:35 +0000
ROA not before:           Wed 24 Mar 2021 03:00:00 +0000
ROA not after:            Tue 24 Mar 2026 03:00:00 +0000
asID:                     52233
IP address blocks:        190.4.157.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/a883c910f879603b967c0636c6f3e9125b3651b5.crl
                          rsync://repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/a883c910f879603b967c0636c6f3e9125b3651b5.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/a883c910f879603b967c0636c6f3e9125b3651b5.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 15 Apr 2024 06:03:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1706631 (0x1a0a87)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a883c910f879603b967c0636c6f3e9125b3651b5
        Validity
            Not Before: Mar 24 03:00:00 2021 GMT
            Not After : Mar 24 03:00:00 2026 GMT
        Subject: CN=cd96d4e7f54d205ec9d18b43cbdd8b7fc7c0c9c5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:7e:26:8e:f8:7d:23:af:67:89:11:c3:ef:ee:
                    29:74:09:65:b2:34:8d:cc:c1:5d:9a:5c:13:9c:fa:
                    87:e3:3f:ee:5f:bb:69:4d:17:56:09:3e:e3:cc:d7:
                    1d:5b:62:36:17:be:ce:c9:3b:80:c0:6e:6b:90:5d:
                    3d:38:b4:83:61:ba:4e:31:d5:85:1e:94:f4:94:46:
                    f3:9a:e8:c7:1c:db:e8:d9:ec:cd:17:5d:0c:7f:ad:
                    90:06:6e:8a:61:cf:36:35:60:17:66:26:18:e8:a4:
                    09:dd:7e:a5:8e:4d:c6:2f:b5:c3:fe:e6:ab:be:6e:
                    1d:3e:3d:d5:a5:33:92:d5:92:43:77:ed:0a:ce:68:
                    95:00:df:57:0a:5f:29:0f:1e:79:a0:c9:16:7a:af:
                    6f:45:ca:3e:19:ce:1d:12:84:95:67:f6:a4:10:29:
                    77:1a:90:45:71:2b:bd:b8:fc:a7:1d:17:e0:52:d8:
                    3a:a0:ca:f9:55:6e:fd:a2:8d:d2:3e:67:11:80:48:
                    59:d9:f5:69:00:b1:c4:1a:8f:83:9b:10:11:27:83:
                    7f:2b:bf:ea:e4:ff:ea:55:74:d8:1e:0c:4c:5f:92:
                    f9:12:37:ef:7a:e6:2b:08:cb:ec:9e:66:87:cb:a0:
                    c9:4d:ce:ce:7d:22:5f:ad:bf:32:ea:30:98:67:70:
                    65:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0E:5E:36:A5:1C:16:36:88:98:EF:AC:9A:E8:24:46:80:47:E0:29:6A
            X509v3 Authority Key Identifier:
                keyid:47:A6:7F:38:4E:50:5D:26:62:07:3D:AB:35:56:E6:EE:46:F6:2E:71

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/a883c910f879603b967c0636c6f3e9125b3651b5.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/cd96d4e7f54d205ec9d18b43cbdd8b7fc7c0c9c5.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/a883c910f879603b967c0636c6f3e9125b3651b5.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.4.157.0/24

    Signature Algorithm: sha256WithRSAEncryption
         53:ee:d9:d2:c6:12:32:49:a0:0d:4b:8a:e2:35:1f:5d:27:08:
         cf:ce:f4:89:96:55:cb:60:0b:d3:b5:f8:d1:0e:91:e0:58:fd:
         10:4f:f7:4b:f3:56:63:05:00:e0:ab:da:9d:5b:45:ed:61:4c:
         e2:84:35:c6:89:3f:28:8b:9f:ed:5a:c9:dd:9a:5b:ef:14:2c:
         83:c1:a4:74:02:95:43:45:26:85:7d:a0:3c:06:37:c7:e7:97:
         c2:a3:5d:58:c3:18:f6:61:45:05:61:74:e1:83:29:41:e5:36:
         6d:a7:7b:53:e4:55:1f:76:e1:10:e7:d8:8d:0c:5c:53:56:26:
         37:33:6a:44:b3:d6:0f:8c:f4:a9:51:79:53:04:41:49:5a:a0:
         7e:19:03:23:e9:12:70:d0:d9:b7:4e:e7:15:26:f0:74:dd:a5:
         92:8c:21:4a:a9:66:47:d5:22:85:89:aa:49:09:2c:ad:7f:ce:
         6d:2e:a5:4c:65:f0:cb:51:3d:70:30:a3:77:99:cc:2c:d2:52:
         bb:ce:67:41:b9:41:ed:7e:14:ca:f6:e0:a5:95:39:51:1f:14:
         d3:b9:57:b2:c0:06:f7:aa:54:90:8d:26:b4:51:49:9e:a8:16:
         2d:e2:70:26:d0:30:37:f3:29:21:56:a7:e7:ee:69:bd:09:be:
         ef:77:31:11
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDGgqHMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGE4
ODNjOTEwZjg3OTYwM2I5NjdjMDYzNmM2ZjNlOTEyNWIzNjUxYjUwHhcNMjEwMzI0
MDMwMDAwWhcNMjYwMzI0MDMwMDAwWjAzMTEwLwYDVQQDEyhjZDk2ZDRlN2Y1NGQy
MDVlYzlkMThiNDNjYmRkOGI3ZmM3YzBjOWM1MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAh34mjvh9I69niRHD7+4pdAllsjSNzMFdmlwTnPqH4z/uX7tp
TRdWCT7jzNcdW2I2F77OyTuAwG5rkF09OLSDYbpOMdWFHpT0lEbzmujHHNvo2ezN
F10Mf62QBm6KYc82NWAXZiYY6KQJ3X6ljk3GL7XD/uarvm4dPj3VpTOS1ZJDd+0K
zmiVAN9XCl8pDx55oMkWeq9vRco+Gc4dEoSVZ/akECl3GpBFcSu9uPynHRfgUtg6
oMr5VW79oo3SPmcRgEhZ2fVpALHEGo+DmxARJ4N/K7/q5P/qVXTYHgxMX5L5Ejfv
euYrCMvsnmaHy6DJTc7OfSJfrb8y6jCYZ3BlOQIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFA5eNqUcFjaImO+smugkRoBH4ClqMB8GA1UdIwQYMBaAFEemfzhOUF0mYgc9
qzVW5u5G9i5xMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYTg4M2M5
MTBmODc5NjAzYjk2N2MwNjM2YzZmM2U5MTI1YjM2NTFiNS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMmFiZDZiMzQtODk1My00YzcyLWEwYTItN2VjYjlk
ZThhYWJhL2NkOTZkNGU3ZjU0ZDIwNWVjOWQxOGI0M2NiZGQ4YjdmYzdjMGM5YzUu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8yYWJkNmIzNC04OTUzLTRjNzItYTBhMi03ZWNi
OWRlOGFhYmEvYTg4M2M5MTBmODc5NjAzYjk2N2MwNjM2YzZmM2U5MTI1YjM2NTFi
NS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAL4EnTANBgkqhkiG9w0BAQsFAAOCAQEAU+7Z0sYSMkmgDUuK
4jUfXScIz870iZZVy2AL07X40Q6R4Fj9EE/3S/NWYwUA4KvanVtF7WFM4oQ1xok/
KIuf7VrJ3Zpb7xQsg8GkdAKVQ0UmhX2gPAY3x+eXwqNdWMMY9mFFBWF04YMpQeU2
bad7U+RVH3bhEOfYjQxcU1YmNzNqRLPWD4z0qVF5UwRBSVqgfhkDI+kScNDZt07n
FSbwdN2lkowhSqlmR9UihYmqSQksrX/ObS6lTGXwy1E9cDCjd5nMLNJSu85nQblB
7X4UyvbgpZU5UR8U07lXssAG96pUkI0mtFFJnqgWLeJwJtAwN/MpIVan5+5pvQm+
73cxEQ==
-----END CERTIFICATE-----
Generated at Fri Apr 12 13:15:04 2024 by rpki-client on console-fra.rpki-client.org