Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/fa1e18703554f5b01327f374691a270a76405363.roa
File:                     fa1e18703554f5b01327f374691a270a76405363.roa (raw, json)
Hash identifier:          nwIVIyXiBcHw9Zj5xkLdxKve7ae1nQNZHGc7cLeF0us=
Subject key identifier:   82:AE:2B:F2:4D:18:F9:08:63:3B:26:E7:EC:30:88:2A:6B:29:89:7B
Certificate issuer:       /CN=a883c910f879603b967c0636c6f3e9125b3651b5
Certificate serial:       27CD9D
Authority key identifier: 47:A6:7F:38:4E:50:5D:26:62:07:3D:AB:35:56:E6:EE:46:F6:2E:71
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/a883c910f879603b967c0636c6f3e9125b3651b5.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/fa1e18703554f5b01327f374691a270a76405363.roa
Signing time:             Fri 26 Jan 2024 19:16:47 +0000
ROA not before:           Fri 26 Jan 2024 19:16:47 +0000
ROA not after:            Mon 26 Jan 2026 19:16:47 +0000
asID:                     52233
IP address blocks:        190.88.129.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/a883c910f879603b967c0636c6f3e9125b3651b5.crl
                          rsync://repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/a883c910f879603b967c0636c6f3e9125b3651b5.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/a883c910f879603b967c0636c6f3e9125b3651b5.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 15 Apr 2024 06:03:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2608541 (0x27cd9d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a883c910f879603b967c0636c6f3e9125b3651b5
        Validity
            Not Before: Jan 26 19:16:47 2024 GMT
            Not After : Jan 26 19:16:47 2026 GMT
        Subject: CN=fa1e18703554f5b01327f374691a270a76405363
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e8:dc:f9:51:2e:e5:5c:86:6b:2c:e0:d8:35:48:
                    b8:f9:4f:90:bd:77:bb:7a:7e:40:1b:2c:c6:2e:28:
                    df:5d:95:a0:b3:7c:ef:5b:36:2c:dc:a6:df:10:62:
                    e5:e1:bd:0e:7b:40:b7:57:76:6e:5d:79:a7:d6:b4:
                    ef:ec:c9:6f:80:72:4c:cc:b5:f2:2a:2b:06:23:f4:
                    a8:30:2a:69:e9:72:0e:51:9b:f7:92:12:7e:b1:9b:
                    11:fb:76:6d:ab:dd:49:ef:18:c0:11:7b:f7:d6:f0:
                    91:fd:fd:b8:a7:bd:8c:af:d7:dd:1d:fd:77:0e:4d:
                    d7:53:b3:f3:57:a3:c0:0c:50:39:d8:37:51:2c:58:
                    52:2e:43:71:66:d6:26:07:b7:46:39:a4:f4:3b:e9:
                    6d:7d:d4:f2:65:be:d9:88:01:91:59:d8:3d:50:66:
                    b7:bb:90:b3:33:6c:4c:d4:bd:ef:07:94:11:64:96:
                    24:c6:8c:d4:87:ad:30:d1:70:1e:c0:f5:bd:e3:3b:
                    9b:cf:cb:63:3e:3c:82:74:dc:4c:bf:28:ce:dc:e5:
                    15:87:2b:a1:84:86:48:ce:63:a4:9f:cb:72:1a:e3:
                    5a:54:1c:2b:8c:3d:29:54:b5:bf:9e:44:26:0e:1a:
                    f8:99:d1:4a:76:ad:81:d3:7e:35:45:0d:ba:40:0c:
                    73:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                82:AE:2B:F2:4D:18:F9:08:63:3B:26:E7:EC:30:88:2A:6B:29:89:7B
            X509v3 Authority Key Identifier:
                keyid:47:A6:7F:38:4E:50:5D:26:62:07:3D:AB:35:56:E6:EE:46:F6:2E:71

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/a883c910f879603b967c0636c6f3e9125b3651b5.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/fa1e18703554f5b01327f374691a270a76405363.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/a883c910f879603b967c0636c6f3e9125b3651b5.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.88.129.0/24

    Signature Algorithm: sha256WithRSAEncryption
         07:38:27:be:e6:c9:ca:9a:f1:1f:75:cc:41:8a:a9:58:fd:16:
         91:81:95:74:aa:de:4b:eb:eb:06:87:8d:59:35:e7:a9:73:d0:
         d6:0a:44:f0:d8:27:08:f4:fe:d1:d9:41:9b:a9:75:ab:46:d4:
         38:3d:78:61:95:6c:b6:f9:05:62:98:ef:1a:15:50:7b:ce:02:
         6b:f6:c5:a9:bf:e3:52:b4:96:0b:62:3f:7f:2a:68:c4:0b:01:
         9e:58:a0:29:3a:03:dc:1d:eb:f0:de:dc:4b:02:64:6d:f7:7b:
         db:45:51:39:f0:57:51:f4:f7:29:c2:ec:59:98:80:62:65:0f:
         8e:04:00:09:43:6b:cd:ee:1c:70:3f:ac:ee:2b:a8:23:88:c3:
         3a:3f:9a:36:72:50:85:b8:21:d9:f9:bc:f0:61:dd:fe:89:5a:
         82:7e:d0:10:2e:87:19:f2:66:2b:a2:20:66:20:61:49:3b:0a:
         d4:cd:5f:59:63:33:d2:b2:be:54:06:cf:50:9b:e7:6d:c3:ac:
         a1:83:96:48:32:7e:b7:4b:a4:c7:79:00:54:ad:00:a1:07:f6:
         4d:e7:09:54:2c:9f:ab:70:e7:77:7f:57:f0:95:fc:13:76:7a:
         d0:c2:cd:2e:dc:a4:cf:c9:dc:a9:59:07:20:45:63:c2:b8:d3:
         0a:bf:30:56
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDJ82dMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGE4
ODNjOTEwZjg3OTYwM2I5NjdjMDYzNmM2ZjNlOTEyNWIzNjUxYjUwHhcNMjQwMTI2
MTkxNjQ3WhcNMjYwMTI2MTkxNjQ3WjAzMTEwLwYDVQQDEyhmYTFlMTg3MDM1NTRm
NWIwMTMyN2YzNzQ2OTFhMjcwYTc2NDA1MzYzMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA6Nz5US7lXIZrLODYNUi4+U+QvXe7en5AGyzGLijfXZWgs3zv
WzYs3KbfEGLl4b0Oe0C3V3ZuXXmn1rTv7MlvgHJMzLXyKisGI/SoMCpp6XIOUZv3
khJ+sZsR+3Ztq91J7xjAEXv31vCR/f24p72Mr9fdHf13Dk3XU7PzV6PADFA52DdR
LFhSLkNxZtYmB7dGOaT0O+ltfdTyZb7ZiAGRWdg9UGa3u5CzM2xM1L3vB5QRZJYk
xozUh60w0XAewPW94zubz8tjPjyCdNxMvyjO3OUVhyuhhIZIzmOkn8tyGuNaVBwr
jD0pVLW/nkQmDhr4mdFKdq2B0341RQ26QAxzSQIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFIKuK/JNGPkIYzsm5+wwiCprKYl7MB8GA1UdIwQYMBaAFEemfzhOUF0mYgc9
qzVW5u5G9i5xMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYTg4M2M5
MTBmODc5NjAzYjk2N2MwNjM2YzZmM2U5MTI1YjM2NTFiNS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMmFiZDZiMzQtODk1My00YzcyLWEwYTItN2VjYjlk
ZThhYWJhL2ZhMWUxODcwMzU1NGY1YjAxMzI3ZjM3NDY5MWEyNzBhNzY0MDUzNjMu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8yYWJkNmIzNC04OTUzLTRjNzItYTBhMi03ZWNi
OWRlOGFhYmEvYTg4M2M5MTBmODc5NjAzYjk2N2MwNjM2YzZmM2U5MTI1YjM2NTFi
NS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAL5YgTANBgkqhkiG9w0BAQsFAAOCAQEABzgnvubJyprxH3XM
QYqpWP0WkYGVdKreS+vrBoeNWTXnqXPQ1gpE8NgnCPT+0dlBm6l1q0bUOD14YZVs
tvkFYpjvGhVQe84Ca/bFqb/jUrSWC2I/fypoxAsBnligKToD3B3r8N7cSwJkbfd7
20VROfBXUfT3KcLsWZiAYmUPjgQACUNrze4ccD+s7iuoI4jDOj+aNnJQhbgh2fm8
8GHd/olagn7QEC6HGfJmK6IgZiBhSTsK1M1fWWMz0rK+VAbPUJvnbcOsoYOWSDJ+
t0ukx3kAVK0AoQf2TecJVCyfq3Dnd39X8JX8E3Z60MLNLtykz8ncqVkHIEVjwrjT
Cr8wVg==
-----END CERTIFICATE-----
Generated at Fri Apr 12 13:15:04 2024 by rpki-client on console-fra.rpki-client.org