Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/ff8c0aabd5f96bf61f61220b602f073a492701e6.roa
File:                     ff8c0aabd5f96bf61f61220b602f073a492701e6.roa (raw, json)
Hash identifier:          izXLAQFtH5Lcc5DrZ9aE4MeQrINdRYTz/RDGSNgwYYc=
Subject key identifier:   C1:5B:B3:96:27:FF:B4:F1:95:A8:6B:F9:5B:D8:F0:B9:89:A2:84:ED
Certificate issuer:       /CN=a883c910f879603b967c0636c6f3e9125b3651b5
Certificate serial:       0D5F62
Authority key identifier: 47:A6:7F:38:4E:50:5D:26:62:07:3D:AB:35:56:E6:EE:46:F6:2E:71
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/a883c910f879603b967c0636c6f3e9125b3651b5.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/ff8c0aabd5f96bf61f61220b602f073a492701e6.roa
Signing time:             Wed 24 Mar 2021 14:38:08 +0000
ROA not before:           Wed 24 Mar 2021 14:38:07 +0000
ROA not after:            Tue 24 Mar 2026 14:38:07 +0000
asID:                     52233
IP address blocks:        190.4.128.0/20 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/a883c910f879603b967c0636c6f3e9125b3651b5.crl
                          rsync://repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/a883c910f879603b967c0636c6f3e9125b3651b5.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/a883c910f879603b967c0636c6f3e9125b3651b5.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 15 Apr 2024 06:03:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 876386 (0xd5f62)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a883c910f879603b967c0636c6f3e9125b3651b5
        Validity
            Not Before: Mar 24 14:38:07 2021 GMT
            Not After : Mar 24 14:38:07 2026 GMT
        Subject: CN=ff8c0aabd5f96bf61f61220b602f073a492701e6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:00:f6:cf:d9:42:d7:4d:e1:24:84:d9:8b:8d:
                    d1:10:25:ed:3b:17:df:d7:30:ac:b6:36:f9:24:23:
                    ac:23:83:95:43:a8:ec:4c:d7:f2:d6:48:f1:f4:ab:
                    ac:50:39:3b:da:86:6e:65:a5:7e:a8:ca:24:71:8f:
                    19:38:58:69:b0:38:70:04:73:27:8b:9a:f7:56:1b:
                    c0:2c:99:2c:11:8c:45:d2:86:d7:94:ce:a2:90:4e:
                    ab:84:89:df:87:ca:12:da:ef:e3:b0:9e:93:f5:30:
                    27:2a:c4:f6:b1:a0:5b:88:d2:40:cf:2e:9a:a6:69:
                    7d:06:06:b8:8d:94:ee:8f:5c:cd:1b:56:e6:3e:d3:
                    1f:d9:7d:6c:58:8e:bc:e1:ee:be:25:5c:a3:ad:c6:
                    ea:04:5a:6d:51:6c:a2:66:1d:35:83:20:0c:d0:e8:
                    cb:b5:a6:74:a2:ce:29:4f:9c:b2:7a:61:c7:d8:4f:
                    cc:87:5e:14:19:b7:e1:9e:72:57:2b:37:64:07:7f:
                    ad:1b:31:1b:85:26:25:b3:ee:29:3f:57:c3:8c:a1:
                    0c:55:cc:6d:61:5a:e0:18:de:b5:fd:69:71:34:4f:
                    a2:fe:60:c2:51:28:27:06:27:dd:1a:0f:57:09:d9:
                    a1:a9:fc:56:96:e8:7e:ff:c5:4b:fd:ec:0c:47:7b:
                    92:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C1:5B:B3:96:27:FF:B4:F1:95:A8:6B:F9:5B:D8:F0:B9:89:A2:84:ED
            X509v3 Authority Key Identifier:
                keyid:47:A6:7F:38:4E:50:5D:26:62:07:3D:AB:35:56:E6:EE:46:F6:2E:71

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/a883c910f879603b967c0636c6f3e9125b3651b5.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/ff8c0aabd5f96bf61f61220b602f073a492701e6.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/a883c910f879603b967c0636c6f3e9125b3651b5.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.4.128.0/20

    Signature Algorithm: sha256WithRSAEncryption
         53:47:f9:6b:74:d1:b0:c7:06:d9:33:13:0c:08:39:6e:35:00:
         74:ba:87:6c:a5:58:5b:ce:58:fe:20:23:be:4d:07:8d:52:5c:
         dd:bb:69:d3:54:a6:8e:e4:d7:c7:28:d6:f4:f3:f1:d0:37:f6:
         5c:f2:dc:50:8c:95:af:78:65:e1:33:7a:e1:ef:cf:1e:32:6d:
         da:6b:7c:f1:89:98:ed:b3:e9:fd:ec:da:e7:e0:7b:7b:9b:e5:
         a8:26:2b:24:30:00:6e:d2:d7:f6:53:d9:5f:16:3a:57:fc:43:
         9a:50:7a:73:7c:5d:5c:57:59:e5:98:40:81:00:06:f6:31:e0:
         c3:bb:1c:22:a8:e9:00:a1:8b:b2:a7:ad:d7:67:e8:a1:5e:0b:
         b8:e8:97:a4:1c:ac:62:d6:86:df:c2:e8:e5:2c:e9:13:25:20:
         7a:90:24:37:75:c1:8e:e2:25:28:a6:ce:c1:46:c1:8f:7d:4d:
         db:58:5f:2a:25:7d:90:a3:b3:8a:a8:b8:22:fb:06:c6:3f:e8:
         f6:38:1f:ad:ad:6e:a2:c8:c6:7c:ba:15:13:10:0a:0b:a0:3e:
         24:d3:b7:a6:db:62:cd:32:c9:13:66:95:f7:d7:18:5c:9f:a8:
         7a:e8:d5:e4:f2:2d:b8:f6:d6:8c:83:91:c2:19:3a:ad:e4:b0:
         7e:cc:73:6f
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDDV9iMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGE4
ODNjOTEwZjg3OTYwM2I5NjdjMDYzNmM2ZjNlOTEyNWIzNjUxYjUwHhcNMjEwMzI0
MTQzODA3WhcNMjYwMzI0MTQzODA3WjAzMTEwLwYDVQQDEyhmZjhjMGFhYmQ1Zjk2
YmY2MWY2MTIyMGI2MDJmMDczYTQ5MjcwMWU2MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAnQD2z9lC103hJITZi43RECXtOxff1zCstjb5JCOsI4OVQ6js
TNfy1kjx9KusUDk72oZuZaV+qMokcY8ZOFhpsDhwBHMni5r3VhvALJksEYxF0obX
lM6ikE6rhInfh8oS2u/jsJ6T9TAnKsT2saBbiNJAzy6apml9Bga4jZTuj1zNG1bm
PtMf2X1sWI684e6+JVyjrcbqBFptUWyiZh01gyAM0OjLtaZ0os4pT5yyemHH2E/M
h14UGbfhnnJXKzdkB3+tGzEbhSYls+4pP1fDjKEMVcxtYVrgGN61/WlxNE+i/mDC
USgnBifdGg9XCdmhqfxWluh+/8VL/ewMR3uS9QIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFMFbs5Yn/7Txlahr+VvY8LmJooTtMB8GA1UdIwQYMBaAFEemfzhOUF0mYgc9
qzVW5u5G9i5xMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYTg4M2M5
MTBmODc5NjAzYjk2N2MwNjM2YzZmM2U5MTI1YjM2NTFiNS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMmFiZDZiMzQtODk1My00YzcyLWEwYTItN2VjYjlk
ZThhYWJhL2ZmOGMwYWFiZDVmOTZiZjYxZjYxMjIwYjYwMmYwNzNhNDkyNzAxZTYu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8yYWJkNmIzNC04OTUzLTRjNzItYTBhMi03ZWNi
OWRlOGFhYmEvYTg4M2M5MTBmODc5NjAzYjk2N2MwNjM2YzZmM2U5MTI1YjM2NTFi
NS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEBL4EgDANBgkqhkiG9w0BAQsFAAOCAQEAU0f5a3TRsMcG2TMT
DAg5bjUAdLqHbKVYW85Y/iAjvk0HjVJc3btp01SmjuTXxyjW9PPx0Df2XPLcUIyV
r3hl4TN64e/PHjJt2mt88YmY7bPp/eza5+B7e5vlqCYrJDAAbtLX9lPZXxY6V/xD
mlB6c3xdXFdZ5ZhAgQAG9jHgw7scIqjpAKGLsqet12fooV4LuOiXpBysYtaG38Lo
5SzpEyUgepAkN3XBjuIlKKbOwUbBj31N21hfKiV9kKOziqi4IvsGxj/o9jgfra1u
osjGfLoVExAKC6A+JNO3pttizTLJE2aV99cYXJ+oeujV5PItuPbWjIORwhk6reSw
fsxzbw==
-----END CERTIFICATE-----
Generated at Fri Apr 12 13:15:04 2024 by rpki-client on console-fra.rpki-client.org