Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/ffc95112cb294a1b75b021b933f30d8d1c5d4134.roa
File:                     ffc95112cb294a1b75b021b933f30d8d1c5d4134.roa (raw, json)
Hash identifier:          4YfV6fD6BK9gARAl6bbF0tmnVSAtA09+m6BdVFYCPh0=
Subject key identifier:   54:2E:A1:F3:3F:CC:E3:C9:24:D1:22:B4:B9:2A:C5:42:BB:1E:5A:A8
Certificate issuer:       /CN=a883c910f879603b967c0636c6f3e9125b3651b5
Certificate serial:       0D65C5
Authority key identifier: 47:A6:7F:38:4E:50:5D:26:62:07:3D:AB:35:56:E6:EE:46:F6:2E:71
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/a883c910f879603b967c0636c6f3e9125b3651b5.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/ffc95112cb294a1b75b021b933f30d8d1c5d4134.roa
Signing time:             Wed 24 Mar 2021 14:38:08 +0000
ROA not before:           Wed 24 Mar 2021 14:38:07 +0000
ROA not after:            Tue 24 Mar 2026 14:38:07 +0000
asID:                     27748
IP address blocks:        190.88.33.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/a883c910f879603b967c0636c6f3e9125b3651b5.crl
                          rsync://repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/a883c910f879603b967c0636c6f3e9125b3651b5.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/a883c910f879603b967c0636c6f3e9125b3651b5.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 14 Apr 2024 19:18:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 878021 (0xd65c5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a883c910f879603b967c0636c6f3e9125b3651b5
        Validity
            Not Before: Mar 24 14:38:07 2021 GMT
            Not After : Mar 24 14:38:07 2026 GMT
        Subject: CN=ffc95112cb294a1b75b021b933f30d8d1c5d4134
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:15:36:14:cf:ab:71:86:d9:e1:0d:de:99:cf:
                    c5:46:9b:45:1e:79:76:ce:d4:12:b9:61:84:63:d0:
                    a6:68:b7:d7:90:99:70:96:26:59:b2:12:bc:97:8a:
                    23:8d:70:59:4f:95:77:f6:e9:cf:42:e7:81:18:33:
                    48:76:bf:ba:5b:f1:12:39:c7:ff:89:7c:f7:f1:55:
                    4e:d0:f8:ad:b5:e4:6c:1d:31:f1:11:f5:a4:4c:28:
                    22:46:49:50:e0:21:7d:c0:61:3c:83:6c:84:90:c3:
                    96:f1:ed:2b:ec:de:bd:17:b9:a6:eb:c6:a2:9d:30:
                    ee:30:27:da:50:63:31:ab:92:b5:7e:b4:2b:cd:60:
                    68:b6:0b:0d:cc:a2:28:37:5e:e9:41:5f:a7:a9:e7:
                    e4:b1:05:9a:ac:ba:f0:ef:de:15:34:03:0c:99:7b:
                    0d:50:80:f2:f3:c3:30:a0:e9:e4:bf:85:14:d9:d9:
                    d4:ba:90:84:d1:c9:41:4b:7a:b3:f2:10:a9:9f:d4:
                    76:f2:8e:0e:4f:63:7a:42:df:1c:03:e1:1d:63:8a:
                    49:9f:0c:94:e9:1f:ee:b8:f2:a9:0f:b0:c9:f7:9c:
                    26:9f:81:d2:4e:a6:70:f7:33:60:df:d6:6b:26:58:
                    12:5d:54:5a:f1:25:15:84:43:3f:54:8e:69:65:b0:
                    37:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                54:2E:A1:F3:3F:CC:E3:C9:24:D1:22:B4:B9:2A:C5:42:BB:1E:5A:A8
            X509v3 Authority Key Identifier:
                keyid:47:A6:7F:38:4E:50:5D:26:62:07:3D:AB:35:56:E6:EE:46:F6:2E:71

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/a883c910f879603b967c0636c6f3e9125b3651b5.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/ffc95112cb294a1b75b021b933f30d8d1c5d4134.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/a883c910f879603b967c0636c6f3e9125b3651b5.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.88.33.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0e:6e:45:34:1d:46:88:5f:da:93:e9:1c:59:fb:85:07:9d:13:
         d2:47:80:a4:cd:a4:5b:62:95:fa:15:73:b7:eb:7a:2a:e8:44:
         78:44:b7:8a:a3:f5:f6:dc:91:f4:33:08:dc:59:46:b5:cb:f1:
         b6:77:d7:75:88:20:1f:32:2f:38:e3:83:c7:a2:56:8a:b1:1f:
         6a:af:c1:f7:c4:a1:fd:23:0b:dc:6e:ae:ce:41:50:cb:16:2e:
         42:e8:1b:c3:ce:30:d4:69:0d:e7:bc:15:ec:30:d3:ab:8d:bf:
         f0:ea:35:a0:f8:bc:92:d6:4f:8a:ba:36:77:45:2d:d2:ce:b0:
         da:a5:a9:44:0b:18:7c:e6:9c:5c:33:fe:13:97:fe:78:0b:ff:
         8d:83:53:e3:49:a2:13:a1:80:9c:e7:69:b2:ed:a5:ea:54:23:
         6f:97:c1:50:67:8b:31:7f:fd:e8:7d:ec:17:14:00:13:d2:f8:
         9c:9c:fb:e6:30:6e:f3:ef:6c:f3:2b:68:73:cf:4a:12:b3:0c:
         00:be:55:f7:24:22:6e:92:6e:31:e7:93:32:6c:f7:9e:83:66:
         76:19:c9:82:81:92:e9:71:87:f4:43:fb:02:ce:9d:d7:77:79:
         1b:15:04:e4:67:ed:72:65:c0:64:47:7c:f2:45:1a:8b:2e:c2:
         43:80:3f:ad
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDDWXFMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGE4
ODNjOTEwZjg3OTYwM2I5NjdjMDYzNmM2ZjNlOTEyNWIzNjUxYjUwHhcNMjEwMzI0
MTQzODA3WhcNMjYwMzI0MTQzODA3WjAzMTEwLwYDVQQDEyhmZmM5NTExMmNiMjk0
YTFiNzViMDIxYjkzM2YzMGQ4ZDFjNWQ0MTM0MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA2xU2FM+rcYbZ4Q3emc/FRptFHnl2ztQSuWGEY9CmaLfXkJlw
liZZshK8l4ojjXBZT5V39unPQueBGDNIdr+6W/ESOcf/iXz38VVO0PitteRsHTHx
EfWkTCgiRklQ4CF9wGE8g2yEkMOW8e0r7N69F7mm68ainTDuMCfaUGMxq5K1frQr
zWBotgsNzKIoN17pQV+nqefksQWarLrw794VNAMMmXsNUIDy88MwoOnkv4UU2dnU
upCE0clBS3qz8hCpn9R28o4OT2N6Qt8cA+EdY4pJnwyU6R/uuPKpD7DJ95wmn4HS
TqZw9zNg39ZrJlgSXVRa8SUVhEM/VI5pZbA3uQIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFFQuofM/zOPJJNEitLkqxUK7HlqoMB8GA1UdIwQYMBaAFEemfzhOUF0mYgc9
qzVW5u5G9i5xMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYTg4M2M5
MTBmODc5NjAzYjk2N2MwNjM2YzZmM2U5MTI1YjM2NTFiNS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMmFiZDZiMzQtODk1My00YzcyLWEwYTItN2VjYjlk
ZThhYWJhL2ZmYzk1MTEyY2IyOTRhMWI3NWIwMjFiOTMzZjMwZDhkMWM1ZDQxMzQu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8yYWJkNmIzNC04OTUzLTRjNzItYTBhMi03ZWNi
OWRlOGFhYmEvYTg4M2M5MTBmODc5NjAzYjk2N2MwNjM2YzZmM2U5MTI1YjM2NTFi
NS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAL5YITANBgkqhkiG9w0BAQsFAAOCAQEADm5FNB1GiF/ak+kc
WfuFB50T0keApM2kW2KV+hVzt+t6KuhEeES3iqP19tyR9DMI3FlGtcvxtnfXdYgg
HzIvOOODx6JWirEfaq/B98Sh/SML3G6uzkFQyxYuQugbw84w1GkN57wV7DDTq42/
8Oo1oPi8ktZPiro2d0Ut0s6w2qWpRAsYfOacXDP+E5f+eAv/jYNT40miE6GAnOdp
su2l6lQjb5fBUGeLMX/96H3sFxQAE9L4nJz75jBu8+9s8ytoc89KErMMAL5V9yQi
bpJuMeeTMmz3noNmdhnJgoGS6XGH9EP7As6d13d5GxUE5GftcmXAZEd88kUaiy7C
Q4A/rQ==
-----END CERTIFICATE-----
Generated at Fri Apr 12 03:03:44 2024 by rpki-client on console-ams.rpki-client.org