Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/3095bbff-551b-48d3-951e-d12adeaffb96/354d411ea39ffadbb263c404540211766471edd5.roa
File:                     354d411ea39ffadbb263c404540211766471edd5.roa (raw, json)
Hash identifier:          iLe267DolXzFNUqz/fq5Jj/OJR0Sut5BlNrMsNHA4D8=
Subject key identifier:   BB:34:05:9C:17:D9:EB:2C:C4:34:0B:2E:9F:05:D5:AF:88:58:55:F0
Certificate issuer:       /CN=9e0e83f3cebc2aea02f980d61f692a2025c4202e
Certificate serial:       205436
Authority key identifier: 56:21:3F:85:55:51:04:38:A8:DF:4D:1E:77:D9:3E:22:D2:C4:09:A5
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/9e0e83f3cebc2aea02f980d61f692a2025c4202e.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/3095bbff-551b-48d3-951e-d12adeaffb96/354d411ea39ffadbb263c404540211766471edd5.roa
Signing time:             Mon 08 May 2023 18:37:54 +0000
ROA not before:           Sun 07 May 2023 18:37:54 +0000
ROA not after:            Thu 08 May 2025 18:37:54 +0000
asID:                     52337
IP address blocks:        190.105.152.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/3095bbff-551b-48d3-951e-d12adeaffb96/9e0e83f3cebc2aea02f980d61f692a2025c4202e.crl
                          rsync://repository.lacnic.net/rpki/lacnic/3095bbff-551b-48d3-951e-d12adeaffb96/9e0e83f3cebc2aea02f980d61f692a2025c4202e.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/9e0e83f3cebc2aea02f980d61f692a2025c4202e.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Tue 05 Mar 2024 04:16:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2118710 (0x205436)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9e0e83f3cebc2aea02f980d61f692a2025c4202e
        Validity
            Not Before: May  7 18:37:54 2023 GMT
            Not After : May  8 18:37:54 2025 GMT
        Subject: CN=354d411ea39ffadbb263c404540211766471edd5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:6c:b4:66:20:a3:18:cc:66:e5:20:39:c3:0b:
                    6e:35:b7:9e:f1:a8:71:ee:a9:9f:e7:37:af:f1:3c:
                    7d:ad:b9:c1:e3:ef:55:16:ac:c8:02:00:72:12:a9:
                    4c:ba:8a:d5:35:5f:8c:2c:82:6c:62:ef:2f:32:33:
                    4f:6f:73:04:b7:92:27:7b:3e:64:5e:cb:a9:6d:2d:
                    10:ef:2b:e7:ba:92:e5:15:fb:49:0b:02:1e:b0:70:
                    b9:6e:9d:32:92:86:0f:ac:ba:c5:c8:7e:89:61:a9:
                    62:ea:27:26:9e:46:6c:93:9d:d6:e1:1c:11:e3:ba:
                    cd:c6:35:b2:7e:08:79:9d:e2:88:4f:99:2a:25:76:
                    93:10:9b:35:f7:5c:47:65:22:8a:01:10:30:df:7a:
                    99:30:2f:f3:ac:96:d8:f5:44:de:0d:fb:a4:33:6b:
                    a9:39:93:cc:ca:72:49:20:c0:e1:b5:b8:4c:e4:6f:
                    ae:ad:04:97:f3:ae:fc:1b:51:6a:38:0b:22:96:ee:
                    31:78:0f:6c:54:b2:1b:29:30:4c:26:aa:d9:2a:0a:
                    d7:4c:33:bf:46:f8:aa:90:30:1d:e6:14:88:5c:9f:
                    5c:db:f5:2a:19:3c:c2:4d:e4:ec:b5:38:c9:11:9a:
                    69:96:5c:95:09:2b:d5:ae:c4:58:c2:1f:b4:fc:b3:
                    28:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BB:34:05:9C:17:D9:EB:2C:C4:34:0B:2E:9F:05:D5:AF:88:58:55:F0
            X509v3 Authority Key Identifier:
                keyid:56:21:3F:85:55:51:04:38:A8:DF:4D:1E:77:D9:3E:22:D2:C4:09:A5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/9e0e83f3cebc2aea02f980d61f692a2025c4202e.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/3095bbff-551b-48d3-951e-d12adeaffb96/354d411ea39ffadbb263c404540211766471edd5.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/3095bbff-551b-48d3-951e-d12adeaffb96/9e0e83f3cebc2aea02f980d61f692a2025c4202e.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.105.152.0/22

    Signature Algorithm: sha256WithRSAEncryption
         30:ec:88:fb:5a:7c:ad:88:fe:c7:5c:e1:8d:b5:f9:54:d2:4d:
         4c:45:c6:e1:bf:a8:7e:8e:0e:86:c3:4b:82:fc:7d:dd:07:0a:
         4d:7f:1c:b8:be:36:ca:ec:bd:30:8f:d0:04:13:4e:42:4a:0e:
         7a:53:9c:ff:19:a7:07:41:50:d6:f4:82:7f:30:82:1c:7f:7e:
         c9:1b:aa:f4:a5:0e:6b:94:42:b8:c4:c5:66:9e:66:e0:be:68:
         19:1d:03:bd:59:f9:3d:48:43:99:40:90:ce:e9:d9:78:51:c2:
         0a:23:97:17:dd:36:43:d0:01:3b:b9:b2:aa:bd:53:56:f6:0a:
         23:7f:cb:00:a4:71:a0:81:d4:16:18:32:5c:20:f4:a2:0b:15:
         53:fc:8c:af:55:4c:ff:07:81:c5:d9:0b:d2:7c:ad:77:ab:7b:
         0d:e0:15:a9:07:c5:69:3c:2d:1e:a6:f4:5a:c8:69:d2:92:fe:
         bc:c2:47:ef:a0:dc:f9:08:f9:4c:e6:07:b2:ea:37:ed:10:37:
         de:ee:db:59:68:62:24:af:48:80:c0:61:0c:82:1a:17:ac:da:
         6d:df:dd:ef:3e:54:fc:10:6e:42:18:c0:5d:bc:f9:91:b1:6e:
         8d:85:65:e8:97:5f:93:38:e1:d4:0a:b4:b1:7e:09:92:a9:5c:
         b6:63:a6:09
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDIFQ2MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDll
MGU4M2YzY2ViYzJhZWEwMmY5ODBkNjFmNjkyYTIwMjVjNDIwMmUwHhcNMjMwNTA3
MTgzNzU0WhcNMjUwNTA4MTgzNzU0WjAzMTEwLwYDVQQDEygzNTRkNDExZWEzOWZm
YWRiYjI2M2M0MDQ1NDAyMTE3NjY0NzFlZGQ1MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEApmy0ZiCjGMxm5SA5wwtuNbee8ahx7qmf5zev8Tx9rbnB4+9V
FqzIAgByEqlMuorVNV+MLIJsYu8vMjNPb3MEt5Inez5kXsupbS0Q7yvnupLlFftJ
CwIesHC5bp0ykoYPrLrFyH6JYali6icmnkZsk53W4RwR47rNxjWyfgh5neKIT5kq
JXaTEJs191xHZSKKARAw33qZMC/zrJbY9UTeDfukM2upOZPMynJJIMDhtbhM5G+u
rQSX8678G1FqOAsilu4xeA9sVLIbKTBMJqrZKgrXTDO/RviqkDAd5hSIXJ9c2/Uq
GTzCTeTstTjJEZppllyVCSvVrsRYwh+0/LMojwIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFLs0BZwX2essxDQLLp8F1a+IWFXwMB8GA1UdIwQYMBaAFFYhP4VVUQQ4qN9N
HnfZPiLSxAmlMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvOWUwZTgz
ZjNjZWJjMmFlYTAyZjk4MGQ2MWY2OTJhMjAyNWM0MjAyZS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMzA5NWJiZmYtNTUxYi00OGQzLTk1MWUtZDEyYWRl
YWZmYjk2LzM1NGQ0MTFlYTM5ZmZhZGJiMjYzYzQwNDU0MDIxMTc2NjQ3MWVkZDUu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8zMDk1YmJmZi01NTFiLTQ4ZDMtOTUxZS1kMTJh
ZGVhZmZiOTYvOWUwZTgzZjNjZWJjMmFlYTAyZjk4MGQ2MWY2OTJhMjAyNWM0MjAy
ZS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAr5pmDANBgkqhkiG9w0BAQsFAAOCAQEAMOyI+1p8rYj+x1zh
jbX5VNJNTEXG4b+ofo4OhsNLgvx93QcKTX8cuL42yuy9MI/QBBNOQkoOelOc/xmn
B0FQ1vSCfzCCHH9+yRuq9KUOa5RCuMTFZp5m4L5oGR0DvVn5PUhDmUCQzunZeFHC
CiOXF902Q9ABO7myqr1TVvYKI3/LAKRxoIHUFhgyXCD0ogsVU/yMr1VM/weBxdkL
0nytd6t7DeAVqQfFaTwtHqb0Wshp0pL+vMJH76Dc+Qj5TOYHsuo37RA33u7bWWhi
JK9IgMBhDIIaF6zabd/d7z5U/BBuQhjAXbz5kbFujYVl6Jdfkzjh1Aq0sX4Jkqlc
tmOmCQ==
-----END CERTIFICATE-----
Generated at Sat Mar 2 04:26:56 2024 by rpki-client on console-ams.rpki-client.org