Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/3693c704-5f25-4c09-b3b8-3acbfa4dd92b/d96b740dc97b94dc6aa42f923933d4c4534b1a8a.roa
File:                     d96b740dc97b94dc6aa42f923933d4c4534b1a8a.roa (raw, json)
Hash identifier:          eP3g+0WoPCwMRZ9oeV/Csu3fsyF44KA5be5y+i4LRo8=
Subject key identifier:   2F:96:30:01:BA:4F:89:B9:DE:42:FA:5E:E5:8D:3C:93:C1:4E:3D:E0
Certificate issuer:       /CN=18690dd24b422809b7e6550a84c4ea001b17f421
Certificate serial:       02FD6E
Authority key identifier: 63:EC:1A:57:BD:E9:6E:6A:A5:A0:23:00:91:2E:7E:6E:F0:0C:63:9C
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/18690dd24b422809b7e6550a84c4ea001b17f421.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/3693c704-5f25-4c09-b3b8-3acbfa4dd92b/d96b740dc97b94dc6aa42f923933d4c4534b1a8a.roa
Signing time:             Wed 24 Mar 2021 14:30:03 +0000
ROA not before:           Wed 24 Mar 2021 14:30:03 +0000
ROA not after:            Tue 24 Mar 2026 14:30:03 +0000
asID:                     270011
IP address blocks:        190.111.132.0/22 maxlen: 24
                          2803:fee0::/32 maxlen: 48

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/3693c704-5f25-4c09-b3b8-3acbfa4dd92b/18690dd24b422809b7e6550a84c4ea001b17f421.crl
                          rsync://repository.lacnic.net/rpki/lacnic/3693c704-5f25-4c09-b3b8-3acbfa4dd92b/18690dd24b422809b7e6550a84c4ea001b17f421.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/18690dd24b422809b7e6550a84c4ea001b17f421.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 12:22:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 195950 (0x2fd6e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=18690dd24b422809b7e6550a84c4ea001b17f421
        Validity
            Not Before: Mar 24 14:30:03 2021 GMT
            Not After : Mar 24 14:30:03 2026 GMT
        Subject: CN=d96b740dc97b94dc6aa42f923933d4c4534b1a8a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:aa:37:d2:1c:2f:06:67:f4:c5:af:88:08:59:
                    f5:7c:4d:60:bc:98:be:37:3c:e0:27:51:fa:ad:ea:
                    dd:47:a7:98:ba:d1:0e:e8:51:e2:0a:b9:76:ab:92:
                    c2:8e:d6:49:06:0a:19:0a:65:69:65:25:ac:85:1c:
                    83:27:b3:7c:d7:f5:ee:7d:1e:65:f2:50:ca:ad:ab:
                    81:70:0f:64:a0:26:9a:43:c1:55:1d:bf:68:73:f0:
                    62:56:8c:21:45:dc:cf:05:9a:39:92:f7:a0:e2:3c:
                    8a:19:c8:1f:6a:0e:f7:dc:25:ed:f6:b2:34:3f:8f:
                    87:b9:4a:87:7b:e6:16:cc:f0:19:e5:14:c5:83:f4:
                    a5:de:27:ea:d4:1a:8f:7a:c0:82:a1:ea:08:20:c5:
                    3f:15:30:37:d3:11:b7:8a:fc:65:9c:80:02:3f:dc:
                    a2:b0:b4:b1:23:80:9e:07:01:4d:b2:3e:05:6e:7b:
                    45:5f:88:42:6f:49:fd:75:ee:af:13:0e:85:d7:bb:
                    bb:d8:e9:5b:3c:8b:93:c2:ac:3b:b3:3d:74:e0:6b:
                    e4:4e:1a:8a:70:4f:7a:81:b7:50:55:15:eb:04:80:
                    cf:78:70:a1:ad:c7:d6:c0:5b:e6:ec:fe:a4:b7:e3:
                    66:ac:bc:ef:e9:45:77:49:85:d2:78:5a:36:5d:7d:
                    90:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2F:96:30:01:BA:4F:89:B9:DE:42:FA:5E:E5:8D:3C:93:C1:4E:3D:E0
            X509v3 Authority Key Identifier:
                keyid:63:EC:1A:57:BD:E9:6E:6A:A5:A0:23:00:91:2E:7E:6E:F0:0C:63:9C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/18690dd24b422809b7e6550a84c4ea001b17f421.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/3693c704-5f25-4c09-b3b8-3acbfa4dd92b/d96b740dc97b94dc6aa42f923933d4c4534b1a8a.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/3693c704-5f25-4c09-b3b8-3acbfa4dd92b/18690dd24b422809b7e6550a84c4ea001b17f421.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.111.132.0/22
                IPv6:
                  2803:fee0::/32

    Signature Algorithm: sha256WithRSAEncryption
         73:ce:1d:e3:ff:2a:41:aa:af:b3:55:2a:87:d1:23:3c:f6:0a:
         9b:ad:d3:38:14:64:1f:94:90:a3:a6:70:33:40:2d:38:7d:53:
         58:4c:9c:59:e4:2a:56:2b:54:3a:4d:e4:38:6a:78:7c:5d:e6:
         81:aa:03:ec:16:03:e9:0e:b9:08:e3:bc:92:0c:9d:76:24:6f:
         a1:a6:fd:b2:39:5e:12:09:ac:df:8b:d4:7f:73:e0:c6:4c:bc:
         26:bb:1b:b2:d6:55:9b:08:5f:20:5b:33:c5:c8:7b:52:61:2f:
         f7:47:d8:d7:76:c2:6a:df:ec:4c:42:5d:1d:6e:53:3d:9c:d2:
         a5:04:8b:79:a1:38:df:33:9f:30:2a:dc:1a:65:7d:30:69:ba:
         3e:a6:07:44:75:18:68:06:4f:79:e1:5e:a4:55:57:c5:0e:a5:
         01:ae:6d:a1:cc:22:f0:1e:f0:8a:b4:f1:90:e7:59:48:b9:2f:
         75:7c:1f:e0:56:b2:50:37:b4:57:ce:11:5a:a0:3b:d4:a7:22:
         ec:94:df:28:ee:c5:c4:d6:96:fa:a1:83:9e:1e:17:46:c7:21:
         c8:4b:be:0b:ee:39:c8:84:55:aa:f7:5a:01:20:82:54:c0:c2:
         5a:0e:ba:66:1d:3b:ab:b5:4d:1f:3b:70:b2:c2:e2:8a:77:cc:
         d7:a0:b8:42
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgIDAv1uMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDE4
NjkwZGQyNGI0MjI4MDliN2U2NTUwYTg0YzRlYTAwMWIxN2Y0MjEwHhcNMjEwMzI0
MTQzMDAzWhcNMjYwMzI0MTQzMDAzWjAzMTEwLwYDVQQDEyhkOTZiNzQwZGM5N2I5
NGRjNmFhNDJmOTIzOTMzZDRjNDUzNGIxYThhMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAoqo30hwvBmf0xa+ICFn1fE1gvJi+NzzgJ1H6rerdR6eYutEO
6FHiCrl2q5LCjtZJBgoZCmVpZSWshRyDJ7N81/XufR5l8lDKrauBcA9koCaaQ8FV
Hb9oc/BiVowhRdzPBZo5kveg4jyKGcgfag733CXt9rI0P4+HuUqHe+YWzPAZ5RTF
g/Sl3ifq1BqPesCCoeoIIMU/FTA30xG3ivxlnIACP9yisLSxI4CeBwFNsj4FbntF
X4hCb0n9de6vEw6F17u72OlbPIuTwqw7sz104GvkThqKcE96gbdQVRXrBIDPeHCh
rcfWwFvm7P6kt+NmrLzv6UV3SYXSeFo2XX2QnwIDAQABo4ICajCCAmYwHQYDVR0O
BBYEFC+WMAG6T4m53kL6XuWNPJPBTj3gMB8GA1UdIwQYMBaAFGPsGle96W5qpaAj
AJEufm7wDGOcMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvMTg2OTBk
ZDI0YjQyMjgwOWI3ZTY1NTBhODRjNGVhMDAxYjE3ZjQyMS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMzY5M2M3MDQtNWYyNS00YzA5LWIzYjgtM2FjYmZh
NGRkOTJiL2Q5NmI3NDBkYzk3Yjk0ZGM2YWE0MmY5MjM5MzNkNGM0NTM0YjFhOGEu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8zNjkzYzcwNC01ZjI1LTRjMDktYjNiOC0zYWNi
ZmE0ZGQ5MmIvMTg2OTBkZDI0YjQyMjgwOWI3ZTY1NTBhODRjNGVhMDAxYjE3ZjQy
MS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQf
MB0wDAQCAAEwBgMEAr5vhDANBAIAAjAHAwUAKAP+4DANBgkqhkiG9w0BAQsFAAOC
AQEAc84d4/8qQaqvs1Uqh9EjPPYKm63TOBRkH5SQo6ZwM0AtOH1TWEycWeQqVitU
Ok3kOGp4fF3mgaoD7BYD6Q65COO8kgyddiRvoab9sjleEgms34vUf3Pgxky8Jrsb
stZVmwhfIFszxch7UmEv90fY13bCat/sTEJdHW5TPZzSpQSLeaE43zOfMCrcGmV9
MGm6PqYHRHUYaAZPeeFepFVXxQ6lAa5tocwi8B7wirTxkOdZSLkvdXwf4FayUDe0
V84RWqA71Kci7JTfKO7FxNaW+qGDnh4XRschyEu+C+45yIRVqvdaASCCVMDCWg66
Zh07q7VNHztwssLiinfM16C4Qg==
-----END CERTIFICATE-----
Generated at Thu Mar 28 16:02:52 2024 by rpki-client on console-ams.rpki-client.org