Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/404212eb-56f6-4ba5-952d-b7fc336c4181/5bdb25e6e6f49c6bf3fe1ad4e800d084c31ec1f2.roa
File:                     5bdb25e6e6f49c6bf3fe1ad4e800d084c31ec1f2.roa (raw, json)
Hash identifier:          /fYi2hMVeN464+suiwUTPeEVxbHYII9OwLZoBfDYflQ=
Subject key identifier:   01:BB:42:D0:56:03:DE:35:84:34:6F:A4:62:E7:69:40:23:40:8E:57
Certificate issuer:       /CN=a982329a6e905e08d4e66018a00145cd2888f5ac
Certificate serial:       08FD8B
Authority key identifier: 5E:F8:C2:28:E2:41:79:54:66:D5:84:C2:58:B5:9B:95:26:5D:E2:20
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/a982329a6e905e08d4e66018a00145cd2888f5ac.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/404212eb-56f6-4ba5-952d-b7fc336c4181/5bdb25e6e6f49c6bf3fe1ad4e800d084c31ec1f2.roa
Signing time:             Wed 24 Mar 2021 14:38:12 +0000
ROA not before:           Wed 24 Mar 2021 14:38:12 +0000
ROA not after:            Tue 24 Mar 2026 14:38:12 +0000
asID:                     269950
IP address blocks:        190.89.36.0/22 maxlen: 24
                          2803:6e0::/32 maxlen: 32

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/404212eb-56f6-4ba5-952d-b7fc336c4181/a982329a6e905e08d4e66018a00145cd2888f5ac.crl
                          rsync://repository.lacnic.net/rpki/lacnic/404212eb-56f6-4ba5-952d-b7fc336c4181/a982329a6e905e08d4e66018a00145cd2888f5ac.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/a982329a6e905e08d4e66018a00145cd2888f5ac.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 03:49:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 589195 (0x8fd8b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a982329a6e905e08d4e66018a00145cd2888f5ac
        Validity
            Not Before: Mar 24 14:38:12 2021 GMT
            Not After : Mar 24 14:38:12 2026 GMT
        Subject: CN=5bdb25e6e6f49c6bf3fe1ad4e800d084c31ec1f2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:6d:8b:56:63:a8:5f:cb:c5:ce:5c:91:c8:85:
                    c4:a5:0b:bb:fe:e5:7b:eb:5a:d0:d3:30:06:d1:cb:
                    6d:b3:43:45:0b:79:ed:2e:4e:36:96:61:33:bc:ac:
                    d2:bf:ec:6e:e4:d1:5c:18:54:f6:49:9f:17:f2:58:
                    ec:b4:25:91:98:c6:53:32:0a:6f:00:66:ff:da:9c:
                    d9:ed:14:c1:a6:c3:65:98:03:87:39:f2:42:0a:44:
                    58:85:1f:4a:bf:7b:f1:30:a8:af:79:8c:76:63:d2:
                    f5:5f:c9:72:0a:ca:5f:a4:ca:05:23:c5:f8:6b:a0:
                    09:27:00:d4:9e:62:46:c8:0f:3f:ac:62:5a:83:9b:
                    7b:1f:30:3b:96:69:00:6c:7d:7e:a9:3c:f1:8d:6f:
                    a5:f5:58:ea:87:31:95:d3:d7:5b:08:50:c7:88:c8:
                    3e:5a:1c:2e:82:c6:40:8d:f3:2e:bc:d5:c0:32:2e:
                    01:1e:f7:ef:af:81:f5:cb:94:62:79:68:e2:89:2d:
                    98:69:ab:aa:af:e9:01:ef:5a:6b:54:6f:ce:10:0b:
                    cf:46:96:61:d7:28:96:15:29:d2:cb:b5:22:d2:f8:
                    de:d0:7e:51:54:57:f8:90:6b:e7:d8:24:56:59:e4:
                    a1:11:f6:c5:27:b9:64:2d:e2:98:5a:bd:dc:fa:7f:
                    c6:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                01:BB:42:D0:56:03:DE:35:84:34:6F:A4:62:E7:69:40:23:40:8E:57
            X509v3 Authority Key Identifier:
                keyid:5E:F8:C2:28:E2:41:79:54:66:D5:84:C2:58:B5:9B:95:26:5D:E2:20

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/a982329a6e905e08d4e66018a00145cd2888f5ac.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/404212eb-56f6-4ba5-952d-b7fc336c4181/5bdb25e6e6f49c6bf3fe1ad4e800d084c31ec1f2.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/404212eb-56f6-4ba5-952d-b7fc336c4181/a982329a6e905e08d4e66018a00145cd2888f5ac.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.89.36.0/22
                IPv6:
                  2803:6e0::/32

    Signature Algorithm: sha256WithRSAEncryption
         00:f2:19:c2:b4:5e:e7:5c:fe:3d:bb:11:0a:cb:62:29:b9:55:
         27:08:1c:82:46:ac:ac:59:e4:4c:64:f8:2c:8f:33:e7:ed:4d:
         e5:02:8d:16:81:bc:1b:70:d8:2c:95:ef:e1:ab:24:cd:4b:c6:
         39:6d:9b:29:33:1f:61:82:0a:41:24:04:c2:e3:f3:12:dd:7b:
         e7:8d:31:2b:23:f5:7d:b4:89:a8:33:6b:da:60:67:a3:e1:11:
         29:60:e3:04:52:e9:22:50:20:23:64:01:10:b0:fe:61:68:14:
         ad:34:78:af:2b:30:ac:7f:a7:b8:58:87:40:02:b9:83:78:cf:
         ef:df:b9:5f:eb:45:f9:f7:67:a1:6d:8c:1a:09:a7:00:76:f3:
         9a:50:ac:7e:9b:13:c4:f5:85:ab:37:31:3f:f7:5d:c1:c1:90:
         2a:45:55:80:3c:d5:d5:c8:5d:00:dd:79:09:0b:8d:76:dd:dd:
         a4:bf:c8:9f:76:13:3b:07:7c:10:d2:ed:53:90:5a:2f:3f:ec:
         f1:16:bc:24:8a:15:93:2b:74:95:70:71:81:4a:c5:54:27:f4:
         9a:c2:03:33:9d:81:13:52:3e:6f:9c:45:c7:75:da:6a:3f:e9:
         ec:4d:ba:b2:b6:0a:14:11:e1:33:3e:7f:f7:1d:56:c9:49:45:
         dc:a0:06:d8
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgIDCP2LMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGE5
ODIzMjlhNmU5MDVlMDhkNGU2NjAxOGEwMDE0NWNkMjg4OGY1YWMwHhcNMjEwMzI0
MTQzODEyWhcNMjYwMzI0MTQzODEyWjAzMTEwLwYDVQQDEyg1YmRiMjVlNmU2ZjQ5
YzZiZjNmZTFhZDRlODAwZDA4NGMzMWVjMWYyMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA0G2LVmOoX8vFzlyRyIXEpQu7/uV761rQ0zAG0ctts0NFC3nt
Lk42lmEzvKzSv+xu5NFcGFT2SZ8X8ljstCWRmMZTMgpvAGb/2pzZ7RTBpsNlmAOH
OfJCCkRYhR9Kv3vxMKiveYx2Y9L1X8lyCspfpMoFI8X4a6AJJwDUnmJGyA8/rGJa
g5t7HzA7lmkAbH1+qTzxjW+l9VjqhzGV09dbCFDHiMg+WhwugsZAjfMuvNXAMi4B
Hvfvr4H1y5RieWjiiS2Yaauqr+kB71prVG/OEAvPRpZh1yiWFSnSy7Ui0vje0H5R
VFf4kGvn2CRWWeShEfbFJ7lkLeKYWr3c+n/GNQIDAQABo4ICajCCAmYwHQYDVR0O
BBYEFAG7QtBWA941hDRvpGLnaUAjQI5XMB8GA1UdIwQYMBaAFF74wijiQXlUZtWE
wli1m5UmXeIgMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYTk4MjMy
OWE2ZTkwNWUwOGQ0ZTY2MDE4YTAwMTQ1Y2QyODg4ZjVhYy5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNDA0MjEyZWItNTZmNi00YmE1LTk1MmQtYjdmYzMz
NmM0MTgxLzViZGIyNWU2ZTZmNDljNmJmM2ZlMWFkNGU4MDBkMDg0YzMxZWMxZjIu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy80MDQyMTJlYi01NmY2LTRiYTUtOTUyZC1iN2Zj
MzM2YzQxODEvYTk4MjMyOWE2ZTkwNWUwOGQ0ZTY2MDE4YTAwMTQ1Y2QyODg4ZjVh
Yy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQf
MB0wDAQCAAEwBgMEAr5ZJDANBAIAAjAHAwUAKAMG4DANBgkqhkiG9w0BAQsFAAOC
AQEAAPIZwrRe51z+PbsRCstiKblVJwgcgkasrFnkTGT4LI8z5+1N5QKNFoG8G3DY
LJXv4askzUvGOW2bKTMfYYIKQSQEwuPzEt17540xKyP1fbSJqDNr2mBno+ERKWDj
BFLpIlAgI2QBELD+YWgUrTR4ryswrH+nuFiHQAK5g3jP79+5X+tF+fdnoW2MGgmn
AHbzmlCsfpsTxPWFqzcxP/ddwcGQKkVVgDzV1chdAN15CQuNdt3dpL/In3YTOwd8
ENLtU5BaLz/s8Ra8JIoVkyt0lXBxgUrFVCf0msIDM52BE1I+b5xFx3Xaaj/p7E26
srYKFBHhMz5/9x1WyUlF3KAG2A==
-----END CERTIFICATE-----
Generated at Thu Mar 28 10:47:03 2024 by rpki-client on console-ams.rpki-client.org