Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/4281a14e-b6a5-4c89-b4ba-0575008dac13/8299336bfe67dd10adb2b5761316dde4158651c0.roa
File:                     8299336bfe67dd10adb2b5761316dde4158651c0.roa (raw, json)
Hash identifier:          cTfMiWBZlxpEiOvcPbR8OS3KIF0/xxwsFT5M2DRBRjw=
Subject key identifier:   EB:50:5A:49:58:60:FA:1F:2B:2E:24:78:9F:EA:50:C5:E4:DB:C4:0F
Certificate issuer:       /CN=4ba834aeb520331d21c768e13e7564e705630d2c
Certificate serial:       24B98C
Authority key identifier: 4C:ED:9B:B7:64:90:46:BE:80:01:36:9C:9A:98:4E:BD:F7:E1:78:D0
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/4ba834aeb520331d21c768e13e7564e705630d2c.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/4281a14e-b6a5-4c89-b4ba-0575008dac13/8299336bfe67dd10adb2b5761316dde4158651c0.roa
Signing time:             Tue 05 Sep 2023 01:06:01 +0000
ROA not before:           Mon 04 Sep 2023 01:06:01 +0000
ROA not after:            Fri 05 Sep 2025 01:06:01 +0000
asID:                     52347
IP address blocks:        190.111.48.0/21 maxlen: 21

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/4281a14e-b6a5-4c89-b4ba-0575008dac13/4ba834aeb520331d21c768e13e7564e705630d2c.crl
                          rsync://repository.lacnic.net/rpki/lacnic/4281a14e-b6a5-4c89-b4ba-0575008dac13/4ba834aeb520331d21c768e13e7564e705630d2c.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/4ba834aeb520331d21c768e13e7564e705630d2c.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 15 Apr 2024 06:03:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2406796 (0x24b98c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4ba834aeb520331d21c768e13e7564e705630d2c
        Validity
            Not Before: Sep  4 01:06:01 2023 GMT
            Not After : Sep  5 01:06:01 2025 GMT
        Subject: CN=8299336bfe67dd10adb2b5761316dde4158651c0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:89:22:77:13:9c:6a:3b:65:60:d0:bc:c0:44:
                    50:5c:1c:75:9f:07:5f:79:b3:42:c3:53:9d:a1:6a:
                    92:2f:9d:6f:d1:af:b7:ac:5b:05:12:cf:39:be:02:
                    45:86:51:ac:1f:0c:a0:4c:74:92:60:7e:ea:08:a2:
                    8f:c0:90:9b:d3:ee:ef:33:e9:4c:aa:c6:e5:6b:ef:
                    96:f6:21:44:33:70:22:26:8f:52:67:af:8f:dd:c9:
                    1e:7a:92:f9:a2:36:38:49:b9:2c:95:ce:b3:a0:20:
                    a1:45:29:c6:ad:ee:f2:a3:09:6a:8c:99:58:de:ac:
                    57:fc:4e:a2:b0:60:35:cb:9c:f4:88:4c:c5:01:41:
                    79:18:a7:bb:51:08:1f:59:76:f6:55:0b:d6:44:f1:
                    fa:79:3a:9b:3f:5b:69:c4:45:eb:30:ad:ec:08:36:
                    77:71:2b:90:02:42:40:b7:27:34:34:48:da:5c:6e:
                    d1:1b:7e:c1:7a:b9:73:fd:da:3a:e9:91:21:a0:11:
                    ac:d2:4e:e6:3b:eb:4f:5e:26:38:f3:7d:26:6e:63:
                    18:df:de:a2:4d:98:81:70:64:b4:35:2a:b8:87:f8:
                    6d:6b:81:09:eb:d5:39:20:4e:70:2b:cd:d1:bc:93:
                    ed:98:f3:6a:a0:2f:66:27:b2:70:b5:35:3f:44:79:
                    20:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EB:50:5A:49:58:60:FA:1F:2B:2E:24:78:9F:EA:50:C5:E4:DB:C4:0F
            X509v3 Authority Key Identifier:
                keyid:4C:ED:9B:B7:64:90:46:BE:80:01:36:9C:9A:98:4E:BD:F7:E1:78:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/4ba834aeb520331d21c768e13e7564e705630d2c.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/4281a14e-b6a5-4c89-b4ba-0575008dac13/8299336bfe67dd10adb2b5761316dde4158651c0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/4281a14e-b6a5-4c89-b4ba-0575008dac13/4ba834aeb520331d21c768e13e7564e705630d2c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.111.48.0/21

    Signature Algorithm: sha256WithRSAEncryption
         28:85:9b:da:a8:aa:5b:71:d5:2a:c8:bd:0c:f2:a2:34:10:34:
         1d:12:ca:aa:0d:74:6d:96:fb:a4:32:36:34:e2:88:9b:70:48:
         30:39:16:96:3c:3a:34:9a:8b:9a:b8:3c:45:0b:31:8a:20:93:
         d7:e4:e0:b4:a1:20:bc:04:d8:2a:bd:b6:2f:fd:ed:73:2e:3d:
         fa:ef:3b:4d:43:da:0d:9f:32:89:96:4e:b9:81:16:4f:2a:d7:
         e1:be:fb:05:ac:69:90:ff:bd:d0:6a:8b:5e:4b:a1:f6:02:42:
         d3:12:07:f3:70:7b:88:ff:67:ae:a9:ff:5b:c8:68:57:e1:38:
         56:34:38:63:ce:1b:2f:20:9c:cd:22:2f:b3:1d:23:1b:5f:60:
         4d:6f:57:cc:c4:3a:71:48:6c:5a:4f:ea:32:6c:95:9b:4e:5a:
         91:95:50:a7:1a:40:83:f8:df:89:a0:06:f2:4b:20:28:bc:7e:
         2a:f0:c5:a2:03:25:f3:cf:3e:55:93:0c:be:8a:91:51:93:29:
         27:60:7f:73:ee:56:2a:41:fd:be:81:92:72:ef:86:a1:e9:a5:
         7d:be:62:21:18:d9:d2:77:8b:91:9c:13:b0:a2:6e:e8:57:5e:
         3d:82:eb:97:63:02:47:b4:c8:71:42:40:e3:a4:d4:ff:0c:2a:
         2f:20:59:f6
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDJLmMMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDRi
YTgzNGFlYjUyMDMzMWQyMWM3NjhlMTNlNzU2NGU3MDU2MzBkMmMwHhcNMjMwOTA0
MDEwNjAxWhcNMjUwOTA1MDEwNjAxWjAzMTEwLwYDVQQDEyg4Mjk5MzM2YmZlNjdk
ZDEwYWRiMmI1NzYxMzE2ZGRlNDE1ODY1MWMwMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAu4kidxOcajtlYNC8wERQXBx1nwdfebNCw1OdoWqSL51v0a+3
rFsFEs85vgJFhlGsHwygTHSSYH7qCKKPwJCb0+7vM+lMqsbla++W9iFEM3AiJo9S
Z6+P3ckeepL5ojY4Sbkslc6zoCChRSnGre7yowlqjJlY3qxX/E6isGA1y5z0iEzF
AUF5GKe7UQgfWXb2VQvWRPH6eTqbP1tpxEXrMK3sCDZ3cSuQAkJAtyc0NEjaXG7R
G37Berlz/do66ZEhoBGs0k7mO+tPXiY4830mbmMY396iTZiBcGS0NSq4h/hta4EJ
69U5IE5wK83RvJPtmPNqoC9mJ7JwtTU/RHkgWwIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFOtQWklYYPofKy4keJ/qUMXk28QPMB8GA1UdIwQYMBaAFEztm7dkkEa+gAE2
nJqYTr334XjQMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvNGJhODM0
YWViNTIwMzMxZDIxYzc2OGUxM2U3NTY0ZTcwNTYzMGQyYy5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNDI4MWExNGUtYjZhNS00Yzg5LWI0YmEtMDU3NTAw
OGRhYzEzLzgyOTkzMzZiZmU2N2RkMTBhZGIyYjU3NjEzMTZkZGU0MTU4NjUxYzAu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy80MjgxYTE0ZS1iNmE1LTRjODktYjRiYS0wNTc1
MDA4ZGFjMTMvNGJhODM0YWViNTIwMzMxZDIxYzc2OGUxM2U3NTY0ZTcwNTYzMGQy
Yy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEA75vMDANBgkqhkiG9w0BAQsFAAOCAQEAKIWb2qiqW3HVKsi9
DPKiNBA0HRLKqg10bZb7pDI2NOKIm3BIMDkWljw6NJqLmrg8RQsxiiCT1+TgtKEg
vATYKr22L/3tcy49+u87TUPaDZ8yiZZOuYEWTyrX4b77BaxpkP+90GqLXkuh9gJC
0xIH83B7iP9nrqn/W8hoV+E4VjQ4Y84bLyCczSIvsx0jG19gTW9XzMQ6cUhsWk/q
MmyVm05akZVQpxpAg/jfiaAG8ksgKLx+KvDFogMl888+VZMMvoqRUZMpJ2B/c+5W
KkH9voGScu+Goemlfb5iIRjZ0neLkZwTsKJu6FdePYLrl2MCR7TIcUJA46TU/wwq
LyBZ9g==
-----END CERTIFICATE-----
Generated at Fri Apr 12 12:50:40 2024 by rpki-client on console-ams.rpki-client.org