Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/4281a14e-b6a5-4c89-b4ba-0575008dac13/88e303e50188cc3a63d2b051480a4736fbcc3ccb.roa
File:                     88e303e50188cc3a63d2b051480a4736fbcc3ccb.roa (raw, json)
Hash identifier:          F04xqeZYqJM4DLUiLyHPWOfwsROKcXiEFBBhEHlNu7g=
Subject key identifier:   69:EB:5C:94:50:57:6A:1E:DA:0F:7C:4A:BC:65:32:88:E1:7F:B3:CB
Certificate issuer:       /CN=4ba834aeb520331d21c768e13e7564e705630d2c
Certificate serial:       24B4C7
Authority key identifier: 4C:ED:9B:B7:64:90:46:BE:80:01:36:9C:9A:98:4E:BD:F7:E1:78:D0
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/4ba834aeb520331d21c768e13e7564e705630d2c.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/4281a14e-b6a5-4c89-b4ba-0575008dac13/88e303e50188cc3a63d2b051480a4736fbcc3ccb.roa
Signing time:             Mon 04 Sep 2023 23:12:57 +0000
ROA not before:           Sun 03 Sep 2023 23:12:57 +0000
ROA not after:            Thu 04 Sep 2025 23:12:57 +0000
asID:                     52347
IP address blocks:        186.177.240.0/24 maxlen: 24
                          186.177.241.0/24 maxlen: 24
                          190.111.32.0/21 maxlen: 21
                          190.111.40.0/21 maxlen: 21
                          190.111.56.0/24 maxlen: 24
                          190.111.57.0/24 maxlen: 24
                          190.111.58.0/24 maxlen: 24
                          190.111.59.0/24 maxlen: 24
                          190.111.60.0/24 maxlen: 24
                          190.111.61.0/24 maxlen: 24
                          190.111.62.0/24 maxlen: 24
                          190.111.63.0/24 maxlen: 24
                          190.93.40.0/24 maxlen: 24
                          190.93.41.0/24 maxlen: 24
                          190.93.42.0/24 maxlen: 24
                          190.93.43.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/4281a14e-b6a5-4c89-b4ba-0575008dac13/4ba834aeb520331d21c768e13e7564e705630d2c.crl
                          rsync://repository.lacnic.net/rpki/lacnic/4281a14e-b6a5-4c89-b4ba-0575008dac13/4ba834aeb520331d21c768e13e7564e705630d2c.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/4ba834aeb520331d21c768e13e7564e705630d2c.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 15 Apr 2024 06:03:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2405575 (0x24b4c7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4ba834aeb520331d21c768e13e7564e705630d2c
        Validity
            Not Before: Sep  3 23:12:57 2023 GMT
            Not After : Sep  4 23:12:57 2025 GMT
        Subject: CN=88e303e50188cc3a63d2b051480a4736fbcc3ccb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:80:a1:96:f9:98:b0:81:d0:2a:81:a1:98:24:93:
                    ba:68:87:74:eb:f7:cc:b2:8e:54:17:85:60:e7:a0:
                    fb:60:97:ab:bd:50:4e:93:3b:43:db:67:74:9c:7f:
                    4e:6a:a0:a7:8f:9a:ea:d6:84:7f:6c:5f:12:25:6f:
                    3b:ea:9c:59:ef:58:e2:a6:cf:df:f1:84:a4:a9:63:
                    86:78:9e:84:8d:88:8d:ab:d8:bd:71:1f:f8:0d:c4:
                    73:7a:06:26:14:8a:89:4f:95:04:81:e5:4d:be:97:
                    43:cd:3b:3a:4b:d9:a7:9d:50:4c:d8:1c:41:df:47:
                    a5:04:c2:58:b1:fe:e5:ba:ec:cb:b2:25:0c:15:7d:
                    2e:a9:a8:e0:9f:97:cc:e7:82:1f:bf:ed:4c:4a:29:
                    ca:69:85:df:59:7f:9c:48:e7:d5:06:ef:48:83:fc:
                    0e:9c:26:14:5e:1e:43:95:d8:8c:b2:f0:51:02:d6:
                    62:51:c7:34:7c:a0:60:78:11:88:a8:4c:5a:77:c3:
                    3a:53:f8:fa:4a:98:6b:dd:38:ed:3d:4d:62:a7:fd:
                    91:50:ef:c2:cb:8c:06:55:a7:44:a2:83:6a:1e:06:
                    bf:62:e2:da:7f:fc:3a:86:d1:b8:d0:60:45:ed:d2:
                    4e:6a:9a:32:0d:4a:f6:0e:fc:05:65:3a:85:be:cd:
                    9e:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                69:EB:5C:94:50:57:6A:1E:DA:0F:7C:4A:BC:65:32:88:E1:7F:B3:CB
            X509v3 Authority Key Identifier:
                keyid:4C:ED:9B:B7:64:90:46:BE:80:01:36:9C:9A:98:4E:BD:F7:E1:78:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/4ba834aeb520331d21c768e13e7564e705630d2c.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/4281a14e-b6a5-4c89-b4ba-0575008dac13/88e303e50188cc3a63d2b051480a4736fbcc3ccb.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/4281a14e-b6a5-4c89-b4ba-0575008dac13/4ba834aeb520331d21c768e13e7564e705630d2c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  186.177.240.0/23
                  190.93.40.0/22
                  190.111.32.0/20
                  190.111.56.0/21

    Signature Algorithm: sha256WithRSAEncryption
         07:09:03:61:31:fd:1c:f3:fa:1d:19:3f:cb:49:93:6d:95:03:
         e3:38:72:b6:ce:d4:96:ff:b3:07:44:ee:93:80:9c:50:b5:7c:
         73:d5:6c:e8:85:72:0a:7a:a2:74:2e:03:4a:a3:8a:0c:ba:ff:
         60:e8:24:89:18:45:ab:17:32:c6:7b:34:5c:9a:12:b4:69:96:
         aa:33:97:6c:fa:55:14:64:c0:03:57:32:20:2d:67:30:45:a8:
         45:85:12:ee:1c:df:51:75:37:21:72:e8:c9:7b:f5:a2:a7:a2:
         3a:7d:8a:8d:2e:96:72:dc:2e:4f:ce:4d:30:f1:da:5e:52:c1:
         2a:3a:d3:60:e3:2c:a5:71:ec:fd:0d:4a:33:c3:41:ba:74:a8:
         33:06:e0:c3:e3:a5:81:0e:f8:34:39:48:c9:5f:e2:94:9c:ab:
         f7:4a:63:23:b5:21:ed:47:db:1e:52:1e:c7:e2:e5:ac:e5:a2:
         48:9a:52:c1:23:04:87:87:d9:72:d0:ae:1c:03:f0:3a:0f:cd:
         48:cb:fa:cd:72:e9:2f:d8:26:06:22:03:7f:f5:aa:0a:17:8f:
         9a:60:01:9e:ba:3c:88:3f:a3:e6:e1:1a:8a:fb:29:4f:c0:a3:
         50:b9:0d:2a:3d:5c:ad:7c:4c:05:3f:45:36:87:bf:f8:9b:54:
         e0:5d:e0:93
-----BEGIN CERTIFICATE-----
MIIFUjCCBDqgAwIBAgIDJLTHMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDRi
YTgzNGFlYjUyMDMzMWQyMWM3NjhlMTNlNzU2NGU3MDU2MzBkMmMwHhcNMjMwOTAz
MjMxMjU3WhcNMjUwOTA0MjMxMjU3WjAzMTEwLwYDVQQDEyg4OGUzMDNlNTAxODhj
YzNhNjNkMmIwNTE0ODBhNDczNmZiY2MzY2NiMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAgKGW+ZiwgdAqgaGYJJO6aId06/fMso5UF4Vg56D7YJervVBO
kztD22d0nH9OaqCnj5rq1oR/bF8SJW876pxZ71jips/f8YSkqWOGeJ6EjYiNq9i9
cR/4DcRzegYmFIqJT5UEgeVNvpdDzTs6S9mnnVBM2BxB30elBMJYsf7luuzLsiUM
FX0uqajgn5fM54Ifv+1MSinKaYXfWX+cSOfVBu9Ig/wOnCYUXh5DldiMsvBRAtZi
Ucc0fKBgeBGIqExad8M6U/j6Sphr3TjtPU1ip/2RUO/Cy4wGVadEooNqHga/YuLa
f/w6htG40GBF7dJOapoyDUr2DvwFZTqFvs2ecwIDAQABo4ICbTCCAmkwHQYDVR0O
BBYEFGnrXJRQV2oe2g98SrxlMojhf7PLMB8GA1UdIwQYMBaAFEztm7dkkEa+gAE2
nJqYTr334XjQMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvNGJhODM0
YWViNTIwMzMxZDIxYzc2OGUxM2U3NTY0ZTcwNTYzMGQyYy5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNDI4MWExNGUtYjZhNS00Yzg5LWI0YmEtMDU3NTAw
OGRhYzEzLzg4ZTMwM2U1MDE4OGNjM2E2M2QyYjA1MTQ4MGE0NzM2ZmJjYzNjY2Iu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy80MjgxYTE0ZS1iNmE1LTRjODktYjRiYS0wNTc1
MDA4ZGFjMTMvNGJhODM0YWViNTIwMzMxZDIxYzc2OGUxM2U3NTY0ZTcwNTYzMGQy
Yy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAxBggrBgEFBQcBBwEB/wQi
MCAwHgQCAAEwGAMEAbqx8AMEAr5dKAMEBL5vIAMEA75vODANBgkqhkiG9w0BAQsF
AAOCAQEABwkDYTH9HPP6HRk/y0mTbZUD4zhyts7Ulv+zB0Tuk4CcULV8c9Vs6IVy
CnqidC4DSqOKDLr/YOgkiRhFqxcyxns0XJoStGmWqjOXbPpVFGTAA1cyIC1nMEWo
RYUS7hzfUXU3IXLoyXv1oqeiOn2KjS6WctwuT85NMPHaXlLBKjrTYOMspXHs/Q1K
M8NBunSoMwbgw+OlgQ74NDlIyV/ilJyr90pjI7Uh7UfbHlIex+LlrOWiSJpSwSME
h4fZctCuHAPwOg/NSMv6zXLpL9gmBiIDf/WqChePmmABnro8iD+j5uEaivspT8Cj
ULkNKj1crXxMBT9FNoe/+JtU4F3gkw==
-----END CERTIFICATE-----
Generated at Fri Apr 12 12:50:40 2024 by rpki-client on console-ams.rpki-client.org