Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/4aa08e21-fb2d-48b7-82d9-f4187c4ea7a0/294811a10649d603a6b3005e5c12b10f54206020.roa
File:                     294811a10649d603a6b3005e5c12b10f54206020.roa (raw, json)
Hash identifier:          +iGniQ18qsSzbElFxxx74M+bmoqOm4jzqKS43GIs1pY=
Subject key identifier:   99:5F:65:EF:DA:B4:5D:C5:06:4C:D7:77:BD:BA:A1:A0:86:B0:A4:89
Certificate issuer:       /CN=6991426f0c0c7ac92da1d5129c9ec711a2a38a3a
Certificate serial:       214AE2
Authority key identifier: 55:7C:2D:2E:8D:B1:AA:A7:A7:7D:B1:29:5D:09:4A:92:0C:0D:CD:0D
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/6991426f0c0c7ac92da1d5129c9ec711a2a38a3a.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/4aa08e21-fb2d-48b7-82d9-f4187c4ea7a0/294811a10649d603a6b3005e5c12b10f54206020.roa
Signing time:             Tue 11 Jul 2023 16:28:07 +0000
ROA not before:           Mon 10 Jul 2023 16:28:07 +0000
ROA not after:            Fri 11 Jul 2025 16:28:07 +0000
asID:                     52242
IP address blocks:        143.137.24.0/22 maxlen: 22
                          190.181.128.0/18 maxlen: 24
                          190.181.128.0/23 maxlen: 24
                          190.181.135.0/24 maxlen: 24
                          190.181.141.0/24 maxlen: 24
                          190.181.153.0/24 maxlen: 24
                          190.181.162.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/4aa08e21-fb2d-48b7-82d9-f4187c4ea7a0/6991426f0c0c7ac92da1d5129c9ec711a2a38a3a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/4aa08e21-fb2d-48b7-82d9-f4187c4ea7a0/6991426f0c0c7ac92da1d5129c9ec711a2a38a3a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/6991426f0c0c7ac92da1d5129c9ec711a2a38a3a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 26 Feb 2024 16:36:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2181858 (0x214ae2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6991426f0c0c7ac92da1d5129c9ec711a2a38a3a
        Validity
            Not Before: Jul 10 16:28:07 2023 GMT
            Not After : Jul 11 16:28:07 2025 GMT
        Subject: CN=294811a10649d603a6b3005e5c12b10f54206020
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:28:9d:38:78:5b:67:e1:b1:45:f6:ba:a1:ba:
                    50:3d:9a:ff:08:4e:69:e4:fa:cb:87:6b:e0:02:78:
                    77:25:35:b1:f9:e8:06:55:40:79:d4:26:f1:23:72:
                    5b:37:55:9f:a0:28:de:c3:d0:5c:26:04:c2:ce:d9:
                    90:95:cd:54:1b:cd:a0:54:d8:f3:e2:c5:08:9a:77:
                    65:9d:28:9e:de:98:65:83:81:25:de:a9:1f:b3:3e:
                    60:a0:ea:0e:40:a0:c6:a8:06:e6:12:a2:75:f3:14:
                    f9:75:a6:cb:82:b7:df:02:8c:5d:6f:00:a2:02:e9:
                    43:c6:cf:8b:19:60:52:64:00:3b:7d:cc:29:b6:a5:
                    96:1a:42:a5:03:12:5c:c7:37:97:f0:9b:57:72:40:
                    02:54:da:cb:ba:09:23:9c:e7:52:7f:ad:c6:72:9f:
                    8c:41:ea:7c:51:97:21:00:60:a4:02:c2:7a:30:26:
                    f2:16:c3:2d:e1:8d:ce:d0:5f:5d:55:fd:de:d3:29:
                    fd:3a:e9:c7:e3:fa:4e:64:3b:89:42:b1:68:48:6f:
                    c2:72:06:dc:b0:5d:5d:c3:06:8f:ad:b3:39:9d:95:
                    ca:de:07:29:3c:a8:67:fd:5d:de:d1:69:0e:70:86:
                    17:a9:11:bd:f7:31:aa:13:8f:62:bd:e2:d6:1a:c8:
                    6a:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                99:5F:65:EF:DA:B4:5D:C5:06:4C:D7:77:BD:BA:A1:A0:86:B0:A4:89
            X509v3 Authority Key Identifier:
                keyid:55:7C:2D:2E:8D:B1:AA:A7:A7:7D:B1:29:5D:09:4A:92:0C:0D:CD:0D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/6991426f0c0c7ac92da1d5129c9ec711a2a38a3a.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/4aa08e21-fb2d-48b7-82d9-f4187c4ea7a0/294811a10649d603a6b3005e5c12b10f54206020.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/4aa08e21-fb2d-48b7-82d9-f4187c4ea7a0/6991426f0c0c7ac92da1d5129c9ec711a2a38a3a.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  143.137.24.0/22
                  190.181.128.0/18

    Signature Algorithm: sha256WithRSAEncryption
         98:f1:db:ac:50:f1:1f:10:a4:58:1b:fa:8b:7e:f1:53:ae:31:
         fb:be:73:dc:42:89:83:c3:67:6a:bd:19:3c:90:d9:ea:2f:95:
         5d:40:cc:98:38:eb:85:ee:a9:8e:a3:40:44:df:4c:2e:0d:85:
         ec:26:b6:7b:e7:6e:37:34:04:ec:46:57:91:65:33:02:11:e7:
         f0:67:b0:12:58:cb:47:f9:f5:70:fe:59:66:c4:7d:62:1b:43:
         94:dd:c3:c7:70:8f:f7:ff:b3:ae:d6:6b:74:e1:78:83:67:ef:
         c6:d1:59:8d:9d:b7:dc:1a:c9:d5:63:90:08:1e:66:05:9e:c8:
         c3:24:aa:29:03:09:f8:93:b6:cb:d7:e9:c6:ef:a0:14:b9:2b:
         1d:58:69:fb:29:a2:c9:ba:fa:45:4e:56:16:cc:6d:dc:f9:00:
         93:44:8b:f2:11:46:32:19:52:d0:10:25:2c:f6:ce:5b:22:f5:
         48:46:c9:ca:5f:78:50:50:cf:63:d0:82:1a:0e:ee:6c:1c:f3:
         94:8f:b4:68:71:da:d2:e6:f5:17:f4:69:5c:ec:29:44:fc:5c:
         9b:ae:ed:5c:13:71:f7:cb:24:98:06:16:89:9d:bd:51:03:24:
         8b:39:41:f9:df:67:e2:c0:5a:39:57:a2:f9:97:f0:65:d1:6f:
         0c:c4:62:89
-----BEGIN CERTIFICATE-----
MIIFRjCCBC6gAwIBAgIDIUriMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDY5
OTE0MjZmMGMwYzdhYzkyZGExZDUxMjljOWVjNzExYTJhMzhhM2EwHhcNMjMwNzEw
MTYyODA3WhcNMjUwNzExMTYyODA3WjAzMTEwLwYDVQQDEygyOTQ4MTFhMTA2NDlk
NjAzYTZiMzAwNWU1YzEyYjEwZjU0MjA2MDIwMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAnyidOHhbZ+GxRfa6obpQPZr/CE5p5PrLh2vgAnh3JTWx+egG
VUB51CbxI3JbN1WfoCjew9BcJgTCztmQlc1UG82gVNjz4sUImndlnSie3phlg4El
3qkfsz5goOoOQKDGqAbmEqJ18xT5dabLgrffAoxdbwCiAulDxs+LGWBSZAA7fcwp
tqWWGkKlAxJcxzeX8JtXckACVNrLugkjnOdSf63Gcp+MQep8UZchAGCkAsJ6MCby
FsMt4Y3O0F9dVf3e0yn9OunH4/pOZDuJQrFoSG/CcgbcsF1dwwaPrbM5nZXK3gcp
PKhn/V3e0WkOcIYXqRG99zGqE49iveLWGshqQQIDAQABo4ICYTCCAl0wHQYDVR0O
BBYEFJlfZe/atF3FBkzXd726oaCGsKSJMB8GA1UdIwQYMBaAFFV8LS6Nsaqnp32x
KV0JSpIMDc0NMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvNjk5MTQy
NmYwYzBjN2FjOTJkYTFkNTEyOWM5ZWM3MTFhMmEzOGEzYS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNGFhMDhlMjEtZmIyZC00OGI3LTgyZDktZjQxODdj
NGVhN2EwLzI5NDgxMWExMDY0OWQ2MDNhNmIzMDA1ZTVjMTJiMTBmNTQyMDYwMjAu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy80YWEwOGUyMS1mYjJkLTQ4YjctODJkOS1mNDE4
N2M0ZWE3YTAvNjk5MTQyNmYwYzBjN2FjOTJkYTFkNTEyOWM5ZWM3MTFhMmEzOGEz
YS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQW
MBQwEgQCAAEwDAMEAo+JGAMEBr61gDANBgkqhkiG9w0BAQsFAAOCAQEAmPHbrFDx
HxCkWBv6i37xU64x+75z3EKJg8Nnar0ZPJDZ6i+VXUDMmDjrhe6pjqNARN9MLg2F
7Ca2e+duNzQE7EZXkWUzAhHn8GewEljLR/n1cP5ZZsR9YhtDlN3Dx3CP9/+zrtZr
dOF4g2fvxtFZjZ233BrJ1WOQCB5mBZ7IwySqKQMJ+JO2y9fpxu+gFLkrHVhp+ymi
ybr6RU5WFsxt3PkAk0SL8hFGMhlS0BAlLPbOWyL1SEbJyl94UFDPY9CCGg7ubBzz
lI+0aHHa0ub1F/RpXOwpRPxcm67tXBNx98skmAYWiZ29UQMkizlB+d9n4sBaOVei
+ZfwZdFvDMRiiQ==
-----END CERTIFICATE-----
Generated at Fri Feb 23 23:04:00 2024 by rpki-client on console-ams.rpki-client.org