Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/4d8df0f0-41c4-401d-ac15-de0db40ac9cb/6188542d21de05846507e7d057877a0f1f70812c.roa
File:                     6188542d21de05846507e7d057877a0f1f70812c.roa (raw, json)
Hash identifier:          tRCoQG7PEMZIOARpqpZriJRn5ZkDCWLSCGy0gitZQcg=
Subject key identifier:   68:6F:6C:1D:0D:11:B7:79:24:7A:05:8F:F6:D6:9C:B7:2F:22:24:19
Certificate issuer:       /CN=297e119ebe51a00d6560ab73fd79c51ada403f19
Certificate serial:       ED51
Authority key identifier: 07:09:37:88:ED:4A:80:C2:0C:DE:CE:10:A7:FF:BB:31:21:A2:72:9E
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/297e119ebe51a00d6560ab73fd79c51ada403f19.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/4d8df0f0-41c4-401d-ac15-de0db40ac9cb/6188542d21de05846507e7d057877a0f1f70812c.roa
Signing time:             Wed 14 Sep 2022 14:05:35 +0000
ROA not before:           Fri 19 Aug 2022 16:16:34 +0000
ROA not after:            Mon 19 Aug 2024 16:16:34 +0000
asID:                     27823
IP address blocks:        138.36.236.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/4d8df0f0-41c4-401d-ac15-de0db40ac9cb/297e119ebe51a00d6560ab73fd79c51ada403f19.crl
                          rsync://repository.lacnic.net/rpki/lacnic/4d8df0f0-41c4-401d-ac15-de0db40ac9cb/297e119ebe51a00d6560ab73fd79c51ada403f19.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/297e119ebe51a00d6560ab73fd79c51ada403f19.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 01 Apr 2024 05:58:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 60753 (0xed51)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=297e119ebe51a00d6560ab73fd79c51ada403f19
        Validity
            Not Before: Aug 19 16:16:34 2022 GMT
            Not After : Aug 19 16:16:34 2024 GMT
        Subject: CN=6188542d21de05846507e7d057877a0f1f70812c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:30:28:a2:6b:75:ed:f2:03:7e:2f:bc:f6:1e:
                    e1:58:ea:48:53:22:f7:91:fe:8f:da:21:61:43:2d:
                    b7:bb:78:f8:b2:07:3d:f3:e0:e1:d2:a0:aa:e5:6d:
                    97:62:32:23:17:67:86:09:e1:15:f1:fa:0f:e9:fa:
                    23:24:86:8a:12:97:14:b3:e9:c3:a9:56:6e:a3:20:
                    89:9c:f6:1a:e6:fb:d2:8a:ba:06:ab:68:1a:de:76:
                    e2:ae:98:5b:63:d8:82:78:70:f8:3e:0e:e9:45:fc:
                    5a:0d:18:19:89:e5:bb:a2:f7:48:5e:53:d8:62:4a:
                    33:31:e3:8d:42:63:b4:6e:49:3b:45:cf:eb:f6:f3:
                    8d:b6:e3:dc:40:75:d0:6b:e9:ca:a8:b4:69:61:18:
                    f4:99:63:23:87:c2:32:4f:91:34:b4:f5:e1:05:fb:
                    82:14:51:c1:92:86:21:42:88:f1:c8:8c:c3:24:b7:
                    72:dc:8e:9f:8d:d3:d1:fc:fc:51:01:dc:cd:d4:cd:
                    45:16:0d:15:76:5c:16:7d:33:5f:d0:34:49:73:38:
                    28:05:1c:b7:65:73:2d:b7:75:15:17:1a:9b:d7:9d:
                    b6:82:ec:e0:a7:37:bf:87:3d:77:91:0d:96:86:d3:
                    87:b5:e9:f0:02:ba:eb:d0:a8:73:d3:05:9b:27:eb:
                    ef:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                68:6F:6C:1D:0D:11:B7:79:24:7A:05:8F:F6:D6:9C:B7:2F:22:24:19
            X509v3 Authority Key Identifier:
                keyid:07:09:37:88:ED:4A:80:C2:0C:DE:CE:10:A7:FF:BB:31:21:A2:72:9E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/297e119ebe51a00d6560ab73fd79c51ada403f19.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/4d8df0f0-41c4-401d-ac15-de0db40ac9cb/6188542d21de05846507e7d057877a0f1f70812c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/4d8df0f0-41c4-401d-ac15-de0db40ac9cb/297e119ebe51a00d6560ab73fd79c51ada403f19.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  138.36.236.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a2:7f:44:ed:6c:79:c5:1d:5b:82:d1:22:3b:25:e8:13:0e:2b:
         fc:c0:0f:c2:c1:2e:a2:8f:e5:92:9c:f0:12:16:98:fd:6e:c5:
         6a:21:ea:bb:78:81:10:f1:bd:0a:5e:62:d1:db:c6:ab:7b:1f:
         91:02:de:bc:44:a1:66:41:de:da:bf:62:dc:db:b7:ae:73:cf:
         9d:40:91:f0:29:b5:f1:b3:fe:de:60:2a:c5:d1:90:6e:b5:4b:
         59:5f:97:4b:37:f1:ec:24:c2:81:0c:d5:0a:0d:f8:75:b3:22:
         fd:e0:20:6c:cb:ab:4f:79:c6:05:f7:76:3a:08:c6:e7:d4:ad:
         68:ee:a8:72:0e:9b:c8:01:3a:3a:52:83:45:0d:60:04:e3:5a:
         43:4d:9b:64:01:07:d3:38:86:4d:50:ba:90:8f:bb:78:7e:25:
         36:99:72:53:d6:3d:b0:28:fa:a4:68:46:44:7e:bc:6b:4c:51:
         69:2b:d0:7b:59:b3:8d:d4:67:cc:6c:a1:78:c5:d6:2b:f6:45:
         90:66:08:3b:2e:d7:1e:5d:f0:05:3a:88:5d:98:68:c5:cf:cf:
         5d:0f:07:25:dd:ad:53:50:74:73:38:6e:0b:cd:97:64:1b:b1:
         59:64:ca:b3:c7:3d:da:69:f8:99:4d:28:11:ea:9c:fc:9f:1b:
         c9:bf:87:98
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDAO1RMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDI5
N2UxMTllYmU1MWEwMGQ2NTYwYWI3M2ZkNzljNTFhZGE0MDNmMTkwHhcNMjIwODE5
MTYxNjM0WhcNMjQwODE5MTYxNjM0WjAzMTEwLwYDVQQDEyg2MTg4NTQyZDIxZGUw
NTg0NjUwN2U3ZDA1Nzg3N2EwZjFmNzA4MTJjMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA1jAoomt17fIDfi+89h7hWOpIUyL3kf6P2iFhQy23u3j4sgc9
8+Dh0qCq5W2XYjIjF2eGCeEV8foP6fojJIaKEpcUs+nDqVZuoyCJnPYa5vvSiroG
q2ga3nbirphbY9iCeHD4Pg7pRfxaDRgZieW7ovdIXlPYYkozMeONQmO0bkk7Rc/r
9vONtuPcQHXQa+nKqLRpYRj0mWMjh8IyT5E0tPXhBfuCFFHBkoYhQojxyIzDJLdy
3I6fjdPR/PxRAdzN1M1FFg0VdlwWfTNf0DRJczgoBRy3ZXMtt3UVFxqb1522guzg
pze/hz13kQ2WhtOHtenwArrr0Khz0wWbJ+vvmQIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFGhvbB0NEbd5JHoFj/bWnLcvIiQZMB8GA1UdIwQYMBaAFAcJN4jtSoDCDN7O
EKf/uzEhonKeMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvMjk3ZTEx
OWViZTUxYTAwZDY1NjBhYjczZmQ3OWM1MWFkYTQwM2YxOS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNGQ4ZGYwZjAtNDFjNC00MDFkLWFjMTUtZGUwZGI0
MGFjOWNiLzYxODg1NDJkMjFkZTA1ODQ2NTA3ZTdkMDU3ODc3YTBmMWY3MDgxMmMu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy80ZDhkZjBmMC00MWM0LTQwMWQtYWMxNS1kZTBk
YjQwYWM5Y2IvMjk3ZTExOWViZTUxYTAwZDY1NjBhYjczZmQ3OWM1MWFkYTQwM2Yx
OS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAIok7DANBgkqhkiG9w0BAQsFAAOCAQEAon9E7Wx5xR1bgtEi
OyXoEw4r/MAPwsEuoo/lkpzwEhaY/W7FaiHqu3iBEPG9Cl5i0dvGq3sfkQLevESh
ZkHe2r9i3Nu3rnPPnUCR8Cm18bP+3mAqxdGQbrVLWV+XSzfx7CTCgQzVCg34dbMi
/eAgbMurT3nGBfd2OgjG59StaO6ocg6byAE6OlKDRQ1gBONaQ02bZAEH0ziGTVC6
kI+7eH4lNplyU9Y9sCj6pGhGRH68a0xRaSvQe1mzjdRnzGyheMXWK/ZFkGYIOy7X
Hl3wBTqIXZhoxc/PXQ8HJd2tU1B0czhuC82XZBuxWWTKs8c92mn4mU0oEeqc/J8b
yb+HmA==
-----END CERTIFICATE-----
Generated at Fri Mar 29 06:00:43 2024 by rpki-client on console-fra.rpki-client.org