Route Origin Authorization
$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/50ca7657-eafb-4624-a180-b6f1dd442960/f0b2d713327cff72267deb6e7d2e0e7c17edd1db.roa
File: f0b2d713327cff72267deb6e7d2e0e7c17edd1db.roa (raw, json)
Hash identifier: z0EhWKd7rRsYQLBpoMAP7yho9KPkruoXAetfKoMw6TA=
Subject key identifier: 90:04:1A:D3:67:A8:9A:DF:0A:70:E3:9C:4C:25:59:7A:0B:F6:4A:51
Certificate issuer: /CN=d50c5ae3ec63b7e74bff21cdf59603cefcd04c73
Certificate serial: 10D0CF
Authority key identifier: 49:64:6F:B8:20:CE:AA:3B:B2:04:1E:D8:B0:16:A7:A7:5B:63:9D:18
Authority info access: rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/d50c5ae3ec63b7e74bff21cdf59603cefcd04c73.cer
Subject info access: rsync://repository.lacnic.net/rpki/lacnic/50ca7657-eafb-4624-a180-b6f1dd442960/f0b2d713327cff72267deb6e7d2e0e7c17edd1db.roa
Signing time: Wed 07 Sep 2022 22:35:42 +0000
ROA not before: Wed 07 Sep 2022 22:34:23 +0000
ROA not after: Sat 07 Sep 2024 22:34:23 +0000
asID: 52346
IP address blocks: 190.151.138.0/23 maxlen: 23
190.151.140.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1102031 (0x10d0cf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d50c5ae3ec63b7e74bff21cdf59603cefcd04c73
Validity
Not Before: Sep 7 22:34:23 2022 GMT
Not After : Sep 7 22:34:23 2024 GMT
Subject: CN=f0b2d713327cff72267deb6e7d2e0e7c17edd1db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:53:d4:ba:09:07:ed:e5:d4:01:0c:ea:00:40:
1b:0a:ca:35:d5:2c:ed:3b:3b:af:2d:e4:1a:a2:cd:
e4:f3:74:5e:5e:c7:7e:1c:d2:ed:9d:b7:4e:6f:d5:
31:48:fe:70:1b:55:ad:cf:f7:c0:ec:75:d4:ac:cd:
b1:85:89:b2:7b:9a:88:40:bf:02:7b:0f:9f:e2:4a:
25:b1:51:ae:d9:ea:b8:fc:28:9a:e0:ed:62:58:35:
50:83:cf:a7:a9:99:d7:ab:1a:50:fa:ef:58:d9:e9:
f9:20:1c:fb:a9:73:46:14:c7:9d:02:15:04:ba:ae:
3e:e6:76:fa:02:64:10:35:06:42:6e:96:60:8e:fb:
64:30:80:2f:ab:25:f4:13:4e:bc:81:6a:15:c0:da:
33:63:bd:d9:af:69:72:7c:5e:6d:97:7a:9d:fd:89:
90:0b:d5:4d:8e:2e:86:a2:07:ac:4d:12:72:1e:dd:
9e:cb:09:41:89:cd:dd:01:88:b4:80:f5:d1:8a:0f:
5d:58:19:f2:f9:4b:09:57:fe:2b:b8:74:9a:a5:8d:
7a:44:b7:40:66:98:22:b3:83:f7:bb:27:07:cb:00:
2b:9b:9d:2a:91:2e:dc:17:ae:e1:7a:0d:69:be:76:
2f:d2:58:20:3d:a2:90:7f:df:27:fe:ae:01:25:8b:
4d:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:04:1A:D3:67:A8:9A:DF:0A:70:E3:9C:4C:25:59:7A:0B:F6:4A:51
X509v3 Authority Key Identifier:
keyid:49:64:6F:B8:20:CE:AA:3B:B2:04:1E:D8:B0:16:A7:A7:5B:63:9D:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/d50c5ae3ec63b7e74bff21cdf59603cefcd04c73.cer
Subject Information Access:
Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/50ca7657-eafb-4624-a180-b6f1dd442960/f0b2d713327cff72267deb6e7d2e0e7c17edd1db.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repository.lacnic.net/rpki/lacnic/50ca7657-eafb-4624-a180-b6f1dd442960/d50c5ae3ec63b7e74bff21cdf59603cefcd04c73.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
190.151.138.0-190.151.143.255
Signature Algorithm: sha256WithRSAEncryption
8b:92:2b:1e:8b:66:61:c7:56:e5:ea:48:68:25:b3:74:05:ca:
ab:94:f3:ae:20:2b:e0:bd:06:20:ca:cb:96:3c:9a:c9:ff:05:
ff:a6:37:93:86:fd:97:42:3d:ba:8a:b0:e3:10:db:c8:45:b2:
06:dd:55:03:aa:24:2b:3c:71:45:32:94:d9:f1:dc:f7:9f:71:
c1:64:f4:95:c1:eb:24:67:6f:61:0b:77:34:fb:eb:cf:03:9b:
c1:3e:e9:ca:0e:c2:1f:a6:68:91:48:38:f3:4d:14:67:f3:e1:
dc:f2:ea:14:c2:96:5b:13:90:9d:f8:78:3b:2d:96:d8:85:85:
35:25:e8:a5:83:09:28:83:e6:61:47:d1:d1:89:4a:44:08:4f:
0e:6e:f5:ea:5c:e7:1c:9e:e5:9f:ab:eb:ec:df:57:9a:25:52:
99:75:e9:32:dd:eb:40:7d:2b:9b:d7:df:2c:f2:70:0a:69:2d:
96:6b:4c:04:d6:bf:ab:8f:f9:8a:24:86:31:a5:6b:70:dc:1c:
bd:7f:34:44:a8:5c:6d:ac:df:66:47:d5:e6:36:61:23:c8:7d:
84:6a:57:97:1e:28:33:8e:2e:ec:e2:79:9a:84:28:ba:62:0a:
c3:c5:66:57:4d:ed:f6:9c:10:13:32:24:0a:5d:74:59:19:b5:
38:82:e2:5d
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgIDENDPMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGQ1
MGM1YWUzZWM2M2I3ZTc0YmZmMjFjZGY1OTYwM2NlZmNkMDRjNzMwHhcNMjIwOTA3
MjIzNDIzWhcNMjQwOTA3MjIzNDIzWjAzMTEwLwYDVQQDEyhmMGIyZDcxMzMyN2Nm
ZjcyMjY3ZGViNmU3ZDJlMGU3YzE3ZWRkMWRiMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAiFPUugkH7eXUAQzqAEAbCso11SztOzuvLeQaos3k83ReXsd+
HNLtnbdOb9UxSP5wG1Wtz/fA7HXUrM2xhYmye5qIQL8Cew+f4kolsVGu2eq4/Cia
4O1iWDVQg8+nqZnXqxpQ+u9Y2en5IBz7qXNGFMedAhUEuq4+5nb6AmQQNQZCbpZg
jvtkMIAvqyX0E068gWoVwNozY73Zr2lyfF5tl3qd/YmQC9VNji6GogesTRJyHt2e
ywlBic3dAYi0gPXRig9dWBny+UsJV/4ruHSapY16RLdAZpgis4P3uycHywArm50q
kS7cF67heg1pvnYv0lggPaKQf98n/q4BJYtN/wIDAQABo4ICYzCCAl8wHQYDVR0O
BBYEFJAEGtNnqJrfCnDjnEwlWXoL9kpRMB8GA1UdIwQYMBaAFElkb7ggzqo7sgQe
2LAWp6dbY50YMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvZDUwYzVh
ZTNlYzYzYjdlNzRiZmYyMWNkZjU5NjAzY2VmY2QwNGM3My5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNTBjYTc2NTctZWFmYi00NjI0LWExODAtYjZmMWRk
NDQyOTYwL2YwYjJkNzEzMzI3Y2ZmNzIyNjdkZWI2ZTdkMmUwZTdjMTdlZGQxZGIu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy81MGNhNzY1Ny1lYWZiLTQ2MjQtYTE4MC1iNmYx
ZGQ0NDI5NjAvZDUwYzVhZTNlYzYzYjdlNzRiZmYyMWNkZjU5NjAzY2VmY2QwNGM3
My5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAnBggrBgEFBQcBBwEB/wQY
MBYwFAQCAAEwDjAMAwQBvpeKAwQEvpeAMA0GCSqGSIb3DQEBCwUAA4IBAQCLkise
i2Zhx1bl6khoJbN0BcqrlPOuICvgvQYgysuWPJrJ/wX/pjeThv2XQj26irDjENvI
RbIG3VUDqiQrPHFFMpTZ8dz3n3HBZPSVweskZ29hC3c0++vPA5vBPunKDsIfpmiR
SDjzTRRn8+Hc8uoUwpZbE5Cd+Hg7LZbYhYU1Jeilgwkog+ZhR9HRiUpECE8ObvXq
XOccnuWfq+vs31eaJVKZdeky3etAfSub198s8nAKaS2Wa0wE1r+rj/mKJIYxpWtw
3By9fzREqFxtrN9mR9XmNmEjyH2EaleXHigzji7s4nmahCi6YgrDxWZXTe32nBAT
MiQKXXRZGbU4guJd
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:14:34 2023 by rpki-client on console-ams.rpki-client.org