Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/000a914223adcfdcd21c8e60aeedb0d054fca214.roa
File:                     000a914223adcfdcd21c8e60aeedb0d054fca214.roa (raw, json)
Hash identifier:          8MUSZYENbrCl6Ju0V7fAb2VNcpjo1V/OlLNknUJY8HY=
Subject key identifier:   9A:0F:C1:C8:D5:48:93:D9:9C:04:67:D3:4E:24:E6:4F:4F:86:56:B6
Certificate issuer:       /CN=bfbb4d3a6dd5e649a6554c4817ce0ed277429136
Certificate serial:       11F7A8
Authority key identifier: 76:7F:42:4D:48:34:06:C4:20:E5:DF:19:BE:BE:99:3F:72:5A:F7:B6
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/000a914223adcfdcd21c8e60aeedb0d054fca214.roa
Signing time:             Wed 29 Nov 2023 14:56:20 +0000
ROA not before:           Wed 29 Nov 2023 14:56:20 +0000
ROA not after:            Sat 29 Nov 2025 14:56:20 +0000
asID:                     264656
IP address blocks:        186.38.44.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.crl
                          rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Thu 18 Apr 2024 06:11:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1177512 (0x11f7a8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bfbb4d3a6dd5e649a6554c4817ce0ed277429136
        Validity
            Not Before: Nov 29 14:56:20 2023 GMT
            Not After : Nov 29 14:56:20 2025 GMT
        Subject: CN=000a914223adcfdcd21c8e60aeedb0d054fca214
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:db:c8:08:fc:1d:e3:bf:38:98:32:9b:04:0f:
                    89:ea:b6:96:a6:16:e8:cc:44:f9:1e:33:9d:f1:21:
                    13:2c:3e:c6:03:fe:2d:66:9a:12:be:85:90:c2:ac:
                    22:6e:d2:01:c3:a6:52:21:6f:b6:d5:43:f5:e1:7a:
                    c9:5d:25:26:4f:78:c6:77:72:53:0e:41:a0:43:30:
                    c3:79:86:4c:de:71:c1:96:3b:d1:6b:26:99:7b:b6:
                    89:e2:fc:95:e0:e1:1f:7b:4c:be:9d:ac:60:19:dd:
                    f4:da:81:ea:15:38:8a:81:a9:bd:ef:4a:97:6b:5a:
                    ca:ad:3b:a6:6e:52:00:d0:3e:0a:1a:dc:f7:d8:d9:
                    d2:16:cb:ea:f9:be:e7:db:73:3c:d6:2e:a3:4a:d6:
                    8f:e1:e6:d6:3a:fa:c1:6e:82:22:c0:53:51:7c:af:
                    53:75:e9:ce:a2:fb:09:7a:0f:b5:9a:ed:2b:6f:3a:
                    94:bb:f9:7e:48:d1:14:15:4d:e1:32:3c:89:6e:bc:
                    79:06:de:0e:54:d7:63:65:a8:42:ae:09:56:a5:45:
                    c3:7d:d9:ed:1e:81:23:a8:fb:d0:2f:83:c5:e1:08:
                    83:58:20:1e:2f:42:50:39:32:8a:11:b8:b0:e8:45:
                    1b:e1:d7:ac:0a:74:de:ac:b0:1b:d0:17:fa:25:90:
                    76:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9A:0F:C1:C8:D5:48:93:D9:9C:04:67:D3:4E:24:E6:4F:4F:86:56:B6
            X509v3 Authority Key Identifier:
                keyid:76:7F:42:4D:48:34:06:C4:20:E5:DF:19:BE:BE:99:3F:72:5A:F7:B6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/000a914223adcfdcd21c8e60aeedb0d054fca214.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  186.38.44.0/24

    Signature Algorithm: sha256WithRSAEncryption
         59:02:6a:37:11:2d:73:fa:28:3d:40:9f:06:6a:e4:2d:e0:83:
         31:c4:90:38:18:6e:69:1c:00:a0:3d:66:29:23:f3:a9:39:48:
         f3:b3:c4:c8:2e:59:22:0e:33:7f:84:dc:8d:02:58:b2:fc:81:
         ea:56:67:4c:6b:f0:cc:a1:c6:15:e0:af:3e:1a:c0:a2:6d:a5:
         a0:11:bc:f0:99:17:54:ec:36:15:d3:47:5d:12:ed:f5:d3:4e:
         77:b9:7c:f3:4f:f2:da:34:87:b3:85:28:e5:02:85:24:35:23:
         35:8e:74:bb:ec:08:91:d1:bb:5f:ad:d8:d7:ef:69:54:a9:91:
         70:84:ea:64:f4:07:d8:23:22:b1:00:c7:ed:f0:b6:c7:6e:30:
         86:82:5f:52:e5:c6:80:e9:57:11:98:02:4c:64:1d:61:b0:bb:
         50:7b:62:38:a7:d3:f3:a8:e5:4e:72:0c:59:fb:43:a2:44:2f:
         5e:62:4b:1d:dd:0a:86:72:f1:ff:f9:ab:75:95:f9:11:b0:6a:
         e8:41:57:5c:3a:1d:60:9d:1b:4c:51:e3:a2:04:3d:ee:26:be:
         a4:54:55:a2:1a:56:61:bb:a1:a6:ab:63:87:a0:ee:b5:2f:64:
         d5:4e:b0:65:78:64:59:e5:d6:a6:19:63:42:ed:d5:8a:ee:49:
         38:a7:d2:a3
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDEfeoMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGJm
YmI0ZDNhNmRkNWU2NDlhNjU1NGM0ODE3Y2UwZWQyNzc0MjkxMzYwHhcNMjMxMTI5
MTQ1NjIwWhcNMjUxMTI5MTQ1NjIwWjAzMTEwLwYDVQQDEygwMDBhOTE0MjIzYWRj
ZmRjZDIxYzhlNjBhZWVkYjBkMDU0ZmNhMjE0MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEArtvICPwd4784mDKbBA+J6raWphbozET5HjOd8SETLD7GA/4t
ZpoSvoWQwqwibtIBw6ZSIW+21UP14XrJXSUmT3jGd3JTDkGgQzDDeYZM3nHBljvR
ayaZe7aJ4vyV4OEfe0y+naxgGd302oHqFTiKgam970qXa1rKrTumblIA0D4KGtz3
2NnSFsvq+b7n23M81i6jStaP4ebWOvrBboIiwFNRfK9TdenOovsJeg+1mu0rbzqU
u/l+SNEUFU3hMjyJbrx5Bt4OVNdjZahCrglWpUXDfdntHoEjqPvQL4PF4QiDWCAe
L0JQOTKKEbiw6EUb4desCnTerLAb0Bf6JZB2zwIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFJoPwcjVSJPZnARn004k5k9Phla2MB8GA1UdIwQYMBaAFHZ/Qk1INAbEIOXf
Gb6+mT9yWve2MA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYmZiYjRk
M2E2ZGQ1ZTY0OWE2NTU0YzQ4MTdjZTBlZDI3NzQyOTEzNi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNTM3NWJjZmMtOGI4Ni00NTJlLTg1MGQtODNjZmUz
YjUwZjA2LzAwMGE5MTQyMjNhZGNmZGNkMjFjOGU2MGFlZWRiMGQwNTRmY2EyMTQu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy81Mzc1YmNmYy04Yjg2LTQ1MmUtODUwZC04M2Nm
ZTNiNTBmMDYvYmZiYjRkM2E2ZGQ1ZTY0OWE2NTU0YzQ4MTdjZTBlZDI3NzQyOTEz
Ni5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEALomLDANBgkqhkiG9w0BAQsFAAOCAQEAWQJqNxEtc/ooPUCf
BmrkLeCDMcSQOBhuaRwAoD1mKSPzqTlI87PEyC5ZIg4zf4TcjQJYsvyB6lZnTGvw
zKHGFeCvPhrAom2loBG88JkXVOw2FdNHXRLt9dNOd7l880/y2jSHs4Uo5QKFJDUj
NY50u+wIkdG7X63Y1+9pVKmRcITqZPQH2CMisQDH7fC2x24whoJfUuXGgOlXEZgC
TGQdYbC7UHtiOKfT86jlTnIMWftDokQvXmJLHd0KhnLx//mrdZX5EbBq6EFXXDod
YJ0bTFHjogQ97ia+pFRVohpWYbuhpqtjh6DutS9k1U6wZXhkWeXWphljQu3Viu5J
OKfSow==
-----END CERTIFICATE-----
Generated at Mon Apr 15 10:07:20 2024 by rpki-client on console-fra.rpki-client.org