Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/190a2cb46469c1eb5d29c12c381c10037ebdaadf.roa
File:                     190a2cb46469c1eb5d29c12c381c10037ebdaadf.roa (raw, json)
Hash identifier:          yuRALhuYesur2mXDpgNVMA570gznL6Dgb76OmpHlBMc=
Subject key identifier:   16:ED:93:A9:D3:96:97:53:8C:A0:2E:7A:5C:47:9D:52:9F:EE:66:44
Certificate issuer:       /CN=bfbb4d3a6dd5e649a6554c4817ce0ed277429136
Certificate serial:       121378
Authority key identifier: 76:7F:42:4D:48:34:06:C4:20:E5:DF:19:BE:BE:99:3F:72:5A:F7:B6
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/190a2cb46469c1eb5d29c12c381c10037ebdaadf.roa
Signing time:             Wed 29 Nov 2023 15:06:55 +0000
ROA not before:           Wed 29 Nov 2023 15:06:55 +0000
ROA not after:            Sat 29 Nov 2025 15:06:55 +0000
asID:                     22927
IP address blocks:        186.38.0.0/16 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.crl
                          rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Thu 18 Apr 2024 06:11:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1184632 (0x121378)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bfbb4d3a6dd5e649a6554c4817ce0ed277429136
        Validity
            Not Before: Nov 29 15:06:55 2023 GMT
            Not After : Nov 29 15:06:55 2025 GMT
        Subject: CN=190a2cb46469c1eb5d29c12c381c10037ebdaadf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:54:27:75:a7:08:0e:cb:5a:6c:f5:a1:cf:1c:
                    92:66:90:f2:dd:ff:51:14:1c:5c:37:36:4e:15:b2:
                    2d:24:08:4e:78:26:61:52:35:e5:b8:68:6c:b9:0e:
                    9d:f0:8d:80:12:e6:2e:1f:2a:51:16:85:b6:57:26:
                    8a:69:e9:18:be:aa:5c:98:d0:76:63:9d:d9:fb:37:
                    57:74:ec:b5:77:22:af:87:36:fc:87:49:e0:14:8c:
                    55:a2:84:07:b1:df:d8:06:e4:70:4c:31:1a:68:d8:
                    09:ad:6d:bb:6b:83:77:01:9b:33:30:7b:90:3c:dd:
                    77:f1:6c:ac:1f:25:b5:98:6c:a4:4d:10:8f:bf:e9:
                    1e:9c:4c:0b:7b:d4:25:3f:b2:23:91:d4:df:32:f2:
                    be:0d:7a:0e:c2:cf:d9:49:31:56:57:a1:7d:1f:a3:
                    01:b2:86:05:dd:f6:b6:2e:6d:5d:b4:b6:9d:ca:31:
                    db:07:56:b3:1e:65:c9:ee:f5:1f:62:41:ca:d4:1d:
                    28:c9:62:bb:e0:37:3c:41:75:92:0f:23:b5:12:46:
                    83:1f:0c:3b:d4:c2:f2:c2:fe:25:3e:2a:2d:e5:1e:
                    6f:91:d5:d5:da:1e:6b:17:ea:20:80:bc:1b:65:f7:
                    c0:63:17:5d:c6:23:92:a9:2c:c5:8c:2a:fa:ec:6e:
                    43:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                16:ED:93:A9:D3:96:97:53:8C:A0:2E:7A:5C:47:9D:52:9F:EE:66:44
            X509v3 Authority Key Identifier:
                keyid:76:7F:42:4D:48:34:06:C4:20:E5:DF:19:BE:BE:99:3F:72:5A:F7:B6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/190a2cb46469c1eb5d29c12c381c10037ebdaadf.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  186.38.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         1b:6b:a4:81:ec:40:2b:68:e4:ab:87:bb:63:ae:47:77:51:1e:
         f1:8c:99:7f:57:79:cf:fa:a6:ac:20:90:fd:63:f4:59:18:51:
         aa:a6:91:ec:87:52:98:94:33:c0:58:9a:83:a9:a7:a6:ac:8d:
         bc:91:fe:d2:61:59:e9:df:fc:7a:0a:8b:2e:88:1a:a3:f9:48:
         98:ab:87:db:20:f8:ff:4b:7f:43:15:ee:31:02:b3:89:81:cb:
         1b:a9:99:c9:95:80:a0:1f:8b:25:49:61:32:11:9c:26:db:30:
         0b:61:e7:28:75:35:83:a1:6c:fe:9e:6f:c9:cb:d0:d6:5c:ed:
         4b:ee:71:d2:72:c0:81:ea:c7:48:9d:9e:5b:d2:54:c4:79:4c:
         06:4e:97:b5:49:98:6d:49:3c:83:f1:0b:60:5c:60:f6:c6:77:
         7e:f1:62:2b:12:7a:20:0e:07:ea:b1:c7:ab:d6:64:fc:7a:47:
         e7:1d:24:1a:87:f7:f5:a7:de:36:5d:b5:e8:d4:55:89:24:3a:
         53:d3:cd:f9:27:3e:da:6d:de:03:1b:d2:08:d6:d4:1a:70:bc:
         9a:0d:3a:e8:73:3c:c2:bd:10:b2:3b:73:72:5b:1e:71:fd:07:
         b5:e6:43:63:1b:e3:37:9b:5f:b4:fb:5e:51:8a:b8:15:23:34:
         88:7c:94:0f
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgIDEhN4MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGJm
YmI0ZDNhNmRkNWU2NDlhNjU1NGM0ODE3Y2UwZWQyNzc0MjkxMzYwHhcNMjMxMTI5
MTUwNjU1WhcNMjUxMTI5MTUwNjU1WjAzMTEwLwYDVQQDEygxOTBhMmNiNDY0Njlj
MWViNWQyOWMxMmMzODFjMTAwMzdlYmRhYWRmMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAxFQndacIDstabPWhzxySZpDy3f9RFBxcNzZOFbItJAhOeCZh
UjXluGhsuQ6d8I2AEuYuHypRFoW2VyaKaekYvqpcmNB2Y53Z+zdXdOy1dyKvhzb8
h0ngFIxVooQHsd/YBuRwTDEaaNgJrW27a4N3AZszMHuQPN138WysHyW1mGykTRCP
v+kenEwLe9QlP7IjkdTfMvK+DXoOws/ZSTFWV6F9H6MBsoYF3fa2Lm1dtLadyjHb
B1azHmXJ7vUfYkHK1B0oyWK74Dc8QXWSDyO1EkaDHww71MLywv4lPiot5R5vkdXV
2h5rF+oggLwbZffAYxddxiOSqSzFjCr67G5DUQIDAQABo4ICWjCCAlYwHQYDVR0O
BBYEFBbtk6nTlpdTjKAuelxHnVKf7mZEMB8GA1UdIwQYMBaAFHZ/Qk1INAbEIOXf
Gb6+mT9yWve2MA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYmZiYjRk
M2E2ZGQ1ZTY0OWE2NTU0YzQ4MTdjZTBlZDI3NzQyOTEzNi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNTM3NWJjZmMtOGI4Ni00NTJlLTg1MGQtODNjZmUz
YjUwZjA2LzE5MGEyY2I0NjQ2OWMxZWI1ZDI5YzEyYzM4MWMxMDAzN2ViZGFhZGYu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy81Mzc1YmNmYy04Yjg2LTQ1MmUtODUwZC04M2Nm
ZTNiNTBmMDYvYmZiYjRkM2E2ZGQ1ZTY0OWE2NTU0YzQ4MTdjZTBlZDI3NzQyOTEz
Ni5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQP
MA0wCwQCAAEwBQMDALomMA0GCSqGSIb3DQEBCwUAA4IBAQAba6SB7EAraOSrh7tj
rkd3UR7xjJl/V3nP+qasIJD9Y/RZGFGqppHsh1KYlDPAWJqDqaemrI28kf7SYVnp
3/x6CosuiBqj+UiYq4fbIPj/S39DFe4xArOJgcsbqZnJlYCgH4slSWEyEZwm2zAL
YecodTWDoWz+nm/Jy9DWXO1L7nHScsCB6sdInZ5b0lTEeUwGTpe1SZhtSTyD8Qtg
XGD2xnd+8WIrEnogDgfqscer1mT8ekfnHSQah/f1p942XbXo1FWJJDpT0835Jz7a
bd4DG9II1tQacLyaDTroczzCvRCyO3NyWx5x/Qe15kNjG+M3m1+0+15RirgVIzSI
fJQP
-----END CERTIFICATE-----
Generated at Mon Apr 15 10:07:20 2024 by rpki-client on console-fra.rpki-client.org