Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/608d26304757eeebdef8cb3db212ce9b1f07715c.roa
File:                     608d26304757eeebdef8cb3db212ce9b1f07715c.roa (raw, json)
Hash identifier:          ofRup/KTW+Ozk801gog5p3lPcpO2/GTF3Ho4lBH8JzI=
Subject key identifier:   AE:01:84:5D:DC:5B:2D:AB:F4:DA:CD:F6:DF:54:4D:D1:8C:19:85:EF
Certificate issuer:       /CN=bfbb4d3a6dd5e649a6554c4817ce0ed277429136
Certificate serial:       120A68
Authority key identifier: 76:7F:42:4D:48:34:06:C4:20:E5:DF:19:BE:BE:99:3F:72:5A:F7:B6
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/608d26304757eeebdef8cb3db212ce9b1f07715c.roa
Signing time:             Wed 29 Nov 2023 15:03:20 +0000
ROA not before:           Wed 29 Nov 2023 15:03:20 +0000
ROA not after:            Sat 29 Nov 2025 15:03:20 +0000
asID:                     264758
IP address blocks:        186.38.107.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.crl
                          rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Thu 18 Apr 2024 06:11:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1182312 (0x120a68)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bfbb4d3a6dd5e649a6554c4817ce0ed277429136
        Validity
            Not Before: Nov 29 15:03:20 2023 GMT
            Not After : Nov 29 15:03:20 2025 GMT
        Subject: CN=608d26304757eeebdef8cb3db212ce9b1f07715c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:74:79:7a:6a:50:16:a2:94:be:9f:f5:70:8b:
                    91:36:be:ae:60:fb:95:86:e4:0f:74:47:a8:f5:19:
                    06:5b:e3:c1:9d:a8:49:f8:2b:59:fb:e3:4b:13:f8:
                    40:44:65:e6:05:5a:10:c4:f6:13:b8:5f:c3:5e:2c:
                    4d:b4:85:ce:56:9a:48:d6:57:18:3e:e5:67:b7:87:
                    62:d9:06:d7:34:ae:1c:eb:83:03:92:1b:d6:70:c1:
                    41:3e:1f:c1:c2:68:be:af:18:03:14:bf:37:97:f9:
                    23:5b:40:9f:bb:74:2a:cf:d8:5d:96:01:70:24:8d:
                    09:41:c3:de:2a:a2:14:f6:2e:ab:e5:65:a4:61:c1:
                    ac:ad:e0:f8:d5:97:2d:3d:b4:93:5c:fb:7b:07:6d:
                    14:96:3d:fc:a7:f9:e6:52:fd:02:65:2c:24:b1:48:
                    0b:f3:2f:42:ae:51:7e:36:7e:d7:e6:c7:77:82:60:
                    f1:d4:73:a0:ee:b3:3e:1f:86:41:4c:cb:92:67:d7:
                    9c:f3:22:76:9a:f0:35:c3:fa:e3:0a:e0:1c:46:8b:
                    50:fd:86:ea:6d:6b:b1:60:fa:d4:64:1f:e6:65:57:
                    57:9e:1f:94:30:c8:7e:03:8c:8e:d7:98:13:2c:9e:
                    ac:a2:b9:1b:19:01:f6:6d:9a:c7:72:4d:49:f2:6c:
                    00:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AE:01:84:5D:DC:5B:2D:AB:F4:DA:CD:F6:DF:54:4D:D1:8C:19:85:EF
            X509v3 Authority Key Identifier:
                keyid:76:7F:42:4D:48:34:06:C4:20:E5:DF:19:BE:BE:99:3F:72:5A:F7:B6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/608d26304757eeebdef8cb3db212ce9b1f07715c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  186.38.107.0/24

    Signature Algorithm: sha256WithRSAEncryption
         05:52:19:45:f9:68:73:3a:09:37:69:37:07:c6:3e:12:51:90:
         18:90:cf:d9:54:92:5b:b0:57:72:85:4e:30:85:89:36:31:66:
         2f:a5:5a:40:de:07:7e:fc:73:ba:7e:2f:43:15:f1:a5:35:91:
         59:c1:2b:f3:49:1a:30:6d:15:23:cf:02:f5:13:76:1a:31:16:
         f0:0d:f9:d9:53:af:5b:51:5c:e5:16:9a:6a:57:91:88:99:c7:
         c3:f5:95:01:81:df:15:54:56:31:9d:e4:49:0c:b8:b7:d2:4a:
         c9:98:06:16:28:d2:18:43:fe:23:52:ce:79:a1:f1:7d:a8:29:
         51:6a:8a:41:60:92:6c:90:f5:2e:f4:bf:04:54:02:e1:5b:a6:
         ad:41:01:e9:b1:b9:1e:0b:8b:24:f4:ac:ac:be:47:a8:66:16:
         b1:2e:e6:cc:f9:41:bd:50:4a:3a:54:ca:9d:3c:6b:d7:38:c8:
         75:22:92:eb:41:3f:bb:a8:8f:5a:90:3e:3e:d6:24:5d:bf:b9:
         40:72:c3:4a:c9:42:4e:02:1b:e9:c8:73:e6:2f:e8:70:61:d3:
         cb:cc:53:90:68:4c:44:58:f7:2c:e5:71:ae:22:f6:59:8a:36:
         68:21:75:66:94:0a:c0:89:2f:c9:b2:c4:5f:e1:b6:76:43:71:
         29:b3:30:79
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDEgpoMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGJm
YmI0ZDNhNmRkNWU2NDlhNjU1NGM0ODE3Y2UwZWQyNzc0MjkxMzYwHhcNMjMxMTI5
MTUwMzIwWhcNMjUxMTI5MTUwMzIwWjAzMTEwLwYDVQQDEyg2MDhkMjYzMDQ3NTdl
ZWViZGVmOGNiM2RiMjEyY2U5YjFmMDc3MTVjMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA0nR5empQFqKUvp/1cIuRNr6uYPuVhuQPdEeo9RkGW+PBnahJ
+CtZ++NLE/hARGXmBVoQxPYTuF/DXixNtIXOVppI1lcYPuVnt4di2QbXNK4c64MD
khvWcMFBPh/Bwmi+rxgDFL83l/kjW0Cfu3Qqz9hdlgFwJI0JQcPeKqIU9i6r5WWk
YcGsreD41ZctPbSTXPt7B20Ulj38p/nmUv0CZSwksUgL8y9CrlF+Nn7X5sd3gmDx
1HOg7rM+H4ZBTMuSZ9ec8yJ2mvA1w/rjCuAcRotQ/YbqbWuxYPrUZB/mZVdXnh+U
MMh+A4yO15gTLJ6sorkbGQH2bZrHck1J8mwArQIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFK4BhF3cWy2r9NrN9t9UTdGMGYXvMB8GA1UdIwQYMBaAFHZ/Qk1INAbEIOXf
Gb6+mT9yWve2MA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYmZiYjRk
M2E2ZGQ1ZTY0OWE2NTU0YzQ4MTdjZTBlZDI3NzQyOTEzNi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNTM3NWJjZmMtOGI4Ni00NTJlLTg1MGQtODNjZmUz
YjUwZjA2LzYwOGQyNjMwNDc1N2VlZWJkZWY4Y2IzZGIyMTJjZTliMWYwNzcxNWMu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy81Mzc1YmNmYy04Yjg2LTQ1MmUtODUwZC04M2Nm
ZTNiNTBmMDYvYmZiYjRkM2E2ZGQ1ZTY0OWE2NTU0YzQ4MTdjZTBlZDI3NzQyOTEz
Ni5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEALomazANBgkqhkiG9w0BAQsFAAOCAQEABVIZRfloczoJN2k3
B8Y+ElGQGJDP2VSSW7BXcoVOMIWJNjFmL6VaQN4Hfvxzun4vQxXxpTWRWcEr80ka
MG0VI88C9RN2GjEW8A352VOvW1Fc5RaaaleRiJnHw/WVAYHfFVRWMZ3kSQy4t9JK
yZgGFijSGEP+I1LOeaHxfagpUWqKQWCSbJD1LvS/BFQC4VumrUEB6bG5HguLJPSs
rL5HqGYWsS7mzPlBvVBKOlTKnTxr1zjIdSKS60E/u6iPWpA+PtYkXb+5QHLDSslC
TgIb6chz5i/ocGHTy8xTkGhMRFj3LOVxriL2WYo2aCF1ZpQKwIkvybLEX+G2dkNx
KbMweQ==
-----END CERTIFICATE-----
Generated at Mon Apr 15 10:07:20 2024 by rpki-client on console-fra.rpki-client.org