Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/cfc23b1d5639fa7695ce1ea0d50d72b787bfb6eb.roa
File:                     cfc23b1d5639fa7695ce1ea0d50d72b787bfb6eb.roa (raw, json)
Hash identifier:          6eHri3OvWMnQW+a0EYObKgeKDXzM9pIrJSPRF+3mHHg=
Subject key identifier:   5A:4B:4F:F1:45:FA:D1:59:29:AB:90:E4:6A:E9:22:E2:A0:DD:C7:2D
Certificate issuer:       /CN=bfbb4d3a6dd5e649a6554c4817ce0ed277429136
Certificate serial:       11FDA3
Authority key identifier: 76:7F:42:4D:48:34:06:C4:20:E5:DF:19:BE:BE:99:3F:72:5A:F7:B6
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/cfc23b1d5639fa7695ce1ea0d50d72b787bfb6eb.roa
Signing time:             Wed 29 Nov 2023 14:57:32 +0000
ROA not before:           Wed 29 Nov 2023 14:57:32 +0000
ROA not after:            Sat 29 Nov 2025 14:57:32 +0000
asID:                     263786
IP address blocks:        186.38.60.0/24 maxlen: 24
                          186.38.61.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.crl
                          rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Thu 18 Apr 2024 06:11:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1179043 (0x11fda3)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bfbb4d3a6dd5e649a6554c4817ce0ed277429136
        Validity
            Not Before: Nov 29 14:57:32 2023 GMT
            Not After : Nov 29 14:57:32 2025 GMT
        Subject: CN=cfc23b1d5639fa7695ce1ea0d50d72b787bfb6eb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:ac:53:de:c2:32:e5:41:19:95:4c:a2:2d:8b:
                    1c:68:d8:ed:ea:3c:b3:0c:cd:f3:82:02:ac:04:ba:
                    45:14:f4:c8:41:f4:55:7c:79:5b:89:b6:6d:a4:2c:
                    84:d8:7a:34:b4:15:2b:79:f7:fe:f9:32:66:aa:8d:
                    19:6e:82:4a:3d:13:56:a4:b7:83:87:3b:a0:4a:49:
                    82:51:bd:63:21:2e:9b:ea:b3:8d:f9:c9:e4:d6:e9:
                    76:82:54:35:08:03:8f:09:00:ae:a8:77:97:62:25:
                    40:f0:4e:91:21:8b:69:d0:da:cd:e8:2c:dc:0b:5c:
                    6c:27:b8:65:7c:8f:4e:6b:63:1f:3f:1f:de:25:0a:
                    77:76:c8:a4:d6:09:48:80:6e:39:77:ba:9f:85:4f:
                    0b:99:70:76:d2:2c:24:64:f4:45:ea:c4:64:0b:d4:
                    b3:bf:f9:ec:22:79:8e:6f:21:c6:c3:3a:e0:62:68:
                    57:f1:a4:85:b8:ec:e0:aa:d8:74:65:7f:35:1f:38:
                    d3:5f:6a:f1:33:7f:db:ad:c3:5a:98:72:cc:a3:90:
                    32:46:9e:1f:b5:4b:13:bc:a2:a9:9e:01:26:6b:fc:
                    b5:90:7c:f7:1f:f2:d9:5b:cc:ff:5d:60:6e:4b:11:
                    a8:ac:f6:7d:57:3b:84:66:81:43:cb:d8:29:45:99:
                    83:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5A:4B:4F:F1:45:FA:D1:59:29:AB:90:E4:6A:E9:22:E2:A0:DD:C7:2D
            X509v3 Authority Key Identifier:
                keyid:76:7F:42:4D:48:34:06:C4:20:E5:DF:19:BE:BE:99:3F:72:5A:F7:B6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/cfc23b1d5639fa7695ce1ea0d50d72b787bfb6eb.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  186.38.60.0/23

    Signature Algorithm: sha256WithRSAEncryption
         87:14:bc:e3:ef:3e:fa:8e:75:45:87:4f:c3:9a:08:13:de:3b:
         80:9c:3e:9c:bd:ac:f4:c8:c2:2a:c8:bf:82:a8:ec:7a:75:e6:
         6c:f3:51:2e:33:ba:b6:f3:03:c6:f4:e8:ec:12:9a:50:5b:b5:
         2e:57:13:e3:59:52:ce:0e:8f:29:d1:73:60:47:08:c9:c5:d0:
         9c:82:c5:16:97:49:e2:cf:d5:b0:67:ff:44:d9:fe:31:16:f9:
         99:78:39:29:f1:ac:9d:04:68:9f:6f:98:8f:5b:c4:4f:89:d7:
         7d:89:43:ac:a6:9b:94:9b:24:a0:66:6d:6d:f8:b2:47:82:87:
         68:a9:42:ca:31:46:9e:d0:de:8a:09:c8:21:7d:3e:d0:cd:32:
         79:84:d7:68:ad:7c:e2:3b:bb:02:d3:f5:8a:2f:a6:f1:a7:1d:
         61:c4:cc:e8:bd:5b:6b:fc:71:f3:45:88:a3:aa:c2:39:bf:81:
         e4:2f:3b:a5:ba:b9:62:05:ed:1f:d8:32:64:de:64:f7:10:26:
         0a:18:47:5e:89:ea:2f:97:3d:a0:de:6d:9a:97:60:9e:90:68:
         c0:0e:2d:e9:9c:99:23:31:1b:37:0e:54:5c:f1:56:6e:39:54:
         3b:3b:fc:6c:c8:63:96:12:60:25:f4:b8:7c:13:f6:62:5c:3d:
         79:04:ef:b5
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDEf2jMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGJm
YmI0ZDNhNmRkNWU2NDlhNjU1NGM0ODE3Y2UwZWQyNzc0MjkxMzYwHhcNMjMxMTI5
MTQ1NzMyWhcNMjUxMTI5MTQ1NzMyWjAzMTEwLwYDVQQDEyhjZmMyM2IxZDU2Mzlm
YTc2OTVjZTFlYTBkNTBkNzJiNzg3YmZiNmViMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA0qxT3sIy5UEZlUyiLYscaNjt6jyzDM3zggKsBLpFFPTIQfRV
fHlbibZtpCyE2Ho0tBUreff++TJmqo0ZboJKPRNWpLeDhzugSkmCUb1jIS6b6rON
+cnk1ul2glQ1CAOPCQCuqHeXYiVA8E6RIYtp0NrN6CzcC1xsJ7hlfI9Oa2MfPx/e
JQp3dsik1glIgG45d7qfhU8LmXB20iwkZPRF6sRkC9Szv/nsInmObyHGwzrgYmhX
8aSFuOzgqth0ZX81HzjTX2rxM3/brcNamHLMo5AyRp4ftUsTvKKpngEma/y1kHz3
H/LZW8z/XWBuSxGorPZ9VzuEZoFDy9gpRZmDTwIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFFpLT/FF+tFZKauQ5GrpIuKg3cctMB8GA1UdIwQYMBaAFHZ/Qk1INAbEIOXf
Gb6+mT9yWve2MA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYmZiYjRk
M2E2ZGQ1ZTY0OWE2NTU0YzQ4MTdjZTBlZDI3NzQyOTEzNi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNTM3NWJjZmMtOGI4Ni00NTJlLTg1MGQtODNjZmUz
YjUwZjA2L2NmYzIzYjFkNTYzOWZhNzY5NWNlMWVhMGQ1MGQ3MmI3ODdiZmI2ZWIu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy81Mzc1YmNmYy04Yjg2LTQ1MmUtODUwZC04M2Nm
ZTNiNTBmMDYvYmZiYjRkM2E2ZGQ1ZTY0OWE2NTU0YzQ4MTdjZTBlZDI3NzQyOTEz
Ni5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAbomPDANBgkqhkiG9w0BAQsFAAOCAQEAhxS84+8++o51RYdP
w5oIE947gJw+nL2s9MjCKsi/gqjsenXmbPNRLjO6tvMDxvTo7BKaUFu1LlcT41lS
zg6PKdFzYEcIycXQnILFFpdJ4s/VsGf/RNn+MRb5mXg5KfGsnQRon2+Yj1vET4nX
fYlDrKablJskoGZtbfiyR4KHaKlCyjFGntDeignIIX0+0M0yeYTXaK184ju7AtP1
ii+m8acdYcTM6L1ba/xx80WIo6rCOb+B5C87pbq5YgXtH9gyZN5k9xAmChhHXonq
L5c9oN5tmpdgnpBowA4t6ZyZIzEbNw5UXPFWbjlUOzv8bMhjlhJgJfS4fBP2Ylw9
eQTvtQ==
-----END CERTIFICATE-----
Generated at Mon Apr 15 10:07:20 2024 by rpki-client on console-fra.rpki-client.org