Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/54b5eddc-0643-4c81-820f-a7d7fdb6b65e/a13f1e2949ae544d2f0d945671bf66d8443a783e.roa
File:                     a13f1e2949ae544d2f0d945671bf66d8443a783e.roa (raw, json)
Hash identifier:          Nr7tW/iy5eNSNbNZ8GoMFC9gL4Q9asIiM5m2YeKOBQo=
Subject key identifier:   92:CB:41:FB:B4:53:64:57:F8:54:7B:FF:54:A0:FC:C0:8A:E6:15:15
Certificate issuer:       /CN=f5777046979fbf5283208f5b440f2983da70cea4
Certificate serial:       0D056D
Authority key identifier: 74:29:C1:52:6B:C5:64:80:31:AD:BA:12:73:CF:35:85:F9:F0:FC:3E
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/f5777046979fbf5283208f5b440f2983da70cea4.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/54b5eddc-0643-4c81-820f-a7d7fdb6b65e/a13f1e2949ae544d2f0d945671bf66d8443a783e.roa
Signing time:             Wed 24 Mar 2021 14:34:21 +0000
ROA not before:           Wed 24 Mar 2021 14:34:21 +0000
ROA not after:            Tue 24 Mar 2026 14:34:21 +0000
asID:                     28096
IP address blocks:        190.9.56.0/21 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/54b5eddc-0643-4c81-820f-a7d7fdb6b65e/f5777046979fbf5283208f5b440f2983da70cea4.crl
                          rsync://repository.lacnic.net/rpki/lacnic/54b5eddc-0643-4c81-820f-a7d7fdb6b65e/f5777046979fbf5283208f5b440f2983da70cea4.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/f5777046979fbf5283208f5b440f2983da70cea4.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 12:22:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 853357 (0xd056d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f5777046979fbf5283208f5b440f2983da70cea4
        Validity
            Not Before: Mar 24 14:34:21 2021 GMT
            Not After : Mar 24 14:34:21 2026 GMT
        Subject: CN=a13f1e2949ae544d2f0d945671bf66d8443a783e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:98:37:05:4d:73:e9:71:20:1e:a6:ad:6e:cb:
                    cb:75:c3:b8:39:9f:4c:1c:6e:06:92:14:d2:f1:94:
                    60:30:f5:90:a1:67:51:a0:43:5d:76:05:09:70:2d:
                    bd:91:c9:a4:da:5d:c9:28:bc:8f:ea:07:c3:32:af:
                    15:84:ff:4f:16:76:1c:9b:33:17:03:6f:2f:09:f0:
                    d5:92:60:b0:a7:e5:43:00:f1:92:68:1d:1d:a5:1b:
                    22:69:2e:99:d0:1b:ac:00:37:a8:cd:c5:d1:09:aa:
                    30:a9:24:af:20:35:9d:a2:a7:cc:08:12:75:4b:29:
                    e2:00:ce:42:9c:51:10:1a:5f:25:50:66:79:a8:41:
                    d7:2b:15:a4:b8:bb:27:7a:ee:02:92:9e:ca:3b:4a:
                    4a:84:e9:05:b3:1d:9b:84:19:4a:a3:37:81:5a:03:
                    8b:2b:5a:76:82:b2:e5:b7:28:0a:9a:8c:e6:5c:40:
                    0f:c4:02:6b:d3:96:af:cc:68:b5:a6:e7:1a:d9:9d:
                    0b:11:b5:65:6b:3f:d6:c6:1f:3a:2f:73:0b:ac:ea:
                    bd:5c:97:85:c5:b6:00:6e:18:b2:78:ca:f4:6d:6a:
                    2c:d8:2a:a0:f4:be:4b:4b:49:6c:32:f6:eb:9b:61:
                    8b:f9:dc:cb:0c:d0:84:f6:0c:6f:ad:c9:17:1f:b6:
                    34:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                92:CB:41:FB:B4:53:64:57:F8:54:7B:FF:54:A0:FC:C0:8A:E6:15:15
            X509v3 Authority Key Identifier:
                keyid:74:29:C1:52:6B:C5:64:80:31:AD:BA:12:73:CF:35:85:F9:F0:FC:3E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/f5777046979fbf5283208f5b440f2983da70cea4.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/54b5eddc-0643-4c81-820f-a7d7fdb6b65e/a13f1e2949ae544d2f0d945671bf66d8443a783e.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/54b5eddc-0643-4c81-820f-a7d7fdb6b65e/f5777046979fbf5283208f5b440f2983da70cea4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.9.56.0/21

    Signature Algorithm: sha256WithRSAEncryption
         3e:79:06:25:6a:ee:92:fc:a4:c6:30:d6:88:39:e6:ff:4b:be:
         a0:06:9a:21:b5:71:ee:a5:10:8d:37:1b:64:8a:79:75:62:da:
         8b:16:83:2a:17:4e:36:47:98:a9:32:e2:b3:da:7a:ea:4e:16:
         44:dc:12:6d:38:ea:43:d8:26:db:0e:a9:f5:1e:b7:f7:39:04:
         34:ce:ff:e4:db:3b:0b:79:fa:37:15:d8:86:64:e6:f1:e8:1d:
         5d:5c:83:58:85:ab:55:43:35:ab:8e:ea:8e:7f:93:d8:ba:b5:
         80:79:e3:86:f1:02:9e:b6:92:2c:9d:f1:0a:3f:be:c8:de:ee:
         cc:6e:b4:f7:5c:bd:9e:82:51:31:75:65:c3:82:80:8c:b5:3a:
         ed:3a:61:0d:d0:ca:36:68:e0:07:81:be:f4:04:5e:50:cb:31:
         cf:c7:16:c3:b6:47:5f:d6:99:a8:07:ef:ad:dd:17:29:94:fa:
         2e:55:19:f8:01:ea:e7:99:d8:b9:fb:89:e4:79:a0:36:a8:17:
         9f:58:7f:30:b0:cf:f5:fa:81:1d:38:70:c7:7c:14:8b:df:6c:
         e5:d7:f3:48:1a:ca:e6:d2:35:a7:c4:e7:7e:ce:dc:5b:3a:3b:
         ad:0d:1d:75:dd:39:a9:20:e8:5b:90:cd:5f:66:bf:64:9f:4a:
         91:9e:8e:87
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDDQVtMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGY1
Nzc3MDQ2OTc5ZmJmNTI4MzIwOGY1YjQ0MGYyOTgzZGE3MGNlYTQwHhcNMjEwMzI0
MTQzNDIxWhcNMjYwMzI0MTQzNDIxWjAzMTEwLwYDVQQDEyhhMTNmMWUyOTQ5YWU1
NDRkMmYwZDk0NTY3MWJmNjZkODQ0M2E3ODNlMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAzZg3BU1z6XEgHqatbsvLdcO4OZ9MHG4GkhTS8ZRgMPWQoWdR
oENddgUJcC29kcmk2l3JKLyP6gfDMq8VhP9PFnYcmzMXA28vCfDVkmCwp+VDAPGS
aB0dpRsiaS6Z0BusADeozcXRCaowqSSvIDWdoqfMCBJ1SyniAM5CnFEQGl8lUGZ5
qEHXKxWkuLsneu4Ckp7KO0pKhOkFsx2bhBlKozeBWgOLK1p2grLltygKmozmXEAP
xAJr05avzGi1puca2Z0LEbVlaz/Wxh86L3MLrOq9XJeFxbYAbhiyeMr0bWos2Cqg
9L5LS0lsMvbrm2GL+dzLDNCE9gxvrckXH7Y0wwIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFJLLQfu0U2RX+FR7/1Sg/MCK5hUVMB8GA1UdIwQYMBaAFHQpwVJrxWSAMa26
EnPPNYX58Pw+MA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvZjU3Nzcw
NDY5NzlmYmY1MjgzMjA4ZjViNDQwZjI5ODNkYTcwY2VhNC5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNTRiNWVkZGMtMDY0My00YzgxLTgyMGYtYTdkN2Zk
YjZiNjVlL2ExM2YxZTI5NDlhZTU0NGQyZjBkOTQ1NjcxYmY2NmQ4NDQzYTc4M2Uu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy81NGI1ZWRkYy0wNjQzLTRjODEtODIwZi1hN2Q3
ZmRiNmI2NWUvZjU3NzcwNDY5NzlmYmY1MjgzMjA4ZjViNDQwZjI5ODNkYTcwY2Vh
NC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEA74JODANBgkqhkiG9w0BAQsFAAOCAQEAPnkGJWrukvykxjDW
iDnm/0u+oAaaIbVx7qUQjTcbZIp5dWLaixaDKhdONkeYqTLis9p66k4WRNwSbTjq
Q9gm2w6p9R639zkENM7/5Ns7C3n6NxXYhmTm8egdXVyDWIWrVUM1q47qjn+T2Lq1
gHnjhvECnraSLJ3xCj++yN7uzG6091y9noJRMXVlw4KAjLU67TphDdDKNmjgB4G+
9AReUMsxz8cWw7ZHX9aZqAfvrd0XKZT6LlUZ+AHq55nYufuJ5HmgNqgXn1h/MLDP
9fqBHThwx3wUi99s5dfzSBrK5tI1p8Tnfs7cWzo7rQ0ddd05qSDoW5DNX2a/ZJ9K
kZ6Ohw==
-----END CERTIFICATE-----
Generated at Thu Mar 28 16:43:48 2024 by rpki-client on console-fra.rpki-client.org