Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/5573f7ae-9904-4e6f-a420-753d9cccf11c/f0af8f9a4b5164892fd522fe6592583b60337a9f.roa
File:                     f0af8f9a4b5164892fd522fe6592583b60337a9f.roa (raw, json)
Hash identifier:          dBeZdZxpqyRsuFQFm7o6iv2MKBTOkdC9EgrYyHChRBI=
Subject key identifier:   67:91:8B:68:49:57:00:2B:41:24:55:9F:9B:37:2C:1A:45:E4:D3:5F
Certificate issuer:       /CN=6629fdd5cda4c01f202e4b42e2e1d4bd2db9e248
Certificate serial:       21ADFB
Authority key identifier: FC:66:FD:90:96:46:B3:DB:D4:BD:4E:67:07:C6:F5:E9:E4:52:A0:16
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/6629fdd5cda4c01f202e4b42e2e1d4bd2db9e248.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/5573f7ae-9904-4e6f-a420-753d9cccf11c/f0af8f9a4b5164892fd522fe6592583b60337a9f.roa
Signing time:             Mon 03 Jul 2023 12:25:31 +0000
ROA not before:           Sun 02 Jul 2023 12:25:29 +0000
ROA not after:            Mon 03 Jul 2028 12:25:29 +0000
asID:                     27754
IP address blocks:        190.3.22.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/5573f7ae-9904-4e6f-a420-753d9cccf11c/6629fdd5cda4c01f202e4b42e2e1d4bd2db9e248.crl
                          rsync://repository.lacnic.net/rpki/lacnic/5573f7ae-9904-4e6f-a420-753d9cccf11c/6629fdd5cda4c01f202e4b42e2e1d4bd2db9e248.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/6629fdd5cda4c01f202e4b42e2e1d4bd2db9e248.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 26 Feb 2024 16:36:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2207227 (0x21adfb)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6629fdd5cda4c01f202e4b42e2e1d4bd2db9e248
        Validity
            Not Before: Jul  2 12:25:29 2023 GMT
            Not After : Jul  3 12:25:29 2028 GMT
        Subject: CN=f0af8f9a4b5164892fd522fe6592583b60337a9f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:d8:ab:4f:cc:65:9f:02:3c:56:79:2d:5d:f3:
                    37:cb:7f:c9:90:22:23:c4:8f:ed:b1:be:6a:86:e3:
                    65:ae:94:bb:c4:2b:fc:f0:64:43:a2:d8:56:f4:2c:
                    34:3e:5c:52:c7:ac:ed:96:7d:04:05:18:de:1f:ee:
                    cd:e9:ce:1e:f3:23:f9:cf:94:66:ba:73:e8:0a:75:
                    33:33:5d:ec:cc:14:09:83:12:2f:64:a7:fa:63:b1:
                    8e:a4:58:02:9c:3b:f6:88:9f:9b:34:18:72:47:38:
                    9f:1a:9b:8f:df:20:a3:45:70:5f:a3:59:85:5b:df:
                    fc:e1:b7:29:9b:73:fb:5d:34:d5:5c:31:93:01:4e:
                    7c:06:da:96:c7:a3:cb:18:99:10:66:49:bf:90:02:
                    cd:e2:d2:7b:3e:6d:8d:34:42:cc:1b:ff:f1:f5:d0:
                    fc:42:16:8f:3c:ca:4f:a4:e4:a5:75:36:35:92:1a:
                    24:b0:86:46:a8:d1:2b:d7:22:e3:60:36:53:2f:17:
                    8e:c8:07:e6:6a:86:7c:16:f4:61:86:b6:a4:48:92:
                    1d:c5:4c:af:1e:f6:f2:1b:b3:b0:e1:d0:4b:c2:11:
                    48:fc:9c:15:41:d0:fd:22:d8:cf:32:94:18:cc:f0:
                    0a:8d:af:46:4b:33:04:ac:8a:36:7b:ae:6c:97:c5:
                    8e:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                67:91:8B:68:49:57:00:2B:41:24:55:9F:9B:37:2C:1A:45:E4:D3:5F
            X509v3 Authority Key Identifier:
                keyid:FC:66:FD:90:96:46:B3:DB:D4:BD:4E:67:07:C6:F5:E9:E4:52:A0:16

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/6629fdd5cda4c01f202e4b42e2e1d4bd2db9e248.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/5573f7ae-9904-4e6f-a420-753d9cccf11c/f0af8f9a4b5164892fd522fe6592583b60337a9f.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/5573f7ae-9904-4e6f-a420-753d9cccf11c/6629fdd5cda4c01f202e4b42e2e1d4bd2db9e248.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.3.22.0/24

    Signature Algorithm: sha256WithRSAEncryption
         21:26:83:06:67:3b:91:be:a4:df:f2:9e:3a:d6:51:5f:32:58:
         63:a7:f2:2a:06:18:10:0e:8e:b9:d0:80:e6:7f:df:cd:cf:06:
         fe:97:b6:0b:bf:04:32:7d:2e:ad:42:3f:48:c9:59:81:90:cd:
         f9:09:7c:45:fc:2b:84:4a:f7:8b:f7:7c:02:7e:30:ab:6a:4d:
         ae:35:47:ae:8d:bc:53:e9:10:f0:41:91:fb:a6:07:2a:0e:c3:
         19:40:10:34:cd:41:6e:b0:82:6b:e1:01:99:02:78:ba:23:c0:
         2d:c1:b5:39:c5:ac:ad:1d:0f:be:76:4e:4b:44:c0:f9:3f:26:
         7e:f9:81:7f:a2:e2:4b:ff:15:f6:92:f2:e0:59:03:01:73:a1:
         db:32:76:f0:ce:32:aa:33:c4:da:3c:4d:5f:4d:28:b9:c2:74:
         fe:14:51:95:95:fe:bf:fc:35:d0:98:44:0e:09:7c:7f:10:6d:
         e6:00:f2:6a:fa:42:0e:a2:f3:01:b6:42:6e:d6:e3:dc:53:e0:
         88:9e:74:4a:03:a5:33:f5:c6:4e:5e:a3:d2:4c:f2:b7:27:76:
         52:4b:b4:34:1f:1b:9a:19:8d:ab:9e:99:fd:ec:85:01:5d:d8:
         4f:22:37:1e:d6:fc:b9:9c:08:2f:ae:c4:79:61:7d:36:56:22:
         d4:a7:e2:09
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDIa37MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDY2
MjlmZGQ1Y2RhNGMwMWYyMDJlNGI0MmUyZTFkNGJkMmRiOWUyNDgwHhcNMjMwNzAy
MTIyNTI5WhcNMjgwNzAzMTIyNTI5WjAzMTEwLwYDVQQDEyhmMGFmOGY5YTRiNTE2
NDg5MmZkNTIyZmU2NTkyNTgzYjYwMzM3YTlmMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAwdirT8xlnwI8VnktXfM3y3/JkCIjxI/tsb5qhuNlrpS7xCv8
8GRDothW9Cw0PlxSx6ztln0EBRjeH+7N6c4e8yP5z5RmunPoCnUzM13szBQJgxIv
ZKf6Y7GOpFgCnDv2iJ+bNBhyRzifGpuP3yCjRXBfo1mFW9/84bcpm3P7XTTVXDGT
AU58BtqWx6PLGJkQZkm/kALN4tJ7Pm2NNELMG//x9dD8QhaPPMpPpOSldTY1khok
sIZGqNEr1yLjYDZTLxeOyAfmaoZ8FvRhhrakSJIdxUyvHvbyG7Ow4dBLwhFI/JwV
QdD9ItjPMpQYzPAKja9GSzMErIo2e65sl8WOlQIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFGeRi2hJVwArQSRVn5s3LBpF5NNfMB8GA1UdIwQYMBaAFPxm/ZCWRrPb1L1O
ZwfG9enkUqAWMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvNjYyOWZk
ZDVjZGE0YzAxZjIwMmU0YjQyZTJlMWQ0YmQyZGI5ZTI0OC5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNTU3M2Y3YWUtOTkwNC00ZTZmLWE0MjAtNzUzZDlj
Y2NmMTFjL2YwYWY4ZjlhNGI1MTY0ODkyZmQ1MjJmZTY1OTI1ODNiNjAzMzdhOWYu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy81NTczZjdhZS05OTA0LTRlNmYtYTQyMC03NTNk
OWNjY2YxMWMvNjYyOWZkZDVjZGE0YzAxZjIwMmU0YjQyZTJlMWQ0YmQyZGI5ZTI0
OC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAL4DFjANBgkqhkiG9w0BAQsFAAOCAQEAISaDBmc7kb6k3/Ke
OtZRXzJYY6fyKgYYEA6OudCA5n/fzc8G/pe2C78EMn0urUI/SMlZgZDN+Ql8Rfwr
hEr3i/d8An4wq2pNrjVHro28U+kQ8EGR+6YHKg7DGUAQNM1BbrCCa+EBmQJ4uiPA
LcG1OcWsrR0PvnZOS0TA+T8mfvmBf6LiS/8V9pLy4FkDAXOh2zJ28M4yqjPE2jxN
X00oucJ0/hRRlZX+v/w10JhEDgl8fxBt5gDyavpCDqLzAbZCbtbj3FPgiJ50SgOl
M/XGTl6j0kzytyd2Uku0NB8bmhmNq56Z/eyFAV3YTyI3Htb8uZwIL67EeWF9NlYi
1KfiCQ==
-----END CERTIFICATE-----
Generated at Fri Feb 23 22:55:13 2024 by rpki-client on console-fra.rpki-client.org