Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/559e30f3-7cad-413e-a98e-84b34bb91913/66f4c1dcf8c56bce0863b18f6cf569d13e81ed90.roa
File:                     66f4c1dcf8c56bce0863b18f6cf569d13e81ed90.roa (raw, json)
Hash identifier:          GqkVEpJlBkGxIPdOYkT3fNzGXJuJgCZXlY1JeQY9nVU=
Subject key identifier:   D1:BF:2B:B1:FA:5E:84:A6:65:51:95:55:47:D6:35:68:E8:FF:A5:8D
Certificate issuer:       /CN=d675b3fed87f89fa91e060e500482b6ec9837fa3
Certificate serial:       0D9768
Authority key identifier: DE:A2:D1:09:34:E2:C0:C8:4A:88:59:24:3D:DE:82:68:8C:CC:B9:A6
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/d675b3fed87f89fa91e060e500482b6ec9837fa3.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/559e30f3-7cad-413e-a98e-84b34bb91913/66f4c1dcf8c56bce0863b18f6cf569d13e81ed90.roa
Signing time:             Wed 24 Mar 2021 14:30:06 +0000
ROA not before:           Wed 24 Mar 2021 14:30:05 +0000
ROA not after:            Tue 24 Mar 2026 14:30:05 +0000
asID:                     27955
IP address blocks:        190.13.240.0/20 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/559e30f3-7cad-413e-a98e-84b34bb91913/d675b3fed87f89fa91e060e500482b6ec9837fa3.crl
                          rsync://repository.lacnic.net/rpki/lacnic/559e30f3-7cad-413e-a98e-84b34bb91913/d675b3fed87f89fa91e060e500482b6ec9837fa3.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/d675b3fed87f89fa91e060e500482b6ec9837fa3.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 12:22:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 890728 (0xd9768)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d675b3fed87f89fa91e060e500482b6ec9837fa3
        Validity
            Not Before: Mar 24 14:30:05 2021 GMT
            Not After : Mar 24 14:30:05 2026 GMT
        Subject: CN=66f4c1dcf8c56bce0863b18f6cf569d13e81ed90
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:7d:af:b6:ca:0f:cf:bf:2c:58:b6:4b:df:da:
                    ab:c9:9f:00:e0:56:0c:39:0f:13:c1:2f:57:a9:ba:
                    0b:a8:5f:11:08:6c:50:87:74:3f:63:af:7d:90:88:
                    a5:f8:09:a0:9d:f5:4e:e6:69:a0:72:35:66:6d:a7:
                    1a:05:c9:d5:b0:0c:f1:12:a0:1b:8a:a6:37:b9:dd:
                    92:a4:16:42:a7:56:ae:ff:7d:ff:9c:0f:3b:b2:25:
                    f0:ac:63:b9:51:02:c3:59:4f:24:de:80:6c:fa:7a:
                    0d:fc:cf:52:28:c3:0a:ae:6e:2c:e7:48:dd:e7:1a:
                    86:51:dc:e4:a8:2b:31:c9:67:bf:8a:f2:e6:03:ff:
                    f6:36:71:24:3b:33:26:50:37:e2:a2:29:78:e3:42:
                    bc:cd:77:16:12:02:f8:18:f7:98:d7:5c:4c:f0:a0:
                    b8:95:66:d1:93:08:97:cc:5b:01:b3:d0:55:4f:08:
                    ac:06:e9:32:b9:82:89:fa:62:e9:66:ea:cd:81:1d:
                    27:bb:7e:db:96:6b:28:30:40:79:69:e1:4a:af:4d:
                    51:28:ba:9c:75:5e:b2:29:f9:6d:45:06:33:70:a6:
                    e0:08:ad:15:3e:5d:c4:b2:49:4d:20:14:41:73:80:
                    aa:7b:ca:4d:c9:a2:5a:2b:73:d2:8c:f2:9f:e1:f5:
                    e3:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D1:BF:2B:B1:FA:5E:84:A6:65:51:95:55:47:D6:35:68:E8:FF:A5:8D
            X509v3 Authority Key Identifier:
                keyid:DE:A2:D1:09:34:E2:C0:C8:4A:88:59:24:3D:DE:82:68:8C:CC:B9:A6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/d675b3fed87f89fa91e060e500482b6ec9837fa3.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/559e30f3-7cad-413e-a98e-84b34bb91913/66f4c1dcf8c56bce0863b18f6cf569d13e81ed90.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/559e30f3-7cad-413e-a98e-84b34bb91913/d675b3fed87f89fa91e060e500482b6ec9837fa3.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.13.240.0/20

    Signature Algorithm: sha256WithRSAEncryption
         73:9f:54:7a:81:f1:9d:44:26:87:ff:c9:e1:df:77:4e:ae:ae:
         50:ba:f4:9d:83:fc:b0:be:e4:29:f0:bf:35:7d:f8:dd:ce:a3:
         54:68:fd:cc:ce:04:f9:27:58:a9:21:be:0c:4f:3b:4e:02:d6:
         0a:dd:24:8f:49:21:22:47:28:6a:b3:8b:d3:0f:7e:49:71:ed:
         4d:60:35:bc:ae:1a:00:47:34:84:32:9d:a9:14:76:53:72:75:
         be:5b:d7:f4:37:58:1f:3d:82:c4:28:85:39:12:8e:de:49:80:
         b8:4e:76:ef:e3:84:78:d9:84:f3:2b:a5:dc:0b:9e:b5:17:e9:
         a7:8a:5c:70:a1:e5:cd:85:28:38:8d:8b:1a:af:69:cc:60:36:
         20:3c:66:1b:97:da:f3:54:e4:16:e6:f9:57:57:3f:34:87:8d:
         3f:68:b4:8e:9a:f0:4a:e9:b0:af:62:a2:a2:7b:a7:bf:0e:ad:
         c2:b1:82:be:6c:eb:30:05:c2:e9:f4:57:d4:8c:1d:21:59:5d:
         82:a8:b7:50:fa:d7:02:d5:30:e5:ce:dd:42:f0:12:81:a3:b7:
         1c:22:da:e2:2d:58:0e:3f:a4:5f:dd:74:6e:1f:c2:e2:03:63:
         a5:d8:0e:85:6f:6f:29:44:aa:96:59:51:7d:70:77:6a:32:ba:
         ff:3c:fc:db
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDDZdoMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGQ2
NzViM2ZlZDg3Zjg5ZmE5MWUwNjBlNTAwNDgyYjZlYzk4MzdmYTMwHhcNMjEwMzI0
MTQzMDA1WhcNMjYwMzI0MTQzMDA1WjAzMTEwLwYDVQQDEyg2NmY0YzFkY2Y4YzU2
YmNlMDg2M2IxOGY2Y2Y1NjlkMTNlODFlZDkwMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAiH2vtsoPz78sWLZL39qryZ8A4FYMOQ8TwS9XqboLqF8RCGxQ
h3Q/Y699kIil+AmgnfVO5mmgcjVmbacaBcnVsAzxEqAbiqY3ud2SpBZCp1au/33/
nA87siXwrGO5UQLDWU8k3oBs+noN/M9SKMMKrm4s50jd5xqGUdzkqCsxyWe/ivLm
A//2NnEkOzMmUDfioil440K8zXcWEgL4GPeY11xM8KC4lWbRkwiXzFsBs9BVTwis
BukyuYKJ+mLpZurNgR0nu37blmsoMEB5aeFKr01RKLqcdV6yKfltRQYzcKbgCK0V
Pl3EsklNIBRBc4Cqe8pNyaJaK3PSjPKf4fXjZwIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFNG/K7H6XoSmZVGVVUfWNWjo/6WNMB8GA1UdIwQYMBaAFN6i0Qk04sDISohZ
JD3egmiMzLmmMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvZDY3NWIz
ZmVkODdmODlmYTkxZTA2MGU1MDA0ODJiNmVjOTgzN2ZhMy5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNTU5ZTMwZjMtN2NhZC00MTNlLWE5OGUtODRiMzRi
YjkxOTEzLzY2ZjRjMWRjZjhjNTZiY2UwODYzYjE4ZjZjZjU2OWQxM2U4MWVkOTAu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy81NTllMzBmMy03Y2FkLTQxM2UtYTk4ZS04NGIz
NGJiOTE5MTMvZDY3NWIzZmVkODdmODlmYTkxZTA2MGU1MDA0ODJiNmVjOTgzN2Zh
My5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEBL4N8DANBgkqhkiG9w0BAQsFAAOCAQEAc59UeoHxnUQmh//J
4d93Tq6uULr0nYP8sL7kKfC/NX343c6jVGj9zM4E+SdYqSG+DE87TgLWCt0kj0kh
IkcoarOL0w9+SXHtTWA1vK4aAEc0hDKdqRR2U3J1vlvX9DdYHz2CxCiFORKO3kmA
uE527+OEeNmE8yul3AuetRfpp4pccKHlzYUoOI2LGq9pzGA2IDxmG5fa81TkFub5
V1c/NIeNP2i0jprwSumwr2Kionunvw6twrGCvmzrMAXC6fRX1IwdIVldgqi3UPrX
AtUw5c7dQvASgaO3HCLa4i1YDj+kX910bh/C4gNjpdgOhW9vKUSqlllRfXB3ajK6
/zz82w==
-----END CERTIFICATE-----
Generated at Thu Mar 28 18:50:52 2024 by rpki-client on console-ams.rpki-client.org