Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/65284f37-a301-433c-8f9b-24af49b9a328/dd264d3794e1f41750ccae8a74e867a63c9996a7.roa
File:                     dd264d3794e1f41750ccae8a74e867a63c9996a7.roa (raw, json)
Hash identifier:          wTYPh/GR2bFxtcsHCROt0s4EfQLg0FKxv/mLWlPflDM=
Subject key identifier:   05:ED:5C:F1:6A:44:0C:63:59:9B:86:1B:05:90:04:49:24:99:3F:C4
Certificate issuer:       /CN=100cb7f51ba3d4bc601b39d5aedc436c843b106a
Certificate serial:       0CE172
Authority key identifier: 5B:F3:E1:B6:AE:43:37:57:91:B7:DE:85:1D:CC:48:1B:58:C4:97:BB
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/100cb7f51ba3d4bc601b39d5aedc436c843b106a.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/65284f37-a301-433c-8f9b-24af49b9a328/dd264d3794e1f41750ccae8a74e867a63c9996a7.roa
Signing time:             Wed 24 Mar 2021 14:38:11 +0000
ROA not before:           Wed 24 Mar 2021 14:38:11 +0000
ROA not after:            Tue 24 Mar 2026 14:38:11 +0000
asID:                     46198
IP address blocks:        190.8.32.0/20 maxlen: 24
                          2803:a640::/32 maxlen: 56

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/65284f37-a301-433c-8f9b-24af49b9a328/100cb7f51ba3d4bc601b39d5aedc436c843b106a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/65284f37-a301-433c-8f9b-24af49b9a328/100cb7f51ba3d4bc601b39d5aedc436c843b106a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/100cb7f51ba3d4bc601b39d5aedc436c843b106a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 19:38:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 844146 (0xce172)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=100cb7f51ba3d4bc601b39d5aedc436c843b106a
        Validity
            Not Before: Mar 24 14:38:11 2021 GMT
            Not After : Mar 24 14:38:11 2026 GMT
        Subject: CN=dd264d3794e1f41750ccae8a74e867a63c9996a7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:c1:44:79:b2:c6:2f:35:3e:68:ca:d4:11:01:
                    99:65:0b:cd:08:00:2c:38:96:8c:82:40:cd:f1:1d:
                    3e:f3:8d:83:4d:3b:6f:b2:4e:44:22:72:c9:b3:00:
                    47:3e:3a:44:6f:99:da:1f:6d:da:e8:bb:67:e5:f1:
                    db:9a:b9:f8:36:63:78:65:8f:61:a2:5f:1f:f0:47:
                    ee:46:5f:af:8e:be:2f:8e:35:17:23:2c:23:ee:b7:
                    8d:05:b6:55:84:07:81:b7:3d:a1:91:52:dd:06:90:
                    0d:06:63:44:cc:ef:8a:84:5d:ab:20:61:12:f6:12:
                    3e:cc:cd:3c:ce:95:77:7d:aa:77:2e:42:3d:ec:2f:
                    80:8e:f1:fd:6d:63:12:7f:03:ed:d3:16:34:f7:7c:
                    c6:69:9c:53:53:50:d9:5c:c8:84:67:0f:69:81:1b:
                    a0:ae:3f:f2:ae:0c:09:3c:b1:f4:59:cc:66:3a:20:
                    e2:e6:5b:ed:97:fd:6d:a6:a6:fe:a1:0e:8f:36:26:
                    8b:21:e9:9b:87:1a:f6:ac:14:6b:53:ef:74:f4:10:
                    9f:2d:91:d8:34:27:8d:d9:6b:2e:d8:47:07:ac:02:
                    0c:e6:05:de:3a:fa:fc:a7:44:6c:e9:d8:67:f2:b1:
                    3b:56:d6:97:95:7c:c7:bc:dc:6f:6d:04:f7:ac:e8:
                    e4:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                05:ED:5C:F1:6A:44:0C:63:59:9B:86:1B:05:90:04:49:24:99:3F:C4
            X509v3 Authority Key Identifier:
                keyid:5B:F3:E1:B6:AE:43:37:57:91:B7:DE:85:1D:CC:48:1B:58:C4:97:BB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/100cb7f51ba3d4bc601b39d5aedc436c843b106a.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/65284f37-a301-433c-8f9b-24af49b9a328/dd264d3794e1f41750ccae8a74e867a63c9996a7.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/65284f37-a301-433c-8f9b-24af49b9a328/100cb7f51ba3d4bc601b39d5aedc436c843b106a.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.8.32.0/20
                IPv6:
                  2803:a640::/32

    Signature Algorithm: sha256WithRSAEncryption
         01:dd:8c:21:82:4e:da:d5:88:96:35:03:6c:09:5a:e3:8d:7f:
         00:5b:46:2e:dd:32:d1:a0:13:48:78:98:40:83:e7:67:85:33:
         84:95:e4:06:37:e0:87:e3:ea:79:78:13:29:57:03:a1:c3:ae:
         44:88:b4:e0:3e:2f:0a:43:0d:12:b5:4a:38:d1:a5:b2:9b:22:
         d4:b0:ae:d6:d9:84:de:3b:cc:8c:a5:57:6d:4f:e9:83:e1:27:
         21:94:5c:86:50:f3:79:54:24:9c:79:8c:77:1c:62:3b:e9:aa:
         ed:6e:6c:17:97:98:66:45:f4:53:71:f9:d2:b7:00:4e:37:f7:
         ff:3e:8f:6e:f8:b2:8d:52:37:6d:0f:35:45:70:7a:b9:aa:e2:
         47:29:fa:aa:b0:d2:ca:85:dc:18:e9:2b:d5:d6:61:ca:7b:b1:
         da:08:3f:3f:cc:b9:64:aa:db:17:23:49:b0:2d:88:13:be:2a:
         60:3f:77:93:38:75:f4:13:01:04:dc:3e:63:bf:ff:3d:a5:3f:
         66:f8:c6:97:5f:26:96:c2:bb:ad:30:ec:f6:30:27:95:74:51:
         72:cd:f3:34:a0:ac:a1:50:72:c9:b0:ab:8d:22:f5:fb:32:6e:
         fc:79:79:d5:74:77:8d:db:0a:e2:ff:6e:6e:2e:a4:b8:c2:88:
         59:0f:95:35
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgIDDOFyMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDEw
MGNiN2Y1MWJhM2Q0YmM2MDFiMzlkNWFlZGM0MzZjODQzYjEwNmEwHhcNMjEwMzI0
MTQzODExWhcNMjYwMzI0MTQzODExWjAzMTEwLwYDVQQDEyhkZDI2NGQzNzk0ZTFm
NDE3NTBjY2FlOGE3NGU4NjdhNjNjOTk5NmE3MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAicFEebLGLzU+aMrUEQGZZQvNCAAsOJaMgkDN8R0+842DTTtv
sk5EInLJswBHPjpEb5naH23a6Ltn5fHbmrn4NmN4ZY9hol8f8EfuRl+vjr4vjjUX
Iywj7reNBbZVhAeBtz2hkVLdBpANBmNEzO+KhF2rIGES9hI+zM08zpV3fap3LkI9
7C+AjvH9bWMSfwPt0xY093zGaZxTU1DZXMiEZw9pgRugrj/yrgwJPLH0WcxmOiDi
5lvtl/1tpqb+oQ6PNiaLIembhxr2rBRrU+909BCfLZHYNCeN2Wsu2EcHrAIM5gXe
Ovr8p0Rs6dhn8rE7VtaXlXzHvNxvbQT3rOjkSQIDAQABo4ICajCCAmYwHQYDVR0O
BBYEFAXtXPFqRAxjWZuGGwWQBEkkmT/EMB8GA1UdIwQYMBaAFFvz4bauQzdXkbfe
hR3MSBtYxJe7MA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvMTAwY2I3
ZjUxYmEzZDRiYzYwMWIzOWQ1YWVkYzQzNmM4NDNiMTA2YS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNjUyODRmMzctYTMwMS00MzNjLThmOWItMjRhZjQ5
YjlhMzI4L2RkMjY0ZDM3OTRlMWY0MTc1MGNjYWU4YTc0ZTg2N2E2M2M5OTk2YTcu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy82NTI4NGYzNy1hMzAxLTQzM2MtOGY5Yi0yNGFm
NDliOWEzMjgvMTAwY2I3ZjUxYmEzZDRiYzYwMWIzOWQ1YWVkYzQzNmM4NDNiMTA2
YS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQf
MB0wDAQCAAEwBgMEBL4IIDANBAIAAjAHAwUAKAOmQDANBgkqhkiG9w0BAQsFAAOC
AQEAAd2MIYJO2tWIljUDbAla441/AFtGLt0y0aATSHiYQIPnZ4UzhJXkBjfgh+Pq
eXgTKVcDocOuRIi04D4vCkMNErVKONGlspsi1LCu1tmE3jvMjKVXbU/pg+EnIZRc
hlDzeVQknHmMdxxiO+mq7W5sF5eYZkX0U3H50rcATjf3/z6PbviyjVI3bQ81RXB6
uariRyn6qrDSyoXcGOkr1dZhynux2gg/P8y5ZKrbFyNJsC2IE74qYD93kzh19BMB
BNw+Y7//PaU/ZvjGl18mlsK7rTDs9jAnlXRRcs3zNKCsoVByybCrjSL1+zJu/Hl5
1XR3jdsK4v9ubi6kuMKIWQ+VNQ==
-----END CERTIFICATE-----
Generated at Fri Mar 29 02:14:14 2024 by rpki-client on console-ams.rpki-client.org