Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/67ed9008-ae34-44be-882f-59381201b1e1/29ea5852881b03a002b2c0916b55c35c85a81cf1.roa
File:                     29ea5852881b03a002b2c0916b55c35c85a81cf1.roa (raw, json)
Hash identifier:          8HFP1/ITsrDjpFdWzwL1MCjxmb1FGEBT3AzdfbjDKxQ=
Subject key identifier:   62:4C:FD:09:E5:DC:09:B9:23:C7:56:01:5A:AA:C6:D8:B8:B8:12:21
Certificate issuer:       /CN=a7237d32fd35bbf0fdba7734a8368fd9626eca5a
Certificate serial:       27E449
Authority key identifier: BE:02:D2:36:F8:B0:06:BA:87:81:2A:20:2E:F5:B7:66:DC:8E:30:3F
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/a7237d32fd35bbf0fdba7734a8368fd9626eca5a.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/67ed9008-ae34-44be-882f-59381201b1e1/29ea5852881b03a002b2c0916b55c35c85a81cf1.roa
Signing time:             Mon 12 Feb 2024 15:10:03 +0000
ROA not before:           Mon 12 Feb 2024 15:09:57 +0000
ROA not after:            Mon 12 Feb 2029 15:09:57 +0000
asID:                     262199
IP address blocks:        190.242.121.0/24 maxlen: 24
                          190.242.148.0/22 maxlen: 22
                          190.242.158.0/23 maxlen: 24
                          190.242.160.0/23 maxlen: 24
                          190.242.162.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/67ed9008-ae34-44be-882f-59381201b1e1/a7237d32fd35bbf0fdba7734a8368fd9626eca5a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/67ed9008-ae34-44be-882f-59381201b1e1/a7237d32fd35bbf0fdba7734a8368fd9626eca5a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/a7237d32fd35bbf0fdba7734a8368fd9626eca5a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 15 Apr 2024 06:03:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2614345 (0x27e449)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a7237d32fd35bbf0fdba7734a8368fd9626eca5a
        Validity
            Not Before: Feb 12 15:09:57 2024 GMT
            Not After : Feb 12 15:09:57 2029 GMT
        Subject: CN=29ea5852881b03a002b2c0916b55c35c85a81cf1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:72:02:00:82:01:ac:cd:21:19:b5:1a:90:e3:
                    fd:19:22:36:7c:45:55:df:9d:d2:ab:2f:d4:5e:34:
                    42:f1:1a:f2:9c:01:75:e2:b0:45:43:f9:35:4a:43:
                    f9:bf:76:9d:f5:cb:10:f3:86:aa:de:ee:88:58:32:
                    df:e8:1e:d7:67:8b:fa:fe:76:fb:29:aa:e1:c1:69:
                    61:09:10:c4:fb:8e:ad:01:1c:e7:61:45:1a:56:0e:
                    1d:d4:79:d9:11:79:ad:60:3e:e0:a8:15:aa:88:34:
                    f1:d8:f8:35:38:23:0b:e2:9a:37:76:3b:48:c2:61:
                    e1:d8:17:41:c2:5d:3c:cd:01:a2:34:3a:44:73:22:
                    93:da:2d:ff:b7:aa:43:ab:fb:10:87:d9:1c:03:ee:
                    e7:d5:17:10:ca:14:3a:bd:9a:a9:d8:53:a0:6c:fa:
                    16:91:d2:e2:43:53:cf:7f:1d:84:25:11:a1:0f:8e:
                    98:dc:38:fe:8c:57:b8:4f:fc:84:da:ea:77:2e:6d:
                    c6:50:72:27:81:8e:a3:38:f5:ad:cc:85:50:8b:b9:
                    66:c3:5f:a0:bc:dc:25:3f:7b:d5:2e:0e:36:a5:3a:
                    b6:97:a4:6e:4b:99:b5:4c:a6:e1:9e:6b:3c:bd:b3:
                    83:a8:99:74:40:43:e7:20:d3:af:6c:4a:61:51:89:
                    0d:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                62:4C:FD:09:E5:DC:09:B9:23:C7:56:01:5A:AA:C6:D8:B8:B8:12:21
            X509v3 Authority Key Identifier:
                keyid:BE:02:D2:36:F8:B0:06:BA:87:81:2A:20:2E:F5:B7:66:DC:8E:30:3F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/a7237d32fd35bbf0fdba7734a8368fd9626eca5a.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/67ed9008-ae34-44be-882f-59381201b1e1/29ea5852881b03a002b2c0916b55c35c85a81cf1.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/67ed9008-ae34-44be-882f-59381201b1e1/a7237d32fd35bbf0fdba7734a8368fd9626eca5a.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.242.121.0/24
                  190.242.148.0/22
                  190.242.158.0-190.242.162.255

    Signature Algorithm: sha256WithRSAEncryption
         09:66:a1:19:99:21:fb:95:b1:10:39:47:86:71:bd:ce:d5:ff:
         e1:13:b0:7e:d6:d8:89:a0:14:60:f9:a5:c9:f2:64:f4:da:01:
         75:ee:f7:bd:2a:10:87:e4:3a:73:d1:67:14:21:87:b8:fa:cb:
         6a:af:95:6d:33:3e:d0:15:e2:b6:b0:99:3e:7a:b2:b4:96:30:
         ab:c7:e4:c0:3d:bd:b6:a1:65:d8:09:16:53:ad:f2:51:6b:b1:
         d9:d6:b2:7c:f6:be:16:02:10:89:2d:e3:ae:06:37:27:d0:cd:
         cc:a1:2e:98:a1:9f:7f:29:96:99:8c:80:ef:6c:99:76:1d:a9:
         d0:8c:c6:cc:43:b9:da:5f:96:4c:30:5b:ac:56:1b:4b:79:fc:
         80:35:ce:89:d0:ce:08:11:bc:b7:50:b9:2c:c2:46:6d:af:f2:
         e2:5f:d0:b5:42:df:73:1f:c4:85:be:1e:a5:cb:16:87:04:cf:
         5b:07:5e:e7:ee:c2:a3:3b:0e:2f:df:28:9c:c6:78:d6:93:2d:
         13:c5:36:98:60:dd:22:db:36:24:26:21:14:6a:38:09:23:c5:
         3d:48:14:49:2e:00:de:da:11:8b:b6:ab:57:94:67:26:a3:1c:
         57:ea:c1:fd:32:53:f1:b5:0e:91:8c:f6:ea:b2:6c:51:24:ac:
         b1:fa:f4:f2
-----BEGIN CERTIFICATE-----
MIIFVDCCBDygAwIBAgIDJ+RJMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGE3
MjM3ZDMyZmQzNWJiZjBmZGJhNzczNGE4MzY4ZmQ5NjI2ZWNhNWEwHhcNMjQwMjEy
MTUwOTU3WhcNMjkwMjEyMTUwOTU3WjAzMTEwLwYDVQQDEygyOWVhNTg1Mjg4MWIw
M2EwMDJiMmMwOTE2YjU1YzM1Yzg1YTgxY2YxMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEApnICAIIBrM0hGbUakOP9GSI2fEVV353Sqy/UXjRC8RrynAF1
4rBFQ/k1SkP5v3ad9csQ84aq3u6IWDLf6B7XZ4v6/nb7KarhwWlhCRDE+46tARzn
YUUaVg4d1HnZEXmtYD7gqBWqiDTx2Pg1OCML4po3djtIwmHh2BdBwl08zQGiNDpE
cyKT2i3/t6pDq/sQh9kcA+7n1RcQyhQ6vZqp2FOgbPoWkdLiQ1PPfx2EJRGhD46Y
3Dj+jFe4T/yE2up3Lm3GUHIngY6jOPWtzIVQi7lmw1+gvNwlP3vVLg42pTq2l6Ru
S5m1TKbhnms8vbODqJl0QEPnINOvbEphUYkNKQIDAQABo4ICbzCCAmswHQYDVR0O
BBYEFGJM/Qnl3Am5I8dWAVqqxti4uBIhMB8GA1UdIwQYMBaAFL4C0jb4sAa6h4Eq
IC71t2bcjjA/MA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYTcyMzdk
MzJmZDM1YmJmMGZkYmE3NzM0YTgzNjhmZDk2MjZlY2E1YS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNjdlZDkwMDgtYWUzNC00NGJlLTg4MmYtNTkzODEy
MDFiMWUxLzI5ZWE1ODUyODgxYjAzYTAwMmIyYzA5MTZiNTVjMzVjODVhODFjZjEu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy82N2VkOTAwOC1hZTM0LTQ0YmUtODgyZi01OTM4
MTIwMWIxZTEvYTcyMzdkMzJmZDM1YmJmMGZkYmE3NzM0YTgzNjhmZDk2MjZlY2E1
YS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAzBggrBgEFBQcBBwEB/wQk
MCIwIAQCAAEwGgMEAL7yeQMEAr7ylDAMAwQBvvKeAwQAvvKiMA0GCSqGSIb3DQEB
CwUAA4IBAQAJZqEZmSH7lbEQOUeGcb3O1f/hE7B+1tiJoBRg+aXJ8mT02gF17ve9
KhCH5Dpz0WcUIYe4+stqr5VtMz7QFeK2sJk+erK0ljCrx+TAPb22oWXYCRZTrfJR
a7HZ1rJ89r4WAhCJLeOuBjcn0M3MoS6YoZ9/KZaZjIDvbJl2HanQjMbMQ7naX5ZM
MFusVhtLefyANc6J0M4IEby3ULkswkZtr/LiX9C1Qt9zH8SFvh6lyxaHBM9bB17n
7sKjOw4v3yicxnjWky0TxTaYYN0i2zYkJiEUajgJI8U9SBRJLgDe2hGLtqtXlGcm
oxxX6sH9MlPxtQ6RjPbqsmxRJKyx+vTy
-----END CERTIFICATE-----
Generated at Fri Apr 12 10:18:09 2024 by rpki-client on console-ams.rpki-client.org