Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/67ed9008-ae34-44be-882f-59381201b1e1/3da48e69421fe49d6e6d269665dee8cacfac1e4a.roa
File:                     3da48e69421fe49d6e6d269665dee8cacfac1e4a.roa (raw, json)
Hash identifier:          8Kgn8ypCrifHjbpobuCG0rZVVyzIgfhpMpMlolV6sQ4=
Subject key identifier:   C9:B7:C3:AB:3D:1D:26:C5:68:46:52:08:32:9F:86:CD:67:B5:A2:07
Certificate issuer:       /CN=61dee5b94933b1c10377fd86ec970d3b4117ae3d
Certificate serial:       21693C
Authority key identifier: CC:E9:F3:9E:8F:65:08:D4:CB:E1:EE:25:A5:CB:1C:73:05:6D:6C:93
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/61dee5b94933b1c10377fd86ec970d3b4117ae3d.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/67ed9008-ae34-44be-882f-59381201b1e1/3da48e69421fe49d6e6d269665dee8cacfac1e4a.roa
Signing time:             Thu 01 Jun 2023 15:42:38 +0000
ROA not before:           Wed 31 May 2023 15:42:27 +0000
ROA not after:            Sun 01 Jun 2025 15:42:27 +0000
asID:                     10620
IP address blocks:        190.242.72.0/21 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/67ed9008-ae34-44be-882f-59381201b1e1/61dee5b94933b1c10377fd86ec970d3b4117ae3d.crl
                          rsync://repository.lacnic.net/rpki/lacnic/67ed9008-ae34-44be-882f-59381201b1e1/61dee5b94933b1c10377fd86ec970d3b4117ae3d.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/61dee5b94933b1c10377fd86ec970d3b4117ae3d.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 22 Jul 2023 15:16:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2189628 (0x21693c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=61dee5b94933b1c10377fd86ec970d3b4117ae3d
        Validity
            Not Before: May 31 15:42:27 2023 GMT
            Not After : Jun  1 15:42:27 2025 GMT
        Subject: CN=3da48e69421fe49d6e6d269665dee8cacfac1e4a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:cd:cc:c9:28:da:da:33:cf:24:96:02:08:d5:
                    82:17:2f:6e:9b:ae:b8:bb:5e:24:2a:ac:83:e1:1d:
                    48:07:bf:63:85:00:de:c7:46:11:65:a6:77:09:8b:
                    ec:09:11:03:72:c7:29:40:59:aa:70:6f:a6:9e:d0:
                    0d:61:c9:de:42:0c:32:ce:aa:0d:29:38:73:79:0d:
                    20:93:3b:b2:d5:fe:3f:03:66:21:3d:a7:dd:cb:12:
                    65:76:29:57:bd:10:56:22:61:d6:4a:00:ed:30:40:
                    f0:02:b7:0b:6a:ce:86:7b:da:38:5d:8c:dd:21:73:
                    8d:e3:be:88:a9:67:1e:46:07:4b:10:bb:4e:6d:33:
                    e1:71:55:d4:2e:85:1e:3c:0c:35:2c:64:95:d3:1e:
                    e0:ca:31:f2:cd:73:26:e3:88:31:59:94:9d:2a:2d:
                    f0:25:7d:d5:cc:35:8b:64:43:74:8a:5c:38:74:6c:
                    b0:cf:89:45:49:c1:ae:90:ed:91:88:93:c6:51:67:
                    14:49:88:2d:f8:28:22:9a:6c:36:3f:56:5b:29:28:
                    06:f3:56:f9:13:9d:71:23:94:54:f7:c6:13:9e:2c:
                    b8:cc:5d:07:90:a2:5b:75:31:49:2f:53:26:d4:55:
                    72:0e:84:71:b4:bb:da:88:c9:23:ae:72:b4:5f:69:
                    c2:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C9:B7:C3:AB:3D:1D:26:C5:68:46:52:08:32:9F:86:CD:67:B5:A2:07
            X509v3 Authority Key Identifier:
                keyid:CC:E9:F3:9E:8F:65:08:D4:CB:E1:EE:25:A5:CB:1C:73:05:6D:6C:93

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/61dee5b94933b1c10377fd86ec970d3b4117ae3d.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/67ed9008-ae34-44be-882f-59381201b1e1/3da48e69421fe49d6e6d269665dee8cacfac1e4a.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/67ed9008-ae34-44be-882f-59381201b1e1/61dee5b94933b1c10377fd86ec970d3b4117ae3d.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.242.72.0/21

    Signature Algorithm: sha256WithRSAEncryption
         82:e4:08:fc:fb:06:cb:f3:4f:ff:51:ff:43:fa:31:a5:52:9f:
         61:db:e1:d7:1f:97:72:f9:56:2e:df:19:22:8c:b0:55:98:8b:
         78:93:5f:50:a8:05:10:35:82:5d:72:ba:8d:ec:5f:c7:a7:cc:
         8b:18:40:62:b7:91:9e:5b:d7:b8:07:b3:66:8f:f8:de:1d:ee:
         63:d9:22:72:f7:f1:6d:af:c3:9a:d9:2b:7c:ec:a2:1f:46:dc:
         f4:0c:56:af:95:97:37:8a:cc:22:f4:55:ae:1b:55:99:b6:b6:
         3c:de:a7:42:b7:9d:32:e5:d3:37:ba:d1:4f:69:f1:7b:71:20:
         6b:75:4c:d3:0e:a0:5f:03:46:0c:ef:14:36:a0:e3:75:80:43:
         59:ad:61:7f:38:7c:2a:a7:31:fc:88:49:a1:37:19:91:f8:4a:
         d2:a0:4e:77:08:df:97:ed:d7:00:73:b4:ca:5d:df:ca:bd:32:
         dd:55:20:6e:1f:4d:db:4c:05:dc:40:7e:ec:db:ec:c2:af:c2:
         47:92:ac:22:87:d9:0f:d0:51:a2:1b:24:11:a4:48:bc:d3:f5:
         af:a0:81:b7:7a:28:89:e6:98:8b:13:c6:77:35:95:61:7b:bb:
         21:58:85:9d:5f:90:52:07:77:8f:34:f2:af:95:31:9d:bf:eb:
         84:ce:07:d0
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDIWk8MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDYx
ZGVlNWI5NDkzM2IxYzEwMzc3ZmQ4NmVjOTcwZDNiNDExN2FlM2QwHhcNMjMwNTMx
MTU0MjI3WhcNMjUwNjAxMTU0MjI3WjAzMTEwLwYDVQQDEygzZGE0OGU2OTQyMWZl
NDlkNmU2ZDI2OTY2NWRlZThjYWNmYWMxZTRhMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAic3MySja2jPPJJYCCNWCFy9um664u14kKqyD4R1IB79jhQDe
x0YRZaZ3CYvsCREDcscpQFmqcG+mntANYcneQgwyzqoNKThzeQ0gkzuy1f4/A2Yh
PafdyxJldilXvRBWImHWSgDtMEDwArcLas6Ge9o4XYzdIXON476IqWceRgdLELtO
bTPhcVXULoUePAw1LGSV0x7gyjHyzXMm44gxWZSdKi3wJX3VzDWLZEN0ilw4dGyw
z4lFScGukO2RiJPGUWcUSYgt+Cgimmw2P1ZbKSgG81b5E51xI5RU98YTniy4zF0H
kKJbdTFJL1Mm1FVyDoRxtLvaiMkjrnK0X2nC1wIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFMm3w6s9HSbFaEZSCDKfhs1ntaIHMB8GA1UdIwQYMBaAFMzp856PZQjUy+Hu
JaXLHHMFbWyTMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvNjFkZWU1
Yjk0OTMzYjFjMTAzNzdmZDg2ZWM5NzBkM2I0MTE3YWUzZC5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNjdlZDkwMDgtYWUzNC00NGJlLTg4MmYtNTkzODEy
MDFiMWUxLzNkYTQ4ZTY5NDIxZmU0OWQ2ZTZkMjY5NjY1ZGVlOGNhY2ZhYzFlNGEu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy82N2VkOTAwOC1hZTM0LTQ0YmUtODgyZi01OTM4
MTIwMWIxZTEvNjFkZWU1Yjk0OTMzYjFjMTAzNzdmZDg2ZWM5NzBkM2I0MTE3YWUz
ZC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEA77ySDANBgkqhkiG9w0BAQsFAAOCAQEAguQI/PsGy/NP/1H/
Q/oxpVKfYdvh1x+XcvlWLt8ZIoywVZiLeJNfUKgFEDWCXXK6jexfx6fMixhAYreR
nlvXuAezZo/43h3uY9kicvfxba/DmtkrfOyiH0bc9AxWr5WXN4rMIvRVrhtVmba2
PN6nQredMuXTN7rRT2nxe3Ega3VM0w6gXwNGDO8UNqDjdYBDWa1hfzh8Kqcx/IhJ
oTcZkfhK0qBOdwjfl+3XAHO0yl3fyr0y3VUgbh9N20wF3EB+7Nvswq/CR5KsIofZ
D9BRohskEaRIvNP1r6CBt3ooieaYixPGdzWVYXu7IViFnV+QUgd3jzTyr5Uxnb/r
hM4H0A==
-----END CERTIFICATE-----
Generated at Wed Jul 19 22:20:49 2023 by rpki-client on console-fra.rpki-client.org