Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/67ed9008-ae34-44be-882f-59381201b1e1/b1758b8966070d0a83d1b6c9a790bb2d259543bc.roa
File:                     b1758b8966070d0a83d1b6c9a790bb2d259543bc.roa (raw, json)
Hash identifier:          C9K+Ses91JxWOIbuDD2y7bq0C+OsKtHqVjxDNZI3v6Q=
Subject key identifier:   95:15:BA:A5:52:38:9F:DD:61:22:0E:48:CE:4F:E8:09:32:91:71:06
Certificate issuer:       /CN=61dee5b94933b1c10377fd86ec970d3b4117ae3d
Certificate serial:       14FFDA
Authority key identifier: CC:E9:F3:9E:8F:65:08:D4:CB:E1:EE:25:A5:CB:1C:73:05:6D:6C:93
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/61dee5b94933b1c10377fd86ec970d3b4117ae3d.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/67ed9008-ae34-44be-882f-59381201b1e1/b1758b8966070d0a83d1b6c9a790bb2d259543bc.roa
Signing time:             Thu 20 Jan 2022 20:59:20 +0000
ROA not before:           Thu 20 Jan 2022 03:00:00 +0000
ROA not after:            Sat 20 Jan 2024 03:00:00 +0000
asID:                     52434
IP address blocks:        190.242.55.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/67ed9008-ae34-44be-882f-59381201b1e1/61dee5b94933b1c10377fd86ec970d3b4117ae3d.crl
                          rsync://repository.lacnic.net/rpki/lacnic/67ed9008-ae34-44be-882f-59381201b1e1/61dee5b94933b1c10377fd86ec970d3b4117ae3d.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/61dee5b94933b1c10377fd86ec970d3b4117ae3d.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 18 Mar 2023 03:50:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1376218 (0x14ffda)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=61dee5b94933b1c10377fd86ec970d3b4117ae3d
        Validity
            Not Before: Jan 20 03:00:00 2022 GMT
            Not After : Jan 20 03:00:00 2024 GMT
        Subject: CN=b1758b8966070d0a83d1b6c9a790bb2d259543bc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:15:66:59:38:d2:ed:89:8c:f7:59:5c:1b:4f:
                    d0:5b:15:fc:31:fc:80:59:df:6a:4b:c5:d3:32:c4:
                    9d:5b:29:f4:b9:99:d4:32:c5:80:89:fd:ba:64:b2:
                    71:cb:d1:01:55:4c:42:c6:14:66:71:37:95:80:f7:
                    3b:20:fe:ff:96:b1:70:ae:8b:9c:9c:5c:8f:e6:93:
                    97:68:a4:9b:a0:37:a2:19:83:79:b5:49:d0:e1:92:
                    d6:54:43:ca:cc:5d:28:2b:60:4d:2f:99:ea:3d:ae:
                    75:b7:be:44:8b:48:63:06:ff:bf:9c:3d:1c:41:5d:
                    e8:28:4b:bd:0b:75:2f:15:16:cf:e5:6f:d6:5d:b0:
                    95:a5:45:93:45:a2:d1:16:02:0a:56:ef:d9:42:4c:
                    2b:d2:04:22:b1:6b:28:19:94:44:a1:42:bf:62:fb:
                    96:21:6f:b3:49:bf:34:55:8e:a1:c2:d2:89:01:ca:
                    0e:9c:5e:09:26:5a:57:f8:8d:3f:77:a9:28:53:e5:
                    50:a0:87:b2:6d:1b:47:f5:4b:10:d8:b3:b9:07:d8:
                    0b:35:30:69:33:a9:39:40:7b:c1:0a:d7:d3:ec:f9:
                    ea:bb:e6:08:41:a9:73:f3:5b:7d:47:78:02:a4:65:
                    6c:84:42:14:9c:d4:27:6a:73:66:ba:f6:0c:42:cf:
                    94:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                95:15:BA:A5:52:38:9F:DD:61:22:0E:48:CE:4F:E8:09:32:91:71:06
            X509v3 Authority Key Identifier: 
                keyid:CC:E9:F3:9E:8F:65:08:D4:CB:E1:EE:25:A5:CB:1C:73:05:6D:6C:93

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/61dee5b94933b1c10377fd86ec970d3b4117ae3d.cer

            Subject Information Access: 
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/67ed9008-ae34-44be-882f-59381201b1e1/b1758b8966070d0a83d1b6c9a790bb2d259543bc.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/67ed9008-ae34-44be-882f-59381201b1e1/61dee5b94933b1c10377fd86ec970d3b4117ae3d.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.242.55.0/24

    Signature Algorithm: sha256WithRSAEncryption
         80:46:bc:f5:8c:3c:fd:d7:ab:c9:ae:48:6c:14:3a:5c:be:a3:
         fb:cc:13:8e:c6:c7:2b:c9:00:58:80:3b:0d:e8:e5:8d:b1:21:
         ce:a3:38:70:a6:0e:e5:0a:5d:81:d2:84:33:a4:cd:68:63:ba:
         a5:55:d1:69:a4:f4:31:a9:d6:67:94:84:5d:ca:e1:6c:b8:bf:
         02:42:93:4b:e5:d9:44:24:3b:7f:47:f7:5c:4d:ad:e1:50:09:
         6a:89:50:17:68:83:82:d2:9c:73:55:26:c7:f7:c0:94:84:b5:
         e4:ac:ab:3f:2b:66:cf:87:07:eb:f1:f2:04:0b:57:5e:4f:6f:
         e7:80:4c:b0:50:cf:c2:19:fb:d0:93:e4:d8:9c:63:06:66:f3:
         68:b2:a1:2c:04:5b:74:01:c5:9d:3f:38:29:c6:68:df:71:a1:
         ea:9e:75:b7:e2:b9:4d:22:dc:b9:1d:cd:5a:fe:22:25:2b:05:
         e8:9f:28:ce:51:0e:92:ba:44:2b:2e:d2:69:fd:bf:12:99:59:
         fe:f8:dc:4d:ed:ad:d4:30:01:ed:1a:a1:e2:0b:41:cf:cf:dd:
         a9:f4:ba:04:b5:a4:25:07:6e:ed:cd:0f:1c:00:39:fb:ef:5c:
         b6:60:77:85:b7:eb:df:37:15:c2:e3:39:a7:a2:4c:56:10:08:
         9f:c1:89:47
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDFP/aMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDYx
ZGVlNWI5NDkzM2IxYzEwMzc3ZmQ4NmVjOTcwZDNiNDExN2FlM2QwHhcNMjIwMTIw
MDMwMDAwWhcNMjQwMTIwMDMwMDAwWjAzMTEwLwYDVQQDEyhiMTc1OGI4OTY2MDcw
ZDBhODNkMWI2YzlhNzkwYmIyZDI1OTU0M2JjMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAkRVmWTjS7YmM91lcG0/QWxX8MfyAWd9qS8XTMsSdWyn0uZnU
MsWAif26ZLJxy9EBVUxCxhRmcTeVgPc7IP7/lrFwroucnFyP5pOXaKSboDeiGYN5
tUnQ4ZLWVEPKzF0oK2BNL5nqPa51t75Ei0hjBv+/nD0cQV3oKEu9C3UvFRbP5W/W
XbCVpUWTRaLRFgIKVu/ZQkwr0gQisWsoGZREoUK/YvuWIW+zSb80VY6hwtKJAcoO
nF4JJlpX+I0/d6koU+VQoIeybRtH9UsQ2LO5B9gLNTBpM6k5QHvBCtfT7Pnqu+YI
Qalz81t9R3gCpGVshEIUnNQnanNmuvYMQs+U6wIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFJUVuqVSOJ/dYSIOSM5P6AkykXEGMB8GA1UdIwQYMBaAFMzp856PZQjUy+Hu
JaXLHHMFbWyTMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvNjFkZWU1
Yjk0OTMzYjFjMTAzNzdmZDg2ZWM5NzBkM2I0MTE3YWUzZC5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNjdlZDkwMDgtYWUzNC00NGJlLTg4MmYtNTkzODEy
MDFiMWUxL2IxNzU4Yjg5NjYwNzBkMGE4M2QxYjZjOWE3OTBiYjJkMjU5NTQzYmMu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy82N2VkOTAwOC1hZTM0LTQ0YmUtODgyZi01OTM4
MTIwMWIxZTEvNjFkZWU1Yjk0OTMzYjFjMTAzNzdmZDg2ZWM5NzBkM2I0MTE3YWUz
ZC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAL7yNzANBgkqhkiG9w0BAQsFAAOCAQEAgEa89Yw8/derya5I
bBQ6XL6j+8wTjsbHK8kAWIA7DejljbEhzqM4cKYO5QpdgdKEM6TNaGO6pVXRaaT0
ManWZ5SEXcrhbLi/AkKTS+XZRCQ7f0f3XE2t4VAJaolQF2iDgtKcc1Umx/fAlIS1
5KyrPytmz4cH6/HyBAtXXk9v54BMsFDPwhn70JPk2JxjBmbzaLKhLARbdAHFnT84
KcZo33Gh6p51t+K5TSLcuR3NWv4iJSsF6J8ozlEOkrpEKy7Saf2/EplZ/vjcTe2t
1DAB7Rqh4gtBz8/dqfS6BLWkJQdu7c0PHAA5++9ctmB3hbfr3zcVwuM5p6JMVhAI
n8GJRw==
-----END CERTIFICATE-----
Generated at Wed Mar 15 11:46:33 2023 by rpki-client on console-fra.rpki-client.org