Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/67ed9008-ae34-44be-882f-59381201b1e1/b47db0c0d2b81238829f9c6c2678aed7f242b8fd.roa
File:                     b47db0c0d2b81238829f9c6c2678aed7f242b8fd.roa (raw, json)
Hash identifier:          H8NQdKGwzMIErSOq5YMYMsoyoK3ugTD2if2jtiu5Kfk=
Subject key identifier:   96:74:A4:02:FB:A1:8A:42:02:B0:BB:A7:64:AF:87:4A:94:95:8E:CF
Certificate issuer:       /CN=a7237d32fd35bbf0fdba7734a8368fd9626eca5a
Certificate serial:       27D7B4
Authority key identifier: BE:02:D2:36:F8:B0:06:BA:87:81:2A:20:2E:F5:B7:66:DC:8E:30:3F
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/a7237d32fd35bbf0fdba7734a8368fd9626eca5a.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/67ed9008-ae34-44be-882f-59381201b1e1/b47db0c0d2b81238829f9c6c2678aed7f242b8fd.roa
Signing time:             Mon 12 Feb 2024 15:10:00 +0000
ROA not before:           Mon 12 Feb 2024 15:09:57 +0000
ROA not after:            Mon 12 Feb 2029 15:09:57 +0000
asID:                     28064
IP address blocks:        190.242.30.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/67ed9008-ae34-44be-882f-59381201b1e1/a7237d32fd35bbf0fdba7734a8368fd9626eca5a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/67ed9008-ae34-44be-882f-59381201b1e1/a7237d32fd35bbf0fdba7734a8368fd9626eca5a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/a7237d32fd35bbf0fdba7734a8368fd9626eca5a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 15 Apr 2024 06:03:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2611124 (0x27d7b4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a7237d32fd35bbf0fdba7734a8368fd9626eca5a
        Validity
            Not Before: Feb 12 15:09:57 2024 GMT
            Not After : Feb 12 15:09:57 2029 GMT
        Subject: CN=b47db0c0d2b81238829f9c6c2678aed7f242b8fd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:8f:ce:20:9a:17:d7:db:3f:3c:51:5b:99:99:
                    7e:25:7f:ef:1c:e1:cc:a9:af:a4:d7:4d:04:fc:8c:
                    76:73:c6:22:df:24:12:24:da:43:2b:1e:5a:02:a7:
                    54:9f:2f:38:e5:bd:f4:e3:1f:2f:9f:10:cb:4e:a8:
                    88:ed:05:36:50:c2:ca:85:5e:9d:6c:c7:a6:45:f1:
                    d9:c1:88:8f:6f:15:8f:82:c7:a3:54:6e:ab:dd:de:
                    7a:02:64:cb:d4:99:52:44:ca:27:4e:e2:82:96:2f:
                    5e:df:f7:04:3e:43:66:db:19:c2:de:97:45:8c:ff:
                    9d:00:d6:62:d8:1f:c0:ef:85:ed:65:5d:0d:a0:7c:
                    b4:63:a3:7c:a2:7d:64:be:d7:14:7c:4e:63:b5:8b:
                    3b:3e:b0:d5:2d:d5:80:de:39:d3:38:2c:53:04:bd:
                    7d:d6:bb:70:c3:f9:7f:0f:aa:15:0c:44:5f:42:a8:
                    a3:a3:a2:65:27:da:c8:b2:c0:c1:bb:0a:4f:12:b8:
                    ae:75:82:ca:92:7b:2f:db:71:a2:ca:16:05:c3:28:
                    6b:cc:c9:2a:64:7b:94:76:e1:8b:66:75:b5:33:72:
                    31:9b:6a:89:09:14:56:56:84:69:ee:2f:39:b0:aa:
                    ef:eb:00:8b:4d:d9:c8:c4:e1:d8:72:a1:8e:23:b4:
                    00:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                96:74:A4:02:FB:A1:8A:42:02:B0:BB:A7:64:AF:87:4A:94:95:8E:CF
            X509v3 Authority Key Identifier:
                keyid:BE:02:D2:36:F8:B0:06:BA:87:81:2A:20:2E:F5:B7:66:DC:8E:30:3F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/a7237d32fd35bbf0fdba7734a8368fd9626eca5a.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/67ed9008-ae34-44be-882f-59381201b1e1/b47db0c0d2b81238829f9c6c2678aed7f242b8fd.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/67ed9008-ae34-44be-882f-59381201b1e1/a7237d32fd35bbf0fdba7734a8368fd9626eca5a.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.242.30.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2f:7c:47:bd:82:ec:23:e2:cc:21:29:7d:3d:30:99:7d:ef:93:
         6c:11:9f:5f:6e:b9:d7:9e:5e:89:eb:e2:16:12:6c:31:69:9d:
         cf:bc:ae:3e:8e:d1:e6:f1:ac:98:37:a7:cf:16:b3:fd:83:33:
         43:ae:e3:cf:e7:59:58:ba:dd:22:e5:39:9e:b8:30:12:ba:fd:
         86:19:d0:bf:42:d4:00:bc:ab:ca:8a:dd:2b:24:d0:e5:cf:11:
         74:29:be:d5:03:ad:62:91:00:04:23:6b:e3:37:f0:65:84:4a:
         5d:cd:d0:f9:0d:3e:1a:a8:78:f7:44:bd:62:2e:a6:f6:ce:84:
         39:7d:a4:4b:c5:62:bd:70:41:c8:62:af:12:55:23:2c:37:f2:
         86:68:be:9f:dc:ad:38:a4:74:32:4c:e9:86:9e:58:55:6f:37:
         f2:df:37:ab:f5:4c:8f:64:61:a2:ea:54:36:de:6a:5c:08:f4:
         db:e9:95:ed:22:88:71:bf:46:72:80:d6:e2:1e:55:dd:f3:97:
         83:ec:fe:f7:a6:8a:08:29:0c:b1:01:de:61:cc:dc:05:3a:ad:
         05:d5:9d:f3:04:a2:aa:85:bf:17:0e:12:68:43:ff:fe:ca:6f:
         f0:57:c9:9b:15:ff:5f:4d:b7:36:5f:cd:41:db:f9:38:90:d3:
         c1:18:e1:fd
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDJ9e0MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGE3
MjM3ZDMyZmQzNWJiZjBmZGJhNzczNGE4MzY4ZmQ5NjI2ZWNhNWEwHhcNMjQwMjEy
MTUwOTU3WhcNMjkwMjEyMTUwOTU3WjAzMTEwLwYDVQQDEyhiNDdkYjBjMGQyYjgx
MjM4ODI5ZjljNmMyNjc4YWVkN2YyNDJiOGZkMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA2I/OIJoX19s/PFFbmZl+JX/vHOHMqa+k100E/Ix2c8Yi3yQS
JNpDKx5aAqdUny845b304x8vnxDLTqiI7QU2UMLKhV6dbMemRfHZwYiPbxWPgsej
VG6r3d56AmTL1JlSRMonTuKCli9e3/cEPkNm2xnC3pdFjP+dANZi2B/A74XtZV0N
oHy0Y6N8on1kvtcUfE5jtYs7PrDVLdWA3jnTOCxTBL191rtww/l/D6oVDERfQqij
o6JlJ9rIssDBuwpPEriudYLKknsv23GiyhYFwyhrzMkqZHuUduGLZnW1M3Ixm2qJ
CRRWVoRp7i85sKrv6wCLTdnIxOHYcqGOI7QAcwIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFJZ0pAL7oYpCArC7p2Svh0qUlY7PMB8GA1UdIwQYMBaAFL4C0jb4sAa6h4Eq
IC71t2bcjjA/MA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYTcyMzdk
MzJmZDM1YmJmMGZkYmE3NzM0YTgzNjhmZDk2MjZlY2E1YS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNjdlZDkwMDgtYWUzNC00NGJlLTg4MmYtNTkzODEy
MDFiMWUxL2I0N2RiMGMwZDJiODEyMzg4MjlmOWM2YzI2NzhhZWQ3ZjI0MmI4ZmQu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy82N2VkOTAwOC1hZTM0LTQ0YmUtODgyZi01OTM4
MTIwMWIxZTEvYTcyMzdkMzJmZDM1YmJmMGZkYmE3NzM0YTgzNjhmZDk2MjZlY2E1
YS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAL7yHjANBgkqhkiG9w0BAQsFAAOCAQEAL3xHvYLsI+LMISl9
PTCZfe+TbBGfX265155eieviFhJsMWmdz7yuPo7R5vGsmDenzxaz/YMzQ67jz+dZ
WLrdIuU5nrgwErr9hhnQv0LUALyryordKyTQ5c8RdCm+1QOtYpEABCNr4zfwZYRK
Xc3Q+Q0+Gqh490S9Yi6m9s6EOX2kS8VivXBByGKvElUjLDfyhmi+n9ytOKR0Mkzp
hp5YVW838t83q/VMj2RhoupUNt5qXAj02+mV7SKIcb9GcoDW4h5V3fOXg+z+96aK
CCkMsQHeYczcBTqtBdWd8wSiqoW/Fw4SaEP//spv8FfJmxX/X023Nl/NQdv5OJDT
wRjh/Q==
-----END CERTIFICATE-----
Generated at Fri Apr 12 10:33:48 2024 by rpki-client on console-fra.rpki-client.org