Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/67ed9008-ae34-44be-882f-59381201b1e1/b47f3236c1f65a32f404879308bd5b6a5c19f19b.roa
File:                     b47f3236c1f65a32f404879308bd5b6a5c19f19b.roa (raw, json)
Hash identifier:          ddMkIVwNl8k6O9ok5D9tjAPNvXr6bR7SlN0Ui/YhHJ8=
Subject key identifier:   5F:A5:81:E4:45:FE:A1:D6:54:8F:E0:55:A7:C1:70:26:A8:2A:1C:2E
Certificate issuer:       /CN=a7237d32fd35bbf0fdba7734a8368fd9626eca5a
Certificate serial:       27F738
Authority key identifier: BE:02:D2:36:F8:B0:06:BA:87:81:2A:20:2E:F5:B7:66:DC:8E:30:3F
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/a7237d32fd35bbf0fdba7734a8368fd9626eca5a.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/67ed9008-ae34-44be-882f-59381201b1e1/b47f3236c1f65a32f404879308bd5b6a5c19f19b.roa
Signing time:             Mon 12 Feb 2024 15:10:10 +0000
ROA not before:           Mon 12 Feb 2024 15:09:57 +0000
ROA not after:            Mon 12 Feb 2029 15:09:57 +0000
asID:                     26426
IP address blocks:        190.242.8.0/24 maxlen: 24
                          190.242.13.0/24 maxlen: 24
                          190.242.21.0/24 maxlen: 24
                          190.242.68.0/23 maxlen: 24
                          190.242.70.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/67ed9008-ae34-44be-882f-59381201b1e1/a7237d32fd35bbf0fdba7734a8368fd9626eca5a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/67ed9008-ae34-44be-882f-59381201b1e1/a7237d32fd35bbf0fdba7734a8368fd9626eca5a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/a7237d32fd35bbf0fdba7734a8368fd9626eca5a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 15 Apr 2024 06:03:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2619192 (0x27f738)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a7237d32fd35bbf0fdba7734a8368fd9626eca5a
        Validity
            Not Before: Feb 12 15:09:57 2024 GMT
            Not After : Feb 12 15:09:57 2029 GMT
        Subject: CN=b47f3236c1f65a32f404879308bd5b6a5c19f19b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:ff:79:13:d1:e6:4c:af:ce:75:b5:e3:fc:6d:
                    4c:c0:58:89:e2:93:85:bc:61:0f:f2:e4:bf:f5:ca:
                    08:70:c7:29:e8:a8:81:51:c1:3c:51:01:9b:4d:17:
                    f2:17:ca:70:8f:ea:0b:32:6d:e1:c2:2c:24:60:7c:
                    67:38:03:77:e0:ef:30:a5:95:5a:58:e6:a1:33:d2:
                    80:47:e3:57:27:c0:a9:fd:64:53:b0:c6:11:2f:57:
                    c1:54:77:2c:4d:b0:8d:cf:e7:bd:62:5c:0e:01:b5:
                    68:5f:46:26:d0:24:3b:05:51:15:e4:a4:37:d0:c8:
                    20:1f:12:9c:6a:e1:d7:c5:d1:e8:9d:27:10:55:96:
                    5b:5d:50:ea:1c:d8:eb:42:b0:0d:9e:d5:72:c1:1c:
                    9b:33:90:14:80:3e:b4:e4:eb:f2:76:49:a7:9a:f1:
                    8d:98:c3:01:e2:b7:91:35:1c:78:c3:c7:7a:38:39:
                    49:05:1b:de:25:46:f5:79:aa:d4:df:64:8e:94:f2:
                    68:ae:15:58:61:c7:f4:e3:f1:99:0d:ba:43:af:e6:
                    94:8c:c7:29:3c:10:7a:1e:d3:80:6f:93:21:2b:4b:
                    7a:5d:f2:1f:b3:1b:88:98:53:e6:16:d1:a5:48:77:
                    6e:07:df:cf:bc:0a:37:8a:41:38:4e:0a:db:2a:23:
                    27:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5F:A5:81:E4:45:FE:A1:D6:54:8F:E0:55:A7:C1:70:26:A8:2A:1C:2E
            X509v3 Authority Key Identifier:
                keyid:BE:02:D2:36:F8:B0:06:BA:87:81:2A:20:2E:F5:B7:66:DC:8E:30:3F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/a7237d32fd35bbf0fdba7734a8368fd9626eca5a.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/67ed9008-ae34-44be-882f-59381201b1e1/b47f3236c1f65a32f404879308bd5b6a5c19f19b.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/67ed9008-ae34-44be-882f-59381201b1e1/a7237d32fd35bbf0fdba7734a8368fd9626eca5a.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.242.8.0/24
                  190.242.13.0/24
                  190.242.21.0/24
                  190.242.68.0-190.242.70.255

    Signature Algorithm: sha256WithRSAEncryption
         17:19:7d:fb:37:8a:1e:ab:b9:c9:e1:1b:2c:8e:0c:cf:01:6e:
         3f:ad:63:d4:f2:90:02:c8:62:a4:67:36:72:79:ce:4d:3e:a5:
         58:d7:a8:27:1c:62:46:a2:31:28:20:73:8c:73:f1:5b:31:fa:
         cf:74:58:a6:27:ed:21:65:12:a6:cf:a6:6a:da:60:0b:90:85:
         19:01:59:6c:78:26:77:3c:82:78:03:30:70:3a:60:b0:2b:9e:
         d2:ad:9b:c8:dc:09:5d:56:43:a6:3c:92:0d:a0:b2:e8:ff:ea:
         f1:4f:fb:4c:46:78:3b:d1:40:3d:c7:0c:c1:cd:c9:1a:b3:47:
         c5:d5:8b:51:26:20:66:e1:a6:d2:88:7f:60:ac:30:1a:0c:56:
         4f:fa:43:6d:6e:12:48:e0:e5:58:a0:8b:a8:60:80:7d:7b:d0:
         0f:80:93:fc:c7:b1:54:e3:4c:b6:36:e5:30:09:c1:ba:c6:fc:
         56:b4:ee:d9:a1:a9:6c:a0:b5:e6:7b:df:a9:60:c2:14:d1:6f:
         b2:f3:19:d8:26:c3:0b:e1:88:8d:bf:7b:c5:0e:bd:24:5a:64:
         32:4b:1f:74:fb:2f:9b:d6:c7:ba:de:6c:3f:90:b9:6a:4c:11:
         d2:13:5e:7a:a9:88:3c:68:28:39:d8:60:57:75:bc:3f:92:19:
         eb:ca:43:74
-----BEGIN CERTIFICATE-----
MIIFWjCCBEKgAwIBAgIDJ/c4MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGE3
MjM3ZDMyZmQzNWJiZjBmZGJhNzczNGE4MzY4ZmQ5NjI2ZWNhNWEwHhcNMjQwMjEy
MTUwOTU3WhcNMjkwMjEyMTUwOTU3WjAzMTEwLwYDVQQDEyhiNDdmMzIzNmMxZjY1
YTMyZjQwNDg3OTMwOGJkNWI2YTVjMTlmMTliMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAov95E9HmTK/OdbXj/G1MwFiJ4pOFvGEP8uS/9coIcMcp6KiB
UcE8UQGbTRfyF8pwj+oLMm3hwiwkYHxnOAN34O8wpZVaWOahM9KAR+NXJ8Cp/WRT
sMYRL1fBVHcsTbCNz+e9YlwOAbVoX0Ym0CQ7BVEV5KQ30MggHxKcauHXxdHonScQ
VZZbXVDqHNjrQrANntVywRybM5AUgD605OvydkmnmvGNmMMB4reRNRx4w8d6ODlJ
BRveJUb1earU32SOlPJorhVYYcf04/GZDbpDr+aUjMcpPBB6HtOAb5MhK0t6XfIf
sxuImFPmFtGlSHduB9/PvAo3ikE4TgrbKiMnEQIDAQABo4ICdTCCAnEwHQYDVR0O
BBYEFF+lgeRF/qHWVI/gVafBcCaoKhwuMB8GA1UdIwQYMBaAFL4C0jb4sAa6h4Eq
IC71t2bcjjA/MA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYTcyMzdk
MzJmZDM1YmJmMGZkYmE3NzM0YTgzNjhmZDk2MjZlY2E1YS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNjdlZDkwMDgtYWUzNC00NGJlLTg4MmYtNTkzODEy
MDFiMWUxL2I0N2YzMjM2YzFmNjVhMzJmNDA0ODc5MzA4YmQ1YjZhNWMxOWYxOWIu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy82N2VkOTAwOC1hZTM0LTQ0YmUtODgyZi01OTM4
MTIwMWIxZTEvYTcyMzdkMzJmZDM1YmJmMGZkYmE3NzM0YTgzNjhmZDk2MjZlY2E1
YS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA5BggrBgEFBQcBBwEB/wQq
MCgwJgQCAAEwIAMEAL7yCAMEAL7yDQMEAL7yFTAMAwQCvvJEAwQAvvJGMA0GCSqG
SIb3DQEBCwUAA4IBAQAXGX37N4oeq7nJ4RssjgzPAW4/rWPU8pACyGKkZzZyec5N
PqVY16gnHGJGojEoIHOMc/FbMfrPdFimJ+0hZRKmz6Zq2mALkIUZAVlseCZ3PIJ4
AzBwOmCwK57SrZvI3AldVkOmPJINoLLo/+rxT/tMRng70UA9xwzBzckas0fF1YtR
JiBm4abSiH9grDAaDFZP+kNtbhJI4OVYoIuoYIB9e9APgJP8x7FU40y2NuUwCcG6
xvxWtO7ZoalsoLXme9+pYMIU0W+y8xnYJsML4YiNv3vFDr0kWmQySx90+y+b1se6
3mw/kLlqTBHSE156qYg8aCg52GBXdbw/khnrykN0
-----END CERTIFICATE-----
Generated at Fri Apr 12 10:33:48 2024 by rpki-client on console-fra.rpki-client.org