Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/67ed9008-ae34-44be-882f-59381201b1e1/c096e471685a63f1c1a94ed95e765fa2727d0974.roa
File:                     c096e471685a63f1c1a94ed95e765fa2727d0974.roa (raw, json)
Hash identifier:          ul12rHZ0YoGRP46IinbU2XZXy21i7f3Y6oz2Sl+ObUs=
Subject key identifier:   7C:54:6A:E3:5E:ED:52:1C:AE:22:62:0D:12:BD:2A:7C:DE:EA:77:B1
Certificate issuer:       /CN=a7237d32fd35bbf0fdba7734a8368fd9626eca5a
Certificate serial:       27DE39
Authority key identifier: BE:02:D2:36:F8:B0:06:BA:87:81:2A:20:2E:F5:B7:66:DC:8E:30:3F
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/a7237d32fd35bbf0fdba7734a8368fd9626eca5a.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/67ed9008-ae34-44be-882f-59381201b1e1/c096e471685a63f1c1a94ed95e765fa2727d0974.roa
Signing time:             Mon 12 Feb 2024 15:10:02 +0000
ROA not before:           Mon 12 Feb 2024 15:09:57 +0000
ROA not after:            Mon 12 Feb 2029 15:09:57 +0000
asID:                     26611
IP address blocks:        190.242.72.0/21 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/67ed9008-ae34-44be-882f-59381201b1e1/a7237d32fd35bbf0fdba7734a8368fd9626eca5a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/67ed9008-ae34-44be-882f-59381201b1e1/a7237d32fd35bbf0fdba7734a8368fd9626eca5a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/a7237d32fd35bbf0fdba7734a8368fd9626eca5a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 15 Apr 2024 06:03:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2612793 (0x27de39)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a7237d32fd35bbf0fdba7734a8368fd9626eca5a
        Validity
            Not Before: Feb 12 15:09:57 2024 GMT
            Not After : Feb 12 15:09:57 2029 GMT
        Subject: CN=c096e471685a63f1c1a94ed95e765fa2727d0974
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:ea:93:6f:bf:f4:46:18:13:3b:83:a9:e3:87:
                    55:a5:31:29:41:d3:2c:0e:2b:d4:60:65:82:56:f8:
                    27:f2:83:74:1c:9d:3f:ac:77:fa:3d:48:22:db:a0:
                    5b:78:bf:a0:3a:66:59:92:0b:1d:82:19:b4:cd:77:
                    4d:7c:71:d5:49:9f:58:10:09:08:0d:90:bb:b3:45:
                    44:3a:d4:4c:73:11:45:81:0c:a5:e4:c6:bc:e6:9f:
                    03:7a:a4:36:61:c4:d2:31:41:31:f7:a4:52:ed:c9:
                    11:63:a2:16:23:17:b9:69:a2:d3:1e:13:7c:63:96:
                    52:f4:d4:5b:99:c6:3b:86:2c:f3:cc:86:f1:72:75:
                    3e:83:8f:c1:ca:f2:d8:76:4a:d4:1a:18:16:c2:c9:
                    2f:89:e8:4f:98:ad:fc:30:b5:c8:f5:e9:7d:03:d8:
                    ef:24:2e:e1:7e:5b:5f:98:68:62:47:b4:8e:be:cf:
                    33:f6:7f:f6:a6:52:eb:76:ed:90:19:df:29:35:c9:
                    b8:d9:4b:6d:7e:8b:db:93:3c:a6:5d:e0:dd:9e:eb:
                    7b:2b:48:b8:d3:32:f6:4d:37:39:48:53:29:64:73:
                    27:ac:2b:10:50:e3:fe:9c:4f:d2:82:7a:7c:0b:7a:
                    56:e4:a2:27:48:d7:d5:ca:e9:40:02:74:10:fd:f5:
                    31:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7C:54:6A:E3:5E:ED:52:1C:AE:22:62:0D:12:BD:2A:7C:DE:EA:77:B1
            X509v3 Authority Key Identifier:
                keyid:BE:02:D2:36:F8:B0:06:BA:87:81:2A:20:2E:F5:B7:66:DC:8E:30:3F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/a7237d32fd35bbf0fdba7734a8368fd9626eca5a.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/67ed9008-ae34-44be-882f-59381201b1e1/c096e471685a63f1c1a94ed95e765fa2727d0974.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/67ed9008-ae34-44be-882f-59381201b1e1/a7237d32fd35bbf0fdba7734a8368fd9626eca5a.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.242.72.0/21

    Signature Algorithm: sha256WithRSAEncryption
         49:88:d6:0c:fc:59:67:11:1b:0b:79:08:54:e0:fc:7a:4a:ae:
         3d:61:28:f0:d3:77:82:d6:02:67:34:69:8d:9d:04:87:36:29:
         35:8e:63:95:f4:3d:0a:b1:93:71:6d:5b:e4:ed:80:87:06:62:
         ea:b7:b1:30:9e:c8:87:d4:fa:19:20:b9:61:29:3f:98:ff:de:
         be:05:34:1f:c7:b3:37:e6:b6:6c:f8:cb:62:db:c5:f8:f0:3a:
         2e:f1:d3:8a:f4:b2:c6:0e:87:6b:3d:ac:14:c1:fd:29:7f:df:
         4f:93:34:cd:85:bd:26:14:2a:32:5e:f6:00:13:17:6f:0c:2a:
         9b:b5:79:11:6e:4a:fc:46:d9:a4:3a:03:af:1e:eb:ff:09:ef:
         b0:4a:9e:b2:17:7c:f5:10:64:d2:fe:5b:5c:3b:55:cf:ee:a1:
         1d:eb:fd:fb:c3:f7:de:90:d1:14:d8:2a:cb:06:89:f5:09:21:
         a4:ea:aa:8d:ed:b8:6d:52:d1:20:94:e1:e1:91:24:1f:c2:97:
         76:e5:5e:ab:a6:f7:00:a2:e5:f4:a3:1e:2e:b9:5b:78:d5:0e:
         df:c3:b5:58:bf:c2:28:fd:4d:b2:c7:b3:5a:29:a5:b5:83:2b:
         48:6e:90:4b:a2:da:f5:c3:f1:e5:b9:d4:e8:49:4b:00:51:f3:
         b2:15:b4:84
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDJ945MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGE3
MjM3ZDMyZmQzNWJiZjBmZGJhNzczNGE4MzY4ZmQ5NjI2ZWNhNWEwHhcNMjQwMjEy
MTUwOTU3WhcNMjkwMjEyMTUwOTU3WjAzMTEwLwYDVQQDEyhjMDk2ZTQ3MTY4NWE2
M2YxYzFhOTRlZDk1ZTc2NWZhMjcyN2QwOTc0MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAq+qTb7/0RhgTO4Op44dVpTEpQdMsDivUYGWCVvgn8oN0HJ0/
rHf6PUgi26BbeL+gOmZZkgsdghm0zXdNfHHVSZ9YEAkIDZC7s0VEOtRMcxFFgQyl
5Ma85p8DeqQ2YcTSMUEx96RS7ckRY6IWIxe5aaLTHhN8Y5ZS9NRbmcY7hizzzIbx
cnU+g4/ByvLYdkrUGhgWwskviehPmK38MLXI9el9A9jvJC7hfltfmGhiR7SOvs8z
9n/2plLrdu2QGd8pNcm42UttfovbkzymXeDdnut7K0i40zL2TTc5SFMpZHMnrCsQ
UOP+nE/Sgnp8C3pW5KInSNfVyulAAnQQ/fUxmwIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFHxUauNe7VIcriJiDRK9Knze6nexMB8GA1UdIwQYMBaAFL4C0jb4sAa6h4Eq
IC71t2bcjjA/MA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYTcyMzdk
MzJmZDM1YmJmMGZkYmE3NzM0YTgzNjhmZDk2MjZlY2E1YS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNjdlZDkwMDgtYWUzNC00NGJlLTg4MmYtNTkzODEy
MDFiMWUxL2MwOTZlNDcxNjg1YTYzZjFjMWE5NGVkOTVlNzY1ZmEyNzI3ZDA5NzQu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy82N2VkOTAwOC1hZTM0LTQ0YmUtODgyZi01OTM4
MTIwMWIxZTEvYTcyMzdkMzJmZDM1YmJmMGZkYmE3NzM0YTgzNjhmZDk2MjZlY2E1
YS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEA77ySDANBgkqhkiG9w0BAQsFAAOCAQEASYjWDPxZZxEbC3kI
VOD8ekquPWEo8NN3gtYCZzRpjZ0EhzYpNY5jlfQ9CrGTcW1b5O2AhwZi6rexMJ7I
h9T6GSC5YSk/mP/evgU0H8ezN+a2bPjLYtvF+PA6LvHTivSyxg6Haz2sFMH9KX/f
T5M0zYW9JhQqMl72ABMXbwwqm7V5EW5K/EbZpDoDrx7r/wnvsEqeshd89RBk0v5b
XDtVz+6hHev9+8P33pDRFNgqywaJ9QkhpOqqje24bVLRIJTh4ZEkH8KXduVeq6b3
AKLl9KMeLrlbeNUO38O1WL/CKP1NssezWimltYMrSG6QS6La9cPx5bnU6ElLAFHz
shW0hA==
-----END CERTIFICATE-----
Generated at Fri Apr 12 10:18:10 2024 by rpki-client on console-ams.rpki-client.org