Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/82a6733e-d700-4003-b1aa-495c991c863d/e2398e99dfe6e68b32fb65d88fb35258c0daaf0d.roa
File:                     e2398e99dfe6e68b32fb65d88fb35258c0daaf0d.roa (raw, json)
Hash identifier:          bU9NGcb2JTAaq5pQWv1BT+tivvITpCp6jC7Tw4S18mE=
Subject key identifier:   D7:7A:1A:75:D3:D0:0E:4C:56:2A:2A:1E:57:37:84:D8:E5:15:94:49
Certificate issuer:       /CN=918bc5a84d8adafedb21d5c2aff20130add70638
Certificate serial:       0D7256
Authority key identifier: BC:99:17:12:0F:29:E5:01:FE:17:20:F4:D2:92:26:7D:8A:F1:5D:D8
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/918bc5a84d8adafedb21d5c2aff20130add70638.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/82a6733e-d700-4003-b1aa-495c991c863d/e2398e99dfe6e68b32fb65d88fb35258c0daaf0d.roa
Signing time:             Wed 24 Mar 2021 14:41:51 +0000
ROA not before:           Wed 24 Mar 2021 14:41:51 +0000
ROA not after:            Tue 24 Mar 2026 14:41:51 +0000
asID:                     262207
IP address blocks:        186.64.104.0/21 maxlen: 21
                          190.151.128.0/22 maxlen: 22
                          2803:48c0::/32 maxlen: 48

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/82a6733e-d700-4003-b1aa-495c991c863d/918bc5a84d8adafedb21d5c2aff20130add70638.crl
                          rsync://repository.lacnic.net/rpki/lacnic/82a6733e-d700-4003-b1aa-495c991c863d/918bc5a84d8adafedb21d5c2aff20130add70638.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/918bc5a84d8adafedb21d5c2aff20130add70638.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Fri 01 Mar 2024 15:12:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 881238 (0xd7256)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=918bc5a84d8adafedb21d5c2aff20130add70638
        Validity
            Not Before: Mar 24 14:41:51 2021 GMT
            Not After : Mar 24 14:41:51 2026 GMT
        Subject: CN=e2398e99dfe6e68b32fb65d88fb35258c0daaf0d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:13:38:cd:82:04:1b:c8:8a:3e:52:f2:e8:df:
                    eb:75:71:48:4f:cd:63:38:42:79:02:a5:d9:90:04:
                    6e:df:d4:d1:45:d3:ed:ec:c7:d8:c3:bd:71:b4:29:
                    62:f8:5d:53:b4:49:02:ae:8c:bc:6c:0f:e7:37:60:
                    6c:b9:46:f8:83:29:93:d7:b1:43:ef:20:e4:be:ef:
                    64:a4:f4:bd:c2:04:ce:0e:0d:fd:d6:a3:7b:0d:4d:
                    c4:d0:cc:a9:0e:63:18:31:13:35:1d:e7:4d:31:65:
                    0d:e8:7a:b1:59:bf:1b:c8:c7:77:24:06:1f:52:62:
                    e0:e4:fb:ee:62:38:51:a2:d6:10:16:b1:8d:b8:99:
                    db:53:f3:7c:bb:3b:f1:78:6a:ae:07:be:4e:07:bb:
                    ec:57:58:36:ee:42:00:5d:c7:6d:6e:85:37:c5:1e:
                    19:fe:a7:01:45:97:bb:e7:c0:0d:fe:b3:9c:9f:58:
                    99:20:68:6e:4a:54:97:40:f7:4d:07:1f:57:fc:2a:
                    08:06:0f:aa:d6:cd:2a:fd:23:73:d6:f2:ba:8a:02:
                    ad:c7:d9:1c:e8:3e:91:a8:f5:7a:fa:3c:e6:aa:ba:
                    46:06:78:16:81:be:8e:84:61:c9:f2:2a:01:f3:34:
                    fc:82:a3:61:2c:f1:0c:8d:4f:a9:b8:97:32:0f:13:
                    c5:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D7:7A:1A:75:D3:D0:0E:4C:56:2A:2A:1E:57:37:84:D8:E5:15:94:49
            X509v3 Authority Key Identifier:
                keyid:BC:99:17:12:0F:29:E5:01:FE:17:20:F4:D2:92:26:7D:8A:F1:5D:D8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/918bc5a84d8adafedb21d5c2aff20130add70638.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/82a6733e-d700-4003-b1aa-495c991c863d/e2398e99dfe6e68b32fb65d88fb35258c0daaf0d.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/82a6733e-d700-4003-b1aa-495c991c863d/918bc5a84d8adafedb21d5c2aff20130add70638.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  186.64.104.0/21
                  190.151.128.0/22
                IPv6:
                  2803:48c0::/32

    Signature Algorithm: sha256WithRSAEncryption
         35:15:6d:25:98:45:90:18:99:f2:df:60:eb:36:85:e4:e0:30:
         43:9e:41:a7:4f:2b:c7:7e:dc:c1:c3:11:ab:84:c3:a9:e6:82:
         d0:ce:51:c0:f0:81:a7:90:85:e4:da:f1:5e:b6:dd:0e:29:a3:
         f4:e5:71:8b:31:72:9b:6f:a5:8a:3c:3d:d2:6a:78:68:ca:c6:
         05:f5:81:8f:4e:e7:2e:2c:41:fa:63:85:56:46:8b:b5:a3:27:
         e5:97:f9:d2:44:8b:ee:18:19:b8:6c:20:50:79:af:ac:11:93:
         1f:84:e0:05:f2:27:58:97:f7:d3:63:e3:93:58:db:75:d8:af:
         5d:3b:d5:06:51:76:f1:56:2f:70:4c:18:bb:8e:d7:d7:f0:a3:
         ef:a0:ec:32:94:da:f7:10:75:6c:64:3f:a6:90:99:85:1f:10:
         56:34:84:82:83:58:d7:60:1e:b3:cd:1a:f8:df:bc:83:f3:91:
         60:59:03:51:69:72:7e:21:69:aa:63:e7:bc:ba:af:52:3e:8b:
         90:4a:e1:af:fd:05:e3:02:33:2d:02:f3:28:24:bd:f5:68:46:
         45:e8:9e:04:de:ea:2e:61:8d:6d:eb:5e:2c:5d:c7:c2:e6:d2:
         a7:3a:21:3b:83:38:e0:58:2d:e6:7a:e3:1e:7e:a2:5f:8a:0e:
         90:f4:a3:19
-----BEGIN CERTIFICATE-----
MIIFVTCCBD2gAwIBAgIDDXJWMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDkx
OGJjNWE4NGQ4YWRhZmVkYjIxZDVjMmFmZjIwMTMwYWRkNzA2MzgwHhcNMjEwMzI0
MTQ0MTUxWhcNMjYwMzI0MTQ0MTUxWjAzMTEwLwYDVQQDEyhlMjM5OGU5OWRmZTZl
NjhiMzJmYjY1ZDg4ZmIzNTI1OGMwZGFhZjBkMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAiBM4zYIEG8iKPlLy6N/rdXFIT81jOEJ5AqXZkARu39TRRdPt
7MfYw71xtCli+F1TtEkCroy8bA/nN2BsuUb4gymT17FD7yDkvu9kpPS9wgTODg39
1qN7DU3E0MypDmMYMRM1HedNMWUN6HqxWb8byMd3JAYfUmLg5PvuYjhRotYQFrGN
uJnbU/N8uzvxeGquB75OB7vsV1g27kIAXcdtboU3xR4Z/qcBRZe758AN/rOcn1iZ
IGhuSlSXQPdNBx9X/CoIBg+q1s0q/SNz1vK6igKtx9kc6D6RqPV6+jzmqrpGBngW
gb6OhGHJ8ioB8zT8gqNhLPEMjU+puJcyDxPFvQIDAQABo4ICcDCCAmwwHQYDVR0O
BBYEFNd6GnXT0A5MVioqHlc3hNjlFZRJMB8GA1UdIwQYMBaAFLyZFxIPKeUB/hcg
9NKSJn2K8V3YMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvOTE4YmM1
YTg0ZDhhZGFmZWRiMjFkNWMyYWZmMjAxMzBhZGQ3MDYzOC5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvODJhNjczM2UtZDcwMC00MDAzLWIxYWEtNDk1Yzk5
MWM4NjNkL2UyMzk4ZTk5ZGZlNmU2OGIzMmZiNjVkODhmYjM1MjU4YzBkYWFmMGQu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy84MmE2NzMzZS1kNzAwLTQwMDMtYjFhYS00OTVj
OTkxYzg2M2QvOTE4YmM1YTg0ZDhhZGFmZWRiMjFkNWMyYWZmMjAxMzBhZGQ3MDYz
OC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0BggrBgEFBQcBBwEB/wQl
MCMwEgQCAAEwDAMEA7pAaAMEAr6XgDANBAIAAjAHAwUAKANIwDANBgkqhkiG9w0B
AQsFAAOCAQEANRVtJZhFkBiZ8t9g6zaF5OAwQ55Bp08rx37cwcMRq4TDqeaC0M5R
wPCBp5CF5NrxXrbdDimj9OVxizFym2+lijw90mp4aMrGBfWBj07nLixB+mOFVkaL
taMn5Zf50kSL7hgZuGwgUHmvrBGTH4TgBfInWJf302Pjk1jbddivXTvVBlF28VYv
cEwYu47X1/Cj76DsMpTa9xB1bGQ/ppCZhR8QVjSEgoNY12Aes80a+N+8g/ORYFkD
UWlyfiFpqmPnvLqvUj6LkErhr/0F4wIzLQLzKCS99WhGReieBN7qLmGNbeteLF3H
wubSpzohO4M44Fgt5nrjHn6iX4oOkPSjGQ==
-----END CERTIFICATE-----
Generated at Tue Feb 27 16:12:20 2024 by rpki-client on console-fra.rpki-client.org