Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/898020e9-9797-43cb-879f-470883438790/a94ec9931fac3792664c0f3bf7c0bced6699596d.roa
File:                     a94ec9931fac3792664c0f3bf7c0bced6699596d.roa (raw, json)
Hash identifier:          R+HPPHsfWY1mPi/eCIjUaIGpY6mDqtCngQOr/D/YOsc=
Subject key identifier:   D8:F7:79:85:EB:B4:D5:33:A9:50:7C:A4:81:25:FA:5A:94:52:E6:ED
Certificate issuer:       /CN=96b208ded55eae6c55f07562fbc7f58e61c7d16f
Certificate serial:       02D21E
Authority key identifier: 8F:89:56:4D:48:D7:A0:98:73:1B:D3:C3:3C:41:A8:C3:28:8A:F5:9A
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/96b208ded55eae6c55f07562fbc7f58e61c7d16f.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/898020e9-9797-43cb-879f-470883438790/a94ec9931fac3792664c0f3bf7c0bced6699596d.roa
Signing time:             Wed 24 Mar 2021 14:44:51 +0000
ROA not before:           Wed 24 Mar 2021 14:44:50 +0000
ROA not after:            Tue 24 Mar 2026 14:44:50 +0000
asID:                     14754
IP address blocks:        190.184.0.0/18 maxlen: 18
                          190.184.64.0/18 maxlen: 18

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/898020e9-9797-43cb-879f-470883438790/96b208ded55eae6c55f07562fbc7f58e61c7d16f.crl
                          rsync://repository.lacnic.net/rpki/lacnic/898020e9-9797-43cb-879f-470883438790/96b208ded55eae6c55f07562fbc7f58e61c7d16f.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/96b208ded55eae6c55f07562fbc7f58e61c7d16f.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 01 Apr 2024 05:39:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 184862 (0x2d21e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=96b208ded55eae6c55f07562fbc7f58e61c7d16f
        Validity
            Not Before: Mar 24 14:44:50 2021 GMT
            Not After : Mar 24 14:44:50 2026 GMT
        Subject: CN=a94ec9931fac3792664c0f3bf7c0bced6699596d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:51:56:37:22:31:50:fc:33:f7:e4:09:0e:37:
                    13:7c:87:3a:9c:b7:af:83:8a:9f:de:01:4e:4d:6f:
                    24:72:48:5b:3b:be:de:64:33:a5:f3:51:9c:2c:45:
                    ff:2e:d5:dc:0a:03:ad:fd:34:ca:25:70:b1:a8:be:
                    7f:6c:df:3e:cc:ae:cd:33:fc:c8:22:0b:31:bf:ed:
                    1b:77:98:9d:22:67:8a:4d:46:c6:19:9e:be:24:ac:
                    a0:7a:c0:b3:24:86:a6:1d:27:8b:50:ec:87:4a:e2:
                    5a:96:1b:ab:d7:81:a3:fa:a0:24:e3:dc:18:c2:ef:
                    0a:d4:f2:7b:42:d1:9c:31:d3:2d:3f:04:8d:4c:94:
                    92:40:fc:1a:72:1a:4f:17:2c:7e:49:68:59:bf:c1:
                    cf:26:d6:46:45:fa:43:1c:2f:4b:81:d6:dc:b1:85:
                    d3:c7:b0:fc:f9:40:dd:31:ed:5b:ca:fa:23:b0:18:
                    4d:ff:a9:a0:c7:b0:d7:75:7f:6e:f2:69:f0:99:7b:
                    13:03:53:9a:0d:8a:9b:40:fb:7a:e3:0d:56:63:62:
                    87:db:e6:95:4a:49:55:57:d8:48:3d:92:b3:b4:38:
                    75:f7:a8:61:5c:f3:8b:a9:f6:8f:2d:49:ae:bb:fb:
                    4b:7a:79:79:e9:7e:a9:f4:3f:50:30:a3:15:52:47:
                    66:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D8:F7:79:85:EB:B4:D5:33:A9:50:7C:A4:81:25:FA:5A:94:52:E6:ED
            X509v3 Authority Key Identifier:
                keyid:8F:89:56:4D:48:D7:A0:98:73:1B:D3:C3:3C:41:A8:C3:28:8A:F5:9A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/96b208ded55eae6c55f07562fbc7f58e61c7d16f.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/898020e9-9797-43cb-879f-470883438790/a94ec9931fac3792664c0f3bf7c0bced6699596d.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/898020e9-9797-43cb-879f-470883438790/96b208ded55eae6c55f07562fbc7f58e61c7d16f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.184.0.0/17

    Signature Algorithm: sha256WithRSAEncryption
         25:f5:c7:ad:b2:e8:c8:06:50:82:84:89:8c:f3:7d:3a:99:d0:
         5f:e6:67:09:88:01:2e:8c:24:2d:61:bc:ae:a7:ae:6d:0c:42:
         40:93:f5:30:8c:24:a0:df:71:9e:2f:3e:d7:b4:67:e4:c6:ea:
         f3:50:cc:7f:1d:79:0c:5d:f7:23:65:73:3d:27:84:cb:0b:c6:
         7a:e5:41:69:ed:3c:cf:6e:4b:14:00:3d:a6:e0:f5:38:a4:31:
         b8:4d:61:c0:64:7e:37:f9:b4:17:2e:be:8a:43:af:9e:fc:d8:
         65:da:ab:65:f6:30:51:ad:51:2b:55:dc:75:21:a8:10:63:dd:
         7a:09:a5:5b:0e:ad:54:62:43:3a:0e:50:e2:22:88:d2:5d:8f:
         69:9d:cb:2f:f1:de:24:49:f0:5c:7d:b9:0c:9e:61:29:a0:a8:
         e5:ad:fb:de:03:0f:5a:78:47:cc:3e:57:7b:72:db:be:d1:c5:
         70:77:2a:e3:65:82:43:6d:bc:62:cb:8d:da:a2:1a:d1:46:4c:
         68:59:42:c6:f9:a9:73:33:58:11:bc:3b:73:21:6c:44:9e:a1:
         4a:26:c3:8a:0d:6d:c2:f3:26:88:34:a7:a2:a6:a9:dd:0e:d9:
         90:a3:b8:fa:e7:18:be:b2:53:ca:89:12:c8:ee:dc:f8:aa:4d:
         b7:37:ad:2e
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDAtIeMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDk2
YjIwOGRlZDU1ZWFlNmM1NWYwNzU2MmZiYzdmNThlNjFjN2QxNmYwHhcNMjEwMzI0
MTQ0NDUwWhcNMjYwMzI0MTQ0NDUwWjAzMTEwLwYDVQQDEyhhOTRlYzk5MzFmYWMz
NzkyNjY0YzBmM2JmN2MwYmNlZDY2OTk1OTZkMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAr1FWNyIxUPwz9+QJDjcTfIc6nLevg4qf3gFOTW8kckhbO77e
ZDOl81GcLEX/LtXcCgOt/TTKJXCxqL5/bN8+zK7NM/zIIgsxv+0bd5idImeKTUbG
GZ6+JKygesCzJIamHSeLUOyHSuJalhur14Gj+qAk49wYwu8K1PJ7QtGcMdMtPwSN
TJSSQPwachpPFyx+SWhZv8HPJtZGRfpDHC9LgdbcsYXTx7D8+UDdMe1byvojsBhN
/6mgx7DXdX9u8mnwmXsTA1OaDYqbQPt64w1WY2KH2+aVSklVV9hIPZKztDh196hh
XPOLqfaPLUmuu/tLenl56X6p9D9QMKMVUkdm1QIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFNj3eYXrtNUzqVB8pIEl+lqUUubtMB8GA1UdIwQYMBaAFI+JVk1I16CYcxvT
wzxBqMMoivWaMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvOTZiMjA4
ZGVkNTVlYWU2YzU1ZjA3NTYyZmJjN2Y1OGU2MWM3ZDE2Zi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvODk4MDIwZTktOTc5Ny00M2NiLTg3OWYtNDcwODgz
NDM4NzkwL2E5NGVjOTkzMWZhYzM3OTI2NjRjMGYzYmY3YzBiY2VkNjY5OTU5NmQu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy84OTgwMjBlOS05Nzk3LTQzY2ItODc5Zi00NzA4
ODM0Mzg3OTAvOTZiMjA4ZGVkNTVlYWU2YzU1ZjA3NTYyZmJjN2Y1OGU2MWM3ZDE2
Zi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEB764ADANBgkqhkiG9w0BAQsFAAOCAQEAJfXHrbLoyAZQgoSJ
jPN9OpnQX+ZnCYgBLowkLWG8rqeubQxCQJP1MIwkoN9xni8+17Rn5Mbq81DMfx15
DF33I2VzPSeEywvGeuVBae08z25LFAA9puD1OKQxuE1hwGR+N/m0Fy6+ikOvnvzY
ZdqrZfYwUa1RK1XcdSGoEGPdegmlWw6tVGJDOg5Q4iKI0l2PaZ3LL/HeJEnwXH25
DJ5hKaCo5a373gMPWnhHzD5Xe3LbvtHFcHcq42WCQ228YsuN2qIa0UZMaFlCxvmp
czNYEbw7cyFsRJ6hSibDig1twvMmiDSnoqap3Q7ZkKO4+ucYvrJTyokSyO7c+KpN
tzetLg==
-----END CERTIFICATE-----
Generated at Fri Mar 29 04:59:28 2024 by rpki-client on console-fra.rpki-client.org