Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/92140193-e487-40b2-9d2d-928f7d97e4aa/d5b751a7c8d5e421d4a26540435c4e2eee00071a.roa
File:                     d5b751a7c8d5e421d4a26540435c4e2eee00071a.roa (raw, json)
Hash identifier:          c7xPRQT6u8gaDrBbyy93168XDY6QUqAy8SwzRZ6qZho=
Subject key identifier:   08:EC:48:F2:F6:6A:28:48:07:FB:2E:84:1B:88:56:7E:C4:67:91:62
Certificate issuer:       /CN=acbcc335140e03f3496bf0d53c0820b47ef82ea6
Certificate serial:       17A377
Authority key identifier: 04:A0:1A:C7:10:0C:80:37:43:ED:CB:47:56:0A:70:9B:62:BD:B2:4B
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/acbcc335140e03f3496bf0d53c0820b47ef82ea6.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/92140193-e487-40b2-9d2d-928f7d97e4aa/d5b751a7c8d5e421d4a26540435c4e2eee00071a.roa
Signing time:             Mon 24 Apr 2023 20:06:50 +0000
ROA not before:           Sun 23 Apr 2023 20:06:50 +0000
ROA not after:            Thu 24 Apr 2025 20:06:50 +0000
asID:                     52468
IP address blocks:        190.171.80.0/22 maxlen: 24
                          2803:17e0::/32 maxlen: 48

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/92140193-e487-40b2-9d2d-928f7d97e4aa/acbcc335140e03f3496bf0d53c0820b47ef82ea6.crl
                          rsync://repository.lacnic.net/rpki/lacnic/92140193-e487-40b2-9d2d-928f7d97e4aa/acbcc335140e03f3496bf0d53c0820b47ef82ea6.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/acbcc335140e03f3496bf0d53c0820b47ef82ea6.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 01 Apr 2024 05:58:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1549175 (0x17a377)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=acbcc335140e03f3496bf0d53c0820b47ef82ea6
        Validity
            Not Before: Apr 23 20:06:50 2023 GMT
            Not After : Apr 24 20:06:50 2025 GMT
        Subject: CN=d5b751a7c8d5e421d4a26540435c4e2eee00071a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:79:d3:00:c3:d3:9f:10:f4:d0:a6:09:10:15:
                    49:e0:3a:d0:00:e2:ad:fd:1e:87:07:94:4a:e2:4c:
                    40:3a:85:ba:3f:5c:9e:14:0a:6b:48:58:dd:57:a5:
                    1d:da:d6:cd:cb:c2:18:22:24:82:11:73:60:6b:04:
                    c7:2a:5f:01:66:f6:d3:d7:ff:4f:19:6d:b0:cc:9d:
                    c5:4d:16:c9:8a:04:ec:34:fd:4c:e1:81:5a:29:de:
                    99:a3:87:e4:9d:70:bf:67:9b:3d:a8:e8:f7:ec:65:
                    a3:c4:e8:ee:47:6d:f5:0e:37:47:31:a2:bf:a4:d4:
                    d0:1b:1f:0b:88:d7:90:40:c7:2c:26:b1:8c:55:2c:
                    9c:02:e4:d5:f0:e6:fa:b0:b0:f6:b7:a0:56:aa:40:
                    78:72:05:f5:86:ad:2a:2d:46:2b:9c:41:41:8d:cf:
                    a2:4c:72:2e:f8:45:12:cd:ef:41:fa:f7:d8:3a:61:
                    f3:f5:cd:f0:11:9b:f3:f6:8c:62:55:32:e8:dc:e0:
                    21:26:58:71:74:77:0d:29:e9:83:ea:6a:b7:20:7c:
                    d4:ac:94:30:65:b6:b5:31:95:73:78:2d:1e:8f:ca:
                    3d:40:c2:00:77:02:e8:da:63:22:da:14:3f:8b:2a:
                    48:c8:d3:4c:87:f4:13:d6:fe:6b:c6:65:5b:c3:61:
                    35:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                08:EC:48:F2:F6:6A:28:48:07:FB:2E:84:1B:88:56:7E:C4:67:91:62
            X509v3 Authority Key Identifier:
                keyid:04:A0:1A:C7:10:0C:80:37:43:ED:CB:47:56:0A:70:9B:62:BD:B2:4B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/acbcc335140e03f3496bf0d53c0820b47ef82ea6.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/92140193-e487-40b2-9d2d-928f7d97e4aa/d5b751a7c8d5e421d4a26540435c4e2eee00071a.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/92140193-e487-40b2-9d2d-928f7d97e4aa/acbcc335140e03f3496bf0d53c0820b47ef82ea6.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.171.80.0/22
                IPv6:
                  2803:17e0::/32

    Signature Algorithm: sha256WithRSAEncryption
         56:56:1b:70:9a:a7:88:a6:03:c0:e6:a8:fd:af:e3:46:a1:58:
         e6:f8:ae:78:43:ca:0d:20:06:8a:f2:c2:84:ad:f4:5c:b2:59:
         e3:d0:39:1a:57:29:6d:c6:ea:c9:b4:7f:c2:a0:3f:b4:00:12:
         01:36:70:19:a9:25:9c:03:e7:80:36:96:d4:d9:d9:e3:8f:8d:
         41:41:82:c6:e6:4b:44:32:e9:5b:da:b0:1a:f6:c4:59:ea:b2:
         79:f4:8a:e9:1f:5c:47:6d:ba:97:23:9f:21:9f:10:f0:c2:8f:
         1b:c9:31:4d:5e:0c:e9:d6:c7:d7:4d:41:e4:f8:b2:52:ff:93:
         21:85:9a:da:33:1c:24:3b:81:70:f0:b7:f2:7c:5b:f8:d8:54:
         70:3b:7a:6d:fd:85:1d:be:e6:a7:9c:f8:39:41:35:9d:9d:af:
         dc:b9:71:3e:14:a6:f6:3c:e5:19:e1:87:65:0b:b8:bd:4b:1a:
         0e:3e:b0:85:9c:b5:04:1f:ec:81:5c:66:05:bc:7b:02:15:51:
         4a:b7:90:d1:15:0f:95:21:ef:57:05:ca:47:e5:6e:54:d0:9f:
         4a:39:5e:57:61:bb:a9:dd:a9:a9:a2:41:98:99:7f:96:57:71:
         f8:46:0d:5e:ac:40:1d:5d:46:6b:5f:f5:b0:4c:7d:85:d9:bc:
         2e:9c:6d:a4
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgIDF6N3MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGFj
YmNjMzM1MTQwZTAzZjM0OTZiZjBkNTNjMDgyMGI0N2VmODJlYTYwHhcNMjMwNDIz
MjAwNjUwWhcNMjUwNDI0MjAwNjUwWjAzMTEwLwYDVQQDEyhkNWI3NTFhN2M4ZDVl
NDIxZDRhMjY1NDA0MzVjNGUyZWVlMDAwNzFhMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAm3nTAMPTnxD00KYJEBVJ4DrQAOKt/R6HB5RK4kxAOoW6P1ye
FAprSFjdV6Ud2tbNy8IYIiSCEXNgawTHKl8BZvbT1/9PGW2wzJ3FTRbJigTsNP1M
4YFaKd6Zo4fknXC/Z5s9qOj37GWjxOjuR231DjdHMaK/pNTQGx8LiNeQQMcsJrGM
VSycAuTV8Ob6sLD2t6BWqkB4cgX1hq0qLUYrnEFBjc+iTHIu+EUSze9B+vfYOmHz
9c3wEZvz9oxiVTLo3OAhJlhxdHcNKemD6mq3IHzUrJQwZba1MZVzeC0ej8o9QMIA
dwLo2mMi2hQ/iypIyNNMh/QT1v5rxmVbw2E1sQIDAQABo4ICajCCAmYwHQYDVR0O
BBYEFAjsSPL2aihIB/suhBuIVn7EZ5FiMB8GA1UdIwQYMBaAFASgGscQDIA3Q+3L
R1YKcJtivbJLMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYWNiY2Mz
MzUxNDBlMDNmMzQ5NmJmMGQ1M2MwODIwYjQ3ZWY4MmVhNi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvOTIxNDAxOTMtZTQ4Ny00MGIyLTlkMmQtOTI4Zjdk
OTdlNGFhL2Q1Yjc1MWE3YzhkNWU0MjFkNGEyNjU0MDQzNWM0ZTJlZWUwMDA3MWEu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy85MjE0MDE5My1lNDg3LTQwYjItOWQyZC05Mjhm
N2Q5N2U0YWEvYWNiY2MzMzUxNDBlMDNmMzQ5NmJmMGQ1M2MwODIwYjQ3ZWY4MmVh
Ni5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQf
MB0wDAQCAAEwBgMEAr6rUDANBAIAAjAHAwUAKAMX4DANBgkqhkiG9w0BAQsFAAOC
AQEAVlYbcJqniKYDwOao/a/jRqFY5viueEPKDSAGivLChK30XLJZ49A5Glcpbcbq
ybR/wqA/tAASATZwGaklnAPngDaW1NnZ44+NQUGCxuZLRDLpW9qwGvbEWeqyefSK
6R9cR226lyOfIZ8Q8MKPG8kxTV4M6dbH101B5PiyUv+TIYWa2jMcJDuBcPC38nxb
+NhUcDt6bf2FHb7mp5z4OUE1nZ2v3LlxPhSm9jzlGeGHZQu4vUsaDj6whZy1BB/s
gVxmBbx7AhVRSreQ0RUPlSHvVwXKR+VuVNCfSjleV2G7qd2pqaJBmJl/lldx+EYN
XqxAHV1Ga1/1sEx9hdm8LpxtpA==
-----END CERTIFICATE-----
Generated at Fri Mar 29 08:39:22 2024 by rpki-client on console-ams.rpki-client.org