Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/937724ed-96e0-4f1e-b0f0-c9de0efa0dcd/7ce26f1f55039714fadce4d37f1830df89791325.roa
File:                     7ce26f1f55039714fadce4d37f1830df89791325.roa (raw, json)
Hash identifier:          y36TTT715UyJI5J3AfVq+unaEFV1CDIAMneD3mK93Sg=
Subject key identifier:   E3:0F:4C:52:F0:77:CB:61:6A:9F:21:DA:1B:3D:F0:5B:20:CF:8C:BA
Certificate issuer:       /CN=bc2a1d5042f8cd2a75cfc379fc97a61f911df4b6
Certificate serial:       240C1D
Authority key identifier: 03:83:6F:62:CD:84:48:90:75:9C:DD:AE:F4:FF:A7:33:CF:5A:B6:29
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/bc2a1d5042f8cd2a75cfc379fc97a61f911df4b6.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/937724ed-96e0-4f1e-b0f0-c9de0efa0dcd/7ce26f1f55039714fadce4d37f1830df89791325.roa
Signing time:             Thu 14 Sep 2023 21:35:57 +0000
ROA not before:           Wed 13 Sep 2023 21:35:57 +0000
ROA not after:            Sun 14 Sep 2025 21:35:57 +0000
asID:                     28022
IP address blocks:        190.106.64.0/20 maxlen: 24
                          2800:510::/32 maxlen: 64
                          2800:510::/46 maxlen: 64

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/937724ed-96e0-4f1e-b0f0-c9de0efa0dcd/bc2a1d5042f8cd2a75cfc379fc97a61f911df4b6.crl
                          rsync://repository.lacnic.net/rpki/lacnic/937724ed-96e0-4f1e-b0f0-c9de0efa0dcd/bc2a1d5042f8cd2a75cfc379fc97a61f911df4b6.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/bc2a1d5042f8cd2a75cfc379fc97a61f911df4b6.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 03 Mar 2024 11:46:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2362397 (0x240c1d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bc2a1d5042f8cd2a75cfc379fc97a61f911df4b6
        Validity
            Not Before: Sep 13 21:35:57 2023 GMT
            Not After : Sep 14 21:35:57 2025 GMT
        Subject: CN=7ce26f1f55039714fadce4d37f1830df89791325
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:71:0c:b2:ff:33:2c:67:37:95:ae:3c:00:6d:
                    9c:ca:19:a5:4a:d8:0d:98:f8:29:cb:69:ee:87:c9:
                    9e:ae:0f:40:5e:d6:d5:be:e6:cb:3d:75:27:00:c5:
                    7f:5e:2b:84:3f:13:95:54:74:3c:bf:6f:fc:1a:85:
                    68:a4:78:ee:ad:94:35:e8:e2:e1:b9:5f:6e:cb:fc:
                    39:8e:90:4b:1b:ab:ca:88:7b:e4:91:f8:5b:23:5b:
                    47:20:75:43:f1:08:6e:c0:24:68:1f:34:14:c3:41:
                    63:ec:41:fb:9f:98:e7:6b:85:09:09:a1:30:46:08:
                    bb:e9:f9:46:37:97:07:ff:ff:1d:90:f8:ec:76:ba:
                    a1:1d:47:f1:c8:a9:7f:ff:aa:6e:af:08:25:a5:55:
                    8d:1f:f8:d9:cc:03:49:ce:1e:35:8d:df:d2:2d:5b:
                    3c:d6:b2:c1:d6:1b:d8:25:99:f0:f7:d6:22:33:6c:
                    8c:14:44:ab:1b:36:1f:2c:e5:72:4a:2a:df:17:aa:
                    c2:a4:8f:6a:7f:5b:e1:7f:ae:c6:c2:7a:4f:0f:49:
                    6d:1f:86:7d:9f:a9:54:ae:5b:bf:8e:89:03:df:4e:
                    53:e0:21:58:79:73:9b:f4:0d:08:d0:22:af:50:97:
                    5e:2d:82:c6:c6:f0:2f:e8:f6:65:16:c9:81:63:79:
                    8b:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E3:0F:4C:52:F0:77:CB:61:6A:9F:21:DA:1B:3D:F0:5B:20:CF:8C:BA
            X509v3 Authority Key Identifier:
                keyid:03:83:6F:62:CD:84:48:90:75:9C:DD:AE:F4:FF:A7:33:CF:5A:B6:29

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/bc2a1d5042f8cd2a75cfc379fc97a61f911df4b6.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/937724ed-96e0-4f1e-b0f0-c9de0efa0dcd/7ce26f1f55039714fadce4d37f1830df89791325.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/937724ed-96e0-4f1e-b0f0-c9de0efa0dcd/bc2a1d5042f8cd2a75cfc379fc97a61f911df4b6.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.106.64.0/20
                IPv6:
                  2800:510::/32

    Signature Algorithm: sha256WithRSAEncryption
         14:e4:b8:4b:19:66:17:2b:ee:c4:74:a5:49:ca:4c:a1:a1:f2:
         22:89:27:ba:72:4d:06:53:1d:7d:eb:12:c3:94:02:93:d4:3b:
         c5:9a:a9:8a:31:3a:bf:13:4e:3c:74:3f:a5:24:1a:9a:38:8e:
         d9:b4:d4:0d:1f:9d:42:66:36:4d:3f:f4:d0:94:31:fd:47:49:
         86:5c:3a:fd:ef:18:5f:eb:6c:99:ac:f2:58:ef:b9:0a:ed:ba:
         e3:44:47:41:dd:bf:9c:46:6a:c2:53:b1:37:d7:e8:8d:46:24:
         f8:3b:49:d6:ae:86:0c:59:b8:c7:94:a5:50:66:63:db:ce:f5:
         e3:28:f2:d3:21:dd:f7:79:2a:32:0a:76:2c:56:50:b7:17:7e:
         7c:f6:30:6c:6b:ff:71:1b:82:1a:bb:32:85:ac:65:f5:c3:b5:
         35:05:56:ff:f9:28:46:aa:24:73:39:9a:d7:15:8e:cf:f0:b2:
         27:b5:08:36:68:9b:08:ef:6d:9c:19:46:c5:38:36:90:56:fb:
         2b:cc:bc:fb:c2:3c:f9:b9:be:cd:73:5c:44:ca:e5:0c:8d:34:
         58:35:ec:1a:23:14:21:48:8e:9d:2c:95:e1:f6:20:bb:7b:ab:
         5b:cc:3c:49:3a:1e:a4:b9:34:4d:29:c4:3c:43:14:82:cf:c7:
         5b:19:d8:64
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgIDJAwdMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGJj
MmExZDUwNDJmOGNkMmE3NWNmYzM3OWZjOTdhNjFmOTExZGY0YjYwHhcNMjMwOTEz
MjEzNTU3WhcNMjUwOTE0MjEzNTU3WjAzMTEwLwYDVQQDEyg3Y2UyNmYxZjU1MDM5
NzE0ZmFkY2U0ZDM3ZjE4MzBkZjg5NzkxMzI1MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAqnEMsv8zLGc3la48AG2cyhmlStgNmPgpy2nuh8merg9AXtbV
vubLPXUnAMV/XiuEPxOVVHQ8v2/8GoVopHjurZQ16OLhuV9uy/w5jpBLG6vKiHvk
kfhbI1tHIHVD8QhuwCRoHzQUw0Fj7EH7n5jna4UJCaEwRgi76flGN5cH//8dkPjs
drqhHUfxyKl//6purwglpVWNH/jZzANJzh41jd/SLVs81rLB1hvYJZnw99YiM2yM
FESrGzYfLOVySirfF6rCpI9qf1vhf67GwnpPD0ltH4Z9n6lUrlu/jokD305T4CFY
eXOb9A0I0CKvUJdeLYLGxvAv6PZlFsmBY3mLhwIDAQABo4ICajCCAmYwHQYDVR0O
BBYEFOMPTFLwd8thap8h2hs98Fsgz4y6MB8GA1UdIwQYMBaAFAODb2LNhEiQdZzd
rvT/pzPPWrYpMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYmMyYTFk
NTA0MmY4Y2QyYTc1Y2ZjMzc5ZmM5N2E2MWY5MTFkZjRiNi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvOTM3NzI0ZWQtOTZlMC00ZjFlLWIwZjAtYzlkZTBl
ZmEwZGNkLzdjZTI2ZjFmNTUwMzk3MTRmYWRjZTRkMzdmMTgzMGRmODk3OTEzMjUu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy85Mzc3MjRlZC05NmUwLTRmMWUtYjBmMC1jOWRl
MGVmYTBkY2QvYmMyYTFkNTA0MmY4Y2QyYTc1Y2ZjMzc5ZmM5N2E2MWY5MTFkZjRi
Ni5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQf
MB0wDAQCAAEwBgMEBL5qQDANBAIAAjAHAwUAKAAFEDANBgkqhkiG9w0BAQsFAAOC
AQEAFOS4SxlmFyvuxHSlScpMoaHyIoknunJNBlMdfesSw5QCk9Q7xZqpijE6vxNO
PHQ/pSQamjiO2bTUDR+dQmY2TT/00JQx/UdJhlw6/e8YX+tsmazyWO+5Cu2640RH
Qd2/nEZqwlOxN9fojUYk+DtJ1q6GDFm4x5SlUGZj28714yjy0yHd93kqMgp2LFZQ
txd+fPYwbGv/cRuCGrsyhaxl9cO1NQVW//koRqokczma1xWOz/CyJ7UINmibCO9t
nBlGxTg2kFb7K8y8+8I8+bm+zXNcRMrlDI00WDXsGiMUIUiOnSyV4fYgu3urW8w8
SToepLk0TSnEPEMUgs/HWxnYZA==
-----END CERTIFICATE-----
Generated at Thu Feb 29 17:13:56 2024 by rpki-client on console-fra.rpki-client.org