Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/95490ec3-36af-4d63-9b38-c4d83d8fd853/4b51560d2e738fea1da03ac217171bb9f2714a1f.roa
File:                     4b51560d2e738fea1da03ac217171bb9f2714a1f.roa (raw, json)
Hash identifier:          sugK3IyulZ1Pq34IwngLdhlY65UaybTKntIVr1dkNc0=
Subject key identifier:   38:11:22:7D:00:FD:EB:3E:F5:63:FB:62:7F:3D:30:11:51:03:BF:26
Certificate issuer:       /CN=0346440b241d40bd970699e1c0567cf9a1f8b922
Certificate serial:       0C0A89
Authority key identifier: 30:4A:94:E6:DD:FD:B1:05:A7:94:2B:9E:D6:EB:00:82:65:62:5F:91
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/0346440b241d40bd970699e1c0567cf9a1f8b922.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/95490ec3-36af-4d63-9b38-c4d83d8fd853/4b51560d2e738fea1da03ac217171bb9f2714a1f.roa
Signing time:             Wed 24 Mar 2021 14:44:35 +0000
ROA not before:           Wed 24 Mar 2021 14:44:33 +0000
ROA not after:            Tue 24 Mar 2026 14:44:33 +0000
asID:                     8151
IP address blocks:        189.130.0.0/17 maxlen: 24
                          189.130.128.0/18 maxlen: 24
                          189.130.224.0/19 maxlen: 24
                          189.131.0.0/19 maxlen: 24
                          189.131.32.0/19 maxlen: 24
                          189.131.64.0/19 maxlen: 24
                          189.131.96.0/19 maxlen: 24
                          189.131.128.0/19 maxlen: 24
                          189.131.160.0/19 maxlen: 24
                          189.131.192.0/19 maxlen: 24
                          189.131.224.0/19 maxlen: 24
                          189.132.0.0/19 maxlen: 24
                          189.132.32.0/19 maxlen: 24
                          189.132.64.0/19 maxlen: 24
                          189.132.96.0/19 maxlen: 24
                          189.132.128.0/19 maxlen: 24
                          189.132.160.0/19 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/95490ec3-36af-4d63-9b38-c4d83d8fd853/0346440b241d40bd970699e1c0567cf9a1f8b922.crl
                          rsync://repository.lacnic.net/rpki/lacnic/95490ec3-36af-4d63-9b38-c4d83d8fd853/0346440b241d40bd970699e1c0567cf9a1f8b922.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/0346440b241d40bd970699e1c0567cf9a1f8b922.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 03:49:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 789129 (0xc0a89)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0346440b241d40bd970699e1c0567cf9a1f8b922
        Validity
            Not Before: Mar 24 14:44:33 2021 GMT
            Not After : Mar 24 14:44:33 2026 GMT
        Subject: CN=4b51560d2e738fea1da03ac217171bb9f2714a1f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:64:89:2d:3e:aa:c3:1e:3d:ba:1c:db:45:92:
                    2d:68:31:14:c1:d1:ef:de:de:d0:d1:2d:ea:29:d0:
                    25:55:99:72:72:db:14:81:b7:2c:f0:5b:ad:85:7a:
                    c4:f1:14:3b:3e:7f:2d:87:5a:3a:1a:31:dc:a8:10:
                    28:90:ed:19:6e:be:a2:1b:76:86:ba:68:c6:2a:d3:
                    a8:73:0f:d0:9f:b2:16:28:81:18:99:5b:00:8c:d3:
                    2d:be:4e:16:9f:aa:82:0f:89:19:f4:a7:0c:86:4f:
                    e5:e4:7f:a1:5b:b3:c1:34:1a:cd:fa:e2:bf:bc:d0:
                    5c:21:2b:03:6c:ec:69:c6:c2:a0:ee:e8:cd:5c:0b:
                    6c:7f:d9:b1:33:54:42:02:17:8d:57:b1:1c:a9:61:
                    3f:2a:09:5d:8b:4d:73:7d:24:f8:2e:c5:ad:b1:54:
                    3f:df:ac:ba:8e:16:c9:47:fa:43:18:61:b6:94:94:
                    93:df:42:47:ca:4f:69:28:38:36:e8:20:f7:ec:a2:
                    f3:1e:85:14:1e:3b:4a:18:51:38:ab:99:4e:a6:db:
                    f8:7c:12:4f:26:e6:80:56:13:63:87:10:55:3a:ce:
                    09:1b:f8:1c:1a:a1:e6:c3:f0:74:57:bf:82:47:a7:
                    a1:93:d0:10:c8:1e:c5:c9:e6:3d:a3:b9:af:93:a9:
                    64:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                38:11:22:7D:00:FD:EB:3E:F5:63:FB:62:7F:3D:30:11:51:03:BF:26
            X509v3 Authority Key Identifier:
                keyid:30:4A:94:E6:DD:FD:B1:05:A7:94:2B:9E:D6:EB:00:82:65:62:5F:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/0346440b241d40bd970699e1c0567cf9a1f8b922.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/95490ec3-36af-4d63-9b38-c4d83d8fd853/4b51560d2e738fea1da03ac217171bb9f2714a1f.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/95490ec3-36af-4d63-9b38-c4d83d8fd853/0346440b241d40bd970699e1c0567cf9a1f8b922.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  189.130.0.0-189.130.191.255
                  189.130.224.0-189.132.191.255

    Signature Algorithm: sha256WithRSAEncryption
         66:71:d5:ec:92:c6:c6:88:6e:fe:bd:ac:eb:83:ea:c2:f0:41:
         d7:bb:35:11:94:7a:4a:13:f8:ab:c0:86:28:92:fb:ad:7d:73:
         a1:64:96:6c:04:42:d3:93:fa:25:f5:31:92:3a:2b:98:5a:00:
         10:83:bd:47:64:e7:87:71:ac:10:fe:da:39:41:da:31:37:c9:
         f5:a9:2c:27:1e:12:47:09:57:73:c1:9b:5f:43:c7:31:48:4e:
         16:b7:88:5e:89:70:0a:29:3e:0c:af:96:b7:6b:58:bf:51:ee:
         e3:2c:53:92:16:31:bc:9d:07:a2:56:25:dd:d5:5c:2b:3a:77:
         96:e4:51:93:93:41:81:f4:21:b0:bb:0a:86:3f:48:9a:2e:1d:
         69:88:d7:31:bb:00:4c:43:64:7a:34:96:6e:49:6e:45:14:5f:
         a1:aa:12:a1:0f:87:8b:c5:e4:53:24:eb:47:05:c4:0b:58:75:
         a3:10:bf:15:69:35:18:db:e8:9e:5a:81:b8:11:ec:75:78:39:
         eb:16:c9:e2:22:e8:37:f9:ac:26:9c:44:51:fc:9c:ab:5a:fa:
         ce:2b:35:ac:c5:40:10:8d:39:7b:d1:43:ff:16:31:b6:d7:f4:
         2b:de:b1:0e:be:70:4a:cf:91:7b:af:a5:98:b3:d6:58:08:7c:
         42:cb:d5:02
-----BEGIN CERTIFICATE-----
MIIFVTCCBD2gAwIBAgIDDAqJMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDAz
NDY0NDBiMjQxZDQwYmQ5NzA2OTllMWMwNTY3Y2Y5YTFmOGI5MjIwHhcNMjEwMzI0
MTQ0NDMzWhcNMjYwMzI0MTQ0NDMzWjAzMTEwLwYDVQQDEyg0YjUxNTYwZDJlNzM4
ZmVhMWRhMDNhYzIxNzE3MWJiOWYyNzE0YTFmMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAhmSJLT6qwx49uhzbRZItaDEUwdHv3t7Q0S3qKdAlVZlyctsU
gbcs8FuthXrE8RQ7Pn8th1o6GjHcqBAokO0Zbr6iG3aGumjGKtOocw/Qn7IWKIEY
mVsAjNMtvk4Wn6qCD4kZ9KcMhk/l5H+hW7PBNBrN+uK/vNBcISsDbOxpxsKg7ujN
XAtsf9mxM1RCAheNV7EcqWE/Kgldi01zfST4LsWtsVQ/36y6jhbJR/pDGGG2lJST
30JHyk9pKDg26CD37KLzHoUUHjtKGFE4q5lOptv4fBJPJuaAVhNjhxBVOs4JG/gc
GqHmw/B0V7+CR6ehk9AQyB7FyeY9o7mvk6lkaQIDAQABo4ICcDCCAmwwHQYDVR0O
BBYEFDgRIn0A/es+9WP7Yn89MBFRA78mMB8GA1UdIwQYMBaAFDBKlObd/bEFp5Qr
ntbrAIJlYl+RMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvMDM0NjQ0
MGIyNDFkNDBiZDk3MDY5OWUxYzA1NjdjZjlhMWY4YjkyMi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvOTU0OTBlYzMtMzZhZi00ZDYzLTliMzgtYzRkODNk
OGZkODUzLzRiNTE1NjBkMmU3MzhmZWExZGEwM2FjMjE3MTcxYmI5ZjI3MTRhMWYu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy85NTQ5MGVjMy0zNmFmLTRkNjMtOWIzOC1jNGQ4
M2Q4ZmQ4NTMvMDM0NjQ0MGIyNDFkNDBiZDk3MDY5OWUxYzA1NjdjZjlhMWY4Yjky
Mi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0BggrBgEFBQcBBwEB/wQl
MCMwIQQCAAEwGzALAwMBvYIDBAa9goAwDAMEBb2C4AMEBr2EgDANBgkqhkiG9w0B
AQsFAAOCAQEAZnHV7JLGxohu/r2s64PqwvBB17s1EZR6ShP4q8CGKJL7rX1zoWSW
bARC05P6JfUxkjormFoAEIO9R2Tnh3GsEP7aOUHaMTfJ9aksJx4SRwlXc8GbX0PH
MUhOFreIXolwCik+DK+Wt2tYv1Hu4yxTkhYxvJ0HolYl3dVcKzp3luRRk5NBgfQh
sLsKhj9Imi4daYjXMbsATENkejSWbkluRRRfoaoSoQ+Hi8XkUyTrRwXEC1h1oxC/
FWk1GNvonlqBuBHsdXg56xbJ4iLoN/msJpxEUfycq1r6zis1rMVAEI05e9FD/xYx
ttf0K96xDr5wSs+Re6+lmLPWWAh8QsvVAg==
-----END CERTIFICATE-----
Generated at Thu Mar 28 08:36:01 2024 by rpki-client on console-fra.rpki-client.org