Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/95490ec3-36af-4d63-9b38-c4d83d8fd853/b28f583c64381ffc6eb928bc5fe757d1add7e178.roa
File:                     b28f583c64381ffc6eb928bc5fe757d1add7e178.roa (raw, json)
Hash identifier:          KoSSunNV3AFewWEHO1iiwkdHyq2AGL+MMP2CX2kF9Sw=
Subject key identifier:   C4:84:57:DB:B5:32:B6:0F:52:66:F8:D0:7C:5B:32:FE:9B:24:2E:82
Certificate issuer:       /CN=0346440b241d40bd970699e1c0567cf9a1f8b922
Certificate serial:       0C0FFF
Authority key identifier: 30:4A:94:E6:DD:FD:B1:05:A7:94:2B:9E:D6:EB:00:82:65:62:5F:91
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/0346440b241d40bd970699e1c0567cf9a1f8b922.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/95490ec3-36af-4d63-9b38-c4d83d8fd853/b28f583c64381ffc6eb928bc5fe757d1add7e178.roa
Signing time:             Wed 24 Mar 2021 14:44:35 +0000
ROA not before:           Wed 24 Mar 2021 14:44:33 +0000
ROA not after:            Tue 24 Mar 2026 14:44:33 +0000
asID:                     8151
IP address blocks:        189.164.0.0/17 maxlen: 24
                          189.164.128.0/18 maxlen: 24
                          189.164.192.0/19 maxlen: 24
                          189.164.224.0/19 maxlen: 24
                          189.165.0.0/19 maxlen: 24
                          189.165.32.0/19 maxlen: 24
                          189.165.64.0/19 maxlen: 24
                          189.165.0.0/17 maxlen: 24
                          189.165.128.0/19 maxlen: 24
                          189.165.160.0/19 maxlen: 24
                          189.165.192.0/19 maxlen: 24
                          189.165.128.0/17 maxlen: 24
                          189.161.0.0/16 maxlen: 24
                          187.194.128.0/18 maxlen: 24
                          187.194.192.0/18 maxlen: 24
                          201.123.0.0/16 maxlen: 24
                          201.138.0.0/19 maxlen: 24
                          201.138.32.0/19 maxlen: 24
                          201.138.64.0/19 maxlen: 24
                          201.138.96.0/19 maxlen: 24
                          189.167.0.0/19 maxlen: 24
                          189.167.32.0/19 maxlen: 24
                          189.167.64.0/19 maxlen: 24
                          189.167.96.0/19 maxlen: 24
                          189.167.128.0/19 maxlen: 24
                          189.167.128.0/17 maxlen: 24
                          201.138.128.0/19 maxlen: 24
                          201.138.160.0/19 maxlen: 24
                          201.138.192.0/19 maxlen: 24
                          201.138.224.0/19 maxlen: 24
                          187.154.0.0/19 maxlen: 24
                          187.154.32.0/19 maxlen: 24
                          187.154.64.0/19 maxlen: 24
                          187.154.96.0/19 maxlen: 24
                          187.154.128.0/19 maxlen: 24
                          187.154.160.0/19 maxlen: 24
                          187.154.192.0/19 maxlen: 24
                          187.154.224.0/19 maxlen: 24
                          187.146.0.0/19 maxlen: 24
                          187.146.32.0/19 maxlen: 24
                          187.146.64.0/19 maxlen: 24
                          187.146.96.0/19 maxlen: 24
                          187.146.128.0/19 maxlen: 24
                          187.146.160.0/19 maxlen: 24
                          187.146.192.0/19 maxlen: 24
                          187.146.224.0/19 maxlen: 24
                          187.148.0.0/19 maxlen: 24
                          187.148.32.0/19 maxlen: 24
                          187.148.64.0/19 maxlen: 24
                          187.148.96.0/19 maxlen: 24
                          187.148.128.0/19 maxlen: 24
                          187.148.160.0/19 maxlen: 24
                          187.148.192.0/19 maxlen: 24
                          187.148.224.0/19 maxlen: 24
                          201.97.0.0/16 maxlen: 24
                          201.105.0.0/18 maxlen: 24
                          201.105.64.0/18 maxlen: 24
                          201.105.0.0/16 maxlen: 24
                          201.108.0.0/19 maxlen: 24
                          201.108.32.0/19 maxlen: 24
                          201.108.64.0/19 maxlen: 24
                          201.108.96.0/19 maxlen: 24
                          201.108.0.0/16 maxlen: 24
                          201.111.0.0/16 maxlen: 24
                          201.104.128.0/18 maxlen: 24
                          201.104.192.0/18 maxlen: 24
                          189.247.104.0/24 maxlen: 24
                          201.121.0.0/19 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/95490ec3-36af-4d63-9b38-c4d83d8fd853/0346440b241d40bd970699e1c0567cf9a1f8b922.crl
                          rsync://repository.lacnic.net/rpki/lacnic/95490ec3-36af-4d63-9b38-c4d83d8fd853/0346440b241d40bd970699e1c0567cf9a1f8b922.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/0346440b241d40bd970699e1c0567cf9a1f8b922.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 01 Apr 2024 13:54:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 790527 (0xc0fff)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0346440b241d40bd970699e1c0567cf9a1f8b922
        Validity
            Not Before: Mar 24 14:44:33 2021 GMT
            Not After : Mar 24 14:44:33 2026 GMT
        Subject: CN=b28f583c64381ffc6eb928bc5fe757d1add7e178
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:a8:09:cf:82:6e:21:a4:2c:5a:2e:25:f9:92:
                    06:8d:00:46:3a:84:b9:1a:bd:40:51:87:19:24:8b:
                    95:8d:38:ef:11:98:14:b9:e9:ed:cd:cc:03:23:2c:
                    93:be:db:36:f8:2d:f7:88:db:82:d2:5e:d1:27:82:
                    34:aa:0a:a7:36:92:44:c1:81:8a:e8:f3:6c:2a:5d:
                    c3:04:98:75:17:ba:56:74:ef:87:1e:1b:aa:4f:3d:
                    7e:19:9c:41:7c:93:eb:bd:3d:45:9b:b4:84:84:74:
                    b3:f4:c7:43:5c:4c:ad:4b:81:87:34:8f:53:41:66:
                    a1:51:de:c2:a6:e7:71:e8:ac:21:a9:b0:29:ac:c0:
                    9e:a1:21:4c:05:84:74:e1:67:dd:3c:72:ea:13:4b:
                    e8:29:56:68:99:a5:75:85:3d:54:a9:64:9f:f4:6c:
                    ca:d6:7d:64:88:2e:0a:d3:6f:00:34:7f:78:08:37:
                    37:df:e2:a7:40:82:0b:48:f9:9b:ae:9c:10:a5:46:
                    08:64:e8:68:ac:fc:9f:41:bb:ef:ec:fc:6a:a7:b7:
                    cc:80:46:d1:8e:e8:ce:5d:56:d0:08:60:db:63:22:
                    2a:5c:99:e5:0a:84:c5:5a:4f:d2:a7:e5:66:d3:bd:
                    f9:94:a8:32:02:c6:0b:2c:a5:20:29:0c:c8:30:00:
                    c6:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C4:84:57:DB:B5:32:B6:0F:52:66:F8:D0:7C:5B:32:FE:9B:24:2E:82
            X509v3 Authority Key Identifier:
                keyid:30:4A:94:E6:DD:FD:B1:05:A7:94:2B:9E:D6:EB:00:82:65:62:5F:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/0346440b241d40bd970699e1c0567cf9a1f8b922.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/95490ec3-36af-4d63-9b38-c4d83d8fd853/b28f583c64381ffc6eb928bc5fe757d1add7e178.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/95490ec3-36af-4d63-9b38-c4d83d8fd853/0346440b241d40bd970699e1c0567cf9a1f8b922.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  187.146.0.0/16
                  187.148.0.0/16
                  187.154.0.0/16
                  187.194.128.0/17
                  189.161.0.0/16
                  189.164.0.0/15
                  189.167.0.0/16
                  189.247.104.0/24
                  201.97.0.0/16
                  201.104.128.0-201.105.255.255
                  201.108.0.0/16
                  201.111.0.0/16
                  201.121.0.0/19
                  201.123.0.0/16
                  201.138.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         53:9c:44:6f:58:ee:78:83:ac:a2:eb:c5:2d:8c:d9:ab:74:f9:
         d0:06:93:28:66:f5:fb:78:79:32:ca:16:25:a5:a8:b7:8c:ff:
         bd:75:af:7f:d8:ed:22:7e:e1:9a:c8:7a:9b:de:e0:77:9c:f7:
         d4:71:15:14:76:8b:c2:bd:ab:34:00:5e:61:0d:39:9c:cd:05:
         fb:09:2b:fc:d1:34:42:e6:e3:11:56:8d:2b:26:1f:69:17:16:
         fa:46:b2:f1:0b:f2:fd:36:68:19:55:c8:a4:6c:51:6a:05:5f:
         84:57:f1:6c:ca:1b:ad:82:21:5a:21:37:a1:ae:96:7f:af:45:
         1b:cf:8e:5e:d3:1c:3b:86:79:33:a4:e2:73:30:fd:d9:79:07:
         fc:7a:d2:58:fd:fc:2d:a6:cf:50:47:d1:9f:f4:65:e9:35:ec:
         f2:c0:ba:84:dd:b8:55:5d:ae:2a:b8:d7:cb:74:fd:48:e4:bb:
         27:c3:51:ae:5e:a0:ea:0e:18:fb:a1:48:91:18:f7:d0:2e:7a:
         12:b3:e1:3c:ab:05:e7:97:36:96:e5:e1:cf:7a:b1:9d:64:a0:
         84:0f:50:e5:5f:21:73:87:fb:79:b9:ee:23:4f:0e:6e:d8:f2:
         d1:71:85:dc:88:78:3c:51:38:a6:2e:3d:a2:e9:74:45:49:2a:
         39:48:23:79
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgIDDA//MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDAz
NDY0NDBiMjQxZDQwYmQ5NzA2OTllMWMwNTY3Y2Y5YTFmOGI5MjIwHhcNMjEwMzI0
MTQ0NDMzWhcNMjYwMzI0MTQ0NDMzWjAzMTEwLwYDVQQDEyhiMjhmNTgzYzY0Mzgx
ZmZjNmViOTI4YmM1ZmU3NTdkMWFkZDdlMTc4MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAkKgJz4JuIaQsWi4l+ZIGjQBGOoS5Gr1AUYcZJIuVjTjvEZgU
uentzcwDIyyTvts2+C33iNuC0l7RJ4I0qgqnNpJEwYGK6PNsKl3DBJh1F7pWdO+H
HhuqTz1+GZxBfJPrvT1Fm7SEhHSz9MdDXEytS4GHNI9TQWahUd7Cpudx6KwhqbAp
rMCeoSFMBYR04WfdPHLqE0voKVZomaV1hT1UqWSf9GzK1n1kiC4K028ANH94CDc3
3+KnQIILSPmbrpwQpUYIZOhorPyfQbvv7Pxqp7fMgEbRjujOXVbQCGDbYyIqXJnl
CoTFWk/Sp+Vm0735lKgyAsYLLKUgKQzIMADGawIDAQABo4ICqzCCAqcwHQYDVR0O
BBYEFMSEV9u1MrYPUmb40HxbMv6bJC6CMB8GA1UdIwQYMBaAFDBKlObd/bEFp5Qr
ntbrAIJlYl+RMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvMDM0NjQ0
MGIyNDFkNDBiZDk3MDY5OWUxYzA1NjdjZjlhMWY4YjkyMi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvOTU0OTBlYzMtMzZhZi00ZDYzLTliMzgtYzRkODNk
OGZkODUzL2IyOGY1ODNjNjQzODFmZmM2ZWI5MjhiYzVmZTc1N2QxYWRkN2UxNzgu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy85NTQ5MGVjMy0zNmFmLTRkNjMtOWIzOC1jNGQ4
M2Q4ZmQ4NTMvMDM0NjQ0MGIyNDFkNDBiZDk3MDY5OWUxYzA1NjdjZjlhMWY4Yjky
Mi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBvBggrBgEFBQcBBwEB/wRg
MF4wXAQCAAEwVgMDALuSAwMAu5QDAwC7mgMEB7vCgAMDAL2hAwMBvaQDAwC9pwME
AL33aAMDAMlhMAsDBAfJaIADAwHJaAMDAMlsAwMAyW8DBAXJeQADAwDJewMDAMmK
MA0GCSqGSIb3DQEBCwUAA4IBAQBTnERvWO54g6yi68UtjNmrdPnQBpMoZvX7eHky
yhYlpai3jP+9da9/2O0ifuGayHqb3uB3nPfUcRUUdovCvas0AF5hDTmczQX7CSv8
0TRC5uMRVo0rJh9pFxb6RrLxC/L9NmgZVcikbFFqBV+EV/FsyhutgiFaITehrpZ/
r0Ubz45e0xw7hnkzpOJzMP3ZeQf8etJY/fwtps9QR9Gf9GXpNezywLqE3bhVXa4q
uNfLdP1I5Lsnw1GuXqDqDhj7oUiRGPfQLnoSs+E8qwXnlzaW5eHPerGdZKCED1Dl
XyFzh/t5ue4jTw5u2PLRcYXciHg8UTimLj2i6XRFSSo5SCN5
-----END CERTIFICATE-----
Generated at Fri Mar 29 15:31:47 2024 by rpki-client on console-fra.rpki-client.org