Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/95490ec3-36af-4d63-9b38-c4d83d8fd853/fed5fb7dc53679358358e7f8647045466a25185e.roa
File:                     fed5fb7dc53679358358e7f8647045466a25185e.roa (raw, json)
Hash identifier:          jINgq0xNklc4V7XAeR3oOyzCsi8S0Qp6v6Y4BzC9Lig=
Subject key identifier:   95:9A:FD:7F:6F:74:94:41:F3:C1:22:80:9F:02:60:B1:50:E6:77:F4
Certificate issuer:       /CN=0346440b241d40bd970699e1c0567cf9a1f8b922
Certificate serial:       0C0AE7
Authority key identifier: 30:4A:94:E6:DD:FD:B1:05:A7:94:2B:9E:D6:EB:00:82:65:62:5F:91
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/0346440b241d40bd970699e1c0567cf9a1f8b922.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/95490ec3-36af-4d63-9b38-c4d83d8fd853/fed5fb7dc53679358358e7f8647045466a25185e.roa
Signing time:             Wed 24 Mar 2021 14:44:35 +0000
ROA not before:           Wed 24 Mar 2021 14:44:33 +0000
ROA not after:            Tue 24 Mar 2026 14:44:33 +0000
asID:                     8151
IP address blocks:        189.239.128.0/19 maxlen: 24
                          189.239.160.0/19 maxlen: 24
                          189.239.192.0/19 maxlen: 24
                          189.239.224.0/19 maxlen: 24
                          189.136.0.0/16 maxlen: 24
                          189.249.0.0/19 maxlen: 24
                          189.249.32.0/19 maxlen: 24
                          189.249.64.0/19 maxlen: 24
                          189.249.96.0/19 maxlen: 24
                          189.249.128.0/19 maxlen: 24
                          189.249.160.0/19 maxlen: 24
                          189.249.192.0/19 maxlen: 24
                          189.249.224.0/19 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/95490ec3-36af-4d63-9b38-c4d83d8fd853/0346440b241d40bd970699e1c0567cf9a1f8b922.crl
                          rsync://repository.lacnic.net/rpki/lacnic/95490ec3-36af-4d63-9b38-c4d83d8fd853/0346440b241d40bd970699e1c0567cf9a1f8b922.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/0346440b241d40bd970699e1c0567cf9a1f8b922.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 01 Apr 2024 05:17:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 789223 (0xc0ae7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0346440b241d40bd970699e1c0567cf9a1f8b922
        Validity
            Not Before: Mar 24 14:44:33 2021 GMT
            Not After : Mar 24 14:44:33 2026 GMT
        Subject: CN=fed5fb7dc53679358358e7f8647045466a25185e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:83:5d:83:3f:51:d3:4b:02:d1:9c:d9:c8:6e:41:
                    c7:b4:24:4e:23:8b:49:3b:be:20:68:26:98:32:d6:
                    53:73:64:63:4f:17:4e:2f:a1:2e:22:02:9d:dd:28:
                    a9:dd:ab:1e:40:c0:a8:5d:2d:66:35:11:0c:c5:e7:
                    94:95:86:d3:7c:de:2d:bd:84:cd:62:f5:b4:1c:cb:
                    54:4c:ae:ed:ac:c4:6d:75:ef:86:64:5e:36:3f:8c:
                    8a:1e:a5:a9:eb:d3:b6:3c:8e:af:a5:e2:7e:c8:2b:
                    fc:7c:84:0e:53:af:10:ee:e3:aa:8e:cb:8b:c7:14:
                    39:8f:bc:22:b3:3d:3a:5a:67:f7:21:94:bf:89:b1:
                    3b:d9:d3:58:5a:a2:f1:19:a4:71:67:38:c9:db:8f:
                    58:5d:54:74:e7:c2:bd:86:98:82:61:95:65:34:8f:
                    21:57:8f:b6:64:22:ec:3e:54:16:bf:77:6d:18:6e:
                    c3:d6:24:f6:69:63:bc:2f:f3:ba:fc:dc:ac:61:f3:
                    70:45:31:57:54:bb:22:6b:45:ea:57:f4:53:8f:ef:
                    4e:bf:52:a8:ed:d9:73:9b:ab:69:42:3e:1e:1d:de:
                    f3:0c:bf:14:c1:a8:f6:1e:5c:45:fe:63:5a:ae:1d:
                    1e:93:76:cd:61:9e:f7:99:f6:46:84:27:26:68:0b:
                    2b:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:9A:FD:7F:6F:74:94:41:F3:C1:22:80:9F:02:60:B1:50:E6:77:F4
            X509v3 Authority Key Identifier:
                keyid:30:4A:94:E6:DD:FD:B1:05:A7:94:2B:9E:D6:EB:00:82:65:62:5F:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/0346440b241d40bd970699e1c0567cf9a1f8b922.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/95490ec3-36af-4d63-9b38-c4d83d8fd853/fed5fb7dc53679358358e7f8647045466a25185e.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/95490ec3-36af-4d63-9b38-c4d83d8fd853/0346440b241d40bd970699e1c0567cf9a1f8b922.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  189.136.0.0/16
                  189.239.128.0/17
                  189.249.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         52:ed:c9:27:3c:d5:7c:5e:7a:43:f9:09:40:c6:a5:b8:1a:38:
         31:08:30:ad:b1:50:48:35:de:a4:ab:6d:48:32:46:03:e7:4f:
         d5:da:45:60:75:b0:c5:eb:f1:62:d7:f8:db:58:8f:0f:36:e8:
         a1:01:19:97:aa:08:fd:29:30:76:c2:06:8c:5a:4b:33:05:4f:
         45:3b:52:cc:59:36:95:b4:47:1b:ad:9c:49:d3:06:ae:4f:57:
         7d:9c:d1:5a:85:b5:b1:0c:7d:21:ae:71:93:22:72:c9:2f:6d:
         e0:f0:f4:f4:e6:80:7b:62:dd:0f:5a:d7:3e:fd:68:e3:85:09:
         6d:12:e3:dd:17:66:8b:80:ed:69:63:85:89:ae:05:34:cf:aa:
         11:d4:35:fc:57:07:f0:2a:66:09:5e:3a:1b:ce:59:a0:59:34:
         67:cf:bc:b7:c8:28:02:e8:e4:24:15:17:3b:58:4d:c3:53:47:
         82:ca:44:8d:e9:d9:b9:56:18:ba:3a:29:f8:30:84:85:3d:ea:
         fb:03:33:73:08:d7:dc:99:1d:53:97:36:80:49:0b:99:4b:d8:
         9b:f9:06:d5:0d:cb:9c:8d:2a:0b:ed:59:74:4c:64:32:b6:65:
         05:30:95:d7:7d:a0:40:f4:44:0e:63:1d:02:d3:7d:4f:50:1b:
         39:25:6c:a2
-----BEGIN CERTIFICATE-----
MIIFSjCCBDKgAwIBAgIDDArnMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDAz
NDY0NDBiMjQxZDQwYmQ5NzA2OTllMWMwNTY3Y2Y5YTFmOGI5MjIwHhcNMjEwMzI0
MTQ0NDMzWhcNMjYwMzI0MTQ0NDMzWjAzMTEwLwYDVQQDEyhmZWQ1ZmI3ZGM1MzY3
OTM1ODM1OGU3Zjg2NDcwNDU0NjZhMjUxODVlMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAg12DP1HTSwLRnNnIbkHHtCROI4tJO74gaCaYMtZTc2RjTxdO
L6EuIgKd3Sip3aseQMCoXS1mNREMxeeUlYbTfN4tvYTNYvW0HMtUTK7trMRtde+G
ZF42P4yKHqWp69O2PI6vpeJ+yCv8fIQOU68Q7uOqjsuLxxQ5j7wisz06Wmf3IZS/
ibE72dNYWqLxGaRxZzjJ249YXVR058K9hpiCYZVlNI8hV4+2ZCLsPlQWv3dtGG7D
1iT2aWO8L/O6/NysYfNwRTFXVLsia0XqV/RTj+9Ov1Ko7dlzm6tpQj4eHd7zDL8U
waj2HlxF/mNarh0ek3bNYZ73mfZGhCcmaAsrPQIDAQABo4ICZTCCAmEwHQYDVR0O
BBYEFJWa/X9vdJRB88EigJ8CYLFQ5nf0MB8GA1UdIwQYMBaAFDBKlObd/bEFp5Qr
ntbrAIJlYl+RMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvMDM0NjQ0
MGIyNDFkNDBiZDk3MDY5OWUxYzA1NjdjZjlhMWY4YjkyMi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvOTU0OTBlYzMtMzZhZi00ZDYzLTliMzgtYzRkODNk
OGZkODUzL2ZlZDVmYjdkYzUzNjc5MzU4MzU4ZTdmODY0NzA0NTQ2NmEyNTE4NWUu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy85NTQ5MGVjMy0zNmFmLTRkNjMtOWIzOC1jNGQ4
M2Q4ZmQ4NTMvMDM0NjQ0MGIyNDFkNDBiZDk3MDY5OWUxYzA1NjdjZjlhMWY4Yjky
Mi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjApBggrBgEFBQcBBwEB/wQa
MBgwFgQCAAEwEAMDAL2IAwQHve+AAwMAvfkwDQYJKoZIhvcNAQELBQADggEBAFLt
ySc81XxeekP5CUDGpbgaODEIMK2xUEg13qSrbUgyRgPnT9XaRWB1sMXr8WLX+NtY
jw826KEBGZeqCP0pMHbCBoxaSzMFT0U7UsxZNpW0RxutnEnTBq5PV32c0VqFtbEM
fSGucZMicskvbeDw9PTmgHti3Q9a1z79aOOFCW0S490XZouA7WljhYmuBTTPqhHU
NfxXB/AqZgleOhvOWaBZNGfPvLfIKALo5CQVFztYTcNTR4LKRI3p2blWGLo6Kfgw
hIU96vsDM3MI19yZHVOXNoBJC5lL2Jv5BtUNy5yNKgvtWXRMZDK2ZQUwldd9oED0
RA5jHQLTfU9QGzklbKI=
-----END CERTIFICATE-----
Generated at Fri Mar 29 05:45:44 2024 by rpki-client on console-ams.rpki-client.org