Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/9bb635c7-0702-440a-b109-953330e30875/be91e023c7a3382c1b09b2bc2c92aad47cd6875f.roa
File:                     be91e023c7a3382c1b09b2bc2c92aad47cd6875f.roa (raw, json)
Hash identifier:          o7bXEKrLeIX7ffuk3rF5Ma0Ad7B+UIiORdM6EFLI2EM=
Subject key identifier:   43:4D:70:01:C4:9F:9D:E8:40:59:18:09:A7:74:AD:4F:D2:4E:3C:BC
Certificate issuer:       /CN=34a684c298742858c11b9ba15403f4e7b99a7bbe
Certificate serial:       098E2A
Authority key identifier: 65:C5:4F:64:20:FE:E3:DF:D2:21:8A:15:47:62:F9:56:32:10:17:50
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/34a684c298742858c11b9ba15403f4e7b99a7bbe.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/9bb635c7-0702-440a-b109-953330e30875/be91e023c7a3382c1b09b2bc2c92aad47cd6875f.roa
Signing time:             Wed 24 Mar 2021 14:45:13 +0000
ROA not before:           Wed 24 Mar 2021 14:45:13 +0000
ROA not after:            Tue 24 Mar 2026 14:45:13 +0000
asID:                     8100
IP address blocks:        190.114.14.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/9bb635c7-0702-440a-b109-953330e30875/34a684c298742858c11b9ba15403f4e7b99a7bbe.crl
                          rsync://repository.lacnic.net/rpki/lacnic/9bb635c7-0702-440a-b109-953330e30875/34a684c298742858c11b9ba15403f4e7b99a7bbe.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/34a684c298742858c11b9ba15403f4e7b99a7bbe.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 04 Mar 2024 17:26:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 626218 (0x98e2a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=34a684c298742858c11b9ba15403f4e7b99a7bbe
        Validity
            Not Before: Mar 24 14:45:13 2021 GMT
            Not After : Mar 24 14:45:13 2026 GMT
        Subject: CN=be91e023c7a3382c1b09b2bc2c92aad47cd6875f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:85:5c:71:7d:c8:72:fd:c2:f1:75:f8:c7:e7:
                    76:72:9c:04:dd:1c:f9:8d:fa:6a:4e:c7:fc:f6:41:
                    50:0f:35:c2:a4:49:b1:db:df:74:95:96:17:f9:a8:
                    7a:f6:3c:ba:ac:4a:c9:98:55:87:bd:d6:9e:45:30:
                    06:69:77:ca:17:76:07:be:ba:5c:84:5e:8a:15:ba:
                    b3:ee:be:e3:3a:5d:b4:40:1d:42:65:fb:9e:62:c9:
                    76:b3:3c:d6:19:2b:d2:2a:eb:c4:4c:f3:17:31:16:
                    f5:2b:f2:bb:c0:17:1c:f5:83:4d:a2:85:26:e6:29:
                    f2:ca:77:da:fd:63:25:27:6e:b3:c4:ff:3e:e9:f9:
                    a9:31:93:c6:ce:bd:8b:a4:33:0f:1e:93:30:2e:d5:
                    22:7f:23:9a:3c:5e:d1:8e:c9:95:c2:ac:cc:28:2f:
                    a5:b9:06:37:29:eb:ab:f3:a1:6f:36:ff:4a:7c:41:
                    72:91:83:6d:91:46:5f:0c:d2:18:17:fd:27:ac:a4:
                    17:ac:17:ff:bd:4f:6d:35:d8:96:cf:b8:f5:16:06:
                    51:d0:f4:63:b4:f2:0a:dc:73:2e:26:bd:71:ca:c9:
                    44:97:c9:e4:74:46:a2:42:2b:16:6d:90:24:ee:ed:
                    8a:cf:b4:6f:dc:12:bf:a5:78:32:11:b9:f9:8c:ab:
                    31:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                43:4D:70:01:C4:9F:9D:E8:40:59:18:09:A7:74:AD:4F:D2:4E:3C:BC
            X509v3 Authority Key Identifier:
                keyid:65:C5:4F:64:20:FE:E3:DF:D2:21:8A:15:47:62:F9:56:32:10:17:50

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/34a684c298742858c11b9ba15403f4e7b99a7bbe.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/9bb635c7-0702-440a-b109-953330e30875/be91e023c7a3382c1b09b2bc2c92aad47cd6875f.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/9bb635c7-0702-440a-b109-953330e30875/34a684c298742858c11b9ba15403f4e7b99a7bbe.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.114.14.0/24

    Signature Algorithm: sha256WithRSAEncryption
         33:52:4c:45:72:d6:52:ca:f5:fa:9e:30:ce:87:be:51:af:e2:
         18:2e:fb:fd:4c:74:1c:eb:f5:77:d0:af:eb:2d:fc:b3:e4:6f:
         31:d0:c5:36:d9:fb:1b:2f:5c:82:23:a7:cb:ef:6c:05:e8:93:
         3e:31:6e:42:ed:f7:3f:8f:ae:5b:4e:3b:83:88:55:be:61:f1:
         97:6b:08:f0:20:ad:b0:cf:4b:4c:cf:f3:69:96:c7:8d:0c:fb:
         a2:ea:39:8c:60:d2:67:a1:3d:bc:97:19:a3:d4:0e:05:5d:d6:
         9a:0e:73:57:73:4e:58:8f:9f:94:ef:87:50:8a:61:26:e7:b5:
         ad:dc:38:1a:85:1e:f6:63:a3:51:97:6f:95:10:6b:2d:8e:e3:
         5d:e3:b2:b9:a3:ef:d7:53:f7:23:53:ba:a3:f7:c8:d8:4f:02:
         e9:6f:d7:73:d2:08:30:62:b3:a4:6c:5d:b3:3a:7e:14:ff:87:
         ad:3d:1e:01:5d:49:1e:ce:c5:63:62:eb:8f:4e:0c:d4:dc:42:
         78:22:b1:68:c8:1e:2c:8b:a9:d4:db:39:10:c1:71:3b:c7:11:
         97:75:ce:14:5a:32:5a:21:9b:c5:e5:e1:b6:c7:cc:c4:b3:b6:
         de:b9:f5:75:8c:5d:35:b7:ac:52:07:59:5a:06:c5:f3:fb:59:
         0a:27:38:23
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDCY4qMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDM0
YTY4NGMyOTg3NDI4NThjMTFiOWJhMTU0MDNmNGU3Yjk5YTdiYmUwHhcNMjEwMzI0
MTQ0NTEzWhcNMjYwMzI0MTQ0NTEzWjAzMTEwLwYDVQQDEyhiZTkxZTAyM2M3YTMz
ODJjMWIwOWIyYmMyYzkyYWFkNDdjZDY4NzVmMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAjYVccX3Icv3C8XX4x+d2cpwE3Rz5jfpqTsf89kFQDzXCpEmx
2990lZYX+ah69jy6rErJmFWHvdaeRTAGaXfKF3YHvrpchF6KFbqz7r7jOl20QB1C
ZfueYsl2szzWGSvSKuvETPMXMRb1K/K7wBcc9YNNooUm5inyynfa/WMlJ26zxP8+
6fmpMZPGzr2LpDMPHpMwLtUifyOaPF7RjsmVwqzMKC+luQY3Keur86FvNv9KfEFy
kYNtkUZfDNIYF/0nrKQXrBf/vU9tNdiWz7j1FgZR0PRjtPIK3HMuJr1xyslEl8nk
dEaiQisWbZAk7u2Kz7Rv3BK/pXgyEbn5jKsx0wIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFENNcAHEn53oQFkYCad0rU/STjy8MB8GA1UdIwQYMBaAFGXFT2Qg/uPf0iGK
FUdi+VYyEBdQMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvMzRhNjg0
YzI5ODc0Mjg1OGMxMWI5YmExNTQwM2Y0ZTdiOTlhN2JiZS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvOWJiNjM1YzctMDcwMi00NDBhLWIxMDktOTUzMzMw
ZTMwODc1L2JlOTFlMDIzYzdhMzM4MmMxYjA5YjJiYzJjOTJhYWQ0N2NkNjg3NWYu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy85YmI2MzVjNy0wNzAyLTQ0MGEtYjEwOS05NTMz
MzBlMzA4NzUvMzRhNjg0YzI5ODc0Mjg1OGMxMWI5YmExNTQwM2Y0ZTdiOTlhN2Ji
ZS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAL5yDjANBgkqhkiG9w0BAQsFAAOCAQEAM1JMRXLWUsr1+p4w
zoe+Ua/iGC77/Ux0HOv1d9Cv6y38s+RvMdDFNtn7Gy9cgiOny+9sBeiTPjFuQu33
P4+uW047g4hVvmHxl2sI8CCtsM9LTM/zaZbHjQz7ouo5jGDSZ6E9vJcZo9QOBV3W
mg5zV3NOWI+flO+HUIphJue1rdw4GoUe9mOjUZdvlRBrLY7jXeOyuaPv11P3I1O6
o/fI2E8C6W/Xc9IIMGKzpGxdszp+FP+HrT0eAV1JHs7FY2Lrj04M1NxCeCKxaMge
LIup1Ns5EMFxO8cRl3XOFFoyWiGbxeXhtsfMxLO23rn1dYxdNbesUgdZWgbF8/tZ
Cic4Iw==
-----END CERTIFICATE-----
Generated at Sat Mar 2 00:29:34 2024 by rpki-client on console-fra.rpki-client.org