Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/9bb635c7-0702-440a-b109-953330e30875/eef5849eddd92f95c33209580094a0d8f9e6c444.roa
File:                     eef5849eddd92f95c33209580094a0d8f9e6c444.roa (raw, json)
Hash identifier:          mAbvbSiRSoqwEzsL1RSQWzc+8A34ZIj0tKHNKqZi2Es=
Subject key identifier:   40:06:CC:D5:BA:55:BC:F5:48:75:19:33:29:5A:30:5D:6D:AF:EE:BC
Certificate issuer:       /CN=34a684c298742858c11b9ba15403f4e7b99a7bbe
Certificate serial:       098E23
Authority key identifier: 65:C5:4F:64:20:FE:E3:DF:D2:21:8A:15:47:62:F9:56:32:10:17:50
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/34a684c298742858c11b9ba15403f4e7b99a7bbe.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/9bb635c7-0702-440a-b109-953330e30875/eef5849eddd92f95c33209580094a0d8f9e6c444.roa
Signing time:             Wed 24 Mar 2021 14:45:13 +0000
ROA not before:           Wed 24 Mar 2021 14:45:13 +0000
ROA not after:            Tue 24 Mar 2026 14:45:13 +0000
asID:                     8100
IP address blocks:        190.9.32.0/20 maxlen: 20
                          190.114.0.0/21 maxlen: 21
                          190.114.8.0/23 maxlen: 23
                          190.114.11.0/24 maxlen: 24
                          190.114.12.0/24 maxlen: 24
                          190.114.24.0/24 maxlen: 24
                          200.6.152.0/21 maxlen: 21

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/9bb635c7-0702-440a-b109-953330e30875/34a684c298742858c11b9ba15403f4e7b99a7bbe.crl
                          rsync://repository.lacnic.net/rpki/lacnic/9bb635c7-0702-440a-b109-953330e30875/34a684c298742858c11b9ba15403f4e7b99a7bbe.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/34a684c298742858c11b9ba15403f4e7b99a7bbe.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 26 Feb 2024 16:36:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 626211 (0x98e23)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=34a684c298742858c11b9ba15403f4e7b99a7bbe
        Validity
            Not Before: Mar 24 14:45:13 2021 GMT
            Not After : Mar 24 14:45:13 2026 GMT
        Subject: CN=eef5849eddd92f95c33209580094a0d8f9e6c444
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:fc:3a:bf:12:5d:c5:df:df:d7:5d:d3:2c:7d:
                    c2:0a:6f:36:75:53:15:0b:01:ae:5d:7c:f1:7c:22:
                    46:1f:71:77:67:bd:c3:73:8d:bc:8b:fe:2b:b0:12:
                    0d:02:ad:b5:66:52:5a:84:a2:98:f0:a8:21:cc:98:
                    7e:02:0c:48:ac:0c:6c:e8:ac:fc:7f:4b:08:54:9b:
                    5f:81:34:62:57:de:a0:be:72:f0:0c:bf:cc:d3:8c:
                    ab:b3:4c:9a:f8:0e:20:15:c2:c0:62:2f:c3:5b:17:
                    8a:c6:56:a7:a3:91:77:2f:00:d5:38:8e:5e:d4:ca:
                    09:60:ad:e6:8f:77:bc:00:d8:bd:b4:7a:d5:9e:f2:
                    78:e4:a0:35:53:36:50:9b:32:0d:4b:ac:33:5d:00:
                    2d:f3:48:8a:7c:4e:b3:45:e1:3d:06:9f:93:f7:88:
                    96:c7:8a:ff:e4:66:33:b7:2c:1e:ae:05:50:5e:97:
                    e2:d4:19:a3:6d:b8:96:81:90:16:d6:5d:ea:4e:cf:
                    49:e2:ec:96:a4:f1:b3:92:f5:b6:cf:c9:e7:40:26:
                    30:65:be:fd:18:5f:10:11:a0:11:c8:3e:c5:ab:9e:
                    b6:37:76:0a:f2:a1:b2:cf:a1:c5:04:91:b5:51:35:
                    c7:24:d4:1f:33:c2:71:a2:e4:50:46:57:1c:f8:33:
                    1d:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                40:06:CC:D5:BA:55:BC:F5:48:75:19:33:29:5A:30:5D:6D:AF:EE:BC
            X509v3 Authority Key Identifier:
                keyid:65:C5:4F:64:20:FE:E3:DF:D2:21:8A:15:47:62:F9:56:32:10:17:50

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/34a684c298742858c11b9ba15403f4e7b99a7bbe.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/9bb635c7-0702-440a-b109-953330e30875/eef5849eddd92f95c33209580094a0d8f9e6c444.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/9bb635c7-0702-440a-b109-953330e30875/34a684c298742858c11b9ba15403f4e7b99a7bbe.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.9.32.0/20
                  190.114.0.0-190.114.9.255
                  190.114.11.0-190.114.12.255
                  190.114.24.0/24
                  200.6.152.0/21

    Signature Algorithm: sha256WithRSAEncryption
         53:e0:b1:5e:5b:bb:e1:29:02:46:16:13:5a:10:61:0d:98:de:
         79:b6:63:3f:60:9e:da:0e:c7:b4:5d:07:28:c3:10:e7:90:0b:
         73:11:2f:73:05:5d:11:04:85:1a:8e:d6:40:ac:83:55:96:b1:
         96:f4:a5:f7:62:e0:60:bb:16:83:1e:29:a3:66:c7:bc:0e:bd:
         bc:e4:5c:6c:e4:39:76:3d:c4:14:d4:41:e8:c3:bd:3c:8d:17:
         99:1b:f2:29:fe:d9:5f:59:02:22:91:af:5d:0a:5b:d8:24:97:
         cc:07:ed:d2:48:cd:8e:51:4c:7d:57:23:2d:b6:db:4e:41:be:
         3b:a2:3a:24:db:87:a2:e0:17:32:e3:27:f7:62:8a:9c:2f:12:
         dd:16:8c:1d:82:7c:1a:5c:f6:7a:42:30:00:af:be:b1:12:24:
         c7:6a:51:9e:0b:76:29:1a:a3:ce:52:9e:6d:2e:9b:0f:dc:07:
         04:f0:95:a4:a4:9b:ab:cf:fd:b4:df:b7:1a:79:aa:9d:fa:dc:
         e1:c0:40:ac:b4:69:82:6a:f6:52:f8:cd:b5:a2:4e:b3:3d:61:
         08:25:a3:7e:4e:69:cd:06:ff:6c:42:91:dd:be:88:10:fc:fb:
         59:ad:eb:5a:27:d3:dd:cd:73:9a:b9:1f:23:56:80:b5:a4:b3:
         30:63:60:3b
-----BEGIN CERTIFICATE-----
MIIFZzCCBE+gAwIBAgIDCY4jMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDM0
YTY4NGMyOTg3NDI4NThjMTFiOWJhMTU0MDNmNGU3Yjk5YTdiYmUwHhcNMjEwMzI0
MTQ0NTEzWhcNMjYwMzI0MTQ0NTEzWjAzMTEwLwYDVQQDEyhlZWY1ODQ5ZWRkZDky
Zjk1YzMzMjA5NTgwMDk0YTBkOGY5ZTZjNDQ0MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAiPw6vxJdxd/f113TLH3CCm82dVMVCwGuXXzxfCJGH3F3Z73D
c428i/4rsBINAq21ZlJahKKY8KghzJh+AgxIrAxs6Kz8f0sIVJtfgTRiV96gvnLw
DL/M04yrs0ya+A4gFcLAYi/DWxeKxlano5F3LwDVOI5e1MoJYK3mj3e8ANi9tHrV
nvJ45KA1UzZQmzINS6wzXQAt80iKfE6zReE9Bp+T94iWx4r/5GYztywergVQXpfi
1BmjbbiWgZAW1l3qTs9J4uyWpPGzkvW2z8nnQCYwZb79GF8QEaARyD7Fq562N3YK
8qGyz6HFBJG1UTXHJNQfM8JxouRQRlcc+DMd0wIDAQABo4ICgjCCAn4wHQYDVR0O
BBYEFEAGzNW6Vbz1SHUZMylaMF1tr+68MB8GA1UdIwQYMBaAFGXFT2Qg/uPf0iGK
FUdi+VYyEBdQMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvMzRhNjg0
YzI5ODc0Mjg1OGMxMWI5YmExNTQwM2Y0ZTdiOTlhN2JiZS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvOWJiNjM1YzctMDcwMi00NDBhLWIxMDktOTUzMzMw
ZTMwODc1L2VlZjU4NDllZGRkOTJmOTVjMzMyMDk1ODAwOTRhMGQ4ZjllNmM0NDQu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy85YmI2MzVjNy0wNzAyLTQ0MGEtYjEwOS05NTMz
MzBlMzA4NzUvMzRhNjg0YzI5ODc0Mjg1OGMxMWI5YmExNTQwM2Y0ZTdiOTlhN2Ji
ZS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBGBggrBgEFBQcBBwEB/wQ3
MDUwMwQCAAEwLQMEBL4JIDALAwMBvnIDBAG+cggwDAMEAL5yCwMEAL5yDAMEAL5y
GAMEA8gGmDANBgkqhkiG9w0BAQsFAAOCAQEAU+CxXlu74SkCRhYTWhBhDZjeebZj
P2Ce2g7HtF0HKMMQ55ALcxEvcwVdEQSFGo7WQKyDVZaxlvSl92LgYLsWgx4po2bH
vA69vORcbOQ5dj3EFNRB6MO9PI0XmRvyKf7ZX1kCIpGvXQpb2CSXzAft0kjNjlFM
fVcjLbbbTkG+O6I6JNuHouAXMuMn92KKnC8S3RaMHYJ8Glz2ekIwAK++sRIkx2pR
ngt2KRqjzlKebS6bD9wHBPCVpKSbq8/9tN+3Gnmqnfrc4cBArLRpgmr2UvjNtaJO
sz1hCCWjfk5pzQb/bEKR3b6IEPz7Wa3rWifT3c1zmrkfI1aAtaSzMGNgOw==
-----END CERTIFICATE-----
Generated at Fri Feb 23 17:09:01 2024 by rpki-client on console-ams.rpki-client.org