Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/9d8b8faa-bbe3-4371-a95a-db197dfd3bbf/9c098d926c2fb5a8951de07f9f564988f0331bdc.roa
File:                     9c098d926c2fb5a8951de07f9f564988f0331bdc.roa (raw, json)
Hash identifier:          LRfY2K2pYSfKRS5lI/iO5bfCU04k0ZMeUMjbT6p4C7U=
Subject key identifier:   37:39:16:3B:94:7B:EC:A1:05:F1:B4:0C:63:B6:AC:E0:0D:03:A5:CE
Certificate issuer:       /CN=b0e4cadafcf7e03afe28925adf350f1286db7b25
Certificate serial:       22AFD5
Authority key identifier: D6:91:34:D4:D4:A3:99:B7:77:15:94:69:EF:88:67:20:5F:C1:55:73
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/b0e4cadafcf7e03afe28925adf350f1286db7b25.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/9d8b8faa-bbe3-4371-a95a-db197dfd3bbf/9c098d926c2fb5a8951de07f9f564988f0331bdc.roa
Signing time:             Sat 29 Jul 2023 03:01:41 +0000
ROA not before:           Fri 28 Jul 2023 03:01:40 +0000
ROA not after:            Tue 29 Jul 2025 03:01:40 +0000
asID:                     272874
IP address blocks:        138.186.6.0/23 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/9d8b8faa-bbe3-4371-a95a-db197dfd3bbf/b0e4cadafcf7e03afe28925adf350f1286db7b25.crl
                          rsync://repository.lacnic.net/rpki/lacnic/9d8b8faa-bbe3-4371-a95a-db197dfd3bbf/b0e4cadafcf7e03afe28925adf350f1286db7b25.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/b0e4cadafcf7e03afe28925adf350f1286db7b25.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Thu 29 Feb 2024 02:37:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2273237 (0x22afd5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b0e4cadafcf7e03afe28925adf350f1286db7b25
        Validity
            Not Before: Jul 28 03:01:40 2023 GMT
            Not After : Jul 29 03:01:40 2025 GMT
        Subject: CN=9c098d926c2fb5a8951de07f9f564988f0331bdc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:0b:25:b3:80:b1:7e:a0:b7:89:35:46:6c:94:
                    e4:5e:62:02:79:57:0b:8e:91:1e:f1:be:b6:22:ee:
                    7c:aa:b0:54:21:fd:55:dd:14:67:15:d2:df:64:d8:
                    26:e2:42:f4:42:b2:47:9a:f9:45:2b:8b:ce:98:b9:
                    19:c9:03:69:05:2b:ab:e6:dd:97:cc:57:55:ae:8b:
                    1a:5a:ba:89:d8:3b:32:42:61:a8:e5:3a:10:dd:cf:
                    3c:47:53:85:bf:d6:a2:67:59:d1:cf:ad:6f:94:c2:
                    37:94:18:b9:24:26:3b:cf:45:3f:77:2a:9f:b8:00:
                    d4:0c:1f:c1:16:82:57:cf:c2:d7:9e:c7:1b:3e:16:
                    0b:58:10:3e:c6:1e:a0:d2:5c:72:ce:1a:7a:54:fd:
                    e3:2a:a3:0c:e4:f8:44:05:35:1a:28:22:4e:10:18:
                    af:af:56:c9:03:ee:38:bd:e6:a2:34:f1:5f:e2:57:
                    44:f9:b4:62:ff:b9:2e:a7:b0:d3:8a:b9:2b:fc:36:
                    36:3e:0b:b2:4a:f8:75:f7:39:6b:06:78:1e:2a:5c:
                    b6:68:d6:73:be:c8:f0:03:38:7c:a2:b4:85:5f:7c:
                    05:e3:f2:a0:bd:9a:17:3c:45:50:a2:9c:d4:c0:95:
                    a0:e3:ae:dc:4f:b8:c6:0e:fe:d6:65:92:92:f0:ae:
                    19:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                37:39:16:3B:94:7B:EC:A1:05:F1:B4:0C:63:B6:AC:E0:0D:03:A5:CE
            X509v3 Authority Key Identifier:
                keyid:D6:91:34:D4:D4:A3:99:B7:77:15:94:69:EF:88:67:20:5F:C1:55:73

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/b0e4cadafcf7e03afe28925adf350f1286db7b25.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/9d8b8faa-bbe3-4371-a95a-db197dfd3bbf/9c098d926c2fb5a8951de07f9f564988f0331bdc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/9d8b8faa-bbe3-4371-a95a-db197dfd3bbf/b0e4cadafcf7e03afe28925adf350f1286db7b25.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  138.186.6.0/23

    Signature Algorithm: sha256WithRSAEncryption
         8f:dc:c9:b6:a5:af:c9:ba:e2:a5:54:4f:63:85:a6:73:63:cc:
         bb:a9:c9:f5:86:0a:4a:c6:e6:9d:2c:14:ed:08:ce:72:23:f3:
         4b:f4:24:c6:9e:95:38:1a:bd:8e:a6:ce:68:41:e1:d7:87:cb:
         7b:ea:75:ad:98:30:a5:6f:99:eb:ed:69:1b:31:66:82:b8:20:
         f3:a9:99:58:74:54:b6:fc:ee:e6:8f:e6:ae:80:31:06:45:10:
         c4:a1:54:f8:80:bc:b0:4d:4d:d7:ad:9d:e2:8a:c4:4b:c7:41:
         cf:32:fa:19:2f:27:b1:48:2d:a5:12:0e:ad:b4:b4:cb:ab:6e:
         55:3b:8d:e0:c5:03:b5:b1:1e:7d:9b:5d:0b:a8:84:93:e8:e3:
         42:9b:03:a4:80:20:be:12:06:90:91:35:db:31:1c:9b:34:91:
         16:11:a5:43:c2:d9:87:7a:99:8c:99:58:73:f7:63:85:0b:67:
         cf:a7:d8:60:31:92:de:b0:5c:ac:1b:f7:f5:17:63:4e:d7:0e:
         7b:16:d3:76:66:ef:fa:29:dd:d0:b1:15:db:9f:2b:29:a7:22:
         67:a7:12:1e:61:09:bb:d2:ce:b3:91:5b:82:08:7f:ad:fb:70:
         1c:bd:4f:64:2e:a8:97:c3:1c:3f:ac:df:55:ed:7a:38:d6:25:
         88:a7:86:93
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDIq/VMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGIw
ZTRjYWRhZmNmN2UwM2FmZTI4OTI1YWRmMzUwZjEyODZkYjdiMjUwHhcNMjMwNzI4
MDMwMTQwWhcNMjUwNzI5MDMwMTQwWjAzMTEwLwYDVQQDEyg5YzA5OGQ5MjZjMmZi
NWE4OTUxZGUwN2Y5ZjU2NDk4OGYwMzMxYmRjMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAlwsls4CxfqC3iTVGbJTkXmICeVcLjpEe8b62Iu58qrBUIf1V
3RRnFdLfZNgm4kL0QrJHmvlFK4vOmLkZyQNpBSur5t2XzFdVrosaWrqJ2DsyQmGo
5ToQ3c88R1OFv9aiZ1nRz61vlMI3lBi5JCY7z0U/dyqfuADUDB/BFoJXz8LXnscb
PhYLWBA+xh6g0lxyzhp6VP3jKqMM5PhEBTUaKCJOEBivr1bJA+44veaiNPFf4ldE
+bRi/7kup7DTirkr/DY2PguySvh19zlrBngeKly2aNZzvsjwAzh8orSFX3wF4/Kg
vZoXPEVQopzUwJWg467cT7jGDv7WZZKS8K4Z8QIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFDc5FjuUe+yhBfG0DGO2rOANA6XOMB8GA1UdIwQYMBaAFNaRNNTUo5m3dxWU
ae+IZyBfwVVzMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYjBlNGNh
ZGFmY2Y3ZTAzYWZlMjg5MjVhZGYzNTBmMTI4NmRiN2IyNS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvOWQ4YjhmYWEtYmJlMy00MzcxLWE5NWEtZGIxOTdk
ZmQzYmJmLzljMDk4ZDkyNmMyZmI1YTg5NTFkZTA3ZjlmNTY0OTg4ZjAzMzFiZGMu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy85ZDhiOGZhYS1iYmUzLTQzNzEtYTk1YS1kYjE5
N2RmZDNiYmYvYjBlNGNhZGFmY2Y3ZTAzYWZlMjg5MjVhZGYzNTBmMTI4NmRiN2Iy
NS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAYq6BjANBgkqhkiG9w0BAQsFAAOCAQEAj9zJtqWvybripVRP
Y4Wmc2PMu6nJ9YYKSsbmnSwU7QjOciPzS/Qkxp6VOBq9jqbOaEHh14fLe+p1rZgw
pW+Z6+1pGzFmgrgg86mZWHRUtvzu5o/mroAxBkUQxKFU+IC8sE1N162d4orES8dB
zzL6GS8nsUgtpRIOrbS0y6tuVTuN4MUDtbEefZtdC6iEk+jjQpsDpIAgvhIGkJE1
2zEcmzSRFhGlQ8LZh3qZjJlYc/djhQtnz6fYYDGS3rBcrBv39RdjTtcOexbTdmbv
+ind0LEV258rKaciZ6cSHmEJu9LOs5Fbggh/rftwHL1PZC6ol8McP6zfVe16ONYl
iKeGkw==
-----END CERTIFICATE-----
Generated at Mon Feb 26 06:19:42 2024 by rpki-client on console-fra.rpki-client.org