Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/aacf58c3-f7f6-4438-9bc7-495121332594/13906d699cc6a88c2dd0e96a17f8c50746eabfc4.roa
File:                     13906d699cc6a88c2dd0e96a17f8c50746eabfc4.roa (raw, json)
Hash identifier:          8IphKWbiyV7D0WniX6adMQlrhogTsKL5eVj6xh8ClfM=
Subject key identifier:   26:CD:07:B8:33:98:9A:32:33:28:A1:0C:C4:9A:1A:14:0F:54:D0:CF
Certificate issuer:       /CN=bf38729659b3ab84a635f8b5534cde56fe622a7b
Certificate serial:       23EC25
Authority key identifier: A5:5D:CF:19:72:8B:E3:B8:A2:A9:1C:6A:38:EB:B5:3E:86:16:0C:0E
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/bf38729659b3ab84a635f8b5534cde56fe622a7b.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/aacf58c3-f7f6-4438-9bc7-495121332594/13906d699cc6a88c2dd0e96a17f8c50746eabfc4.roa
Signing time:             Mon 02 Oct 2023 13:51:23 +0000
ROA not before:           Sun 01 Oct 2023 13:51:23 +0000
ROA not after:            Thu 02 Oct 2025 14:51:23 +0000
asID:                     14232
IP address blocks:        201.219.64.0/19 maxlen: 24
                          179.51.80.0/20 maxlen: 22
                          201.219.96.0/20 maxlen: 24
                          138.219.4.0/22 maxlen: 22
                          170.78.200.0/22 maxlen: 22
                          2800:2b0::/32 maxlen: 32

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/aacf58c3-f7f6-4438-9bc7-495121332594/bf38729659b3ab84a635f8b5534cde56fe622a7b.crl
                          rsync://repository.lacnic.net/rpki/lacnic/aacf58c3-f7f6-4438-9bc7-495121332594/bf38729659b3ab84a635f8b5534cde56fe622a7b.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/bf38729659b3ab84a635f8b5534cde56fe622a7b.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Tue 05 Mar 2024 04:16:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2354213 (0x23ec25)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bf38729659b3ab84a635f8b5534cde56fe622a7b
        Validity
            Not Before: Oct  1 13:51:23 2023 GMT
            Not After : Oct  2 14:51:23 2025 GMT
        Subject: CN=13906d699cc6a88c2dd0e96a17f8c50746eabfc4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:03:a8:81:c5:7d:7f:1b:35:d0:a0:7f:ab:f1:
                    1c:1b:ca:cd:bf:7c:1f:9a:dc:72:61:2b:1e:81:08:
                    a8:b3:f8:88:9d:db:16:4f:b4:4a:ea:14:46:d4:2f:
                    ab:e8:66:1d:21:06:04:28:22:6e:7f:4f:8e:2e:3a:
                    bf:ea:e5:b3:33:75:88:bb:73:c2:28:6e:17:b3:04:
                    af:41:0c:3c:9f:85:55:69:3b:5d:03:9c:0a:82:d6:
                    a6:26:24:e2:46:f4:b2:3e:00:75:27:ae:fe:52:5f:
                    6b:2a:56:71:3b:87:a5:99:62:4b:24:9c:88:f0:5c:
                    a0:72:5e:82:12:d1:1e:18:b9:c4:6b:ee:20:39:2c:
                    b4:a9:75:00:11:c6:9a:b2:a0:f5:e6:f8:91:24:42:
                    40:2b:3d:3a:b6:59:3b:7a:e9:aa:59:f5:5a:3c:41:
                    f5:8b:15:df:0a:a8:99:a5:15:a3:66:85:09:04:33:
                    ea:77:95:d5:09:96:56:cd:85:fd:6b:9f:d0:18:cc:
                    38:67:42:87:eb:d0:c8:b9:e5:2e:3f:f9:50:08:28:
                    7a:ce:f9:40:cb:c3:eb:f6:28:76:18:b8:5a:8a:92:
                    4a:46:17:de:fa:15:02:57:24:08:8a:5e:f7:be:82:
                    44:cc:be:40:da:24:f0:4f:89:91:ef:08:67:43:11:
                    3c:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                26:CD:07:B8:33:98:9A:32:33:28:A1:0C:C4:9A:1A:14:0F:54:D0:CF
            X509v3 Authority Key Identifier:
                keyid:A5:5D:CF:19:72:8B:E3:B8:A2:A9:1C:6A:38:EB:B5:3E:86:16:0C:0E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/bf38729659b3ab84a635f8b5534cde56fe622a7b.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/aacf58c3-f7f6-4438-9bc7-495121332594/13906d699cc6a88c2dd0e96a17f8c50746eabfc4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/aacf58c3-f7f6-4438-9bc7-495121332594/bf38729659b3ab84a635f8b5534cde56fe622a7b.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  138.219.4.0/22
                  170.78.200.0/22
                  179.51.80.0/20
                  201.219.64.0-201.219.111.255
                IPv6:
                  2800:2b0::/32

    Signature Algorithm: sha256WithRSAEncryption
         00:a4:28:89:a1:92:18:81:be:6a:41:da:d1:df:74:9d:52:bb:
         38:b0:16:33:78:65:d0:eb:d9:ac:30:d1:ab:27:0d:52:4a:53:
         8a:5b:66:cd:a6:02:2c:a9:cd:28:90:7d:56:fc:dd:52:ec:41:
         10:15:f0:d7:47:68:a1:e9:17:57:7d:d8:0c:dd:36:aa:70:57:
         4e:f8:f1:a1:82:66:8b:b3:f6:37:bb:88:fd:d6:35:85:ff:83:
         8c:50:57:ec:7e:c8:06:91:ef:b5:83:a9:e2:dd:65:70:9c:06:
         9d:6c:ed:10:30:89:a5:7d:a8:d1:a6:b4:09:cc:f4:6e:22:95:
         10:44:55:38:63:3d:19:da:0f:07:06:a2:77:cd:53:8d:c8:78:
         46:97:80:05:76:46:8d:28:e3:08:7d:ed:b8:09:ad:e7:85:ee:
         bc:14:e4:68:9f:ae:a4:92:89:91:5e:54:8e:34:47:25:e7:5e:
         b4:bc:db:d1:85:60:4a:39:36:71:d0:5c:36:3d:3e:77:06:a0:
         80:44:c3:a6:4e:bb:0a:5d:61:f6:9d:14:46:f8:fd:be:87:e0:
         cc:70:f0:08:d9:78:93:0e:38:c2:92:4a:1e:f0:fd:ce:aa:01:
         d1:b1:53:a9:e8:2e:4f:40:c0:ee:08:b5:de:51:2c:93:73:b7:
         c5:04:2d:6c
-----BEGIN CERTIFICATE-----
MIIFaTCCBFGgAwIBAgIDI+wlMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGJm
Mzg3Mjk2NTliM2FiODRhNjM1ZjhiNTUzNGNkZTU2ZmU2MjJhN2IwHhcNMjMxMDAx
MTM1MTIzWhcNMjUxMDAyMTQ1MTIzWjAzMTEwLwYDVQQDEygxMzkwNmQ2OTljYzZh
ODhjMmRkMGU5NmExN2Y4YzUwNzQ2ZWFiZmM0MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEApgOogcV9fxs10KB/q/EcG8rNv3wfmtxyYSsegQios/iIndsW
T7RK6hRG1C+r6GYdIQYEKCJuf0+OLjq/6uWzM3WIu3PCKG4XswSvQQw8n4VVaTtd
A5wKgtamJiTiRvSyPgB1J67+Ul9rKlZxO4elmWJLJJyI8Fygcl6CEtEeGLnEa+4g
OSy0qXUAEcaasqD15viRJEJAKz06tlk7eumqWfVaPEH1ixXfCqiZpRWjZoUJBDPq
d5XVCZZWzYX9a5/QGMw4Z0KH69DIueUuP/lQCCh6zvlAy8Pr9ih2GLhaipJKRhfe
+hUCVyQIil73voJEzL5A2iTwT4mR7whnQxE8VQIDAQABo4IChDCCAoAwHQYDVR0O
BBYEFCbNB7gzmJoyMyihDMSaGhQPVNDPMB8GA1UdIwQYMBaAFKVdzxlyi+O4oqkc
ajjrtT6GFgwOMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYmYzODcy
OTY1OWIzYWI4NGE2MzVmOGI1NTM0Y2RlNTZmZTYyMmE3Yi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvYWFjZjU4YzMtZjdmNi00NDM4LTliYzctNDk1MTIx
MzMyNTk0LzEzOTA2ZDY5OWNjNmE4OGMyZGQwZTk2YTE3ZjhjNTA3NDZlYWJmYzQu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9hYWNmNThjMy1mN2Y2LTQ0MzgtOWJjNy00OTUx
MjEzMzI1OTQvYmYzODcyOTY1OWIzYWI4NGE2MzVmOGI1NTM0Y2RlNTZmZTYyMmE3
Yi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBIBggrBgEFBQcBBwEB/wQ5
MDcwJgQCAAEwIAMEAorbBAMEAqpOyAMEBLMzUDAMAwQGydtAAwQEydtgMA0EAgAC
MAcDBQAoAAKwMA0GCSqGSIb3DQEBCwUAA4IBAQAApCiJoZIYgb5qQdrR33SdUrs4
sBYzeGXQ69msMNGrJw1SSlOKW2bNpgIsqc0okH1W/N1S7EEQFfDXR2ih6RdXfdgM
3TaqcFdO+PGhgmaLs/Y3u4j91jWF/4OMUFfsfsgGke+1g6ni3WVwnAadbO0QMIml
fajRprQJzPRuIpUQRFU4Yz0Z2g8HBqJ3zVONyHhGl4AFdkaNKOMIfe24Ca3nhe68
FORon66kkomRXlSONEcl5160vNvRhWBKOTZx0Fw2PT53BqCARMOmTrsKXWH2nRRG
+P2+h+DMcPAI2XiTDjjCkkoe8P3OqgHRsVOp6C5PQMDuCLXeUSyTc7fFBC1s
-----END CERTIFICATE-----
Generated at Sat Mar 2 04:07:14 2024 by rpki-client on console-fra.rpki-client.org