Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/abf195ce-c43e-43e6-82ba-d77689680787/3fc849a129f007500819a3f2ed01623679183bca.roa
File:                     3fc849a129f007500819a3f2ed01623679183bca.roa (raw, json)
Hash identifier:          lTi18EQKU8yNKGFO7qlI4PIax+48acF2TX8RG1EB7xk=
Subject key identifier:   45:2C:D8:1B:A1:F8:01:3C:AE:95:3F:29:E7:E1:D5:CB:88:78:49:C9
Certificate issuer:       /CN=d5747c1980bcbeed56cb517c667a966b8945ceee
Certificate serial:       1AAE3C
Authority key identifier: 14:74:15:68:E4:29:6E:2A:6B:BC:B9:4E:B9:1C:D3:85:E4:1C:7A:F4
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/d5747c1980bcbeed56cb517c667a966b8945ceee.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/abf195ce-c43e-43e6-82ba-d77689680787/3fc849a129f007500819a3f2ed01623679183bca.roa
Signing time:             Wed 07 Sep 2022 22:30:30 +0000
ROA not before:           Wed 07 Sep 2022 20:49:37 +0000
ROA not after:            Sat 07 Sep 2024 20:49:37 +0000
asID:                     262145
IP address blocks:        190.211.123.0/24 maxlen: 25

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/abf195ce-c43e-43e6-82ba-d77689680787/d5747c1980bcbeed56cb517c667a966b8945ceee.crl
                          rsync://repository.lacnic.net/rpki/lacnic/abf195ce-c43e-43e6-82ba-d77689680787/d5747c1980bcbeed56cb517c667a966b8945ceee.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/d5747c1980bcbeed56cb517c667a966b8945ceee.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 03:49:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1748540 (0x1aae3c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d5747c1980bcbeed56cb517c667a966b8945ceee
        Validity
            Not Before: Sep  7 20:49:37 2022 GMT
            Not After : Sep  7 20:49:37 2024 GMT
        Subject: CN=3fc849a129f007500819a3f2ed01623679183bca
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:a8:73:e1:1a:99:cf:11:d5:a2:cd:ab:f5:34:
                    99:ca:4a:af:0d:6d:c3:df:c2:e9:29:19:cd:3c:c3:
                    99:a7:0d:f4:65:70:08:3a:cd:29:58:57:71:87:58:
                    34:13:40:a5:50:6d:60:6b:0d:a2:a7:fd:32:9c:22:
                    6c:8f:54:3b:b1:7f:00:11:67:7a:e0:2f:25:6e:27:
                    e0:40:1d:1a:79:00:33:5a:d2:aa:69:07:cd:1a:54:
                    32:04:54:47:78:63:f7:f3:d4:44:e9:10:96:2b:94:
                    f7:c6:87:5d:88:28:9d:9a:02:89:1a:f5:4d:3e:55:
                    d5:06:59:5a:f3:b0:5a:21:bd:48:48:8c:5d:78:83:
                    7d:a4:6a:5f:72:17:fb:02:4a:be:db:a6:da:25:c5:
                    0a:31:20:69:ad:b4:0e:63:be:04:51:d1:c5:30:e1:
                    42:03:88:f3:25:b0:67:20:ff:c1:65:70:28:4a:71:
                    c4:1c:2a:b0:b9:cc:a8:db:ea:8d:22:99:18:9e:85:
                    2b:75:41:df:b2:f7:52:91:20:6b:c4:2d:a2:bb:0a:
                    c2:31:f9:dd:0c:88:e1:43:7c:57:36:fa:3c:90:81:
                    1e:36:0b:c5:3d:44:38:e5:50:5d:1d:49:4f:3f:c0:
                    38:d5:0f:b2:86:41:f0:81:20:6e:34:e3:47:6a:f2:
                    f5:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                45:2C:D8:1B:A1:F8:01:3C:AE:95:3F:29:E7:E1:D5:CB:88:78:49:C9
            X509v3 Authority Key Identifier:
                keyid:14:74:15:68:E4:29:6E:2A:6B:BC:B9:4E:B9:1C:D3:85:E4:1C:7A:F4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/d5747c1980bcbeed56cb517c667a966b8945ceee.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/abf195ce-c43e-43e6-82ba-d77689680787/3fc849a129f007500819a3f2ed01623679183bca.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/abf195ce-c43e-43e6-82ba-d77689680787/d5747c1980bcbeed56cb517c667a966b8945ceee.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.211.123.0/24

    Signature Algorithm: sha256WithRSAEncryption
         72:56:2c:37:18:28:08:63:9f:08:59:14:30:79:fc:8a:26:de:
         53:3d:8b:52:30:0f:20:ef:6b:8d:97:b9:9e:2c:6c:5f:9f:47:
         a7:88:c9:89:4a:1e:8d:f8:5b:94:d9:2b:c9:85:db:f4:93:34:
         05:c7:b8:14:dd:b8:8d:43:93:2b:90:fc:5f:54:85:97:13:f7:
         61:27:5a:82:ee:3b:9b:a7:95:0f:00:72:d1:11:29:a8:97:3d:
         45:18:68:4d:93:e6:a9:40:1f:49:1d:59:d4:62:5d:64:50:0e:
         58:96:91:91:58:56:8c:9d:a5:0f:4a:eb:29:56:7d:6a:da:83:
         40:5f:62:54:ef:29:90:ae:38:a3:7f:c7:5e:87:29:6a:ab:11:
         d6:4e:bb:f2:dd:94:0d:e1:e0:14:54:20:ea:a3:6b:af:95:78:
         01:54:c0:0d:b8:82:af:1f:bd:ae:56:ad:2e:90:f5:eb:4b:a6:
         55:ab:1c:f0:1d:90:59:b7:64:f3:f0:29:1e:3c:b4:b4:17:89:
         9d:0d:3f:66:1f:65:a6:fb:04:79:25:ea:fc:9c:1f:fd:19:c1:
         ac:c2:4d:34:29:f6:08:6a:1e:0e:0b:b5:3b:c8:17:f7:7d:bb:
         36:13:57:f6:7f:9c:ed:db:54:52:65:51:2f:d6:bf:a3:c5:39:
         eb:c3:56:96
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDGq48MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGQ1
NzQ3YzE5ODBiY2JlZWQ1NmNiNTE3YzY2N2E5NjZiODk0NWNlZWUwHhcNMjIwOTA3
MjA0OTM3WhcNMjQwOTA3MjA0OTM3WjAzMTEwLwYDVQQDEygzZmM4NDlhMTI5ZjAw
NzUwMDgxOWEzZjJlZDAxNjIzNjc5MTgzYmNhMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAp6hz4RqZzxHVos2r9TSZykqvDW3D38LpKRnNPMOZpw30ZXAI
Os0pWFdxh1g0E0ClUG1gaw2ip/0ynCJsj1Q7sX8AEWd64C8lbifgQB0aeQAzWtKq
aQfNGlQyBFRHeGP389RE6RCWK5T3xoddiCidmgKJGvVNPlXVBlla87BaIb1ISIxd
eIN9pGpfchf7Akq+26baJcUKMSBprbQOY74EUdHFMOFCA4jzJbBnIP/BZXAoSnHE
HCqwucyo2+qNIpkYnoUrdUHfsvdSkSBrxC2iuwrCMfndDIjhQ3xXNvo8kIEeNgvF
PUQ45VBdHUlPP8A41Q+yhkHwgSBuNONHavL1MwIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFEUs2Buh+AE8rpU/Kefh1cuIeEnJMB8GA1UdIwQYMBaAFBR0FWjkKW4qa7y5
Trkc04XkHHr0MA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvZDU3NDdj
MTk4MGJjYmVlZDU2Y2I1MTdjNjY3YTk2NmI4OTQ1Y2VlZS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvYWJmMTk1Y2UtYzQzZS00M2U2LTgyYmEtZDc3Njg5
NjgwNzg3LzNmYzg0OWExMjlmMDA3NTAwODE5YTNmMmVkMDE2MjM2NzkxODNiY2Eu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9hYmYxOTVjZS1jNDNlLTQzZTYtODJiYS1kNzc2
ODk2ODA3ODcvZDU3NDdjMTk4MGJjYmVlZDU2Y2I1MTdjNjY3YTk2NmI4OTQ1Y2Vl
ZS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAL7TezANBgkqhkiG9w0BAQsFAAOCAQEAclYsNxgoCGOfCFkU
MHn8iibeUz2LUjAPIO9rjZe5nixsX59Hp4jJiUoejfhblNkryYXb9JM0Bce4FN24
jUOTK5D8X1SFlxP3YSdagu47m6eVDwBy0REpqJc9RRhoTZPmqUAfSR1Z1GJdZFAO
WJaRkVhWjJ2lD0rrKVZ9atqDQF9iVO8pkK44o3/HXocpaqsR1k678t2UDeHgFFQg
6qNrr5V4AVTADbiCrx+9rlatLpD160umVasc8B2QWbdk8/ApHjy0tBeJnQ0/Zh9l
pvsEeSXq/Jwf/RnBrMJNNCn2CGoeDgu1O8gX9327NhNX9n+c7dtUUmVRL9a/o8U5
68NWlg==
-----END CERTIFICATE-----
Generated at Thu Mar 28 08:12:28 2024 by rpki-client on console-ams.rpki-client.org