Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/abf195ce-c43e-43e6-82ba-d77689680787/7b8c8545e5aea08e15efa9fd6e6ce84b489e88e9.roa
File:                     7b8c8545e5aea08e15efa9fd6e6ce84b489e88e9.roa (raw, json)
Hash identifier:          x+YOzBiUkC+20gh3fnYmf3CMmUCjNDU69NeK89HERq8=
Subject key identifier:   15:46:C7:AE:A0:39:35:3B:45:D2:F3:71:B7:A3:CA:1E:13:84:31:7D
Certificate issuer:       /CN=d5747c1980bcbeed56cb517c667a966b8945ceee
Certificate serial:       1ABCC1
Authority key identifier: 14:74:15:68:E4:29:6E:2A:6B:BC:B9:4E:B9:1C:D3:85:E4:1C:7A:F4
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/d5747c1980bcbeed56cb517c667a966b8945ceee.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/abf195ce-c43e-43e6-82ba-d77689680787/7b8c8545e5aea08e15efa9fd6e6ce84b489e88e9.roa
Signing time:             Wed 07 Sep 2022 22:32:18 +0000
ROA not before:           Wed 07 Sep 2022 20:49:37 +0000
ROA not after:            Sat 07 Sep 2024 20:49:37 +0000
asID:                     262145
IP address blocks:        190.211.126.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/abf195ce-c43e-43e6-82ba-d77689680787/d5747c1980bcbeed56cb517c667a966b8945ceee.crl
                          rsync://repository.lacnic.net/rpki/lacnic/abf195ce-c43e-43e6-82ba-d77689680787/d5747c1980bcbeed56cb517c667a966b8945ceee.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/d5747c1980bcbeed56cb517c667a966b8945ceee.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 03:49:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1752257 (0x1abcc1)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d5747c1980bcbeed56cb517c667a966b8945ceee
        Validity
            Not Before: Sep  7 20:49:37 2022 GMT
            Not After : Sep  7 20:49:37 2024 GMT
        Subject: CN=7b8c8545e5aea08e15efa9fd6e6ce84b489e88e9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:4b:86:1e:7e:bb:bd:3f:ec:70:09:89:18:ed:
                    97:65:25:74:cc:6d:42:13:4d:69:75:d4:a6:f8:01:
                    64:0b:e7:5c:1e:49:d7:26:ea:5a:c1:bb:59:a5:4e:
                    75:7f:a0:16:48:a3:cc:3b:0c:67:64:4c:5d:b3:81:
                    87:37:b9:5e:d1:ea:6c:cb:7c:3a:ee:47:57:66:17:
                    73:e7:f2:ab:30:8c:db:66:36:13:e3:c9:7e:d3:52:
                    5d:d9:e4:1c:29:0c:a0:7c:f7:8d:99:8a:28:f8:8e:
                    e0:91:f7:8e:73:ea:ff:84:82:ad:12:73:98:fe:51:
                    d1:d3:39:85:aa:45:11:ff:b9:b8:0a:c0:76:59:ec:
                    ff:87:ea:83:1a:be:fb:f0:57:61:2b:50:9b:fe:fb:
                    8b:28:de:1c:6e:9b:4a:0b:6c:28:06:41:20:53:32:
                    d5:46:1e:ee:3d:6a:aa:11:5c:ed:14:63:1e:01:7d:
                    19:11:f6:c8:bf:82:ee:98:0e:97:c1:30:5e:7c:d1:
                    b1:83:38:05:d4:b3:e9:88:f9:bc:a5:3b:51:a4:3a:
                    80:5b:a5:59:0d:6f:dd:36:30:22:28:3d:7b:e7:98:
                    72:51:e8:fb:53:db:cd:81:1a:0e:be:9e:3f:9b:39:
                    71:6e:a4:52:33:dd:2d:cd:e5:33:bf:77:53:91:0f:
                    4d:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                15:46:C7:AE:A0:39:35:3B:45:D2:F3:71:B7:A3:CA:1E:13:84:31:7D
            X509v3 Authority Key Identifier:
                keyid:14:74:15:68:E4:29:6E:2A:6B:BC:B9:4E:B9:1C:D3:85:E4:1C:7A:F4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/d5747c1980bcbeed56cb517c667a966b8945ceee.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/abf195ce-c43e-43e6-82ba-d77689680787/7b8c8545e5aea08e15efa9fd6e6ce84b489e88e9.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/abf195ce-c43e-43e6-82ba-d77689680787/d5747c1980bcbeed56cb517c667a966b8945ceee.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.211.126.0/24

    Signature Algorithm: sha256WithRSAEncryption
         12:00:36:aa:d9:b0:3d:e9:3f:f4:9f:fa:c6:c9:4a:88:01:d7:
         cd:c7:7a:7e:67:93:3f:f2:e4:0d:c4:3a:aa:8f:e8:6f:d1:6d:
         1c:30:81:55:2a:ed:cf:24:cc:dd:06:13:42:16:1e:b0:21:80:
         65:7d:a1:3f:95:53:ab:22:89:b4:ac:19:6f:cb:ae:dd:84:8f:
         77:67:9f:9f:85:4f:f2:dc:b6:43:d3:20:36:e2:a8:94:2f:c4:
         0f:b9:97:b7:27:66:ca:75:d6:d9:57:7b:38:d6:84:91:64:a4:
         7b:d8:48:41:20:e4:8c:1d:f8:0b:58:4d:5e:35:27:12:d3:45:
         67:be:7d:2c:fe:eb:dc:48:64:3b:05:cc:6d:37:eb:31:4b:e1:
         6f:63:56:ff:c2:90:07:72:c8:f1:ff:8b:58:fe:eb:35:1a:04:
         84:7b:f6:f7:d6:3e:7a:26:ab:8a:91:db:a9:c9:ac:02:a2:93:
         71:c3:fd:14:6f:6b:97:d2:92:27:e0:5e:a8:bc:f0:45:05:1b:
         6e:de:16:9c:3d:b0:3c:2a:5f:4a:bb:23:ac:87:75:95:5e:31:
         cb:bf:df:5d:04:76:92:00:cb:f0:dc:8a:ce:a3:ad:62:07:e9:
         f8:63:aa:89:5e:90:e5:43:48:79:7d:8a:5b:cb:49:20:22:de:
         ac:a8:ad:a7
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDGrzBMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGQ1
NzQ3YzE5ODBiY2JlZWQ1NmNiNTE3YzY2N2E5NjZiODk0NWNlZWUwHhcNMjIwOTA3
MjA0OTM3WhcNMjQwOTA3MjA0OTM3WjAzMTEwLwYDVQQDEyg3YjhjODU0NWU1YWVh
MDhlMTVlZmE5ZmQ2ZTZjZTg0YjQ4OWU4OGU5MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA10uGHn67vT/scAmJGO2XZSV0zG1CE01pddSm+AFkC+dcHknX
JupawbtZpU51f6AWSKPMOwxnZExds4GHN7le0epsy3w67kdXZhdz5/KrMIzbZjYT
48l+01Jd2eQcKQygfPeNmYoo+I7gkfeOc+r/hIKtEnOY/lHR0zmFqkUR/7m4CsB2
Wez/h+qDGr778FdhK1Cb/vuLKN4cbptKC2woBkEgUzLVRh7uPWqqEVztFGMeAX0Z
EfbIv4LumA6XwTBefNGxgzgF1LPpiPm8pTtRpDqAW6VZDW/dNjAiKD1755hyUej7
U9vNgRoOvp4/mzlxbqRSM90tzeUzv3dTkQ9NJwIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFBVGx66gOTU7RdLzcbejyh4ThDF9MB8GA1UdIwQYMBaAFBR0FWjkKW4qa7y5
Trkc04XkHHr0MA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvZDU3NDdj
MTk4MGJjYmVlZDU2Y2I1MTdjNjY3YTk2NmI4OTQ1Y2VlZS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvYWJmMTk1Y2UtYzQzZS00M2U2LTgyYmEtZDc3Njg5
NjgwNzg3LzdiOGM4NTQ1ZTVhZWEwOGUxNWVmYTlmZDZlNmNlODRiNDg5ZTg4ZTku
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9hYmYxOTVjZS1jNDNlLTQzZTYtODJiYS1kNzc2
ODk2ODA3ODcvZDU3NDdjMTk4MGJjYmVlZDU2Y2I1MTdjNjY3YTk2NmI4OTQ1Y2Vl
ZS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAL7TfjANBgkqhkiG9w0BAQsFAAOCAQEAEgA2qtmwPek/9J/6
xslKiAHXzcd6fmeTP/LkDcQ6qo/ob9FtHDCBVSrtzyTM3QYTQhYesCGAZX2hP5VT
qyKJtKwZb8uu3YSPd2efn4VP8ty2Q9MgNuKolC/ED7mXtydmynXW2Vd7ONaEkWSk
e9hIQSDkjB34C1hNXjUnEtNFZ759LP7r3EhkOwXMbTfrMUvhb2NW/8KQB3LI8f+L
WP7rNRoEhHv299Y+eiaripHbqcmsAqKTccP9FG9rl9KSJ+BeqLzwRQUbbt4WnD2w
PCpfSrsjrId1lV4xy7/fXQR2kgDL8NyKzqOtYgfp+GOqiV6Q5UNIeX2KW8tJICLe
rKitpw==
-----END CERTIFICATE-----
Generated at Thu Mar 28 08:36:04 2024 by rpki-client on console-fra.rpki-client.org