Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/abf195ce-c43e-43e6-82ba-d77689680787/8c23b3ae3007f22f8f0aca23f2e77a895dca8dd8.roa
File:                     8c23b3ae3007f22f8f0aca23f2e77a895dca8dd8.roa (raw, json)
Hash identifier:          xTybAf+AzTRDz8IahHYc4kxsQSzIBdTC7bU57HMWdb8=
Subject key identifier:   C9:E3:60:4C:9C:AB:67:A7:5B:A4:3E:11:9B:17:23:DE:A1:B2:25:87
Certificate issuer:       /CN=d5747c1980bcbeed56cb517c667a966b8945ceee
Certificate serial:       1AB99E
Authority key identifier: 14:74:15:68:E4:29:6E:2A:6B:BC:B9:4E:B9:1C:D3:85:E4:1C:7A:F4
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/d5747c1980bcbeed56cb517c667a966b8945ceee.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/abf195ce-c43e-43e6-82ba-d77689680787/8c23b3ae3007f22f8f0aca23f2e77a895dca8dd8.roa
Signing time:             Wed 07 Sep 2022 22:31:46 +0000
ROA not before:           Wed 07 Sep 2022 20:49:37 +0000
ROA not after:            Sat 07 Sep 2024 20:49:37 +0000
asID:                     262145
IP address blocks:        190.211.125.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/abf195ce-c43e-43e6-82ba-d77689680787/d5747c1980bcbeed56cb517c667a966b8945ceee.crl
                          rsync://repository.lacnic.net/rpki/lacnic/abf195ce-c43e-43e6-82ba-d77689680787/d5747c1980bcbeed56cb517c667a966b8945ceee.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/d5747c1980bcbeed56cb517c667a966b8945ceee.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 19:38:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1751454 (0x1ab99e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d5747c1980bcbeed56cb517c667a966b8945ceee
        Validity
            Not Before: Sep  7 20:49:37 2022 GMT
            Not After : Sep  7 20:49:37 2024 GMT
        Subject: CN=8c23b3ae3007f22f8f0aca23f2e77a895dca8dd8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:17:20:cf:d9:68:49:ff:67:be:f7:66:78:5d:
                    23:a1:c5:b1:d9:85:43:21:09:10:0b:56:bf:76:1a:
                    6b:0c:d1:a9:b9:83:c4:01:66:3a:ec:d3:13:4e:99:
                    b1:4d:65:eb:ea:2f:3f:73:2b:4b:69:86:71:cf:9c:
                    3b:a6:a1:04:5b:72:ee:ef:17:fd:67:1a:2c:9d:6c:
                    be:f1:79:67:5c:5f:5f:f7:c8:15:54:1f:db:66:5f:
                    2d:3f:90:57:d7:df:5b:69:b2:e5:51:e5:44:58:29:
                    56:02:6b:ac:ec:6a:ad:9c:33:8e:bb:a3:0d:28:83:
                    50:6b:83:f4:89:cf:94:54:11:07:6a:3c:ae:b6:f1:
                    4c:ba:79:fb:98:25:1d:41:e1:34:c6:b6:1f:1c:93:
                    f4:79:b2:1c:75:91:ec:89:21:80:aa:72:73:84:a0:
                    08:d0:56:2e:6a:57:3e:c5:97:64:b4:8f:67:4d:d2:
                    b5:7d:06:f9:4c:ef:df:49:02:9d:40:15:6e:22:af:
                    1e:ed:e1:d7:6a:cb:cc:19:e5:cf:93:ec:6a:fe:a9:
                    65:90:0f:98:f2:96:ad:1e:45:94:23:42:1c:86:f3:
                    a7:ea:c3:41:b0:3f:97:a9:ae:8e:7e:73:60:7f:09:
                    da:4c:61:46:1d:37:76:43:80:1f:d7:7d:ea:26:c6:
                    f5:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C9:E3:60:4C:9C:AB:67:A7:5B:A4:3E:11:9B:17:23:DE:A1:B2:25:87
            X509v3 Authority Key Identifier:
                keyid:14:74:15:68:E4:29:6E:2A:6B:BC:B9:4E:B9:1C:D3:85:E4:1C:7A:F4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/d5747c1980bcbeed56cb517c667a966b8945ceee.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/abf195ce-c43e-43e6-82ba-d77689680787/8c23b3ae3007f22f8f0aca23f2e77a895dca8dd8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/abf195ce-c43e-43e6-82ba-d77689680787/d5747c1980bcbeed56cb517c667a966b8945ceee.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.211.125.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0a:4e:cd:e5:32:97:98:7c:a7:04:24:da:a3:d4:81:7c:19:6c:
         27:9e:6c:50:e6:8d:4e:d9:db:47:98:d1:0a:58:0f:a1:d2:03:
         58:98:54:59:42:77:5a:d4:e5:4c:82:18:dc:a5:4c:86:21:45:
         bd:07:6e:e4:fc:da:0f:6a:b9:4e:03:db:83:be:65:6a:27:2b:
         1d:46:7e:02:27:2b:12:cd:1a:d9:f7:83:ac:90:7a:7a:16:48:
         6b:ea:7e:1c:c4:4e:2c:67:8f:0d:f4:a3:e1:84:4b:a4:a8:5d:
         f8:7e:b8:f3:81:5c:df:27:c8:e7:72:8f:b0:cb:b3:b0:a7:ec:
         5c:b5:9b:0a:b5:7a:b0:55:b1:37:4d:0d:30:eb:f4:81:e6:8e:
         35:55:3d:70:65:bc:1b:10:c3:ac:3c:32:ae:a5:c2:61:7c:99:
         f3:d4:ae:aa:96:9a:7b:73:b1:87:05:ed:b2:cc:26:4c:ae:56:
         eb:e3:9e:28:7c:b2:b2:3b:3b:28:04:a0:ac:df:15:6d:82:c4:
         31:35:db:b4:15:ce:bc:11:e5:8f:a4:17:d4:e7:9a:07:fa:3d:
         7c:2d:92:fc:79:1c:cc:b7:11:21:e2:a8:17:24:2c:82:13:bb:
         6a:91:c7:36:93:b1:21:89:e3:be:d7:16:c5:ba:45:9b:98:b1:
         c9:0b:4a:2a
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDGrmeMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGQ1
NzQ3YzE5ODBiY2JlZWQ1NmNiNTE3YzY2N2E5NjZiODk0NWNlZWUwHhcNMjIwOTA3
MjA0OTM3WhcNMjQwOTA3MjA0OTM3WjAzMTEwLwYDVQQDEyg4YzIzYjNhZTMwMDdm
MjJmOGYwYWNhMjNmMmU3N2E4OTVkY2E4ZGQ4MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAhhcgz9loSf9nvvdmeF0jocWx2YVDIQkQC1a/dhprDNGpuYPE
AWY67NMTTpmxTWXr6i8/cytLaYZxz5w7pqEEW3Lu7xf9ZxosnWy+8XlnXF9f98gV
VB/bZl8tP5BX199babLlUeVEWClWAmus7GqtnDOOu6MNKINQa4P0ic+UVBEHajyu
tvFMunn7mCUdQeE0xrYfHJP0ebIcdZHsiSGAqnJzhKAI0FYualc+xZdktI9nTdK1
fQb5TO/fSQKdQBVuIq8e7eHXasvMGeXPk+xq/qllkA+Y8patHkWUI0IchvOn6sNB
sD+Xqa6OfnNgfwnaTGFGHTd2Q4Af133qJsb1CQIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFMnjYEycq2enW6Q+EZsXI96hsiWHMB8GA1UdIwQYMBaAFBR0FWjkKW4qa7y5
Trkc04XkHHr0MA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvZDU3NDdj
MTk4MGJjYmVlZDU2Y2I1MTdjNjY3YTk2NmI4OTQ1Y2VlZS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvYWJmMTk1Y2UtYzQzZS00M2U2LTgyYmEtZDc3Njg5
NjgwNzg3LzhjMjNiM2FlMzAwN2YyMmY4ZjBhY2EyM2YyZTc3YTg5NWRjYThkZDgu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9hYmYxOTVjZS1jNDNlLTQzZTYtODJiYS1kNzc2
ODk2ODA3ODcvZDU3NDdjMTk4MGJjYmVlZDU2Y2I1MTdjNjY3YTk2NmI4OTQ1Y2Vl
ZS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAL7TfTANBgkqhkiG9w0BAQsFAAOCAQEACk7N5TKXmHynBCTa
o9SBfBlsJ55sUOaNTtnbR5jRClgPodIDWJhUWUJ3WtTlTIIY3KVMhiFFvQdu5Pza
D2q5TgPbg75laicrHUZ+AicrEs0a2feDrJB6ehZIa+p+HMROLGePDfSj4YRLpKhd
+H6484Fc3yfI53KPsMuzsKfsXLWbCrV6sFWxN00NMOv0geaONVU9cGW8GxDDrDwy
rqXCYXyZ89Suqpaae3OxhwXtsswmTK5W6+OeKHyysjs7KASgrN8VbYLEMTXbtBXO
vBHlj6QX1OeaB/o9fC2S/HkczLcRIeKoFyQsghO7apHHNpOxIYnjvtcWxbpFm5ix
yQtKKg==
-----END CERTIFICATE-----
Generated at Fri Mar 29 03:23:57 2024 by rpki-client on console-ams.rpki-client.org