Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/abf195ce-c43e-43e6-82ba-d77689680787/babf6b22e5fb9f90d0a6f25636ab2b832ba489df.roa
File:                     babf6b22e5fb9f90d0a6f25636ab2b832ba489df.roa (raw, json)
Hash identifier:          wfz5kmjgeAVM+wlbLhY35FnP+dQO6yc24tgckhIMTCA=
Subject key identifier:   EB:AC:0B:27:50:DA:3C:E4:19:2F:85:CF:07:82:95:63:D3:F1:0C:83
Certificate issuer:       /CN=d5747c1980bcbeed56cb517c667a966b8945ceee
Certificate serial:       1A9D65
Authority key identifier: 14:74:15:68:E4:29:6E:2A:6B:BC:B9:4E:B9:1C:D3:85:E4:1C:7A:F4
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/d5747c1980bcbeed56cb517c667a966b8945ceee.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/abf195ce-c43e-43e6-82ba-d77689680787/babf6b22e5fb9f90d0a6f25636ab2b832ba489df.roa
Signing time:             Wed 07 Sep 2022 22:28:45 +0000
ROA not before:           Wed 07 Sep 2022 20:49:37 +0000
ROA not after:            Sat 07 Sep 2024 20:49:37 +0000
asID:                     262145
IP address blocks:        190.211.120.0/24 maxlen: 25

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/abf195ce-c43e-43e6-82ba-d77689680787/d5747c1980bcbeed56cb517c667a966b8945ceee.crl
                          rsync://repository.lacnic.net/rpki/lacnic/abf195ce-c43e-43e6-82ba-d77689680787/d5747c1980bcbeed56cb517c667a966b8945ceee.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/d5747c1980bcbeed56cb517c667a966b8945ceee.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 19:38:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1744229 (0x1a9d65)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d5747c1980bcbeed56cb517c667a966b8945ceee
        Validity
            Not Before: Sep  7 20:49:37 2022 GMT
            Not After : Sep  7 20:49:37 2024 GMT
        Subject: CN=babf6b22e5fb9f90d0a6f25636ab2b832ba489df
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:61:ce:7f:68:1d:9a:d8:fc:7f:b4:36:f0:32:
                    c3:2b:bb:a9:9b:03:dd:43:5c:98:74:35:5d:20:75:
                    7f:33:cf:64:9f:b8:f3:2f:c2:f9:a1:60:47:60:77:
                    cf:63:5c:2a:e0:34:da:b3:22:2e:c6:83:17:09:c1:
                    15:c8:af:1b:d4:00:7b:33:e7:b3:37:f6:e2:e2:46:
                    1e:1e:e9:4e:b3:4c:6b:6f:ff:a8:59:7a:67:30:ea:
                    72:74:a8:40:be:eb:7a:33:9e:67:57:7b:a6:df:4f:
                    6b:f6:df:1f:4e:17:d2:8a:75:58:98:dd:4c:d7:29:
                    dd:d8:76:5f:b6:f2:72:5c:0f:ad:53:df:e9:20:1d:
                    5f:2d:5c:d3:be:b1:53:82:8e:67:ac:3c:21:0a:0c:
                    f8:9e:be:fd:6d:d9:47:d0:44:ba:f9:a8:97:e6:4c:
                    58:dd:63:1c:6d:88:c5:92:19:7b:13:b2:be:75:df:
                    1e:1f:4d:1c:4d:14:9e:c4:94:f4:6e:8d:d2:be:43:
                    1d:8e:b9:8d:f8:05:a1:24:18:8c:ab:9a:ab:08:c3:
                    da:3e:b9:29:17:2e:2f:46:09:6b:4e:21:88:d7:ad:
                    7b:2b:1b:25:ce:5b:20:d0:91:bf:62:0b:a3:75:16:
                    ad:e0:95:29:f5:d5:bd:f5:a6:49:a4:5f:05:24:57:
                    6b:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EB:AC:0B:27:50:DA:3C:E4:19:2F:85:CF:07:82:95:63:D3:F1:0C:83
            X509v3 Authority Key Identifier:
                keyid:14:74:15:68:E4:29:6E:2A:6B:BC:B9:4E:B9:1C:D3:85:E4:1C:7A:F4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/d5747c1980bcbeed56cb517c667a966b8945ceee.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/abf195ce-c43e-43e6-82ba-d77689680787/babf6b22e5fb9f90d0a6f25636ab2b832ba489df.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/abf195ce-c43e-43e6-82ba-d77689680787/d5747c1980bcbeed56cb517c667a966b8945ceee.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.211.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         13:dc:64:ee:25:a0:87:0b:3c:f3:b7:65:0d:27:a8:25:8c:b2:
         f7:f9:5a:9e:71:55:6a:2c:51:d1:0d:2b:0f:f0:e2:49:11:49:
         78:ed:4d:10:04:64:93:d3:4e:7b:b9:e5:0e:59:de:bd:62:77:
         ff:cb:61:c2:c8:b1:e3:cb:5a:f1:d6:32:7f:ae:2c:51:ae:9a:
         7b:be:a8:be:6a:16:ec:fa:04:c3:6d:b5:41:28:8a:c8:91:db:
         a8:62:74:ad:ee:cf:8f:9a:04:50:87:97:21:b0:e2:b2:d5:d3:
         06:83:22:7e:73:79:59:6e:71:23:d2:82:45:07:4b:9d:9c:e2:
         e9:0f:71:27:40:5d:71:dc:51:d2:06:3c:5c:20:94:78:c2:db:
         12:b5:4b:00:38:74:4b:dc:dc:c2:cf:e0:d8:e9:6c:30:1a:df:
         c6:65:3a:d0:4e:25:30:7b:83:56:e8:e0:81:30:97:13:3c:ba:
         63:f0:88:08:00:77:32:25:2d:c5:aa:72:a1:1f:46:4a:d6:59:
         31:f6:52:ae:3b:ba:1f:59:ab:c5:e8:80:0a:9c:b9:de:60:0c:
         8c:57:73:32:ff:d5:1e:ed:21:a6:47:96:cb:7d:ab:64:1d:75:
         cb:7e:6e:a3:3b:62:07:c3:87:cc:e7:11:13:a9:30:f5:71:26:
         df:31:bb:e5
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDGp1lMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGQ1
NzQ3YzE5ODBiY2JlZWQ1NmNiNTE3YzY2N2E5NjZiODk0NWNlZWUwHhcNMjIwOTA3
MjA0OTM3WhcNMjQwOTA3MjA0OTM3WjAzMTEwLwYDVQQDEyhiYWJmNmIyMmU1ZmI5
ZjkwZDBhNmYyNTYzNmFiMmI4MzJiYTQ4OWRmMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAmGHOf2gdmtj8f7Q28DLDK7upmwPdQ1yYdDVdIHV/M89kn7jz
L8L5oWBHYHfPY1wq4DTasyIuxoMXCcEVyK8b1AB7M+ezN/bi4kYeHulOs0xrb/+o
WXpnMOpydKhAvut6M55nV3um309r9t8fThfSinVYmN1M1ynd2HZftvJyXA+tU9/p
IB1fLVzTvrFTgo5nrDwhCgz4nr79bdlH0ES6+aiX5kxY3WMcbYjFkhl7E7K+dd8e
H00cTRSexJT0bo3SvkMdjrmN+AWhJBiMq5qrCMPaPrkpFy4vRglrTiGI1617Kxsl
zlsg0JG/YgujdRat4JUp9dW99aZJpF8FJFdrlQIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFOusCydQ2jzkGS+FzweClWPT8QyDMB8GA1UdIwQYMBaAFBR0FWjkKW4qa7y5
Trkc04XkHHr0MA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvZDU3NDdj
MTk4MGJjYmVlZDU2Y2I1MTdjNjY3YTk2NmI4OTQ1Y2VlZS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvYWJmMTk1Y2UtYzQzZS00M2U2LTgyYmEtZDc3Njg5
NjgwNzg3L2JhYmY2YjIyZTVmYjlmOTBkMGE2ZjI1NjM2YWIyYjgzMmJhNDg5ZGYu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9hYmYxOTVjZS1jNDNlLTQzZTYtODJiYS1kNzc2
ODk2ODA3ODcvZDU3NDdjMTk4MGJjYmVlZDU2Y2I1MTdjNjY3YTk2NmI4OTQ1Y2Vl
ZS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAL7TeDANBgkqhkiG9w0BAQsFAAOCAQEAE9xk7iWghws887dl
DSeoJYyy9/lannFVaixR0Q0rD/DiSRFJeO1NEARkk9NOe7nlDlnevWJ3/8thwsix
48ta8dYyf64sUa6ae76ovmoW7PoEw221QSiKyJHbqGJ0re7Pj5oEUIeXIbDistXT
BoMifnN5WW5xI9KCRQdLnZzi6Q9xJ0BdcdxR0gY8XCCUeMLbErVLADh0S9zcws/g
2OlsMBrfxmU60E4lMHuDVujggTCXEzy6Y/CICAB3MiUtxapyoR9GStZZMfZSrju6
H1mrxeiACpy53mAMjFdzMv/VHu0hpkeWy32rZB11y35uoztiB8OHzOcRE6kw9XEm
3zG75Q==
-----END CERTIFICATE-----
Generated at Fri Mar 29 03:23:57 2024 by rpki-client on console-ams.rpki-client.org