Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/abf195ce-c43e-43e6-82ba-d77689680787/c2780fbf70746ec36b1720a21f442a1f5662813a.roa
File:                     c2780fbf70746ec36b1720a21f442a1f5662813a.roa (raw, json)
Hash identifier:          jYFF3vFVRyPhdjgOcdvBUrUNl1FqwaCucyoNaf2RW4U=
Subject key identifier:   A8:43:84:FD:01:AE:55:01:DF:3C:03:C9:EC:D5:E3:71:88:C1:C9:BF
Certificate issuer:       /CN=d5747c1980bcbeed56cb517c667a966b8945ceee
Certificate serial:       1A6530
Authority key identifier: 14:74:15:68:E4:29:6E:2A:6B:BC:B9:4E:B9:1C:D3:85:E4:1C:7A:F4
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/d5747c1980bcbeed56cb517c667a966b8945ceee.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/abf195ce-c43e-43e6-82ba-d77689680787/c2780fbf70746ec36b1720a21f442a1f5662813a.roa
Signing time:             Wed 07 Sep 2022 22:19:19 +0000
ROA not before:           Wed 07 Sep 2022 20:49:37 +0000
ROA not after:            Sat 07 Sep 2024 20:49:37 +0000
asID:                     262145
IP address blocks:        190.211.101.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/abf195ce-c43e-43e6-82ba-d77689680787/d5747c1980bcbeed56cb517c667a966b8945ceee.crl
                          rsync://repository.lacnic.net/rpki/lacnic/abf195ce-c43e-43e6-82ba-d77689680787/d5747c1980bcbeed56cb517c667a966b8945ceee.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/d5747c1980bcbeed56cb517c667a966b8945ceee.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 03:49:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1729840 (0x1a6530)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d5747c1980bcbeed56cb517c667a966b8945ceee
        Validity
            Not Before: Sep  7 20:49:37 2022 GMT
            Not After : Sep  7 20:49:37 2024 GMT
        Subject: CN=c2780fbf70746ec36b1720a21f442a1f5662813a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:b8:15:8a:35:a6:73:f3:d9:90:78:93:5d:82:
                    0d:76:b9:88:84:d9:fc:41:ef:9d:74:07:6c:72:e7:
                    03:4d:7f:1e:2c:8d:6f:b6:a0:4b:59:84:4f:6a:e8:
                    59:1f:92:d9:d4:b7:8e:4f:90:ea:41:df:0c:ee:8e:
                    74:27:fd:65:55:59:b7:cb:c4:8b:ac:27:d4:43:80:
                    4e:3f:f7:f0:86:97:31:73:96:00:c2:8c:ad:28:22:
                    18:28:23:06:9c:40:62:9d:ab:c0:b2:69:37:11:89:
                    4d:a4:cc:36:ea:2b:7a:cf:58:c9:05:20:74:92:e0:
                    65:d1:82:6e:e9:98:5d:7a:bd:cd:7b:3d:0e:b1:70:
                    19:1a:5e:24:76:ee:fd:6f:7c:57:50:fb:72:f7:48:
                    b2:b9:b9:1b:c4:3a:d4:94:5f:71:da:36:0e:04:5b:
                    f8:c8:3f:36:7c:44:2e:01:10:6c:bb:43:5f:60:98:
                    60:ca:51:95:3f:5a:ca:03:dc:fd:e6:36:f3:11:13:
                    5a:fa:aa:86:e8:92:df:d4:46:e6:32:dc:0a:92:64:
                    1e:fa:a2:db:2a:94:17:95:76:cc:42:3f:6b:1e:87:
                    ea:ea:a9:d6:1b:d1:67:44:e7:d0:7a:7b:65:a6:a0:
                    07:b3:b0:85:9e:b7:aa:52:e6:2a:dc:e9:c8:50:01:
                    2b:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A8:43:84:FD:01:AE:55:01:DF:3C:03:C9:EC:D5:E3:71:88:C1:C9:BF
            X509v3 Authority Key Identifier:
                keyid:14:74:15:68:E4:29:6E:2A:6B:BC:B9:4E:B9:1C:D3:85:E4:1C:7A:F4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/d5747c1980bcbeed56cb517c667a966b8945ceee.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/abf195ce-c43e-43e6-82ba-d77689680787/c2780fbf70746ec36b1720a21f442a1f5662813a.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/abf195ce-c43e-43e6-82ba-d77689680787/d5747c1980bcbeed56cb517c667a966b8945ceee.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.211.101.0/24

    Signature Algorithm: sha256WithRSAEncryption
         77:79:8b:72:0b:18:22:67:83:ce:87:12:fb:81:ef:10:d9:bf:
         53:af:3a:56:38:8f:5c:87:5c:0f:07:fa:31:fa:62:16:47:65:
         4d:75:24:da:5b:03:13:cf:40:6a:c0:4c:00:e9:41:00:a7:b2:
         b1:3f:b3:e6:c9:ba:08:eb:a1:0d:6d:0d:17:1d:30:c3:cf:5e:
         d8:19:3b:26:8f:0b:90:e9:27:30:c6:bf:e0:6a:98:10:36:90:
         96:f7:49:68:70:a4:9d:74:df:f8:c4:2d:8a:54:4e:ca:27:f6:
         98:6a:9e:c1:65:af:a0:4e:cf:c4:ad:d6:fe:3d:0e:08:45:97:
         f6:99:70:59:60:5c:e7:85:53:5e:f8:b7:1f:2f:e4:e1:19:cd:
         fd:9a:4b:80:60:5d:81:75:cd:33:a3:ba:ab:81:25:31:2c:77:
         1a:3c:37:7c:65:03:7a:66:d3:5f:82:e2:d3:2c:b2:53:3b:31:
         58:d4:0a:13:fc:dc:54:fa:c5:d3:e9:09:de:a6:2b:19:db:40:
         7a:59:ac:8f:40:16:55:5e:7e:fe:55:2b:d1:16:d4:c0:02:83:
         f3:a3:34:87:dc:22:88:cb:e3:4a:6d:75:d4:bc:b3:d9:5c:c8:
         51:ef:dd:e6:47:df:98:5b:86:8d:64:d7:c9:fd:b3:1b:21:90:
         8a:ee:e6:39
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDGmUwMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGQ1
NzQ3YzE5ODBiY2JlZWQ1NmNiNTE3YzY2N2E5NjZiODk0NWNlZWUwHhcNMjIwOTA3
MjA0OTM3WhcNMjQwOTA3MjA0OTM3WjAzMTEwLwYDVQQDEyhjMjc4MGZiZjcwNzQ2
ZWMzNmIxNzIwYTIxZjQ0MmExZjU2NjI4MTNhMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAkLgVijWmc/PZkHiTXYINdrmIhNn8Qe+ddAdscucDTX8eLI1v
tqBLWYRPauhZH5LZ1LeOT5DqQd8M7o50J/1lVVm3y8SLrCfUQ4BOP/fwhpcxc5YA
woytKCIYKCMGnEBinavAsmk3EYlNpMw26it6z1jJBSB0kuBl0YJu6Zhder3Nez0O
sXAZGl4kdu79b3xXUPty90iyubkbxDrUlF9x2jYOBFv4yD82fEQuARBsu0NfYJhg
ylGVP1rKA9z95jbzERNa+qqG6JLf1EbmMtwKkmQe+qLbKpQXlXbMQj9rHofq6qnW
G9FnROfQentlpqAHs7CFnreqUuYq3OnIUAErnwIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFKhDhP0BrlUB3zwDyezV43GIwcm/MB8GA1UdIwQYMBaAFBR0FWjkKW4qa7y5
Trkc04XkHHr0MA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvZDU3NDdj
MTk4MGJjYmVlZDU2Y2I1MTdjNjY3YTk2NmI4OTQ1Y2VlZS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvYWJmMTk1Y2UtYzQzZS00M2U2LTgyYmEtZDc3Njg5
NjgwNzg3L2MyNzgwZmJmNzA3NDZlYzM2YjE3MjBhMjFmNDQyYTFmNTY2MjgxM2Eu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9hYmYxOTVjZS1jNDNlLTQzZTYtODJiYS1kNzc2
ODk2ODA3ODcvZDU3NDdjMTk4MGJjYmVlZDU2Y2I1MTdjNjY3YTk2NmI4OTQ1Y2Vl
ZS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAL7TZTANBgkqhkiG9w0BAQsFAAOCAQEAd3mLcgsYImeDzocS
+4HvENm/U686VjiPXIdcDwf6MfpiFkdlTXUk2lsDE89AasBMAOlBAKeysT+z5sm6
COuhDW0NFx0ww89e2Bk7Jo8LkOknMMa/4GqYEDaQlvdJaHCknXTf+MQtilROyif2
mGqewWWvoE7PxK3W/j0OCEWX9plwWWBc54VTXvi3Hy/k4RnN/ZpLgGBdgXXNM6O6
q4ElMSx3Gjw3fGUDembTX4Li0yyyUzsxWNQKE/zcVPrF0+kJ3qYrGdtAelmsj0AW
VV5+/lUr0RbUwAKD86M0h9wiiMvjSm111Lyz2VzIUe/d5kffmFuGjWTXyf2zGyGQ
iu7mOQ==
-----END CERTIFICATE-----
Generated at Thu Mar 28 08:12:28 2024 by rpki-client on console-ams.rpki-client.org