Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/aca713f5-6cac-486e-a016-a3e8b31bf029/a24b3e41441ac860e7324a84c8c05c377745ed19.roa
File:                     a24b3e41441ac860e7324a84c8c05c377745ed19.roa (raw, json)
Hash identifier:          t1I8PNc115/e9SzrDhYVT6KOtX5G6b8M6R+g6648DUk=
Subject key identifier:   9B:C1:57:68:82:44:8D:55:1D:2F:86:23:0E:3E:B4:16:EF:B8:77:14
Certificate issuer:       /CN=1059e1e3317704575f2c0b750ee73b166a39cd37
Certificate serial:       0E7017
Authority key identifier: 80:F0:C7:27:4F:82:24:D1:E9:76:F3:80:E6:EF:32:CF:10:F8:9D:D3
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/1059e1e3317704575f2c0b750ee73b166a39cd37.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/aca713f5-6cac-486e-a016-a3e8b31bf029/a24b3e41441ac860e7324a84c8c05c377745ed19.roa
Signing time:             Wed 24 Mar 2021 14:38:32 +0000
ROA not before:           Wed 24 Mar 2021 14:38:31 +0000
ROA not after:            Tue 24 Mar 2026 14:38:31 +0000
asID:                     28011
IP address blocks:        181.113.160.0/20 maxlen: 24
                          181.196.168.0/21 maxlen: 24
                          181.211.168.0/21 maxlen: 24
                          181.211.192.0/21 maxlen: 24
                          181.112.0.0/21 maxlen: 24
                          181.113.184.0/21 maxlen: 24
                          186.47.216.0/21 maxlen: 24
                          190.214.64.0/21 maxlen: 24
                          181.112.16.0/21 maxlen: 24
                          181.112.24.0/21 maxlen: 24
                          181.112.96.0/21 maxlen: 24
                          181.112.128.0/21 maxlen: 24
                          181.113.72.0/21 maxlen: 24
                          181.113.80.0/21 maxlen: 24
                          181.113.88.0/21 maxlen: 24
                          181.196.32.0/21 maxlen: 24
                          181.211.16.0/21 maxlen: 24
                          181.211.24.0/21 maxlen: 24
                          181.211.72.0/21 maxlen: 24
                          181.211.88.0/21 maxlen: 24
                          181.211.116.0/22 maxlen: 24
                          181.211.120.0/21 maxlen: 24
                          181.211.152.0/21 maxlen: 24
                          181.211.224.0/21 maxlen: 24
                          181.211.232.0/21 maxlen: 24
                          186.42.116.0/24 maxlen: 24
                          186.42.236.0/22 maxlen: 24
                          186.47.248.0/21 maxlen: 24
                          186.178.56.0/21 maxlen: 24
                          190.152.132.0/22 maxlen: 24
                          190.152.136.0/21 maxlen: 24
                          190.152.240.0/22 maxlen: 24
                          190.214.88.0/21 maxlen: 24
                          190.214.116.0/22 maxlen: 24
                          190.214.152.0/21 maxlen: 24
                          200.73.204.0/22 maxlen: 24
                          200.107.26.0/23 maxlen: 24
                          200.107.32.0/23 maxlen: 24
                          200.107.40.0/21 maxlen: 24
                          200.125.240.0/23 maxlen: 24
                          200.125.242.0/23 maxlen: 24
                          181.113.176.0/21 maxlen: 24
                          181.113.208.0/21 maxlen: 24
                          181.196.208.0/20 maxlen: 24
                          181.211.136.0/21 maxlen: 24
                          186.178.13.0/24 maxlen: 24
                          186.178.14.0/24 maxlen: 24
                          186.178.24.0/21 maxlen: 24
                          186.178.172.0/22 maxlen: 24
                          186.178.176.0/21 maxlen: 24
                          186.178.184.0/21 maxlen: 24
                          190.11.10.0/24 maxlen: 24
                          190.152.41.0/24 maxlen: 24
                          190.152.192.0/24 maxlen: 24
                          190.214.112.0/22 maxlen: 24
                          190.214.168.0/22 maxlen: 24
                          190.214.172.0/22 maxlen: 24
                          190.214.192.0/21 maxlen: 24
                          190.214.200.0/21 maxlen: 24
                          190.214.224.0/21 maxlen: 24
                          200.107.11.0/24 maxlen: 24
                          200.107.53.0/24 maxlen: 24
                          200.125.203.0/24 maxlen: 24
                          181.196.64.0/21 maxlen: 24
                          181.211.64.0/21 maxlen: 24
                          186.178.104.0/21 maxlen: 24
                          190.152.48.0/23 maxlen: 24
                          190.152.50.0/23 maxlen: 24
                          190.152.56.0/22 maxlen: 24
                          186.47.168.0/21 maxlen: 24
                          186.178.72.0/21 maxlen: 24
                          190.152.40.0/24 maxlen: 24
                          181.112.112.0/21 maxlen: 21

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/aca713f5-6cac-486e-a016-a3e8b31bf029/1059e1e3317704575f2c0b750ee73b166a39cd37.crl
                          rsync://repository.lacnic.net/rpki/lacnic/aca713f5-6cac-486e-a016-a3e8b31bf029/1059e1e3317704575f2c0b750ee73b166a39cd37.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/1059e1e3317704575f2c0b750ee73b166a39cd37.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 12:22:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 946199 (0xe7017)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1059e1e3317704575f2c0b750ee73b166a39cd37
        Validity
            Not Before: Mar 24 14:38:31 2021 GMT
            Not After : Mar 24 14:38:31 2026 GMT
        Subject: CN=a24b3e41441ac860e7324a84c8c05c377745ed19
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:13:80:6b:8a:e7:c4:eb:a8:a9:78:0d:9d:4b:
                    f4:43:b2:92:9b:4a:ce:09:40:64:80:05:58:e7:da:
                    c5:0b:ca:03:28:42:b2:0d:41:f3:51:dc:bc:07:d8:
                    77:9d:3a:66:62:8e:00:b6:a9:04:09:de:37:49:4a:
                    e3:40:c5:ff:4a:72:53:b0:d8:29:75:d7:17:c6:7f:
                    22:f2:9e:6b:e8:37:29:13:10:ff:f4:39:d6:e4:07:
                    f5:9c:65:45:15:f2:2c:32:09:fa:1f:b6:73:1b:25:
                    7c:f4:5a:33:d9:cb:2f:14:3a:31:f6:eb:1e:14:bc:
                    57:12:c3:8f:c7:0f:3c:03:14:9a:78:60:ea:9a:17:
                    f7:ad:4a:85:ca:6b:ea:d2:43:72:44:eb:95:af:0e:
                    f3:29:37:64:60:bc:07:f6:c6:43:1b:33:fc:ae:24:
                    33:b3:ee:e3:0f:e1:7a:28:4b:52:32:b7:06:5f:4c:
                    95:52:8a:9e:e8:32:13:b0:99:2a:77:ea:35:a2:6c:
                    a8:db:a1:55:80:4d:ee:b3:8d:91:1b:b7:ad:db:b4:
                    e1:d0:b0:b3:31:04:9b:3b:43:11:5f:4a:1d:11:7f:
                    26:8d:2f:6a:21:9a:1a:38:24:90:6e:69:c0:a5:3c:
                    d2:52:35:84:6b:30:66:c9:90:1d:c2:03:86:09:32:
                    35:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9B:C1:57:68:82:44:8D:55:1D:2F:86:23:0E:3E:B4:16:EF:B8:77:14
            X509v3 Authority Key Identifier:
                keyid:80:F0:C7:27:4F:82:24:D1:E9:76:F3:80:E6:EF:32:CF:10:F8:9D:D3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/1059e1e3317704575f2c0b750ee73b166a39cd37.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/aca713f5-6cac-486e-a016-a3e8b31bf029/a24b3e41441ac860e7324a84c8c05c377745ed19.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/aca713f5-6cac-486e-a016-a3e8b31bf029/1059e1e3317704575f2c0b750ee73b166a39cd37.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  181.112.0.0/21
                  181.112.16.0/20
                  181.112.96.0/21
                  181.112.112.0/21
                  181.112.128.0/21
                  181.113.72.0-181.113.95.255
                  181.113.160.0/19
                  181.113.208.0/21
                  181.196.32.0/21
                  181.196.64.0/21
                  181.196.168.0/21
                  181.196.208.0/20
                  181.211.16.0/20
                  181.211.64.0/20
                  181.211.88.0/21
                  181.211.116.0-181.211.127.255
                  181.211.136.0/21
                  181.211.152.0/21
                  181.211.168.0/21
                  181.211.192.0/21
                  181.211.224.0/20
                  186.42.116.0/24
                  186.42.236.0/22
                  186.47.168.0/21
                  186.47.216.0/21
                  186.47.248.0/21
                  186.178.13.0-186.178.14.255
                  186.178.24.0/21
                  186.178.56.0/21
                  186.178.72.0/21
                  186.178.104.0/21
                  186.178.172.0-186.178.191.255
                  190.11.10.0/24
                  190.152.40.0/23
                  190.152.48.0/22
                  190.152.56.0/22
                  190.152.132.0-190.152.143.255
                  190.152.192.0/24
                  190.152.240.0/22
                  190.214.64.0/21
                  190.214.88.0/21
                  190.214.112.0/21
                  190.214.152.0/21
                  190.214.168.0/21
                  190.214.192.0/20
                  190.214.224.0/21
                  200.73.204.0/22
                  200.107.11.0/24
                  200.107.26.0/23
                  200.107.32.0/23
                  200.107.40.0/21
                  200.107.53.0/24
                  200.125.203.0/24
                  200.125.240.0/22

    Signature Algorithm: sha256WithRSAEncryption
         3f:e2:9c:35:57:97:74:fd:4d:9d:b3:34:eb:a6:19:86:6a:38:
         16:a2:79:7d:4f:63:f9:62:a6:b9:8b:60:0d:e8:6e:cb:40:68:
         ed:d8:7d:8b:8c:f0:0e:65:3c:9d:aa:52:55:63:42:5d:ca:a2:
         b4:a9:31:ef:5f:44:4b:94:71:5a:ab:db:30:d7:41:ca:a2:39:
         f3:a5:9a:37:5b:5c:d7:55:ea:a7:c4:47:1e:91:40:4f:e6:8f:
         07:5d:d9:40:f2:6d:c2:bf:f4:f5:48:48:7d:06:47:4c:ef:7b:
         f4:d2:83:1d:f0:df:d5:a6:3d:e4:14:80:ee:74:d2:2e:c4:75:
         dd:fd:fa:b6:a1:e4:da:f0:f0:fd:39:e9:12:68:83:ba:28:88:
         63:1a:75:c9:56:1a:b7:f8:b4:88:f2:11:e9:c8:c0:68:d7:63:
         91:1c:81:25:6d:b4:33:52:9b:ba:f4:0b:99:19:a3:44:7c:5d:
         d4:a1:e0:23:e1:73:bf:e1:d2:98:ce:35:f1:4f:02:48:38:c8:
         28:ea:e1:07:53:41:78:22:46:00:bd:c5:63:c6:64:72:44:12:
         ca:a9:f4:7f:0b:ae:ef:41:2e:c7:f5:f8:28:3e:15:fb:32:96:
         a8:a4:dd:e2:8e:71:d5:7c:49:43:61:cc:15:3c:be:90:f6:4c:
         4f:be:98:26
-----BEGIN CERTIFICATE-----
MIIGsDCCBZigAwIBAgIDDnAXMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDEw
NTllMWUzMzE3NzA0NTc1ZjJjMGI3NTBlZTczYjE2NmEzOWNkMzcwHhcNMjEwMzI0
MTQzODMxWhcNMjYwMzI0MTQzODMxWjAzMTEwLwYDVQQDEyhhMjRiM2U0MTQ0MWFj
ODYwZTczMjRhODRjOGMwNWMzNzc3NDVlZDE5MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAuBOAa4rnxOuoqXgNnUv0Q7KSm0rOCUBkgAVY59rFC8oDKEKy
DUHzUdy8B9h3nTpmYo4AtqkECd43SUrjQMX/SnJTsNgpddcXxn8i8p5r6DcpExD/
9DnW5Af1nGVFFfIsMgn6H7ZzGyV89Foz2csvFDox9useFLxXEsOPxw88AxSaeGDq
mhf3rUqFymvq0kNyROuVrw7zKTdkYLwH9sZDGzP8riQzs+7jD+F6KEtSMrcGX0yV
Uoqe6DITsJkqd+o1omyo26FVgE3us42RG7et27Th0LCzMQSbO0MRX0odEX8mjS9q
IZoaOCSQbmnApTzSUjWEazBmyZAdwgOGCTI1gQIDAQABo4IDyzCCA8cwHQYDVR0O
BBYEFJvBV2iCRI1VHS+GIw4+tBbvuHcUMB8GA1UdIwQYMBaAFIDwxydPgiTR6Xbz
gObvMs8Q+J3TMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvMTA1OWUx
ZTMzMTc3MDQ1NzVmMmMwYjc1MGVlNzNiMTY2YTM5Y2QzNy5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvYWNhNzEzZjUtNmNhYy00ODZlLWEwMTYtYTNlOGIz
MWJmMDI5L2EyNGIzZTQxNDQxYWM4NjBlNzMyNGE4NGM4YzA1YzM3Nzc0NWVkMTku
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9hY2E3MTNmNS02Y2FjLTQ4NmUtYTAxNi1hM2U4
YjMxYmYwMjkvMTA1OWUxZTMzMTc3MDQ1NzVmMmMwYjc1MGVlNzNiMTY2YTM5Y2Qz
Ny5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCCAY0GCCsGAQUFBwEHAQH/
BIIBfDCCAXgwggF0BAIAATCCAWwDBAO1cAADBAS1cBADBAO1cGADBAO1cHADBAO1
cIAwDAMEA7VxSAMEBbVxQAMEBbVxoAMEA7Vx0AMEA7XEIAMEA7XEQAMEA7XEqAME
BLXE0AMEBLXTEAMEBLXTQAMEA7XTWDAMAwQCtdN0AwQHtdMAAwQDtdOIAwQDtdOY
AwQDtdOoAwQDtdPAAwQEtdPgAwQAuip0AwQCuirsAwQDui+oAwQDui/YAwQDui/4
MAwDBAC6sg0DBAC6sg4DBAO6shgDBAO6sjgDBAO6skgDBAO6smgwDAMEArqyrAME
BrqygAMEAL4LCgMEAb6YKAMEAr6YMAMEAr6YODAMAwQCvpiEAwQEvpiAAwQAvpjA
AwQCvpjwAwQDvtZAAwQDvtZYAwQDvtZwAwQDvtaYAwQDvtaoAwQEvtbAAwQDvtbg
AwQCyEnMAwQAyGsLAwQByGsaAwQByGsgAwQDyGsoAwQAyGs1AwQAyH3LAwQCyH3w
MA0GCSqGSIb3DQEBCwUAA4IBAQA/4pw1V5d0/U2dszTrphmGajgWonl9T2P5Yqa5
i2AN6G7LQGjt2H2LjPAOZTydqlJVY0JdyqK0qTHvX0RLlHFaq9sw10HKojnzpZo3
W1zXVeqnxEcekUBP5o8HXdlA8m3Cv/T1SEh9BkdM73v00oMd8N/Vpj3kFIDudNIu
xHXd/fq2oeTa8PD9OekSaIO6KIhjGnXJVhq3+LSI8hHpyMBo12ORHIElbbQzUpu6
9AuZGaNEfF3UoeAj4XO/4dKYzjXxTwJIOMgo6uEHU0F4IkYAvcVjxmRyRBLKqfR/
C67vQS7H9fgoPhX7MpaopN3ijnHVfElDYcwVPL6Q9kxPvpgm
-----END CERTIFICATE-----
Generated at Thu Mar 28 16:04:19 2024 by rpki-client on console-ams.rpki-client.org