Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/b3e5dd9e-bbca-4c49-92f5-8c6751165e92/ae40603a4449640fa8ccd6929d814afc67534ece.roa
File:                     ae40603a4449640fa8ccd6929d814afc67534ece.roa (raw, json)
Hash identifier:          61h95N0qKKHvVjycYtPLqNQc6YCGGJv4hoOCyv/NuBE=
Subject key identifier:   A1:93:35:8C:14:3A:0F:6D:0B:44:46:A4:67:27:9A:61:F0:1A:38:9E
Certificate issuer:       /CN=337d330947d264c81b4503df3b1ef67d45cc2dc4
Certificate serial:       1C48AE
Authority key identifier: 61:B6:8D:FD:87:EB:CE:D6:CA:2B:24:E2:AA:8F:F7:07:DA:63:5E:19
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/337d330947d264c81b4503df3b1ef67d45cc2dc4.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/b3e5dd9e-bbca-4c49-92f5-8c6751165e92/ae40603a4449640fa8ccd6929d814afc67534ece.roa
Signing time:             Thu 22 Sep 2022 21:00:54 +0000
ROA not before:           Thu 22 Sep 2022 20:56:55 +0000
ROA not after:            Sun 22 Sep 2024 20:56:55 +0000
asID:                     22368
IP address blocks:        190.13.0.0/22 maxlen: 22
                          190.13.4.0/23 maxlen: 23
                          190.13.6.0/23 maxlen: 23
                          190.13.8.0/22 maxlen: 22
                          190.13.12.0/23 maxlen: 23
                          190.13.14.0/23 maxlen: 23
                          190.13.24.0/21 maxlen: 21

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/b3e5dd9e-bbca-4c49-92f5-8c6751165e92/337d330947d264c81b4503df3b1ef67d45cc2dc4.crl
                          rsync://repository.lacnic.net/rpki/lacnic/b3e5dd9e-bbca-4c49-92f5-8c6751165e92/337d330947d264c81b4503df3b1ef67d45cc2dc4.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/337d330947d264c81b4503df3b1ef67d45cc2dc4.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 18 Mar 2023 09:49:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1853614 (0x1c48ae)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=337d330947d264c81b4503df3b1ef67d45cc2dc4
        Validity
            Not Before: Sep 22 20:56:55 2022 GMT
            Not After : Sep 22 20:56:55 2024 GMT
        Subject: CN=ae40603a4449640fa8ccd6929d814afc67534ece
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:81:7b:d5:eb:2f:5a:55:31:ab:2c:1a:10:21:de:
                    32:a9:fd:96:07:8b:37:b6:e8:a4:c0:ff:84:3b:ed:
                    2a:2d:9d:5a:a0:4d:67:6e:c3:6a:66:95:79:01:96:
                    49:ee:ae:f8:54:d8:e9:87:35:64:e6:22:66:33:ff:
                    ec:24:f8:93:71:43:e1:8b:91:6b:52:29:6b:f8:52:
                    4a:8c:67:5a:d5:c9:6c:e6:b7:56:cf:f7:55:b0:98:
                    d4:4e:38:d9:21:b7:fe:95:40:56:5e:5d:90:32:b5:
                    65:b1:47:d0:09:5e:fc:8d:9d:1d:e9:06:97:3b:49:
                    c4:8c:39:44:f3:4f:bb:10:9d:82:a3:3b:81:e2:2b:
                    e2:d2:b3:a7:60:ee:f9:93:aa:d5:33:99:b1:30:f6:
                    d2:72:46:66:22:e5:8b:98:24:e9:49:97:f3:86:14:
                    81:8d:25:7e:30:a3:f5:a7:45:73:6c:fa:d5:95:f6:
                    84:3f:77:46:c5:bf:d3:c5:73:1b:eb:a6:61:0f:19:
                    67:d6:97:bc:b4:26:cc:dc:a0:26:70:72:8d:4c:0b:
                    f1:18:07:f9:8f:5a:a1:6d:80:10:88:84:69:54:22:
                    69:9a:1e:66:f0:87:f9:9e:35:ab:c4:a5:dc:33:6a:
                    45:9d:c7:f1:58:1b:26:74:29:f4:cb:c8:b4:29:ae:
                    ad:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                A1:93:35:8C:14:3A:0F:6D:0B:44:46:A4:67:27:9A:61:F0:1A:38:9E
            X509v3 Authority Key Identifier: 
                keyid:61:B6:8D:FD:87:EB:CE:D6:CA:2B:24:E2:AA:8F:F7:07:DA:63:5E:19

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/337d330947d264c81b4503df3b1ef67d45cc2dc4.cer

            Subject Information Access: 
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/b3e5dd9e-bbca-4c49-92f5-8c6751165e92/ae40603a4449640fa8ccd6929d814afc67534ece.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/b3e5dd9e-bbca-4c49-92f5-8c6751165e92/337d330947d264c81b4503df3b1ef67d45cc2dc4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.13.0.0/20
                  190.13.24.0/21

    Signature Algorithm: sha256WithRSAEncryption
         1e:0e:b7:8d:1a:b3:d1:a1:c3:71:59:9b:2a:3b:87:5b:14:67:
         a3:6e:23:e2:08:2b:ea:19:8d:88:a5:08:2d:e8:5d:8a:f8:b4:
         91:8b:35:ef:e5:40:f6:05:9e:5c:d8:8a:29:bd:db:42:b2:f2:
         12:07:11:26:15:35:d1:61:00:24:9b:6a:b9:63:99:61:57:c9:
         18:f4:5f:c4:a7:db:19:80:df:22:d6:7a:3a:73:6f:46:5c:03:
         b2:a7:70:cd:31:0b:50:b9:b7:87:42:08:ec:26:52:b1:4b:6d:
         6a:2e:78:8d:54:e6:e2:ef:c3:e1:dd:ad:75:44:2f:28:e5:71:
         4b:77:6a:48:b6:bb:2f:85:9d:fa:21:8f:f1:33:48:b3:53:a3:
         cf:5d:9d:28:01:40:5f:f6:6a:5e:3e:91:5c:f8:37:4f:f8:0b:
         4f:5a:28:e9:53:78:52:17:f2:40:e8:97:9c:7e:cd:e5:2c:a5:
         cd:b0:2b:fe:a2:be:3a:ae:c8:bb:88:fd:81:3f:d9:75:b2:29:
         a5:a9:0e:79:fe:18:91:c5:10:8c:95:25:57:82:8b:c7:5b:cc:
         39:79:64:c0:65:95:45:e8:3a:2c:fa:f1:51:a1:78:c8:75:31:
         86:a2:2d:27:11:36:d6:b8:8a:4a:c6:b1:4d:06:85:c7:63:e6:
         9b:00:e6:58
-----BEGIN CERTIFICATE-----
MIIFRjCCBC6gAwIBAgIDHEiuMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDMz
N2QzMzA5NDdkMjY0YzgxYjQ1MDNkZjNiMWVmNjdkNDVjYzJkYzQwHhcNMjIwOTIy
MjA1NjU1WhcNMjQwOTIyMjA1NjU1WjAzMTEwLwYDVQQDEyhhZTQwNjAzYTQ0NDk2
NDBmYThjY2Q2OTI5ZDgxNGFmYzY3NTM0ZWNlMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAgXvV6y9aVTGrLBoQId4yqf2WB4s3tuikwP+EO+0qLZ1aoE1n
bsNqZpV5AZZJ7q74VNjphzVk5iJmM//sJPiTcUPhi5FrUilr+FJKjGda1cls5rdW
z/dVsJjUTjjZIbf+lUBWXl2QMrVlsUfQCV78jZ0d6QaXO0nEjDlE80+7EJ2CozuB
4ivi0rOnYO75k6rVM5mxMPbSckZmIuWLmCTpSZfzhhSBjSV+MKP1p0VzbPrVlfaE
P3dGxb/TxXMb66ZhDxln1pe8tCbM3KAmcHKNTAvxGAf5j1qhbYAQiIRpVCJpmh5m
8If5njWrxKXcM2pFncfxWBsmdCn0y8i0Ka6tAwIDAQABo4ICYTCCAl0wHQYDVR0O
BBYEFKGTNYwUOg9tC0RGpGcnmmHwGjieMB8GA1UdIwQYMBaAFGG2jf2H687Wyisk
4qqP9wfaY14ZMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvMzM3ZDMz
MDk0N2QyNjRjODFiNDUwM2RmM2IxZWY2N2Q0NWNjMmRjNC5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvYjNlNWRkOWUtYmJjYS00YzQ5LTkyZjUtOGM2NzUx
MTY1ZTkyL2FlNDA2MDNhNDQ0OTY0MGZhOGNjZDY5MjlkODE0YWZjNjc1MzRlY2Uu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9iM2U1ZGQ5ZS1iYmNhLTRjNDktOTJmNS04YzY3
NTExNjVlOTIvMzM3ZDMzMDk0N2QyNjRjODFiNDUwM2RmM2IxZWY2N2Q0NWNjMmRj
NC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQW
MBQwEgQCAAEwDAMEBL4NAAMEA74NGDANBgkqhkiG9w0BAQsFAAOCAQEAHg63jRqz
0aHDcVmbKjuHWxRno24j4ggr6hmNiKUILehdivi0kYs17+VA9gWeXNiKKb3bQrLy
EgcRJhU10WEAJJtquWOZYVfJGPRfxKfbGYDfItZ6OnNvRlwDsqdwzTELULm3h0II
7CZSsUttai54jVTm4u/D4d2tdUQvKOVxS3dqSLa7L4Wd+iGP8TNIs1Ojz12dKAFA
X/ZqXj6RXPg3T/gLT1oo6VN4UhfyQOiXnH7N5SylzbAr/qK+Oq7Iu4j9gT/ZdbIp
pakOef4YkcUQjJUlV4KLx1vMOXlkwGWVReg6LPrxUaF4yHUxhqItJxE21riKSsax
TQaFx2PmmwDmWA==
-----END CERTIFICATE-----
Generated at Wed Mar 15 11:46:51 2023 by rpki-client on console-fra.rpki-client.org