Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/b7e2cbcb-4e1e-4451-ba9f-b839acb5a75f/232510f842e7a7babe1b574039268600a15890f1.roa
File:                     232510f842e7a7babe1b574039268600a15890f1.roa (raw, json)
Hash identifier:          UvhvL+Yjfy/EZTNLISV+LQS2aSPsnGk5FnAP3OvBGp4=
Subject key identifier:   C7:7C:D7:2E:E2:EA:E0:F3:6F:C8:E4:57:CC:2C:0A:46:94:A3:AB:B1
Certificate issuer:       /CN=c376ce9732a7f8438a8728863d42624058e18390
Certificate serial:       0DB886
Authority key identifier: D1:A6:22:E9:31:1A:89:37:4E:F7:42:9E:B6:EB:2C:D4:16:A2:54:92
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/c376ce9732a7f8438a8728863d42624058e18390.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/b7e2cbcb-4e1e-4451-ba9f-b839acb5a75f/232510f842e7a7babe1b574039268600a15890f1.roa
Signing time:             Wed 24 Mar 2021 14:35:27 +0000
ROA not before:           Wed 24 Mar 2021 14:35:25 +0000
ROA not after:            Tue 24 Mar 2026 14:35:25 +0000
asID:                     18747
IP address blocks:        190.60.0.0/16 maxlen: 24
                          190.61.0.0/19 maxlen: 24
                          190.61.64.0/18 maxlen: 24
                          190.61.128.0/17 maxlen: 24
                          200.61.128.0/19 maxlen: 24
                          200.80.0.0/18 maxlen: 24
                          200.91.192.0/19 maxlen: 24
                          200.91.224.0/19 maxlen: 24
                          200.110.128.0/19 maxlen: 24
                          201.217.192.0/19 maxlen: 24
                          2802::/30 maxlen: 42

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/b7e2cbcb-4e1e-4451-ba9f-b839acb5a75f/c376ce9732a7f8438a8728863d42624058e18390.crl
                          rsync://repository.lacnic.net/rpki/lacnic/b7e2cbcb-4e1e-4451-ba9f-b839acb5a75f/c376ce9732a7f8438a8728863d42624058e18390.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/c376ce9732a7f8438a8728863d42624058e18390.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 12:22:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 899206 (0xdb886)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c376ce9732a7f8438a8728863d42624058e18390
        Validity
            Not Before: Mar 24 14:35:25 2021 GMT
            Not After : Mar 24 14:35:25 2026 GMT
        Subject: CN=232510f842e7a7babe1b574039268600a15890f1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:81:10:83:69:d4:f0:3b:f5:eb:dc:89:66:da:61:
                    3e:01:7d:9c:fe:36:5e:e3:10:17:aa:38:37:23:6d:
                    c9:30:85:61:6d:e9:2b:57:59:c0:6b:46:2f:8e:19:
                    f4:18:d4:85:3d:8e:e8:50:f8:31:51:e5:8b:f4:e2:
                    20:ce:dc:31:8f:c5:02:cb:3a:46:e2:f7:62:33:9f:
                    b7:3f:1c:b9:f8:ae:70:66:2e:15:d8:dc:9a:92:5e:
                    ad:71:0d:31:80:3d:bc:39:bb:e3:fd:00:3e:57:b2:
                    03:8b:5c:ac:d5:6c:60:53:49:b6:74:54:ac:ea:8f:
                    85:64:d1:db:6c:41:bc:49:4c:fe:a9:8e:9e:9f:3d:
                    78:45:8b:55:db:54:3a:92:6f:b1:2f:8c:fb:27:c2:
                    fa:ce:b0:80:9c:dc:1c:d1:53:f7:da:30:ac:a4:57:
                    a0:f5:53:d1:6c:fe:b0:92:65:65:0d:54:42:b0:71:
                    8a:95:93:30:af:8d:89:74:1a:7b:98:e4:6d:49:04:
                    7c:f6:56:e5:bd:80:10:e7:91:12:ce:97:98:7c:a4:
                    ff:9d:86:e4:4d:be:47:65:37:27:1f:4b:6f:02:c7:
                    ff:b1:cb:44:b6:80:c4:b0:2e:16:2b:76:70:06:c6:
                    b2:37:8f:5c:55:33:3a:6c:ee:a3:f5:9f:7f:e2:08:
                    d9:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C7:7C:D7:2E:E2:EA:E0:F3:6F:C8:E4:57:CC:2C:0A:46:94:A3:AB:B1
            X509v3 Authority Key Identifier:
                keyid:D1:A6:22:E9:31:1A:89:37:4E:F7:42:9E:B6:EB:2C:D4:16:A2:54:92

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/c376ce9732a7f8438a8728863d42624058e18390.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/b7e2cbcb-4e1e-4451-ba9f-b839acb5a75f/232510f842e7a7babe1b574039268600a15890f1.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/b7e2cbcb-4e1e-4451-ba9f-b839acb5a75f/c376ce9732a7f8438a8728863d42624058e18390.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.60.0.0-190.61.31.255
                  190.61.64.0-190.61.255.255
                  200.61.128.0/19
                  200.80.0.0/18
                  200.91.192.0/18
                  200.110.128.0/19
                  201.217.192.0/19
                IPv6:
                  2802::/30

    Signature Algorithm: sha256WithRSAEncryption
         75:a0:5c:7a:d6:01:c7:5b:54:94:e3:86:2d:f0:37:1d:8c:5e:
         3b:2b:50:45:c5:b4:5f:18:79:1f:19:0f:83:c3:11:57:9a:a7:
         e8:98:cd:6c:5e:7b:d0:f6:9e:08:47:48:61:4c:be:44:30:0e:
         f5:44:21:d6:36:0d:b4:ba:59:60:03:1b:e7:e9:a9:3e:ff:41:
         1a:8b:5f:18:e2:cd:91:a5:39:c9:9b:90:47:19:46:f0:86:30:
         70:e1:c0:dd:f1:ce:4c:b1:93:8f:90:2e:3f:d5:90:32:7e:74:
         22:63:6e:c0:de:0a:7f:c6:f3:74:8f:c1:d0:8a:f3:2f:24:8b:
         ae:47:25:3f:7b:5c:40:bd:54:72:9b:ac:d7:d2:26:1f:fb:ae:
         82:5a:46:41:bb:d4:26:c9:b2:85:77:b3:f8:5e:bd:0f:75:29:
         e5:3e:9c:cc:20:c4:29:10:71:e3:49:d6:08:b4:cb:97:62:28:
         fa:fc:53:60:72:df:50:df:0e:aa:0b:a7:3c:da:b7:42:7c:c2:
         a0:67:f7:b5:46:6b:7a:78:2c:11:06:ca:4d:d3:37:78:c1:e4:
         2d:af:a1:4e:e1:c2:8e:5a:42:5a:bf:4a:d6:5f:8e:c5:ae:69:
         26:aa:8f:fe:de:fe:86:4c:f3:0a:12:71:68:e4:43:f8:9b:ea:
         f1:18:cd:dc
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDDbiGMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGMz
NzZjZTk3MzJhN2Y4NDM4YTg3Mjg4NjNkNDI2MjQwNThlMTgzOTAwHhcNMjEwMzI0
MTQzNTI1WhcNMjYwMzI0MTQzNTI1WjAzMTEwLwYDVQQDEygyMzI1MTBmODQyZTdh
N2JhYmUxYjU3NDAzOTI2ODYwMGExNTg5MGYxMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAgRCDadTwO/Xr3Ilm2mE+AX2c/jZe4xAXqjg3I23JMIVhbekr
V1nAa0Yvjhn0GNSFPY7oUPgxUeWL9OIgztwxj8UCyzpG4vdiM5+3Pxy5+K5wZi4V
2Nyakl6tcQ0xgD28Obvj/QA+V7IDi1ys1WxgU0m2dFSs6o+FZNHbbEG8SUz+qY6e
nz14RYtV21Q6km+xL4z7J8L6zrCAnNwc0VP32jCspFeg9VPRbP6wkmVlDVRCsHGK
lZMwr42JdBp7mORtSQR89lblvYAQ55ESzpeYfKT/nYbkTb5HZTcnH0tvAsf/sctE
toDEsC4WK3ZwBsayN49cVTM6bO6j9Z9/4gjZnwIDAQABo4ICnDCCApgwHQYDVR0O
BBYEFMd81y7i6uDzb8jkV8wsCkaUo6uxMB8GA1UdIwQYMBaAFNGmIukxGok3TvdC
nrbrLNQWolSSMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYzM3NmNl
OTczMmE3Zjg0MzhhODcyODg2M2Q0MjYyNDA1OGUxODM5MC5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvYjdlMmNiY2ItNGUxZS00NDUxLWJhOWYtYjgzOWFj
YjVhNzVmLzIzMjUxMGY4NDJlN2E3YmFiZTFiNTc0MDM5MjY4NjAwYTE1ODkwZjEu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9iN2UyY2JjYi00ZTFlLTQ0NTEtYmE5Zi1iODM5
YWNiNWE3NWYvYzM3NmNlOTczMmE3Zjg0MzhhODcyODg2M2Q0MjYyNDA1OGUxODM5
MC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBgBggrBgEFBQcBBwEB/wRR
ME8wPgQCAAEwODALAwMCvjwDBAW+PQAwCwMEBr49QAMDAb48AwQFyD2AAwQGyFAA
AwQGyFvAAwQFyG6AAwQFydnAMA0EAgACMAcDBQIoAgAAMA0GCSqGSIb3DQEBCwUA
A4IBAQB1oFx61gHHW1SU44Yt8DcdjF47K1BFxbRfGHkfGQ+DwxFXmqfomM1sXnvQ
9p4IR0hhTL5EMA71RCHWNg20ullgAxvn6ak+/0Eai18Y4s2RpTnJm5BHGUbwhjBw
4cDd8c5MsZOPkC4/1ZAyfnQiY27A3gp/xvN0j8HQivMvJIuuRyU/e1xAvVRym6zX
0iYf+66CWkZBu9QmybKFd7P4Xr0PdSnlPpzMIMQpEHHjSdYItMuXYij6/FNgct9Q
3w6qC6c82rdCfMKgZ/e1Rmt6eCwRBspN0zd4weQtr6FO4cKOWkJav0rWX47Frmkm
qo/+3v6GTPMKEnFo5EP4m+rxGM3c
-----END CERTIFICATE-----
Generated at Thu Mar 28 13:29:26 2024 by rpki-client on console-ams.rpki-client.org