Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/b8300db2-a352-4df9-97b2-ac33a5ae14d8/ae40d33a4bf8987f075e9e2b26726072b668bcf7.roa
File:                     ae40d33a4bf8987f075e9e2b26726072b668bcf7.roa (raw, json)
Hash identifier:          d0JkKuIV0OZhRdXTDdN6TbXT9YK3GXrzxcNL0cRa+Uo=
Subject key identifier:   6E:FD:45:7C:38:AC:7E:24:F9:F6:0E:22:D2:B5:25:33:08:3D:C0:43
Certificate issuer:       /CN=0c4557be1a84f05a56a15cb22513acd961fb70fa
Certificate serial:       08A4DF
Authority key identifier: 6A:F8:BD:09:59:77:BC:67:70:C2:C2:34:20:F9:8A:39:EC:B6:12:16
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/0c4557be1a84f05a56a15cb22513acd961fb70fa.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/b8300db2-a352-4df9-97b2-ac33a5ae14d8/ae40d33a4bf8987f075e9e2b26726072b668bcf7.roa
Signing time:             Wed 24 Mar 2021 14:41:11 +0000
ROA not before:           Wed 24 Mar 2021 14:41:11 +0000
ROA not after:            Tue 24 Mar 2026 14:41:11 +0000
asID:                     267684
IP address blocks:        190.83.104.0/22 maxlen: 24
                          2803:aae0::/32 maxlen: 48

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/b8300db2-a352-4df9-97b2-ac33a5ae14d8/0c4557be1a84f05a56a15cb22513acd961fb70fa.crl
                          rsync://repository.lacnic.net/rpki/lacnic/b8300db2-a352-4df9-97b2-ac33a5ae14d8/0c4557be1a84f05a56a15cb22513acd961fb70fa.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/0c4557be1a84f05a56a15cb22513acd961fb70fa.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 12:22:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 566495 (0x8a4df)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0c4557be1a84f05a56a15cb22513acd961fb70fa
        Validity
            Not Before: Mar 24 14:41:11 2021 GMT
            Not After : Mar 24 14:41:11 2026 GMT
        Subject: CN=ae40d33a4bf8987f075e9e2b26726072b668bcf7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:1a:f5:9c:09:64:9c:ee:2b:49:b2:d9:07:7e:
                    f5:2d:f9:2b:a5:87:c2:cd:8d:12:5a:ff:f8:6d:84:
                    24:c0:6d:3f:70:33:9f:7f:c0:82:74:17:a0:0d:7e:
                    bd:3e:89:a1:02:68:16:aa:7c:9b:eb:79:56:54:44:
                    16:d1:bc:3c:09:fe:cc:bd:69:b3:d5:ed:1a:6e:ab:
                    5c:75:fa:f7:41:94:45:54:4d:97:3d:6a:ac:91:1a:
                    44:0f:37:51:34:c9:6c:7c:f9:03:10:3d:7f:e4:9b:
                    0b:44:5d:3f:89:db:14:df:bb:46:57:5c:8f:ee:a3:
                    25:28:b6:6f:df:47:70:63:f5:2e:e7:5f:4b:23:d6:
                    f2:81:01:ae:b0:e0:20:6b:99:2b:d1:cd:c2:0d:61:
                    2c:92:9b:73:5b:5d:9a:d6:f6:d7:07:7b:b3:2a:7a:
                    62:6e:28:68:c8:9a:bb:0e:76:f9:c4:d8:01:bb:bb:
                    91:6b:bb:09:9d:e1:c9:77:54:45:3f:e8:80:9c:70:
                    a5:b4:9e:9e:4d:74:32:fb:a8:55:15:42:98:88:b7:
                    22:e3:fd:96:2f:0a:46:72:ce:0f:56:99:ea:4a:d0:
                    10:c9:43:fb:5f:ab:4c:89:bd:bd:73:cd:e7:35:64:
                    63:6a:2c:1c:98:15:9c:66:41:19:35:2b:b7:66:8c:
                    11:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6E:FD:45:7C:38:AC:7E:24:F9:F6:0E:22:D2:B5:25:33:08:3D:C0:43
            X509v3 Authority Key Identifier:
                keyid:6A:F8:BD:09:59:77:BC:67:70:C2:C2:34:20:F9:8A:39:EC:B6:12:16

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/0c4557be1a84f05a56a15cb22513acd961fb70fa.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/b8300db2-a352-4df9-97b2-ac33a5ae14d8/ae40d33a4bf8987f075e9e2b26726072b668bcf7.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/b8300db2-a352-4df9-97b2-ac33a5ae14d8/0c4557be1a84f05a56a15cb22513acd961fb70fa.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.83.104.0/22
                IPv6:
                  2803:aae0::/32

    Signature Algorithm: sha256WithRSAEncryption
         47:1c:e2:57:6e:40:de:a8:e8:6a:15:c1:24:fe:d4:85:35:d8:
         b5:b2:43:d9:4e:9d:9f:02:89:b0:98:c3:3e:58:02:54:2e:68:
         d8:14:c4:de:00:c8:e2:f3:e7:e0:fd:8f:19:77:1c:7e:09:82:
         6c:73:7b:65:4c:2f:32:34:1b:77:30:1b:5d:c5:08:1c:97:6c:
         37:3a:90:1b:21:ff:cb:d5:ff:d1:97:8f:bd:12:dc:1b:03:73:
         c7:81:61:0f:55:40:0b:9d:bf:cf:1c:88:b1:60:53:5d:b4:12:
         38:74:f7:5d:cc:67:45:8e:d1:35:f2:15:cd:3f:b2:2c:b0:49:
         eb:f7:bc:ca:e0:95:96:41:b5:bc:b5:84:95:a4:45:86:0e:32:
         37:30:6e:b8:77:91:77:d4:9f:83:58:a1:ed:a3:2f:bd:f0:71:
         f5:76:94:8e:93:07:91:ab:ce:1e:60:f5:22:73:6e:53:98:2b:
         75:f3:77:e7:df:29:b9:60:68:f4:1c:be:a8:17:6c:75:d2:5f:
         3f:5e:de:4a:13:c3:5a:e0:08:7d:1e:d7:f9:58:2c:76:63:c1:
         2a:dc:56:d4:96:95:7d:a5:e8:3c:80:68:4c:64:2c:e2:4d:fe:
         e7:02:ef:77:11:56:09:79:ec:97:5c:f9:26:75:ee:59:2c:ea:
         2d:b8:b3:dc
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgIDCKTfMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDBj
NDU1N2JlMWE4NGYwNWE1NmExNWNiMjI1MTNhY2Q5NjFmYjcwZmEwHhcNMjEwMzI0
MTQ0MTExWhcNMjYwMzI0MTQ0MTExWjAzMTEwLwYDVQQDEyhhZTQwZDMzYTRiZjg5
ODdmMDc1ZTllMmIyNjcyNjA3MmI2NjhiY2Y3MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAvBr1nAlknO4rSbLZB371LfkrpYfCzY0SWv/4bYQkwG0/cDOf
f8CCdBegDX69PomhAmgWqnyb63lWVEQW0bw8Cf7MvWmz1e0abqtcdfr3QZRFVE2X
PWqskRpEDzdRNMlsfPkDED1/5JsLRF0/idsU37tGV1yP7qMlKLZv30dwY/Uu519L
I9bygQGusOAga5kr0c3CDWEskptzW12a1vbXB3uzKnpibihoyJq7Dnb5xNgBu7uR
a7sJneHJd1RFP+iAnHCltJ6eTXQy+6hVFUKYiLci4/2WLwpGcs4PVpnqStAQyUP7
X6tMib29c83nNWRjaiwcmBWcZkEZNSu3ZowRywIDAQABo4ICajCCAmYwHQYDVR0O
BBYEFG79RXw4rH4k+fYOItK1JTMIPcBDMB8GA1UdIwQYMBaAFGr4vQlZd7xncMLC
NCD5ijnsthIWMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvMGM0NTU3
YmUxYTg0ZjA1YTU2YTE1Y2IyMjUxM2FjZDk2MWZiNzBmYS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvYjgzMDBkYjItYTM1Mi00ZGY5LTk3YjItYWMzM2E1
YWUxNGQ4L2FlNDBkMzNhNGJmODk4N2YwNzVlOWUyYjI2NzI2MDcyYjY2OGJjZjcu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9iODMwMGRiMi1hMzUyLTRkZjktOTdiMi1hYzMz
YTVhZTE0ZDgvMGM0NTU3YmUxYTg0ZjA1YTU2YTE1Y2IyMjUxM2FjZDk2MWZiNzBm
YS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQf
MB0wDAQCAAEwBgMEAr5TaDANBAIAAjAHAwUAKAOq4DANBgkqhkiG9w0BAQsFAAOC
AQEARxziV25A3qjoahXBJP7UhTXYtbJD2U6dnwKJsJjDPlgCVC5o2BTE3gDI4vPn
4P2PGXccfgmCbHN7ZUwvMjQbdzAbXcUIHJdsNzqQGyH/y9X/0ZePvRLcGwNzx4Fh
D1VAC52/zxyIsWBTXbQSOHT3XcxnRY7RNfIVzT+yLLBJ6/e8yuCVlkG1vLWElaRF
hg4yNzBuuHeRd9Sfg1ih7aMvvfBx9XaUjpMHkavOHmD1InNuU5grdfN3598puWBo
9By+qBdsddJfP17eShPDWuAIfR7X+VgsdmPBKtxW1JaVfaXoPIBoTGQs4k3+5wLv
dxFWCXnsl1z5JnXuWSzqLbiz3A==
-----END CERTIFICATE-----
Generated at Thu Mar 28 16:04:21 2024 by rpki-client on console-ams.rpki-client.org