Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/b90d366e-81db-4e80-b957-ecd5dd1b8962/9d0ab7a377f0a08aae022abc7474e5005711869d.roa
File:                     9d0ab7a377f0a08aae022abc7474e5005711869d.roa (raw, json)
Hash identifier:          6BXwlXAubGxT/zzfIU5k93CnmJz2o+2BaskuEw97wjo=
Subject key identifier:   33:F6:8C:B1:AA:BE:6D:2E:DB:26:7E:6E:03:8D:20:92:A9:CC:E1:87
Certificate issuer:       /CN=bc1653f5626148be949e9c524f2d574ea20a5285
Certificate serial:       0A0AFB
Authority key identifier: 3B:7E:D5:EC:E4:76:69:5B:40:08:C7:8E:95:5D:30:7B:B5:96:8A:0D
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/bc1653f5626148be949e9c524f2d574ea20a5285.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/b90d366e-81db-4e80-b957-ecd5dd1b8962/9d0ab7a377f0a08aae022abc7474e5005711869d.roa
Signing time:             Wed 21 Jul 2021 21:49:26 +0000
ROA not before:           Wed 24 Mar 2021 03:00:00 +0000
ROA not after:            Tue 24 Mar 2026 03:00:00 +0000
asID:                     269952
IP address blocks:        190.89.236.0/23 maxlen: 24
                          2803:86e0::/32 maxlen: 33

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/b90d366e-81db-4e80-b957-ecd5dd1b8962/bc1653f5626148be949e9c524f2d574ea20a5285.crl
                          rsync://repository.lacnic.net/rpki/lacnic/b90d366e-81db-4e80-b957-ecd5dd1b8962/bc1653f5626148be949e9c524f2d574ea20a5285.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/bc1653f5626148be949e9c524f2d574ea20a5285.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 24 Feb 2024 17:37:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 658171 (0xa0afb)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bc1653f5626148be949e9c524f2d574ea20a5285
        Validity
            Not Before: Mar 24 03:00:00 2021 GMT
            Not After : Mar 24 03:00:00 2026 GMT
        Subject: CN=9d0ab7a377f0a08aae022abc7474e5005711869d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:f0:73:63:70:46:ee:83:2a:b2:e4:91:a3:fa:
                    0c:31:17:3c:d4:64:f5:11:cd:07:08:b9:c1:48:0d:
                    ae:e8:3f:29:d5:23:86:ee:34:aa:ed:a6:88:d7:6d:
                    98:af:8c:79:2e:11:c9:0b:6b:01:40:da:7c:71:64:
                    7a:5a:ec:06:4f:5f:e6:12:6e:8e:a1:c9:e3:f1:9c:
                    88:e5:2f:b5:43:9e:28:f6:a9:9a:3c:7b:d4:73:10:
                    91:f8:68:1d:b2:ec:e5:63:33:85:71:22:b6:8f:a3:
                    11:2f:cb:e1:cb:40:e0:9b:5a:32:8f:5d:70:3c:cf:
                    5d:24:2e:77:28:b3:6f:cb:62:4b:88:4a:17:96:5b:
                    17:49:52:46:37:a5:3b:4e:0e:a3:2f:4e:81:16:e3:
                    c0:e7:7b:10:26:e1:32:51:94:8d:e1:30:1b:af:6d:
                    ae:28:ae:54:81:15:6a:df:d0:b9:73:d6:7d:45:51:
                    6d:d8:6e:f4:4c:a5:89:ff:a3:38:15:c2:1b:54:7c:
                    57:c7:e5:f6:55:48:24:7b:b3:67:6a:1b:53:54:25:
                    87:d6:75:76:4a:83:2e:09:8c:bd:4b:01:bf:97:d8:
                    42:1a:95:2a:75:39:92:6f:68:ee:18:54:89:4e:15:
                    ce:56:80:3e:16:85:47:1b:24:f6:d8:30:c1:8b:c1:
                    0d:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                33:F6:8C:B1:AA:BE:6D:2E:DB:26:7E:6E:03:8D:20:92:A9:CC:E1:87
            X509v3 Authority Key Identifier:
                keyid:3B:7E:D5:EC:E4:76:69:5B:40:08:C7:8E:95:5D:30:7B:B5:96:8A:0D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/bc1653f5626148be949e9c524f2d574ea20a5285.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/b90d366e-81db-4e80-b957-ecd5dd1b8962/9d0ab7a377f0a08aae022abc7474e5005711869d.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/b90d366e-81db-4e80-b957-ecd5dd1b8962/bc1653f5626148be949e9c524f2d574ea20a5285.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.89.236.0/23
                IPv6:
                  2803:86e0::/32

    Signature Algorithm: sha256WithRSAEncryption
         7e:a2:1f:1a:b6:4a:db:ff:9f:af:90:f0:3a:59:e9:58:b0:41:
         f2:29:ba:2f:53:50:27:8b:be:3d:4f:84:99:2a:df:44:93:e7:
         41:2a:56:5b:0f:2b:79:f0:fa:00:ec:bb:a6:60:9e:6e:6d:d8:
         8d:6e:a1:3c:80:16:89:28:18:e7:31:8c:f0:ac:15:15:f2:a7:
         29:3f:b0:01:f5:06:0e:04:9d:58:c3:03:a3:e9:0c:2d:3b:8a:
         12:6b:6b:43:b3:1c:98:d9:24:45:45:fb:3a:33:18:10:c0:3a:
         06:39:ea:95:e3:ae:41:ec:ca:36:c4:c2:11:b5:53:f9:52:1c:
         e8:26:0c:46:b9:04:c4:4e:2b:0f:fa:37:f6:50:54:7e:6b:e5:
         3b:6d:4b:53:31:8c:f1:b0:1b:16:49:69:1e:77:7c:aa:c8:95:
         46:a3:e6:90:ad:43:c1:de:45:02:29:0b:d1:ba:46:c7:ef:05:
         e4:72:c8:20:a4:13:9c:64:1d:c7:da:70:6f:36:c3:90:ab:48:
         4e:1b:c1:66:90:f4:00:7e:25:f9:12:85:03:c5:32:48:ce:d7:
         2a:cf:6d:23:5d:a4:a8:24:73:16:82:64:cc:cf:e7:1d:a1:25:
         5c:25:54:42:eb:25:0b:1d:f7:b9:ef:54:2c:29:bd:56:a6:59:
         7b:37:ee:50
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgIDCgr7MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGJj
MTY1M2Y1NjI2MTQ4YmU5NDllOWM1MjRmMmQ1NzRlYTIwYTUyODUwHhcNMjEwMzI0
MDMwMDAwWhcNMjYwMzI0MDMwMDAwWjAzMTEwLwYDVQQDEyg5ZDBhYjdhMzc3ZjBh
MDhhYWUwMjJhYmM3NDc0ZTUwMDU3MTE4NjlkMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAwfBzY3BG7oMqsuSRo/oMMRc81GT1Ec0HCLnBSA2u6D8p1SOG
7jSq7aaI122Yr4x5LhHJC2sBQNp8cWR6WuwGT1/mEm6Oocnj8ZyI5S+1Q54o9qma
PHvUcxCR+GgdsuzlYzOFcSK2j6MRL8vhy0Dgm1oyj11wPM9dJC53KLNvy2JLiEoX
llsXSVJGN6U7Tg6jL06BFuPA53sQJuEyUZSN4TAbr22uKK5UgRVq39C5c9Z9RVFt
2G70TKWJ/6M4FcIbVHxXx+X2VUgke7NnahtTVCWH1nV2SoMuCYy9SwG/l9hCGpUq
dTmSb2juGFSJThXOVoA+FoVHGyT22DDBi8ENVQIDAQABo4ICajCCAmYwHQYDVR0O
BBYEFDP2jLGqvm0u2yZ+bgONIJKpzOGHMB8GA1UdIwQYMBaAFDt+1ezkdmlbQAjH
jpVdMHu1looNMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYmMxNjUz
ZjU2MjYxNDhiZTk0OWU5YzUyNGYyZDU3NGVhMjBhNTI4NS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvYjkwZDM2NmUtODFkYi00ZTgwLWI5NTctZWNkNWRk
MWI4OTYyLzlkMGFiN2EzNzdmMGEwOGFhZTAyMmFiYzc0NzRlNTAwNTcxMTg2OWQu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9iOTBkMzY2ZS04MWRiLTRlODAtYjk1Ny1lY2Q1
ZGQxYjg5NjIvYmMxNjUzZjU2MjYxNDhiZTk0OWU5YzUyNGYyZDU3NGVhMjBhNTI4
NS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQf
MB0wDAQCAAEwBgMEAb5Z7DANBAIAAjAHAwUAKAOG4DANBgkqhkiG9w0BAQsFAAOC
AQEAfqIfGrZK2/+fr5DwOlnpWLBB8im6L1NQJ4u+PU+EmSrfRJPnQSpWWw8refD6
AOy7pmCebm3YjW6hPIAWiSgY5zGM8KwVFfKnKT+wAfUGDgSdWMMDo+kMLTuKEmtr
Q7McmNkkRUX7OjMYEMA6BjnqleOuQezKNsTCEbVT+VIc6CYMRrkExE4rD/o39lBU
fmvlO21LUzGM8bAbFklpHnd8qsiVRqPmkK1Dwd5FAikL0bpGx+8F5HLIIKQTnGQd
x9pwbzbDkKtIThvBZpD0AH4l+RKFA8UySM7XKs9tI12kqCRzFoJkzM/nHaElXCVU
QuslCx33ue9ULCm9VqZZezfuUA==
-----END CERTIFICATE-----
Generated at Wed Feb 21 21:43:07 2024 by rpki-client on console-fra.rpki-client.org