Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/ba3c4b64-7a65-406b-aaf5-c1498952fa18/00a653ffc21465863137ea038f40c25be65c44f6.roa
File:                     00a653ffc21465863137ea038f40c25be65c44f6.roa (raw, json)
Hash identifier:          5NyZW6YDQrq6KHmRpquiA3Gl7i2Fa7dPYmB7a4UgOmo=
Subject key identifier:   0E:2E:BB:B6:78:42:98:59:CA:B4:42:A7:0E:33:21:7F:BA:CC:22:1B
Certificate issuer:       /CN=ff6cfdb143558c0e5b74984e7f22bc75537686b6
Certificate serial:       180AD8
Authority key identifier: E7:6D:56:E8:BA:5F:BB:E9:52:69:A7:53:EF:38:8C:BE:C9:CE:AD:06
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff6cfdb143558c0e5b74984e7f22bc75537686b6.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/ba3c4b64-7a65-406b-aaf5-c1498952fa18/00a653ffc21465863137ea038f40c25be65c44f6.roa
Signing time:             Sun 19 Jun 2022 06:51:35 +0000
ROA not before:           Sun 19 Jun 2022 03:00:00 +0000
ROA not after:            Wed 19 Jun 2024 03:00:00 +0000
asID:                     52284
IP address blocks:        190.123.44.0/22 maxlen: 24
                          2803:200::/32 maxlen: 32

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/ba3c4b64-7a65-406b-aaf5-c1498952fa18/ff6cfdb143558c0e5b74984e7f22bc75537686b6.crl
                          rsync://repository.lacnic.net/rpki/lacnic/ba3c4b64-7a65-406b-aaf5-c1498952fa18/ff6cfdb143558c0e5b74984e7f22bc75537686b6.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff6cfdb143558c0e5b74984e7f22bc75537686b6.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 03:49:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1575640 (0x180ad8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ff6cfdb143558c0e5b74984e7f22bc75537686b6
        Validity
            Not Before: Jun 19 03:00:00 2022 GMT
            Not After : Jun 19 03:00:00 2024 GMT
        Subject: CN=00a653ffc21465863137ea038f40c25be65c44f6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:64:86:5c:04:8f:fe:95:a9:08:e6:6e:70:57:
                    ac:e3:46:fc:90:e5:ce:37:d1:f4:86:98:15:c0:ee:
                    df:7d:3e:5a:eb:9f:0d:15:34:e4:7a:b1:0a:ec:b0:
                    35:c5:3e:0b:15:a8:1a:ca:2d:f3:e2:4f:d3:0b:08:
                    69:3f:12:f7:28:bb:83:38:f0:b4:98:f3:94:10:72:
                    93:e1:2c:4c:8d:95:05:36:00:b4:64:a6:dd:e4:ca:
                    c7:e9:30:9e:2b:73:cb:4d:e4:40:1b:e9:e9:71:aa:
                    5b:e2:c7:83:f6:7f:f8:38:54:e3:86:3d:a4:19:fa:
                    37:4f:33:39:cd:28:5a:f7:d1:ad:61:49:9f:f2:89:
                    3a:7e:a0:1e:2d:3e:c7:b2:34:25:2f:08:f3:86:06:
                    15:d7:b3:7d:ec:8a:fd:af:36:cd:25:d2:7d:1a:b9:
                    0f:63:15:d5:a4:c9:87:bd:7b:76:42:de:a1:cf:90:
                    6b:47:1e:5b:e5:a3:88:d8:7d:eb:44:69:1c:25:72:
                    0a:ec:78:eb:2d:12:75:ba:ce:f9:f1:40:7e:12:49:
                    da:3e:e7:5f:ae:35:29:19:5b:87:32:15:c8:ca:5d:
                    e8:32:df:9c:ea:a7:c3:30:06:74:4d:68:2d:91:23:
                    8b:72:0a:ea:b2:9a:d7:cc:60:3b:7d:ba:66:5b:99:
                    6b:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0E:2E:BB:B6:78:42:98:59:CA:B4:42:A7:0E:33:21:7F:BA:CC:22:1B
            X509v3 Authority Key Identifier:
                keyid:E7:6D:56:E8:BA:5F:BB:E9:52:69:A7:53:EF:38:8C:BE:C9:CE:AD:06

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff6cfdb143558c0e5b74984e7f22bc75537686b6.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/ba3c4b64-7a65-406b-aaf5-c1498952fa18/00a653ffc21465863137ea038f40c25be65c44f6.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/ba3c4b64-7a65-406b-aaf5-c1498952fa18/ff6cfdb143558c0e5b74984e7f22bc75537686b6.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.123.44.0/22
                IPv6:
                  2803:200::/32

    Signature Algorithm: sha256WithRSAEncryption
         99:61:15:73:8e:b5:db:a5:39:2a:f7:87:16:53:0a:e3:cc:f4:
         92:d5:1b:08:9c:6b:fa:2a:aa:18:76:53:8a:cb:64:79:c0:d8:
         73:91:7f:fd:07:dd:f4:b7:70:de:51:bb:ed:bf:ac:3a:a2:35:
         99:70:bf:9f:b7:d0:e5:2a:45:22:84:54:03:48:54:5a:bb:7c:
         89:fc:04:a9:e9:76:08:10:35:02:b8:83:49:cb:0c:96:0e:0b:
         c9:2e:3a:8a:65:95:57:df:bb:54:69:32:f4:ee:21:0e:41:b7:
         8a:00:08:59:a5:5a:73:de:eb:0b:67:c1:8c:e3:23:b9:6c:d4:
         42:41:b9:f0:ad:2e:94:fb:c1:ae:44:b7:23:86:1e:03:52:c4:
         11:8a:08:fe:26:f5:85:94:bd:97:78:ef:f5:28:6d:47:a7:2f:
         6a:31:8e:21:8d:5b:fa:05:d4:94:c2:9d:74:c8:c2:6a:78:ec:
         f1:9c:28:05:b0:2a:4c:ad:48:c6:ae:be:6e:94:c0:2a:1f:c2:
         b4:fb:52:c7:fb:bd:f8:40:3b:13:be:82:42:29:06:d4:d4:28:
         a7:a6:16:8c:d3:77:54:bc:dc:bf:51:02:96:36:9a:86:47:c2:
         84:36:84:91:3c:82:73:a6:38:bb:69:1e:b7:63:9b:19:ae:ed:
         52:5c:42:9b
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgIDGArYMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGZm
NmNmZGIxNDM1NThjMGU1Yjc0OTg0ZTdmMjJiYzc1NTM3Njg2YjYwHhcNMjIwNjE5
MDMwMDAwWhcNMjQwNjE5MDMwMDAwWjAzMTEwLwYDVQQDEygwMGE2NTNmZmMyMTQ2
NTg2MzEzN2VhMDM4ZjQwYzI1YmU2NWM0NGY2MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA4WSGXASP/pWpCOZucFes40b8kOXON9H0hpgVwO7ffT5a658N
FTTkerEK7LA1xT4LFagayi3z4k/TCwhpPxL3KLuDOPC0mPOUEHKT4SxMjZUFNgC0
ZKbd5MrH6TCeK3PLTeRAG+npcapb4seD9n/4OFTjhj2kGfo3TzM5zSha99GtYUmf
8ok6fqAeLT7HsjQlLwjzhgYV17N97Ir9rzbNJdJ9GrkPYxXVpMmHvXt2Qt6hz5Br
Rx5b5aOI2H3rRGkcJXIK7HjrLRJ1us758UB+EknaPudfrjUpGVuHMhXIyl3oMt+c
6qfDMAZ0TWgtkSOLcgrqsprXzGA7fbpmW5lrLwIDAQABo4ICajCCAmYwHQYDVR0O
BBYEFA4uu7Z4QphZyrRCpw4zIX+6zCIbMB8GA1UdIwQYMBaAFOdtVui6X7vpUmmn
U+84jL7Jzq0GMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvZmY2Y2Zk
YjE0MzU1OGMwZTViNzQ5ODRlN2YyMmJjNzU1Mzc2ODZiNi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvYmEzYzRiNjQtN2E2NS00MDZiLWFhZjUtYzE0OTg5
NTJmYTE4LzAwYTY1M2ZmYzIxNDY1ODYzMTM3ZWEwMzhmNDBjMjViZTY1YzQ0ZjYu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9iYTNjNGI2NC03YTY1LTQwNmItYWFmNS1jMTQ5
ODk1MmZhMTgvZmY2Y2ZkYjE0MzU1OGMwZTViNzQ5ODRlN2YyMmJjNzU1Mzc2ODZi
Ni5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQf
MB0wDAQCAAEwBgMEAr57LDANBAIAAjAHAwUAKAMCADANBgkqhkiG9w0BAQsFAAOC
AQEAmWEVc46126U5KveHFlMK48z0ktUbCJxr+iqqGHZTistkecDYc5F//Qfd9Ldw
3lG77b+sOqI1mXC/n7fQ5SpFIoRUA0hUWrt8ifwEqel2CBA1AriDScsMlg4LyS46
imWVV9+7VGky9O4hDkG3igAIWaVac97rC2fBjOMjuWzUQkG58K0ulPvBrkS3I4Ye
A1LEEYoI/ib1hZS9l3jv9ShtR6cvajGOIY1b+gXUlMKddMjCanjs8ZwoBbAqTK1I
xq6+bpTAKh/CtPtSx/u9+EA7E76CQikG1NQop6YWjNN3VLzcv1ECljaahkfChDaE
kTyCc6Y4u2ket2ObGa7tUlxCmw==
-----END CERTIFICATE-----
Generated at Thu Mar 28 04:37:45 2024 by rpki-client on console-fra.rpki-client.org