Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/bc2010c3-415c-4280-bb31-76acc02ed97d/cc0d50ea864dd953f2f2d2d8e62d1d420242b70c.roa
File:                     cc0d50ea864dd953f2f2d2d8e62d1d420242b70c.roa (raw, json)
Hash identifier:          ihFb1ZMjPSZfBmqeSusJ1uORMiaBS7V/pZMtj+CQigQ=
Subject key identifier:   34:D8:9D:D3:24:5A:33:C6:CD:C8:5B:0A:40:64:1F:92:ED:20:75:8C
Certificate issuer:       /CN=33cc3bdd4edfc498d2c924783a40c9ff255120b8
Certificate serial:       0D3836
Authority key identifier: D1:AA:7C:35:0C:32:75:1C:5D:77:2D:FB:C4:CD:8D:B3:57:CC:70:93
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/33cc3bdd4edfc498d2c924783a40c9ff255120b8.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/bc2010c3-415c-4280-bb31-76acc02ed97d/cc0d50ea864dd953f2f2d2d8e62d1d420242b70c.roa
Signing time:             Wed 24 Mar 2021 14:39:23 +0000
ROA not before:           Wed 24 Mar 2021 14:39:22 +0000
ROA not after:            Tue 24 Mar 2026 14:39:22 +0000
asID:                     27738
IP address blocks:        190.130.128.0/17 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/bc2010c3-415c-4280-bb31-76acc02ed97d/33cc3bdd4edfc498d2c924783a40c9ff255120b8.crl
                          rsync://repository.lacnic.net/rpki/lacnic/bc2010c3-415c-4280-bb31-76acc02ed97d/33cc3bdd4edfc498d2c924783a40c9ff255120b8.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/33cc3bdd4edfc498d2c924783a40c9ff255120b8.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 22 Jul 2023 20:08:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 866358 (0xd3836)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=33cc3bdd4edfc498d2c924783a40c9ff255120b8
        Validity
            Not Before: Mar 24 14:39:22 2021 GMT
            Not After : Mar 24 14:39:22 2026 GMT
        Subject: CN=cc0d50ea864dd953f2f2d2d8e62d1d420242b70c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:83:11:95:87:a7:ae:9b:76:1d:eb:fb:be:63:
                    a3:d7:aa:6a:d8:1c:87:b1:97:a1:a1:79:7c:8a:ff:
                    5c:48:fa:53:3e:69:a4:2c:10:f7:0f:ff:7f:f8:fb:
                    2b:37:2a:80:68:d3:64:b8:b0:83:3a:4e:04:84:d1:
                    a7:38:c7:26:47:0b:cb:e1:33:ac:82:04:44:1b:98:
                    c3:06:9d:1e:47:fc:65:0f:d6:52:ee:23:cd:c4:fd:
                    30:ba:c6:7a:de:3b:16:e3:2c:e9:63:29:0e:0c:42:
                    2f:eb:b4:5a:b4:69:0c:88:31:7a:cc:27:2f:22:dc:
                    12:26:ed:93:02:25:67:91:f0:d0:22:13:80:fd:fd:
                    05:1e:b4:28:66:a4:73:99:c6:03:92:0a:6f:5b:83:
                    1e:08:62:6e:6d:4b:7b:3e:5b:ab:99:6a:df:21:c4:
                    46:73:d3:1b:f3:83:c4:8f:d7:26:f9:91:df:2e:55:
                    05:fa:9c:8c:d6:ef:16:70:72:9e:2a:f1:52:43:16:
                    3f:01:cc:55:81:f1:5b:de:41:b9:d0:d5:fa:c0:95:
                    56:a6:e2:bd:a4:c4:fc:1f:fe:30:d9:79:56:ea:b6:
                    90:c4:c2:15:51:3c:8e:2a:51:d5:12:fd:63:15:f3:
                    49:02:95:28:ff:6d:70:d6:0b:7d:28:1c:f0:79:81:
                    a7:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                34:D8:9D:D3:24:5A:33:C6:CD:C8:5B:0A:40:64:1F:92:ED:20:75:8C
            X509v3 Authority Key Identifier:
                keyid:D1:AA:7C:35:0C:32:75:1C:5D:77:2D:FB:C4:CD:8D:B3:57:CC:70:93

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/33cc3bdd4edfc498d2c924783a40c9ff255120b8.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/bc2010c3-415c-4280-bb31-76acc02ed97d/cc0d50ea864dd953f2f2d2d8e62d1d420242b70c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/bc2010c3-415c-4280-bb31-76acc02ed97d/33cc3bdd4edfc498d2c924783a40c9ff255120b8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.130.128.0/17

    Signature Algorithm: sha256WithRSAEncryption
         97:76:c2:ef:55:86:7b:05:29:4e:35:07:be:73:dc:32:4c:95:
         7c:ee:42:c8:c1:d1:b4:a9:b6:19:2d:06:41:6d:ae:c5:c0:1f:
         6c:64:5e:38:96:db:79:e2:94:b5:90:00:e4:67:02:69:1d:ae:
         c7:4d:73:32:72:c0:0e:d4:70:97:0c:e7:75:0b:f4:5d:15:21:
         3d:10:a9:35:ad:44:2f:81:34:2e:03:e3:ab:cb:d6:e1:09:e2:
         d7:ac:a3:c9:7e:22:d6:0a:5e:68:e1:3a:d1:bb:43:d3:e6:81:
         d6:03:9a:09:42:ec:8f:dc:e7:5c:28:74:a9:dd:b9:25:99:d5:
         70:87:34:8d:8b:82:90:5d:d8:94:4e:d4:17:f4:04:72:f7:2e:
         3c:ae:83:ae:af:f7:7f:5f:5b:bf:8e:f2:d5:86:11:49:de:88:
         13:a6:1e:6c:84:f0:f0:3f:cc:4d:dc:88:84:1e:00:bc:12:a8:
         57:b6:e8:52:32:82:8a:d0:8e:14:50:ce:68:74:8e:95:e1:b4:
         82:d2:76:d9:de:b4:84:00:28:ba:fb:b5:f6:b5:aa:67:26:fc:
         d7:67:7b:2a:c8:fe:83:c7:4a:65:c9:d7:63:01:9f:a8:2a:44:
         11:9a:33:c5:13:6c:d6:9e:b6:b7:79:48:44:9d:ab:96:52:16:
         75:61:96:35
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDDTg2MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDMz
Y2MzYmRkNGVkZmM0OThkMmM5MjQ3ODNhNDBjOWZmMjU1MTIwYjgwHhcNMjEwMzI0
MTQzOTIyWhcNMjYwMzI0MTQzOTIyWjAzMTEwLwYDVQQDEyhjYzBkNTBlYTg2NGRk
OTUzZjJmMmQyZDhlNjJkMWQ0MjAyNDJiNzBjMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAj4MRlYenrpt2Hev7vmOj16pq2ByHsZehoXl8iv9cSPpTPmmk
LBD3D/9/+PsrNyqAaNNkuLCDOk4EhNGnOMcmRwvL4TOsggREG5jDBp0eR/xlD9ZS
7iPNxP0wusZ63jsW4yzpYykODEIv67RatGkMiDF6zCcvItwSJu2TAiVnkfDQIhOA
/f0FHrQoZqRzmcYDkgpvW4MeCGJubUt7PlurmWrfIcRGc9Mb84PEj9cm+ZHfLlUF
+pyM1u8WcHKeKvFSQxY/AcxVgfFb3kG50NX6wJVWpuK9pMT8H/4w2XlW6raQxMIV
UTyOKlHVEv1jFfNJApUo/21w1gt9KBzweYGnRwIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFDTYndMkWjPGzchbCkBkH5LtIHWMMB8GA1UdIwQYMBaAFNGqfDUMMnUcXXct
+8TNjbNXzHCTMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvMzNjYzNi
ZGQ0ZWRmYzQ5OGQyYzkyNDc4M2E0MGM5ZmYyNTUxMjBiOC5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvYmMyMDEwYzMtNDE1Yy00MjgwLWJiMzEtNzZhY2Mw
MmVkOTdkL2NjMGQ1MGVhODY0ZGQ5NTNmMmYyZDJkOGU2MmQxZDQyMDI0MmI3MGMu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9iYzIwMTBjMy00MTVjLTQyODAtYmIzMS03NmFj
YzAyZWQ5N2QvMzNjYzNiZGQ0ZWRmYzQ5OGQyYzkyNDc4M2E0MGM5ZmYyNTUxMjBi
OC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEB76CgDANBgkqhkiG9w0BAQsFAAOCAQEAl3bC71WGewUpTjUH
vnPcMkyVfO5CyMHRtKm2GS0GQW2uxcAfbGReOJbbeeKUtZAA5GcCaR2ux01zMnLA
DtRwlwzndQv0XRUhPRCpNa1EL4E0LgPjq8vW4Qni16yjyX4i1gpeaOE60btD0+aB
1gOaCULsj9znXCh0qd25JZnVcIc0jYuCkF3YlE7UF/QEcvcuPK6Drq/3f19bv47y
1YYRSd6IE6YebITw8D/MTdyIhB4AvBKoV7boUjKCitCOFFDOaHSOleG0gtJ22d60
hAAouvu19rWqZyb812d7Ksj+g8dKZcnXYwGfqCpEEZozxRNs1p62t3lIRJ2rllIW
dWGWNQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 22:21:23 2023 by rpki-client on console-fra.rpki-client.org