Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/c0edfb24-be89-4e67-ae08-dd7edc5666ea/768a46b7b19abee455de9ab99a82a0850f8c2983.roa
File:                     768a46b7b19abee455de9ab99a82a0850f8c2983.roa (raw, json)
Hash identifier:          QHQ+NJB73myn6icZgjWV/wnF96X8LcYZ5w4NYr13YEY=
Subject key identifier:   56:58:6A:38:1B:6F:13:D2:1F:B9:CC:8F:64:18:CF:9D:A6:7B:B5:36
Certificate issuer:       /CN=3070426b746ffaf94407f39e1e550bba97179b09
Certificate serial:       1A7FAC
Authority key identifier: 4B:07:95:9B:1B:BB:5F:F3:F5:C4:7D:C6:6C:33:B9:37:3B:FC:EF:27
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/3070426b746ffaf94407f39e1e550bba97179b09.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/c0edfb24-be89-4e67-ae08-dd7edc5666ea/768a46b7b19abee455de9ab99a82a0850f8c2983.roa
Signing time:             Fri 01 Sep 2023 05:37:57 +0000
ROA not before:           Thu 31 Aug 2023 05:37:57 +0000
ROA not after:            Mon 01 Sep 2025 05:37:57 +0000
asID:                     265540
IP address blocks:        190.123.10.0/23 maxlen: 24
                          190.123.12.0/23 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/c0edfb24-be89-4e67-ae08-dd7edc5666ea/3070426b746ffaf94407f39e1e550bba97179b09.crl
                          rsync://repository.lacnic.net/rpki/lacnic/c0edfb24-be89-4e67-ae08-dd7edc5666ea/3070426b746ffaf94407f39e1e550bba97179b09.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/3070426b746ffaf94407f39e1e550bba97179b09.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Thu 29 Feb 2024 02:37:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1736620 (0x1a7fac)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3070426b746ffaf94407f39e1e550bba97179b09
        Validity
            Not Before: Aug 31 05:37:57 2023 GMT
            Not After : Sep  1 05:37:57 2025 GMT
        Subject: CN=768a46b7b19abee455de9ab99a82a0850f8c2983
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:9a:74:1d:21:d0:ce:25:9e:8b:5b:71:09:04:
                    c2:50:c2:51:14:9a:86:e4:eb:f1:10:71:bd:c1:5a:
                    17:73:51:f6:eb:69:c7:dd:eb:08:d0:64:81:70:b5:
                    12:cb:7d:b9:0f:b6:bc:76:bc:54:57:ac:14:5d:73:
                    c6:0e:7e:4f:73:5a:ab:7c:e2:c9:69:3e:c6:34:78:
                    1e:01:d3:ae:8a:b2:aa:78:d1:3d:3d:40:91:9a:9c:
                    3e:fb:18:6e:46:f8:0d:df:f4:3d:78:52:b6:7b:b4:
                    75:99:3b:33:79:eb:9c:f0:6d:d9:32:c9:96:e6:48:
                    0f:65:58:36:43:1b:07:2b:f1:16:d5:96:0c:73:bc:
                    29:8b:f4:e5:f6:c2:72:e5:88:d7:94:40:a9:f5:34:
                    09:f0:1e:7b:a6:17:ae:2e:2d:1c:e0:5f:a8:11:30:
                    13:6a:b2:a0:a1:c8:a1:7a:8a:72:c7:37:f7:a5:58:
                    bd:09:65:52:6d:e2:d4:d0:70:49:f0:5e:20:a1:39:
                    0f:ae:01:34:ee:fa:70:dc:b9:a5:31:34:2f:cd:6d:
                    c7:29:9f:37:57:9e:ec:2f:79:09:81:7a:44:ea:ec:
                    56:da:28:b6:7d:65:cd:d0:db:99:d1:5e:2a:c5:1a:
                    ac:5f:fe:3d:45:9d:d9:25:c8:b5:d9:98:f5:6a:c9:
                    67:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                56:58:6A:38:1B:6F:13:D2:1F:B9:CC:8F:64:18:CF:9D:A6:7B:B5:36
            X509v3 Authority Key Identifier:
                keyid:4B:07:95:9B:1B:BB:5F:F3:F5:C4:7D:C6:6C:33:B9:37:3B:FC:EF:27

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/3070426b746ffaf94407f39e1e550bba97179b09.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/c0edfb24-be89-4e67-ae08-dd7edc5666ea/768a46b7b19abee455de9ab99a82a0850f8c2983.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/c0edfb24-be89-4e67-ae08-dd7edc5666ea/3070426b746ffaf94407f39e1e550bba97179b09.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.123.10.0-190.123.13.255

    Signature Algorithm: sha256WithRSAEncryption
         3b:63:1d:21:8c:13:bd:fc:01:9b:b4:fb:a1:ec:c9:92:3e:ac:
         42:c6:b1:77:98:0d:2b:9e:4d:b1:7f:fb:42:f4:1c:82:9d:12:
         52:1f:f2:14:e9:8b:53:ae:61:da:b0:60:9f:ef:95:18:aa:f7:
         ab:b7:8d:2d:2f:25:ea:61:b9:7d:57:05:a0:8a:25:42:92:7c:
         80:f9:b6:ea:32:67:92:89:d3:eb:d4:3a:54:09:bb:6a:28:52:
         8e:38:a7:00:21:3d:e3:8d:82:83:39:56:7b:e2:ba:c0:ec:59:
         cc:a4:6b:ef:46:ce:cb:88:f4:33:d2:06:f9:d0:d6:7e:e2:a9:
         0e:50:63:86:39:6e:2d:f7:5a:c5:95:6a:4b:57:de:bb:84:31:
         3b:cf:37:bd:d0:ef:9e:3a:6c:51:35:5c:40:e2:36:c1:22:5e:
         03:f4:c7:29:99:b4:92:e7:90:c4:33:dd:a5:3f:b7:30:1e:55:
         77:4f:c0:dc:2e:82:a0:a0:47:47:66:73:40:f2:13:68:28:66:
         c6:70:4c:f1:3a:14:4f:11:6d:4e:09:86:01:eb:4d:83:c4:fe:
         99:92:a3:c3:b7:4b:1f:80:89:63:de:75:80:68:2a:d9:89:e7:
         64:2b:a6:de:05:db:35:81:fa:14:33:2b:03:ba:d0:ba:54:df:
         3a:ad:5b:df
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgIDGn+sMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDMw
NzA0MjZiNzQ2ZmZhZjk0NDA3ZjM5ZTFlNTUwYmJhOTcxNzliMDkwHhcNMjMwODMx
MDUzNzU3WhcNMjUwOTAxMDUzNzU3WjAzMTEwLwYDVQQDEyg3NjhhNDZiN2IxOWFi
ZWU0NTVkZTlhYjk5YTgyYTA4NTBmOGMyOTgzMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAs5p0HSHQziWei1txCQTCUMJRFJqG5OvxEHG9wVoXc1H262nH
3esI0GSBcLUSy325D7a8drxUV6wUXXPGDn5Pc1qrfOLJaT7GNHgeAdOuirKqeNE9
PUCRmpw++xhuRvgN3/Q9eFK2e7R1mTszeeuc8G3ZMsmW5kgPZVg2QxsHK/EW1ZYM
c7wpi/Tl9sJy5YjXlECp9TQJ8B57pheuLi0c4F+oETATarKgociheopyxzf3pVi9
CWVSbeLU0HBJ8F4goTkPrgE07vpw3LmlMTQvzW3HKZ83V57sL3kJgXpE6uxW2ii2
fWXN0NuZ0V4qxRqsX/49RZ3ZJci12Zj1aslnCQIDAQABo4ICYzCCAl8wHQYDVR0O
BBYEFFZYajgbbxPSH7nMj2QYz52me7U2MB8GA1UdIwQYMBaAFEsHlZsbu1/z9cR9
xmwzuTc7/O8nMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvMzA3MDQy
NmI3NDZmZmFmOTQ0MDdmMzllMWU1NTBiYmE5NzE3OWIwOS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvYzBlZGZiMjQtYmU4OS00ZTY3LWFlMDgtZGQ3ZWRj
NTY2NmVhLzc2OGE0NmI3YjE5YWJlZTQ1NWRlOWFiOTlhODJhMDg1MGY4YzI5ODMu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9jMGVkZmIyNC1iZTg5LTRlNjctYWUwOC1kZDdl
ZGM1NjY2ZWEvMzA3MDQyNmI3NDZmZmFmOTQ0MDdmMzllMWU1NTBiYmE5NzE3OWIw
OS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAnBggrBgEFBQcBBwEB/wQY
MBYwFAQCAAEwDjAMAwQBvnsKAwQBvnsMMA0GCSqGSIb3DQEBCwUAA4IBAQA7Yx0h
jBO9/AGbtPuh7MmSPqxCxrF3mA0rnk2xf/tC9ByCnRJSH/IU6YtTrmHasGCf75UY
qvert40tLyXqYbl9VwWgiiVCknyA+bbqMmeSidPr1DpUCbtqKFKOOKcAIT3jjYKD
OVZ74rrA7FnMpGvvRs7LiPQz0gb50NZ+4qkOUGOGOW4t91rFlWpLV967hDE7zze9
0O+eOmxRNVxA4jbBIl4D9McpmbSS55DEM92lP7cwHlV3T8DcLoKgoEdHZnNA8hNo
KGbGcEzxOhRPEW1OCYYB602DxP6ZkqPDt0sfgIlj3nWAaCrZiedkK6beBds1gfoU
MysDutC6VN86rVvf
-----END CERTIFICATE-----
Generated at Mon Feb 26 09:34:51 2024 by rpki-client on console-fra.rpki-client.org