Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/c89106f7-7260-413b-8ee6-7c2addfb5de6/ab9acf115a08ffadd4628e1890409ff6c98b2756.roa
File:                     ab9acf115a08ffadd4628e1890409ff6c98b2756.roa (raw, json)
Hash identifier:          hCCsbJrJfZB1L6YZ5buXWTpA9+fdQTdtZrH7TS3y+9Y=
Subject key identifier:   43:1A:11:DA:7E:55:14:E3:47:F4:DC:AD:03:72:3E:F7:B4:5A:72:D4
Certificate issuer:       /CN=047b84634bdb1a6b9bc9918c849144970e17f64a
Certificate serial:       0CEBDA
Authority key identifier: 2A:A3:0C:F8:19:83:5B:A2:6F:5F:34:80:9A:83:73:EE:68:54:2C:BC
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/047b84634bdb1a6b9bc9918c849144970e17f64a.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/c89106f7-7260-413b-8ee6-7c2addfb5de6/ab9acf115a08ffadd4628e1890409ff6c98b2756.roa
Signing time:             Wed 24 Mar 2021 14:35:07 +0000
ROA not before:           Wed 24 Mar 2021 14:35:07 +0000
ROA not after:            Tue 24 Mar 2026 14:35:07 +0000
asID:                     262215
IP address blocks:        201.219.192.0/19 maxlen: 24
                          2803:8980::/32 maxlen: 40

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/c89106f7-7260-413b-8ee6-7c2addfb5de6/047b84634bdb1a6b9bc9918c849144970e17f64a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/c89106f7-7260-413b-8ee6-7c2addfb5de6/047b84634bdb1a6b9bc9918c849144970e17f64a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/047b84634bdb1a6b9bc9918c849144970e17f64a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 19:38:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 846810 (0xcebda)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=047b84634bdb1a6b9bc9918c849144970e17f64a
        Validity
            Not Before: Mar 24 14:35:07 2021 GMT
            Not After : Mar 24 14:35:07 2026 GMT
        Subject: CN=ab9acf115a08ffadd4628e1890409ff6c98b2756
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:78:14:9f:16:e4:ea:f5:2f:09:69:b3:7b:7c:
                    f3:dc:15:77:ef:cd:86:cf:47:26:27:11:97:ae:aa:
                    71:39:f8:3e:88:f3:c7:67:6b:62:4f:6c:56:d1:ea:
                    59:06:34:29:4f:d5:fa:e6:86:68:12:d3:2d:c2:11:
                    4f:f6:09:19:69:27:5e:1e:03:06:5c:ba:45:b2:3b:
                    9c:62:0c:e9:aa:e1:93:36:bf:88:92:b0:37:41:8a:
                    dc:fb:01:99:28:51:1a:c7:d1:94:42:d5:3b:f2:2d:
                    bd:a2:74:87:f5:be:5d:96:0e:45:cf:51:d1:f4:97:
                    96:9c:f2:61:25:26:56:6c:92:30:a4:e7:b4:3b:fd:
                    f8:8f:d3:f1:c2:1f:37:25:b2:82:c2:2c:14:af:60:
                    12:7e:5d:b8:e4:fb:5c:5a:50:fe:83:78:4b:a0:ec:
                    61:74:23:df:c5:e4:7f:d6:24:79:d9:c1:47:28:73:
                    0c:6f:cb:e7:dc:4e:62:27:dd:58:81:ad:a4:ef:b0:
                    20:1e:5d:16:84:6c:6b:01:4e:91:68:b5:33:4e:a7:
                    ce:bf:d7:3e:7e:c3:62:92:cd:b7:7f:fa:75:48:4d:
                    3c:77:7c:fe:a9:dd:04:fe:e5:c7:41:84:ea:4d:30:
                    64:4d:6d:25:72:1b:ac:a7:2a:4f:e2:2b:f7:24:e2:
                    cc:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                43:1A:11:DA:7E:55:14:E3:47:F4:DC:AD:03:72:3E:F7:B4:5A:72:D4
            X509v3 Authority Key Identifier:
                keyid:2A:A3:0C:F8:19:83:5B:A2:6F:5F:34:80:9A:83:73:EE:68:54:2C:BC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/047b84634bdb1a6b9bc9918c849144970e17f64a.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/c89106f7-7260-413b-8ee6-7c2addfb5de6/ab9acf115a08ffadd4628e1890409ff6c98b2756.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/c89106f7-7260-413b-8ee6-7c2addfb5de6/047b84634bdb1a6b9bc9918c849144970e17f64a.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  201.219.192.0/19
                IPv6:
                  2803:8980::/32

    Signature Algorithm: sha256WithRSAEncryption
         03:19:5c:26:9f:b2:73:52:0e:b8:16:e2:77:e8:b7:0a:8a:b7:
         69:aa:6d:c2:20:8f:8e:23:1a:1f:7d:88:70:ce:c8:f7:55:ea:
         3d:96:f3:2a:67:51:b7:6e:4b:36:7d:ac:f0:f4:5c:fe:47:ac:
         f3:5b:17:c7:ca:ef:b8:3f:04:c0:13:54:07:20:91:a1:18:29:
         8c:6e:8b:04:c6:da:1b:f0:49:43:c1:67:8b:e7:8d:c6:fb:73:
         ba:38:27:4d:4a:f1:e2:f2:33:fc:ff:1f:34:8a:53:40:e7:4d:
         14:0e:74:64:d2:f4:e4:84:d6:76:a3:e4:b3:8c:da:4e:ce:30:
         1a:40:5e:65:34:82:aa:1f:a5:9a:b3:75:24:6b:8d:ef:c1:70:
         d2:14:10:c1:4c:9e:ac:ca:a7:45:ac:bb:25:a4:3e:87:4c:34:
         f4:e5:16:da:f1:be:fb:ba:2f:8d:f3:f8:69:ed:38:1d:5f:26:
         e9:34:3f:6b:f4:1c:71:27:7c:ea:6b:d1:80:78:c2:64:da:bc:
         6b:b1:aa:03:d5:bb:77:b1:52:b1:44:0e:b4:19:63:fc:d7:7d:
         75:f5:0d:af:e2:73:9c:af:21:bb:8b:b1:ab:e7:4f:9a:a4:02:
         42:58:9d:d1:ae:3b:0e:36:d5:99:4b:2b:c3:f5:0b:d7:37:2d:
         4a:bf:54:1b
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgIDDOvaMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDA0
N2I4NDYzNGJkYjFhNmI5YmM5OTE4Yzg0OTE0NDk3MGUxN2Y2NGEwHhcNMjEwMzI0
MTQzNTA3WhcNMjYwMzI0MTQzNTA3WjAzMTEwLwYDVQQDEyhhYjlhY2YxMTVhMDhm
ZmFkZDQ2MjhlMTg5MDQwOWZmNmM5OGIyNzU2MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAkHgUnxbk6vUvCWmze3zz3BV3782Gz0cmJxGXrqpxOfg+iPPH
Z2tiT2xW0epZBjQpT9X65oZoEtMtwhFP9gkZaSdeHgMGXLpFsjucYgzpquGTNr+I
krA3QYrc+wGZKFEax9GUQtU78i29onSH9b5dlg5Fz1HR9JeWnPJhJSZWbJIwpOe0
O/34j9Pxwh83JbKCwiwUr2ASfl245PtcWlD+g3hLoOxhdCPfxeR/1iR52cFHKHMM
b8vn3E5iJ91Yga2k77AgHl0WhGxrAU6RaLUzTqfOv9c+fsNiks23f/p1SE08d3z+
qd0E/uXHQYTqTTBkTW0lchuspypP4iv3JOLMFwIDAQABo4ICajCCAmYwHQYDVR0O
BBYEFEMaEdp+VRTjR/TcrQNyPve0WnLUMB8GA1UdIwQYMBaAFCqjDPgZg1uib180
gJqDc+5oVCy8MA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvMDQ3Yjg0
NjM0YmRiMWE2YjliYzk5MThjODQ5MTQ0OTcwZTE3ZjY0YS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvYzg5MTA2ZjctNzI2MC00MTNiLThlZTYtN2MyYWRk
ZmI1ZGU2L2FiOWFjZjExNWEwOGZmYWRkNDYyOGUxODkwNDA5ZmY2Yzk4YjI3NTYu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9jODkxMDZmNy03MjYwLTQxM2ItOGVlNi03YzJh
ZGRmYjVkZTYvMDQ3Yjg0NjM0YmRiMWE2YjliYzk5MThjODQ5MTQ0OTcwZTE3ZjY0
YS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQf
MB0wDAQCAAEwBgMEBcnbwDANBAIAAjAHAwUAKAOJgDANBgkqhkiG9w0BAQsFAAOC
AQEAAxlcJp+yc1IOuBbid+i3Coq3aaptwiCPjiMaH32IcM7I91XqPZbzKmdRt25L
Nn2s8PRc/kes81sXx8rvuD8EwBNUByCRoRgpjG6LBMbaG/BJQ8Fni+eNxvtzujgn
TUrx4vIz/P8fNIpTQOdNFA50ZNL05ITWdqPks4zaTs4wGkBeZTSCqh+lmrN1JGuN
78Fw0hQQwUyerMqnRay7JaQ+h0w09OUW2vG++7ovjfP4ae04HV8m6TQ/a/QccSd8
6mvRgHjCZNq8a7GqA9W7d7FSsUQOtBlj/Nd9dfUNr+JznK8hu4uxq+dPmqQCQlid
0a47DjbVmUsrw/UL1zctSr9UGw==
-----END CERTIFICATE-----
Generated at Thu Mar 28 23:49:05 2024 by rpki-client on console-ams.rpki-client.org