Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/d2356873-54df-4a2d-8734-524b0d50fda2/5a772586a2fa150a697c5bb8bc301cad15ef014a.roa
File:                     5a772586a2fa150a697c5bb8bc301cad15ef014a.roa (raw, json)
Hash identifier:          EzsVRUVUY0h2DkpFlAX0ROSxg0tVSSHdWd4rPZ0KZzs=
Subject key identifier:   BE:F2:37:BD:C6:3E:FF:95:60:CA:DE:78:E8:36:1E:9B:0D:6A:FC:FB
Certificate issuer:       /CN=5b57ec865ac261e0ae36d05374102c7827e41e4c
Certificate serial:       3DBB
Authority key identifier: 93:20:ED:01:88:81:BB:02:C8:2D:EA:13:20:D6:89:79:B8:68:A0:E7
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/5b57ec865ac261e0ae36d05374102c7827e41e4c.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/d2356873-54df-4a2d-8734-524b0d50fda2/5a772586a2fa150a697c5bb8bc301cad15ef014a.roa
Signing time:             Mon 17 Oct 2022 19:15:28 +0000
ROA not before:           Sun 16 Oct 2022 19:12:35 +0000
ROA not after:            Thu 17 Oct 2024 19:12:35 +0000
asID:                     7155
IP address blocks:        190.52.118.0/24 maxlen: 24
                          190.52.120.0/24 maxlen: 24
                          190.52.122.0/24 maxlen: 24
                          190.52.124.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/d2356873-54df-4a2d-8734-524b0d50fda2/5b57ec865ac261e0ae36d05374102c7827e41e4c.crl
                          rsync://repository.lacnic.net/rpki/lacnic/d2356873-54df-4a2d-8734-524b0d50fda2/5b57ec865ac261e0ae36d05374102c7827e41e4c.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/5b57ec865ac261e0ae36d05374102c7827e41e4c.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 19:38:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 15803 (0x3dbb)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5b57ec865ac261e0ae36d05374102c7827e41e4c
        Validity
            Not Before: Oct 16 19:12:35 2022 GMT
            Not After : Oct 17 19:12:35 2024 GMT
        Subject: CN=5a772586a2fa150a697c5bb8bc301cad15ef014a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:d6:6d:55:48:ff:11:e8:c0:4e:88:b9:de:86:
                    a9:fa:11:70:44:ca:02:2f:57:5d:15:82:dc:fe:d1:
                    59:24:be:56:a2:ec:f0:83:bd:c0:ff:f6:5d:29:61:
                    a0:c4:56:5e:44:fa:12:34:6e:0e:ad:e2:7d:6d:35:
                    db:8d:37:28:bf:3e:1e:20:c8:73:a5:fa:7e:ac:d8:
                    af:09:07:1f:d6:93:61:a9:d1:c3:43:86:3c:b4:83:
                    60:ad:2d:27:67:f1:fd:b9:ec:c0:96:9d:e6:c0:b4:
                    46:8e:0e:9d:92:42:ff:ad:f4:9a:3a:43:ad:71:20:
                    21:53:7e:bb:88:5d:33:ec:8a:56:c5:25:0c:21:27:
                    64:fa:9d:f9:ca:cd:ca:2e:37:92:f2:c2:12:6b:85:
                    e8:5a:3d:9e:1e:86:54:87:d4:31:e6:56:9a:e0:8b:
                    b7:42:5b:43:59:1f:76:29:f4:0d:f8:08:5d:e4:1e:
                    e2:8e:02:ff:fd:c5:ba:d0:5f:ff:62:5b:6d:27:dd:
                    4e:21:9b:05:72:5b:0b:df:ae:93:83:63:b4:98:26:
                    16:8f:7d:80:6e:2d:56:97:ea:72:85:d9:dd:33:7e:
                    64:59:a6:dc:38:97:17:7a:40:06:4f:8e:2b:9e:66:
                    12:0c:18:a6:b3:ef:57:23:ba:30:92:d8:f2:18:c2:
                    26:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BE:F2:37:BD:C6:3E:FF:95:60:CA:DE:78:E8:36:1E:9B:0D:6A:FC:FB
            X509v3 Authority Key Identifier:
                keyid:93:20:ED:01:88:81:BB:02:C8:2D:EA:13:20:D6:89:79:B8:68:A0:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/5b57ec865ac261e0ae36d05374102c7827e41e4c.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/d2356873-54df-4a2d-8734-524b0d50fda2/5a772586a2fa150a697c5bb8bc301cad15ef014a.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/d2356873-54df-4a2d-8734-524b0d50fda2/5b57ec865ac261e0ae36d05374102c7827e41e4c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.52.118.0/24
                  190.52.120.0/24
                  190.52.122.0/24
                  190.52.124.0/24

    Signature Algorithm: sha256WithRSAEncryption
         88:de:83:45:b6:f9:bf:4a:79:84:3a:8a:b4:cc:4b:51:79:14:
         5d:d1:b8:aa:a1:c4:a0:ea:46:7e:38:8f:39:73:5f:1f:f9:d3:
         00:e4:e2:2e:0a:81:62:d3:1b:4b:6d:25:04:89:3f:ac:fb:d8:
         23:ab:af:25:72:32:58:71:ba:64:98:ad:c6:fe:26:47:a8:bf:
         d0:6b:89:3d:13:80:c1:0c:e6:d9:55:42:41:e1:27:b4:af:be:
         8f:77:bc:36:cc:8e:f9:b4:66:68:82:c7:55:37:f4:31:0c:7c:
         bf:a7:8e:4e:f0:24:b0:8e:e6:f8:e1:a4:10:b0:b6:e1:75:c5:
         4c:af:0d:2a:31:4b:00:25:c0:b0:a5:8a:a8:dd:85:a7:1f:12:
         3f:d6:de:61:54:f8:6b:df:56:31:15:74:00:14:a2:80:3a:6f:
         51:65:40:76:2e:c4:d6:6f:ed:a0:9a:c0:78:a7:bf:0a:16:24:
         f1:a8:f8:43:9a:e2:90:92:ff:8b:a0:12:40:62:c3:cc:e7:b6:
         70:49:dc:37:b5:c8:69:57:f6:3b:4f:48:37:66:c3:85:f6:7c:
         09:86:cd:ca:ca:3a:a4:41:a1:e7:55:84:10:5d:ca:d3:a8:e3:
         82:de:88:4a:db:fc:34:0d:dd:26:02:73:91:c5:8d:c7:c4:5d:
         cc:23:20:63
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgICPbswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNWI1
N2VjODY1YWMyNjFlMGFlMzZkMDUzNzQxMDJjNzgyN2U0MWU0YzAeFw0yMjEwMTYx
OTEyMzVaFw0yNDEwMTcxOTEyMzVaMDMxMTAvBgNVBAMTKDVhNzcyNTg2YTJmYTE1
MGE2OTdjNWJiOGJjMzAxY2FkMTVlZjAxNGEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCK1m1VSP8R6MBOiLnehqn6EXBEygIvV10Vgtz+0Vkkvlai7PCD
vcD/9l0pYaDEVl5E+hI0bg6t4n1tNduNNyi/Ph4gyHOl+n6s2K8JBx/Wk2Gp0cND
hjy0g2CtLSdn8f257MCWnebAtEaODp2SQv+t9Jo6Q61xICFTfruIXTPsilbFJQwh
J2T6nfnKzcouN5LywhJrhehaPZ4ehlSH1DHmVprgi7dCW0NZH3Yp9A34CF3kHuKO
Av/9xbrQX/9iW20n3U4hmwVyWwvfrpODY7SYJhaPfYBuLVaX6nKF2d0zfmRZptw4
lxd6QAZPjiueZhIMGKaz71cjujCS2PIYwibPAgMBAAGjggJtMIICaTAdBgNVHQ4E
FgQUvvI3vcY+/5Vgyt546DYemw1q/PswHwYDVR0jBBgwFoAUkyDtAYiBuwLILeoT
INaJebhooOcwDgYDVR0PAQH/BAQDAgeAMIGaBggrBgEFBQcBAQSBjTCBijCBhwYI
KwYBBQUHMAKGe3JzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jwa2kvbGFj
bmljLzQ4ZjA4M2JiLWY2MDMtNDg5My05OTkwLTAyODRjMDRjZWI4NS81YjU3ZWM4
NjVhYzI2MWUwYWUzNmQwNTM3NDEwMmM3ODI3ZTQxZTRjLmNlcjCBmgYIKwYBBQUH
AQsEgY0wgYowgYcGCCsGAQUFBzALhntyc3luYzovL3JlcG9zaXRvcnkubGFjbmlj
Lm5ldC9ycGtpL2xhY25pYy9kMjM1Njg3My01NGRmLTRhMmQtODczNC01MjRiMGQ1
MGZkYTIvNWE3NzI1ODZhMmZhMTUwYTY5N2M1YmI4YmMzMDFjYWQxNWVmMDE0YS5y
b2EwgY8GA1UdHwSBhzCBhDCBgaB/oH2Ge3JzeW5jOi8vcmVwb3NpdG9yeS5sYWNu
aWMubmV0L3Jwa2kvbGFjbmljL2QyMzU2ODczLTU0ZGYtNGEyZC04NzM0LTUyNGIw
ZDUwZmRhMi81YjU3ZWM4NjVhYzI2MWUwYWUzNmQwNTM3NDEwMmM3ODI3ZTQxZTRj
LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIw
IDAeBAIAATAYAwQAvjR2AwQAvjR4AwQAvjR6AwQAvjR8MA0GCSqGSIb3DQEBCwUA
A4IBAQCI3oNFtvm/SnmEOoq0zEtReRRd0biqocSg6kZ+OI85c18f+dMA5OIuCoFi
0xtLbSUEiT+s+9gjq68lcjJYcbpkmK3G/iZHqL/Qa4k9E4DBDObZVUJB4Se0r76P
d7w2zI75tGZogsdVN/QxDHy/p45O8CSwjub44aQQsLbhdcVMrw0qMUsAJcCwpYqo
3YWnHxI/1t5hVPhr31YxFXQAFKKAOm9RZUB2LsTWb+2gmsB4p78KFiTxqPhDmuKQ
kv+LoBJAYsPM57ZwSdw3tchpV/Y7T0g3ZsOF9nwJhs3KyjqkQaHnVYQQXcrTqOOC
3ohK2/w0Dd0mAnORxY3HxF3MIyBj
-----END CERTIFICATE-----
Generated at Thu Mar 28 22:20:28 2024 by rpki-client on console-fra.rpki-client.org