Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/d2fa77ef-bb99-4f19-8aa0-97a54438d237/8f0882b7c48112a78f513951d00071a5a37f2215.roa
File:                     8f0882b7c48112a78f513951d00071a5a37f2215.roa (raw, json)
Hash identifier:          wY65Uh2vG1haiMhw5PD7F0v9Bm43NYE6Pu2B/6DoliI=
Subject key identifier:   C3:2A:56:EE:57:11:89:31:24:51:52:38:20:CA:F8:69:5C:AD:C4:D1
Certificate issuer:       /CN=2edc085c643dfc251027399f88d0a3502685b615
Certificate serial:       035F6E
Authority key identifier: 6D:6D:64:35:95:77:C1:8A:EC:9C:4D:06:6A:C2:C9:60:DA:F0:F6:9B
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/2edc085c643dfc251027399f88d0a3502685b615.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/d2fa77ef-bb99-4f19-8aa0-97a54438d237/8f0882b7c48112a78f513951d00071a5a37f2215.roa
Signing time:             Wed 24 Mar 2021 14:39:19 +0000
ROA not before:           Wed 24 Mar 2021 14:39:19 +0000
ROA not after:            Tue 24 Mar 2026 14:39:19 +0000
asID:                     270100
IP address blocks:        190.109.120.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/d2fa77ef-bb99-4f19-8aa0-97a54438d237/2edc085c643dfc251027399f88d0a3502685b615.crl
                          rsync://repository.lacnic.net/rpki/lacnic/d2fa77ef-bb99-4f19-8aa0-97a54438d237/2edc085c643dfc251027399f88d0a3502685b615.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/2edc085c643dfc251027399f88d0a3502685b615.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 19:38:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 221038 (0x35f6e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2edc085c643dfc251027399f88d0a3502685b615
        Validity
            Not Before: Mar 24 14:39:19 2021 GMT
            Not After : Mar 24 14:39:19 2026 GMT
        Subject: CN=8f0882b7c48112a78f513951d00071a5a37f2215
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:49:0c:d9:f1:95:fb:e2:73:9a:bf:a8:c2:49:
                    3d:5e:97:a2:5b:90:e5:9a:48:71:f8:39:41:22:3a:
                    91:0e:b5:4e:eb:f1:f6:fd:ff:66:af:be:9c:a6:d8:
                    db:51:c3:2c:a8:1a:05:4b:2b:b2:eb:d8:05:fc:23:
                    ce:52:44:53:01:16:56:b7:dd:89:5a:2a:12:8d:85:
                    21:52:08:09:d1:e7:c7:68:d3:60:76:b0:68:b0:3b:
                    d2:a1:19:92:b2:10:f9:9c:c9:f6:32:8c:4c:98:41:
                    2b:49:f1:34:24:bb:9b:de:2b:35:a0:9b:de:f7:30:
                    1d:4d:59:2e:0f:7e:1d:0a:78:f6:ea:0f:e8:0c:89:
                    88:b9:4a:bc:62:9c:23:15:77:e2:33:49:88:dc:d1:
                    4b:29:88:33:60:24:13:d4:4d:6d:bd:35:6a:c4:88:
                    c7:e6:2e:bb:43:56:47:b1:eb:e7:f6:69:d2:d0:0d:
                    6c:5a:d4:e7:ed:d3:e9:ce:ee:60:c2:2f:10:b3:0f:
                    e7:f7:a4:e3:4c:90:65:09:dc:a2:ea:91:92:49:91:
                    ff:55:78:d1:09:c9:09:0c:d8:05:f4:71:cd:23:1f:
                    c6:d3:61:48:a4:f4:39:5c:70:18:26:db:df:f3:e3:
                    90:6f:86:01:1e:7c:56:ac:4c:c0:0a:1a:ae:08:a8:
                    3b:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C3:2A:56:EE:57:11:89:31:24:51:52:38:20:CA:F8:69:5C:AD:C4:D1
            X509v3 Authority Key Identifier:
                keyid:6D:6D:64:35:95:77:C1:8A:EC:9C:4D:06:6A:C2:C9:60:DA:F0:F6:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/2edc085c643dfc251027399f88d0a3502685b615.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/d2fa77ef-bb99-4f19-8aa0-97a54438d237/8f0882b7c48112a78f513951d00071a5a37f2215.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/d2fa77ef-bb99-4f19-8aa0-97a54438d237/2edc085c643dfc251027399f88d0a3502685b615.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.109.120.0/22

    Signature Algorithm: sha256WithRSAEncryption
         2c:de:48:d0:0a:99:4d:b2:c5:02:95:bb:a2:97:98:60:b0:4a:
         0c:ad:f7:dd:31:8c:37:52:8e:c9:b9:87:b7:cd:44:5c:96:98:
         74:cf:fd:30:b7:75:69:48:2a:d8:20:65:a6:6b:4d:34:c5:b1:
         dd:2d:6e:cb:26:a7:da:fd:bc:5b:36:b1:18:71:f3:cb:b8:23:
         ad:14:2b:3a:ab:9e:6d:95:b4:6b:22:d0:42:d2:c6:be:9b:cf:
         50:2f:b8:e1:03:ee:93:d6:f4:cc:4a:07:e1:b9:8b:d6:73:34:
         20:a6:4c:73:cf:55:62:5d:e8:c6:20:28:0a:d4:b4:f6:66:37:
         c8:a5:78:f2:83:e9:24:fd:dc:5e:b1:b6:c8:a3:1a:cd:90:a2:
         c3:bf:cd:d5:34:94:14:77:68:f6:33:76:c5:0a:d0:f9:b2:0d:
         2f:b6:4a:f2:e1:03:b3:86:6a:9f:81:eb:c8:7c:18:0d:68:08:
         77:10:0b:14:b8:2e:2d:ed:b4:20:95:d4:14:15:ae:09:ce:dc:
         b0:12:a8:69:62:a2:32:f9:24:33:4d:e0:c8:06:4c:7c:32:a9:
         8a:0a:9c:55:6c:24:7b:a4:21:6d:d6:ab:f4:ba:d0:30:92:84:
         c5:37:76:56:1a:7e:60:d1:84:f3:ee:d8:da:6d:5e:66:a8:b4:
         14:e0:d3:90
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDA19uMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDJl
ZGMwODVjNjQzZGZjMjUxMDI3Mzk5Zjg4ZDBhMzUwMjY4NWI2MTUwHhcNMjEwMzI0
MTQzOTE5WhcNMjYwMzI0MTQzOTE5WjAzMTEwLwYDVQQDEyg4ZjA4ODJiN2M0ODEx
MmE3OGY1MTM5NTFkMDAwNzFhNWEzN2YyMjE1MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAp0kM2fGV++Jzmr+owkk9XpeiW5Dlmkhx+DlBIjqRDrVO6/H2
/f9mr76cptjbUcMsqBoFSyuy69gF/CPOUkRTARZWt92JWioSjYUhUggJ0efHaNNg
drBosDvSoRmSshD5nMn2MoxMmEErSfE0JLub3is1oJve9zAdTVkuD34dCnj26g/o
DImIuUq8YpwjFXfiM0mI3NFLKYgzYCQT1E1tvTVqxIjH5i67Q1ZHsevn9mnS0A1s
WtTn7dPpzu5gwi8Qsw/n96TjTJBlCdyi6pGSSZH/VXjRCckJDNgF9HHNIx/G02FI
pPQ5XHAYJtvf8+OQb4YBHnxWrEzAChquCKg7uwIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFMMqVu5XEYkxJFFSOCDK+GlcrcTRMB8GA1UdIwQYMBaAFG1tZDWVd8GK7JxN
BmrCyWDa8PabMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvMmVkYzA4
NWM2NDNkZmMyNTEwMjczOTlmODhkMGEzNTAyNjg1YjYxNS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvZDJmYTc3ZWYtYmI5OS00ZjE5LThhYTAtOTdhNTQ0
MzhkMjM3LzhmMDg4MmI3YzQ4MTEyYTc4ZjUxMzk1MWQwMDA3MWE1YTM3ZjIyMTUu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9kMmZhNzdlZi1iYjk5LTRmMTktOGFhMC05N2E1
NDQzOGQyMzcvMmVkYzA4NWM2NDNkZmMyNTEwMjczOTlmODhkMGEzNTAyNjg1YjYx
NS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAr5teDANBgkqhkiG9w0BAQsFAAOCAQEALN5I0AqZTbLFApW7
opeYYLBKDK333TGMN1KOybmHt81EXJaYdM/9MLd1aUgq2CBlpmtNNMWx3S1uyyan
2v28WzaxGHHzy7gjrRQrOquebZW0ayLQQtLGvpvPUC+44QPuk9b0zEoH4bmL1nM0
IKZMc89VYl3oxiAoCtS09mY3yKV48oPpJP3cXrG2yKMazZCiw7/N1TSUFHdo9jN2
xQrQ+bINL7ZK8uEDs4Zqn4HryHwYDWgIdxALFLguLe20IJXUFBWuCc7csBKoaWKi
MvkkM03gyAZMfDKpigqcVWwke6Qhbdar9LrQMJKExTd2Vhp+YNGE8+7Y2m1eZqi0
FODTkA==
-----END CERTIFICATE-----
Generated at Fri Mar 29 02:33:44 2024 by rpki-client on console-fra.rpki-client.org