Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/d8a8aa86-e86b-4ffa-92f9-b565404f4659/843a6a23028ad3d7720a755f7bcac79e66687465.roa
File:                     843a6a23028ad3d7720a755f7bcac79e66687465.roa (raw, json)
Hash identifier:          ChfOIsVN8MaeeHOYK6EoBPidHX8YoOB1lHrxuSIPy/M=
Subject key identifier:   FF:EA:0B:AB:EE:D2:2F:F9:5C:75:91:30:74:C5:8F:32:7D:F2:C2:5A
Certificate issuer:       /CN=ebedcbcfe1c07143badb5838ff5d6bc181610b63
Certificate serial:       1A906C
Authority key identifier: 25:53:59:E0:40:45:3E:61:A0:1A:06:3F:37:00:E5:35:C3:07:D2:13
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ebedcbcfe1c07143badb5838ff5d6bc181610b63.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/d8a8aa86-e86b-4ffa-92f9-b565404f4659/843a6a23028ad3d7720a755f7bcac79e66687465.roa
Signing time:             Thu 29 Jun 2023 21:45:46 +0000
ROA not before:           Wed 28 Jun 2023 21:45:46 +0000
ROA not after:            Sun 29 Jun 2025 21:45:46 +0000
asID:                     52409
IP address blocks:        190.120.176.0/20 maxlen: 24
                          2803:9100::/32 maxlen: 48

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/d8a8aa86-e86b-4ffa-92f9-b565404f4659/ebedcbcfe1c07143badb5838ff5d6bc181610b63.crl
                          rsync://repository.lacnic.net/rpki/lacnic/d8a8aa86-e86b-4ffa-92f9-b565404f4659/ebedcbcfe1c07143badb5838ff5d6bc181610b63.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ebedcbcfe1c07143badb5838ff5d6bc181610b63.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Tue 27 Feb 2024 12:23:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1740908 (0x1a906c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ebedcbcfe1c07143badb5838ff5d6bc181610b63
        Validity
            Not Before: Jun 28 21:45:46 2023 GMT
            Not After : Jun 29 21:45:46 2025 GMT
        Subject: CN=843a6a23028ad3d7720a755f7bcac79e66687465
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:02:74:34:70:61:84:fa:73:45:09:13:5d:0f:
                    45:63:99:7f:61:ab:4b:a8:36:8b:39:0d:aa:11:d8:
                    61:50:02:51:cd:aa:20:ca:40:4f:4e:c3:65:51:d0:
                    57:d9:29:28:5a:88:16:7b:44:1f:21:d3:fd:2f:91:
                    e1:20:ab:cb:9e:9f:f4:7e:6c:63:bc:8f:7a:fd:cd:
                    aa:40:39:bc:11:cb:8b:e3:37:3b:02:81:f9:51:9c:
                    25:f4:c3:dd:ce:63:09:5f:25:dd:9b:04:b4:83:0a:
                    5b:1d:0a:ff:1d:3d:64:fc:75:d0:f0:22:9b:4f:6e:
                    36:08:67:c0:99:b3:a1:97:d5:2b:8f:5b:fe:1e:18:
                    55:a2:f6:16:71:f4:73:a6:32:70:b4:df:4b:c5:e6:
                    d7:31:9c:1e:62:c0:ba:d9:4f:06:20:76:c3:81:62:
                    cb:36:a5:b0:97:03:54:c9:28:9f:63:6a:a2:36:fe:
                    2a:15:50:b6:e5:7a:f2:86:71:2f:13:e5:17:59:93:
                    e8:a3:04:10:9a:18:df:85:17:36:98:e9:a3:04:98:
                    4c:9b:24:7e:f5:6c:79:d4:6d:a5:0d:51:ba:9c:dc:
                    94:80:d8:85:ee:8d:55:46:a1:c9:c8:61:a6:27:08:
                    be:51:0b:67:8c:bf:86:7a:50:ef:55:2a:7b:5b:18:
                    01:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FF:EA:0B:AB:EE:D2:2F:F9:5C:75:91:30:74:C5:8F:32:7D:F2:C2:5A
            X509v3 Authority Key Identifier:
                keyid:25:53:59:E0:40:45:3E:61:A0:1A:06:3F:37:00:E5:35:C3:07:D2:13

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ebedcbcfe1c07143badb5838ff5d6bc181610b63.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/d8a8aa86-e86b-4ffa-92f9-b565404f4659/843a6a23028ad3d7720a755f7bcac79e66687465.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/d8a8aa86-e86b-4ffa-92f9-b565404f4659/ebedcbcfe1c07143badb5838ff5d6bc181610b63.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.120.176.0/20
                IPv6:
                  2803:9100::/32

    Signature Algorithm: sha256WithRSAEncryption
         48:c9:38:20:7e:83:b1:cc:c6:b9:92:90:a8:3d:a7:9d:f4:71:
         75:06:2c:89:6d:bc:49:6d:49:82:58:db:6b:f6:fd:16:54:6f:
         89:9b:bb:a2:d0:01:70:08:64:63:ef:be:f6:0c:e0:b5:8b:7c:
         39:03:c1:41:e2:bb:ee:5a:85:53:2f:d7:24:82:23:0f:7c:bb:
         76:d7:3c:29:48:88:d8:03:d6:b7:1c:23:60:51:7c:af:5f:2a:
         a1:af:b8:e0:20:3d:92:8a:0c:6c:20:4a:06:61:ff:b8:31:95:
         b5:0a:78:da:30:85:73:d7:a7:9a:f2:e8:66:e5:32:9b:b9:dc:
         53:52:74:6c:89:57:3b:dc:f6:74:d6:8e:0e:d2:3d:a9:88:bc:
         fc:be:6b:ce:e9:b9:ca:bd:89:9d:81:22:e0:62:07:1d:9a:b5:
         99:39:cc:9c:1c:a9:f6:cf:a1:15:71:fa:2b:93:5f:07:e7:c5:
         57:f2:e4:a2:ae:79:16:df:c8:b2:4e:d7:c9:81:fe:cf:bd:37:
         b1:07:ce:bd:c6:7f:9e:1c:a6:2f:b2:d8:ba:4b:81:70:e9:1a:
         41:6f:1d:bc:d7:12:b1:bd:6a:27:57:e7:61:82:55:c2:b1:dd:
         ad:f8:80:7b:34:6f:a3:2a:f6:f1:37:cc:a4:89:2e:bb:69:8f:
         d9:c1:27:1d
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgIDGpBsMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGVi
ZWRjYmNmZTFjMDcxNDNiYWRiNTgzOGZmNWQ2YmMxODE2MTBiNjMwHhcNMjMwNjI4
MjE0NTQ2WhcNMjUwNjI5MjE0NTQ2WjAzMTEwLwYDVQQDEyg4NDNhNmEyMzAyOGFk
M2Q3NzIwYTc1NWY3YmNhYzc5ZTY2Njg3NDY1MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAhgJ0NHBhhPpzRQkTXQ9FY5l/YatLqDaLOQ2qEdhhUAJRzaog
ykBPTsNlUdBX2SkoWogWe0QfIdP9L5HhIKvLnp/0fmxjvI96/c2qQDm8EcuL4zc7
AoH5UZwl9MPdzmMJXyXdmwS0gwpbHQr/HT1k/HXQ8CKbT242CGfAmbOhl9Urj1v+
HhhVovYWcfRzpjJwtN9LxebXMZweYsC62U8GIHbDgWLLNqWwlwNUySifY2qiNv4q
FVC25XryhnEvE+UXWZPoowQQmhjfhRc2mOmjBJhMmyR+9Wx51G2lDVG6nNyUgNiF
7o1VRqHJyGGmJwi+UQtnjL+GelDvVSp7WxgBZwIDAQABo4ICajCCAmYwHQYDVR0O
BBYEFP/qC6vu0i/5XHWRMHTFjzJ98sJaMB8GA1UdIwQYMBaAFCVTWeBART5hoBoG
PzcA5TXDB9ITMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvZWJlZGNi
Y2ZlMWMwNzE0M2JhZGI1ODM4ZmY1ZDZiYzE4MTYxMGI2My5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvZDhhOGFhODYtZTg2Yi00ZmZhLTkyZjktYjU2NTQw
NGY0NjU5Lzg0M2E2YTIzMDI4YWQzZDc3MjBhNzU1ZjdiY2FjNzllNjY2ODc0NjUu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9kOGE4YWE4Ni1lODZiLTRmZmEtOTJmOS1iNTY1
NDA0ZjQ2NTkvZWJlZGNiY2ZlMWMwNzE0M2JhZGI1ODM4ZmY1ZDZiYzE4MTYxMGI2
My5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQf
MB0wDAQCAAEwBgMEBL54sDANBAIAAjAHAwUAKAORADANBgkqhkiG9w0BAQsFAAOC
AQEASMk4IH6DsczGuZKQqD2nnfRxdQYsiW28SW1Jgljba/b9FlRviZu7otABcAhk
Y+++9gzgtYt8OQPBQeK77lqFUy/XJIIjD3y7dtc8KUiI2APWtxwjYFF8r18qoa+4
4CA9kooMbCBKBmH/uDGVtQp42jCFc9enmvLoZuUym7ncU1J0bIlXO9z2dNaODtI9
qYi8/L5rzum5yr2JnYEi4GIHHZq1mTnMnByp9s+hFXH6K5NfB+fFV/Lkoq55Ft/I
sk7XyYH+z703sQfOvcZ/nhymL7LYukuBcOkaQW8dvNcSsb1qJ1fnYYJVwrHdrfiA
ezRvoyr28TfMpIkuu2mP2cEnHQ==
-----END CERTIFICATE-----
Generated at Sat Feb 24 21:47:14 2024 by rpki-client on console-ams.rpki-client.org