Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/e5420f1d-2b24-42ec-9cc9-1518366291d1/ece5726d0e23c45f85340ae3e9a33e87d877c084.roa
File:                     ece5726d0e23c45f85340ae3e9a33e87d877c084.roa (raw, json)
Hash identifier:          CtLhLOgRlBrePbXdvbHRmzLc2bk5ghgTSTQ8cOLfDZ8=
Subject key identifier:   0B:68:0B:9D:5B:2C:F4:49:B2:FB:C1:7A:9E:C7:1B:A6:F3:B4:FC:D3
Certificate issuer:       /CN=457cfb45d8f3fe402bf47955d0dbd1109e072f12
Certificate serial:       0E3628
Authority key identifier: 5C:E6:2F:26:51:B8:11:C8:2E:0A:81:FE:80:79:D0:AB:E9:36:6B:8D
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/457cfb45d8f3fe402bf47955d0dbd1109e072f12.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/e5420f1d-2b24-42ec-9cc9-1518366291d1/ece5726d0e23c45f85340ae3e9a33e87d877c084.roa
Signing time:             Wed 21 Apr 2021 12:11:19 +0000
ROA not before:           Wed 24 Mar 2021 03:00:00 +0000
ROA not after:            Tue 24 Mar 2026 03:00:00 +0000
asID:                     262230
IP address blocks:        190.106.40.0/21 maxlen: 24
                          2803:c00::/32 maxlen: 48

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/e5420f1d-2b24-42ec-9cc9-1518366291d1/457cfb45d8f3fe402bf47955d0dbd1109e072f12.crl
                          rsync://repository.lacnic.net/rpki/lacnic/e5420f1d-2b24-42ec-9cc9-1518366291d1/457cfb45d8f3fe402bf47955d0dbd1109e072f12.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/457cfb45d8f3fe402bf47955d0dbd1109e072f12.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 01 Apr 2024 05:58:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 931368 (0xe3628)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=457cfb45d8f3fe402bf47955d0dbd1109e072f12
        Validity
            Not Before: Mar 24 03:00:00 2021 GMT
            Not After : Mar 24 03:00:00 2026 GMT
        Subject: CN=ece5726d0e23c45f85340ae3e9a33e87d877c084
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:d7:7e:ab:25:5e:49:8e:e7:8c:f6:51:e6:c5:
                    4f:29:f0:59:fb:1f:69:05:01:3a:5f:ca:33:70:85:
                    4c:c9:8f:c8:f5:eb:0c:b9:46:16:c2:c3:18:c9:21:
                    a3:04:d9:ae:54:ee:bf:ac:1e:58:8a:80:46:87:01:
                    a8:bc:2c:e5:da:ee:d5:ea:18:46:b3:61:20:2c:4c:
                    8f:51:68:bc:ad:1b:6e:bc:89:1e:fa:55:01:43:ac:
                    74:bf:ba:53:6d:7a:2a:7a:b6:f0:af:8e:d4:75:a3:
                    a2:f3:75:04:1f:25:22:c5:ca:0f:5f:05:37:90:61:
                    47:b7:bc:04:7d:00:4c:55:a2:11:9c:db:b7:57:c7:
                    d4:08:0f:e3:5c:e5:25:50:78:9c:1a:2c:a0:54:96:
                    4d:2a:f2:3a:e7:27:04:38:db:11:b8:cf:5a:35:a6:
                    3d:13:7a:a9:73:c4:12:58:8c:74:1a:4f:82:f5:c0:
                    12:03:0e:6b:29:ed:c7:fe:21:8d:84:a0:9e:d0:0c:
                    49:d2:c2:69:29:c7:88:92:48:52:5a:fd:ba:0a:7a:
                    22:c0:7f:03:d1:5c:26:61:18:a6:83:16:b6:6f:93:
                    6f:12:4e:4f:f0:43:61:1b:1e:3a:9a:f0:51:00:2d:
                    ac:51:90:cc:97:04:b6:b0:ff:6b:cc:8e:59:f4:8a:
                    e9:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0B:68:0B:9D:5B:2C:F4:49:B2:FB:C1:7A:9E:C7:1B:A6:F3:B4:FC:D3
            X509v3 Authority Key Identifier:
                keyid:5C:E6:2F:26:51:B8:11:C8:2E:0A:81:FE:80:79:D0:AB:E9:36:6B:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/457cfb45d8f3fe402bf47955d0dbd1109e072f12.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/e5420f1d-2b24-42ec-9cc9-1518366291d1/ece5726d0e23c45f85340ae3e9a33e87d877c084.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/e5420f1d-2b24-42ec-9cc9-1518366291d1/457cfb45d8f3fe402bf47955d0dbd1109e072f12.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.106.40.0/21
                IPv6:
                  2803:c00::/32

    Signature Algorithm: sha256WithRSAEncryption
         1a:5b:6c:ee:5f:a7:31:5e:61:a0:75:26:db:05:68:ba:5a:ce:
         ac:3d:ec:ed:bc:e3:02:2a:ba:13:25:5d:97:55:e7:df:0a:65:
         5d:85:02:08:31:95:ee:2f:b6:17:fc:b8:20:80:12:42:c5:63:
         57:65:e6:64:a1:94:49:9e:d5:f4:ca:5a:88:bf:ba:7b:03:74:
         4c:59:e6:38:54:b0:dd:ce:40:69:01:e1:86:64:8d:f4:11:df:
         26:84:a5:81:7a:d4:fb:72:ba:9f:57:ca:e2:e4:78:0b:1c:a9:
         e2:ad:3c:03:62:4c:92:fe:33:87:f1:5b:e3:db:64:01:91:76:
         ac:0e:a3:81:6d:a8:97:89:60:f8:81:0a:ce:40:86:1a:62:31:
         75:6a:85:79:06:16:b4:fe:99:e5:80:7a:43:7e:43:54:18:fb:
         41:8a:a6:04:b5:97:fd:ac:73:1a:d8:60:76:04:a2:7f:34:44:
         fc:46:d4:93:aa:16:51:2c:f4:e3:81:da:55:e0:39:ec:7d:68:
         5c:5a:41:6c:8c:b7:48:26:d4:d2:ee:d1:6e:b7:8d:ef:c6:20:
         d2:99:7e:64:84:b0:43:90:4f:3e:42:b1:11:2e:a2:a2:81:27:
         eb:56:0e:06:7b:e5:f7:4b:c8:a5:56:5e:d2:9e:02:fb:c1:ed:
         64:3b:bc:ac
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgIDDjYoMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDQ1
N2NmYjQ1ZDhmM2ZlNDAyYmY0Nzk1NWQwZGJkMTEwOWUwNzJmMTIwHhcNMjEwMzI0
MDMwMDAwWhcNMjYwMzI0MDMwMDAwWjAzMTEwLwYDVQQDEyhlY2U1NzI2ZDBlMjNj
NDVmODUzNDBhZTNlOWEzM2U4N2Q4NzdjMDg0MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA09d+qyVeSY7njPZR5sVPKfBZ+x9pBQE6X8ozcIVMyY/I9esM
uUYWwsMYySGjBNmuVO6/rB5YioBGhwGovCzl2u7V6hhGs2EgLEyPUWi8rRtuvIke
+lUBQ6x0v7pTbXoqerbwr47UdaOi83UEHyUixcoPXwU3kGFHt7wEfQBMVaIRnNu3
V8fUCA/jXOUlUHicGiygVJZNKvI65ycEONsRuM9aNaY9E3qpc8QSWIx0Gk+C9cAS
Aw5rKe3H/iGNhKCe0AxJ0sJpKceIkkhSWv26CnoiwH8D0VwmYRimgxa2b5NvEk5P
8ENhGx46mvBRAC2sUZDMlwS2sP9rzI5Z9Irp9wIDAQABo4ICajCCAmYwHQYDVR0O
BBYEFAtoC51bLPRJsvvBep7HG6bztPzTMB8GA1UdIwQYMBaAFFzmLyZRuBHILgqB
/oB50KvpNmuNMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvNDU3Y2Zi
NDVkOGYzZmU0MDJiZjQ3OTU1ZDBkYmQxMTA5ZTA3MmYxMi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvZTU0MjBmMWQtMmIyNC00MmVjLTljYzktMTUxODM2
NjI5MWQxL2VjZTU3MjZkMGUyM2M0NWY4NTM0MGFlM2U5YTMzZTg3ZDg3N2MwODQu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9lNTQyMGYxZC0yYjI0LTQyZWMtOWNjOS0xNTE4
MzY2MjkxZDEvNDU3Y2ZiNDVkOGYzZmU0MDJiZjQ3OTU1ZDBkYmQxMTA5ZTA3MmYx
Mi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQf
MB0wDAQCAAEwBgMEA75qKDANBAIAAjAHAwUAKAMMADANBgkqhkiG9w0BAQsFAAOC
AQEAGlts7l+nMV5hoHUm2wVoulrOrD3s7bzjAiq6EyVdl1Xn3wplXYUCCDGV7i+2
F/y4IIASQsVjV2XmZKGUSZ7V9MpaiL+6ewN0TFnmOFSw3c5AaQHhhmSN9BHfJoSl
gXrU+3K6n1fK4uR4Cxyp4q08A2JMkv4zh/Fb49tkAZF2rA6jgW2ol4lg+IEKzkCG
GmIxdWqFeQYWtP6Z5YB6Q35DVBj7QYqmBLWX/axzGthgdgSifzRE/EbUk6oWUSz0
44HaVeA57H1oXFpBbIy3SCbU0u7RbreN78Yg0pl+ZISwQ5BPPkKxES6iooEn61YO
Bnvl90vIpVZe0p4C+8HtZDu8rA==
-----END CERTIFICATE-----
Generated at Fri Mar 29 08:55:33 2024 by rpki-client on console-fra.rpki-client.org