Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/e6be347d-7bf1-4135-9b8f-3bf7977b2d8a/00fbfb0227ec103267d2b2a5de2fe85b7729c9c8.roa
File:                     00fbfb0227ec103267d2b2a5de2fe85b7729c9c8.roa (raw, json)
Hash identifier:          MhMc+9OCHlye2IFw43X2vxs7VzEEUaBthtzRFNTqeC0=
Subject key identifier:   33:63:16:D7:8E:DF:C8:A9:03:A7:ED:75:03:27:89:61:7F:A0:7E:DA
Certificate issuer:       /CN=b9674112d06595f2d6b84802ac8416687159afd1
Certificate serial:       0D3AE6
Authority key identifier: 54:08:20:24:F6:0A:38:3E:38:22:4F:8F:77:77:E2:E5:35:5E:9F:24
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/b9674112d06595f2d6b84802ac8416687159afd1.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/e6be347d-7bf1-4135-9b8f-3bf7977b2d8a/00fbfb0227ec103267d2b2a5de2fe85b7729c9c8.roa
Signing time:             Wed 24 Mar 2021 14:34:05 +0000
ROA not before:           Wed 24 Mar 2021 14:34:05 +0000
ROA not after:            Tue 24 Mar 2026 14:34:05 +0000
asID:                     262237
IP address blocks:        190.196.209.0/24 maxlen: 24
                          190.196.210.0/24 maxlen: 24
                          190.196.212.0/24 maxlen: 24
                          190.196.216.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/e6be347d-7bf1-4135-9b8f-3bf7977b2d8a/b9674112d06595f2d6b84802ac8416687159afd1.crl
                          rsync://repository.lacnic.net/rpki/lacnic/e6be347d-7bf1-4135-9b8f-3bf7977b2d8a/b9674112d06595f2d6b84802ac8416687159afd1.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/b9674112d06595f2d6b84802ac8416687159afd1.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 03:49:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 867046 (0xd3ae6)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b9674112d06595f2d6b84802ac8416687159afd1
        Validity
            Not Before: Mar 24 14:34:05 2021 GMT
            Not After : Mar 24 14:34:05 2026 GMT
        Subject: CN=00fbfb0227ec103267d2b2a5de2fe85b7729c9c8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:7c:38:a5:d0:23:2c:fc:69:8c:5e:e8:2e:47:
                    d9:2b:9f:5e:80:9a:d1:d8:cc:1c:d2:33:68:c7:6f:
                    16:fc:4a:7e:68:1d:6a:44:3a:28:f1:ff:78:cf:13:
                    e8:ef:e5:b4:86:70:99:48:d5:fe:95:e9:cb:4e:5e:
                    b2:0c:97:0c:7b:5f:3e:2c:5e:44:79:f7:04:d3:ef:
                    b4:bc:24:84:f7:00:1c:5e:31:a5:ab:fb:90:7b:e0:
                    44:95:f2:a3:7c:49:27:8c:89:fc:24:f0:81:90:c7:
                    ff:29:a9:c0:7a:8a:46:c0:9f:f0:95:44:1a:dd:1e:
                    1c:2d:87:0f:f1:42:f1:35:ac:be:ce:f0:fb:de:ed:
                    9f:b8:d7:1c:cb:f4:ae:1d:de:1c:34:8b:de:fb:3b:
                    9f:20:69:35:aa:03:69:ff:e5:b4:47:8b:4a:ea:18:
                    7d:3a:ef:ed:34:96:0b:ce:6c:e2:f3:e9:a5:dc:23:
                    c5:81:31:ad:dd:3c:b0:89:46:0a:bc:4c:dc:b9:c8:
                    71:e5:36:ef:4c:f8:62:d0:dc:c1:1c:66:29:86:8c:
                    30:c9:5d:bf:b5:49:5e:84:c8:f5:fb:38:73:7d:97:
                    66:4a:7e:22:6e:0f:99:af:e6:08:c1:de:f9:34:3a:
                    63:b3:a6:8f:fe:9a:31:8e:6e:b5:2f:84:b1:2d:37:
                    f2:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                33:63:16:D7:8E:DF:C8:A9:03:A7:ED:75:03:27:89:61:7F:A0:7E:DA
            X509v3 Authority Key Identifier:
                keyid:54:08:20:24:F6:0A:38:3E:38:22:4F:8F:77:77:E2:E5:35:5E:9F:24

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/b9674112d06595f2d6b84802ac8416687159afd1.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/e6be347d-7bf1-4135-9b8f-3bf7977b2d8a/00fbfb0227ec103267d2b2a5de2fe85b7729c9c8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/e6be347d-7bf1-4135-9b8f-3bf7977b2d8a/b9674112d06595f2d6b84802ac8416687159afd1.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.196.209.0-190.196.210.255
                  190.196.212.0/24
                  190.196.216.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0b:04:54:af:5a:25:a5:67:1a:94:4a:47:0f:89:7d:8f:fe:33:
         52:a3:bc:a9:e6:b4:9c:31:c9:da:0c:c8:bf:d6:71:c1:ca:51:
         8e:e8:cf:91:f0:bb:62:71:d7:c9:e9:25:23:af:bd:3f:ac:31:
         e5:4c:8b:bf:1a:7d:dc:8b:85:f5:60:3f:9d:da:00:e5:8f:72:
         26:9a:20:bd:7c:8a:1e:45:40:15:03:3e:64:f9:3e:c3:c9:8e:
         f6:35:ed:7c:b4:8c:c1:54:a8:0c:f8:94:29:0b:1b:df:4e:3c:
         9f:c8:b0:f9:cd:9b:fd:b0:b8:ed:30:70:ad:43:2d:e9:fd:5a:
         11:d9:2d:b4:63:a2:f2:9f:31:4b:17:b5:ae:23:ed:91:58:c0:
         7a:e1:de:50:9f:57:fc:f8:06:f2:f0:b8:3b:5f:ed:cf:35:68:
         30:79:df:82:1f:d0:5f:83:4e:1f:31:9b:2b:8e:bb:db:1f:c9:
         36:f5:81:35:cc:2b:4a:74:e6:2a:d1:7a:5a:89:d8:00:06:7a:
         e3:c9:a3:e8:27:c5:22:20:78:4e:45:29:bb:e5:f8:73:81:fc:
         14:37:cb:12:86:01:57:91:37:27:3d:fc:a1:e0:d7:d7:19:d6:
         9d:2a:ce:f1:23:de:25:c8:b7:5c:42:a1:09:e6:24:d2:6e:66:
         fc:7b:0d:bd
-----BEGIN CERTIFICATE-----
MIIFVDCCBDygAwIBAgIDDTrmMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGI5
Njc0MTEyZDA2NTk1ZjJkNmI4NDgwMmFjODQxNjY4NzE1OWFmZDEwHhcNMjEwMzI0
MTQzNDA1WhcNMjYwMzI0MTQzNDA1WjAzMTEwLwYDVQQDEygwMGZiZmIwMjI3ZWMx
MDMyNjdkMmIyYTVkZTJmZTg1Yjc3MjljOWM4MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAqHw4pdAjLPxpjF7oLkfZK59egJrR2Mwc0jNox28W/Ep+aB1q
RDoo8f94zxPo7+W0hnCZSNX+lenLTl6yDJcMe18+LF5EefcE0++0vCSE9wAcXjGl
q/uQe+BElfKjfEknjIn8JPCBkMf/KanAeopGwJ/wlUQa3R4cLYcP8ULxNay+zvD7
3u2fuNccy/SuHd4cNIve+zufIGk1qgNp/+W0R4tK6hh9Ou/tNJYLzmzi8+ml3CPF
gTGt3TywiUYKvEzcuchx5TbvTPhi0NzBHGYphowwyV2/tUlehMj1+zhzfZdmSn4i
bg+Zr+YIwd75NDpjs6aP/poxjm61L4SxLTfyLQIDAQABo4ICbzCCAmswHQYDVR0O
BBYEFDNjFteO38ipA6ftdQMniWF/oH7aMB8GA1UdIwQYMBaAFFQIICT2Cjg+OCJP
j3d34uU1Xp8kMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYjk2NzQx
MTJkMDY1OTVmMmQ2Yjg0ODAyYWM4NDE2Njg3MTU5YWZkMS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvZTZiZTM0N2QtN2JmMS00MTM1LTliOGYtM2JmNzk3
N2IyZDhhLzAwZmJmYjAyMjdlYzEwMzI2N2QyYjJhNWRlMmZlODViNzcyOWM5Yzgu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9lNmJlMzQ3ZC03YmYxLTQxMzUtOWI4Zi0zYmY3
OTc3YjJkOGEvYjk2NzQxMTJkMDY1OTVmMmQ2Yjg0ODAyYWM4NDE2Njg3MTU5YWZk
MS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAzBggrBgEFBQcBBwEB/wQk
MCIwIAQCAAEwGjAMAwQAvsTRAwQAvsTSAwQAvsTUAwQAvsTYMA0GCSqGSIb3DQEB
CwUAA4IBAQALBFSvWiWlZxqUSkcPiX2P/jNSo7yp5rScMcnaDMi/1nHBylGO6M+R
8LticdfJ6SUjr70/rDHlTIu/Gn3ci4X1YD+d2gDlj3ImmiC9fIoeRUAVAz5k+T7D
yY72Ne18tIzBVKgM+JQpCxvfTjyfyLD5zZv9sLjtMHCtQy3p/VoR2S20Y6LynzFL
F7WuI+2RWMB64d5Qn1f8+Aby8Lg7X+3PNWgwed+CH9Bfg04fMZsrjrvbH8k29YE1
zCtKdOYq0XpaidgABnrjyaPoJ8UiIHhORSm75fhzgfwUN8sShgFXkTcnPfyh4NfX
GdadKs7xI94lyLdcQqEJ5iTSbmb8ew29
-----END CERTIFICATE-----
Generated at Thu Mar 28 10:47:18 2024 by rpki-client on console-ams.rpki-client.org