Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/f36529a5-efd7-4819-ac80-9b105ddf3b32/c54b85d0a47e6a34d5bbc293163e84e8db4dffa1.roa
File:                     c54b85d0a47e6a34d5bbc293163e84e8db4dffa1.roa (raw, json)
Hash identifier:          ARe2/PWWUz5rTIIUb8n66dLNG7tv0BiJM6uRCi6Ob64=
Subject key identifier:   5A:60:FB:45:F8:6E:94:64:94:61:F6:00:FD:76:BC:F7:9A:93:2D:77
Certificate issuer:       /CN=9027bea49a2d292834550bf575448d0b5b71311a
Certificate serial:       123BE9
Authority key identifier: 43:2C:4B:7D:96:B7:48:C4:89:B4:5C:BD:8E:F0:06:64:57:C0:7C:66
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/9027bea49a2d292834550bf575448d0b5b71311a.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/f36529a5-efd7-4819-ac80-9b105ddf3b32/c54b85d0a47e6a34d5bbc293163e84e8db4dffa1.roa
Signing time:             Wed 06 Oct 2021 13:21:28 +0000
ROA not before:           Wed 24 Mar 2021 03:00:00 +0000
ROA not after:            Tue 24 Mar 2026 03:00:00 +0000
asID:                     52268
IP address blocks:        190.104.64.0/20 maxlen: 24
                          190.112.196.0/22 maxlen: 24
                          190.113.236.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/f36529a5-efd7-4819-ac80-9b105ddf3b32/9027bea49a2d292834550bf575448d0b5b71311a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/f36529a5-efd7-4819-ac80-9b105ddf3b32/9027bea49a2d292834550bf575448d0b5b71311a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/9027bea49a2d292834550bf575448d0b5b71311a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 03:49:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1194985 (0x123be9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9027bea49a2d292834550bf575448d0b5b71311a
        Validity
            Not Before: Mar 24 03:00:00 2021 GMT
            Not After : Mar 24 03:00:00 2026 GMT
        Subject: CN=c54b85d0a47e6a34d5bbc293163e84e8db4dffa1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:d9:e9:9b:0c:a2:0e:cb:6e:08:39:6d:25:b7:
                    bc:80:ac:89:95:ae:8a:5d:89:c0:b9:ef:8d:39:b4:
                    0c:2e:9d:c3:5e:94:05:66:85:dd:eb:f7:94:69:35:
                    8f:e3:08:a3:58:aa:c2:d5:a2:b5:3d:32:d5:d1:6a:
                    a0:23:91:09:f8:ff:3d:37:85:64:c5:ea:43:9e:66:
                    3c:41:35:8f:79:e6:ec:c0:95:66:32:e6:f6:ae:16:
                    9b:11:f4:c0:0b:24:3a:c8:08:24:1f:64:88:f3:56:
                    63:73:d2:6d:b6:66:97:45:85:e2:1c:13:05:fb:db:
                    11:bb:54:ce:12:64:87:ae:f8:d2:51:b7:3b:ec:38:
                    0b:e7:96:3b:70:1b:28:2d:85:82:03:0c:1a:1f:c6:
                    f7:ad:32:41:1d:32:9f:d5:3b:9e:56:1a:19:a2:27:
                    08:cb:0b:ee:c0:74:54:71:9b:ed:94:c3:66:7e:f9:
                    52:06:cf:4f:6d:19:d5:a4:a5:f0:87:65:cf:c6:35:
                    b0:29:07:dc:e5:fe:04:ea:14:ba:66:52:de:db:71:
                    2a:67:4b:0b:45:8f:f9:01:7b:67:17:71:0f:75:1f:
                    59:80:22:3d:ca:88:72:8d:96:e2:8c:14:49:e6:73:
                    a9:b1:b5:96:6d:02:db:53:09:71:54:e1:b8:87:58:
                    58:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5A:60:FB:45:F8:6E:94:64:94:61:F6:00:FD:76:BC:F7:9A:93:2D:77
            X509v3 Authority Key Identifier:
                keyid:43:2C:4B:7D:96:B7:48:C4:89:B4:5C:BD:8E:F0:06:64:57:C0:7C:66

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/9027bea49a2d292834550bf575448d0b5b71311a.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/f36529a5-efd7-4819-ac80-9b105ddf3b32/c54b85d0a47e6a34d5bbc293163e84e8db4dffa1.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/f36529a5-efd7-4819-ac80-9b105ddf3b32/9027bea49a2d292834550bf575448d0b5b71311a.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.104.64.0/20
                  190.112.196.0/22
                  190.113.236.0/22

    Signature Algorithm: sha256WithRSAEncryption
         4c:50:39:78:15:4e:4c:e8:fd:e7:4f:5c:58:8e:76:ea:00:ae:
         1b:83:28:35:5d:2e:f5:39:4b:51:d2:34:b4:3f:7f:e0:f8:d5:
         6d:00:1b:6f:9d:7d:e6:d0:46:ec:24:71:2b:a9:34:8a:a3:4b:
         2f:20:40:8b:da:27:ca:7d:82:a7:6f:3f:49:b1:c1:bc:8c:48:
         d2:0f:96:46:99:7b:34:4f:43:e5:34:c4:3c:ec:78:0e:c9:e6:
         08:ef:9c:f0:e8:bb:d4:3a:0b:25:9a:b5:72:76:e5:ba:1b:68:
         71:44:61:ed:50:8f:46:ad:be:cf:6b:26:72:61:9d:72:4d:b4:
         6a:66:f0:7f:7f:fd:b6:f0:79:7d:09:98:cd:05:f8:9c:99:b1:
         ce:23:93:f4:ce:ed:00:4f:b0:57:e6:e2:2f:4b:3e:fe:86:38:
         4b:68:4e:34:ac:a2:be:c9:bb:04:6f:62:f6:e9:4e:f8:ce:23:
         62:47:88:73:2b:5c:ed:a9:5e:20:fa:da:fa:03:2b:57:90:63:
         d3:b1:0f:93:cb:f1:8f:b2:63:67:35:ee:02:3e:dd:d3:25:4b:
         2d:9f:b0:5b:0c:04:fe:e1:0d:8a:4a:2c:83:8a:b4:41:86:76:
         43:97:b3:15:7a:a4:b9:ee:7f:3a:20:e8:17:3b:4a:08:33:12:
         d1:9c:82:fe
-----BEGIN CERTIFICATE-----
MIIFTDCCBDSgAwIBAgIDEjvpMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDkw
MjdiZWE0OWEyZDI5MjgzNDU1MGJmNTc1NDQ4ZDBiNWI3MTMxMWEwHhcNMjEwMzI0
MDMwMDAwWhcNMjYwMzI0MDMwMDAwWjAzMTEwLwYDVQQDEyhjNTRiODVkMGE0N2U2
YTM0ZDViYmMyOTMxNjNlODRlOGRiNGRmZmExMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAw9npmwyiDstuCDltJbe8gKyJla6KXYnAue+NObQMLp3DXpQF
ZoXd6/eUaTWP4wijWKrC1aK1PTLV0WqgI5EJ+P89N4VkxepDnmY8QTWPeebswJVm
Mub2rhabEfTACyQ6yAgkH2SI81Zjc9JttmaXRYXiHBMF+9sRu1TOEmSHrvjSUbc7
7DgL55Y7cBsoLYWCAwwaH8b3rTJBHTKf1TueVhoZoicIywvuwHRUcZvtlMNmfvlS
Bs9PbRnVpKXwh2XPxjWwKQfc5f4E6hS6ZlLe23EqZ0sLRY/5AXtnF3EPdR9ZgCI9
yohyjZbijBRJ5nOpsbWWbQLbUwlxVOG4h1hYQQIDAQABo4ICZzCCAmMwHQYDVR0O
BBYEFFpg+0X4bpRklGH2AP12vPeaky13MB8GA1UdIwQYMBaAFEMsS32Wt0jEibRc
vY7wBmRXwHxmMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvOTAyN2Jl
YTQ5YTJkMjkyODM0NTUwYmY1NzU0NDhkMGI1YjcxMzExYS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvZjM2NTI5YTUtZWZkNy00ODE5LWFjODAtOWIxMDVk
ZGYzYjMyL2M1NGI4NWQwYTQ3ZTZhMzRkNWJiYzI5MzE2M2U4NGU4ZGI0ZGZmYTEu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9mMzY1MjlhNS1lZmQ3LTQ4MTktYWM4MC05YjEw
NWRkZjNiMzIvOTAyN2JlYTQ5YTJkMjkyODM0NTUwYmY1NzU0NDhkMGI1YjcxMzEx
YS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjArBggrBgEFBQcBBwEB/wQc
MBowGAQCAAEwEgMEBL5oQAMEAr5wxAMEAr5x7DANBgkqhkiG9w0BAQsFAAOCAQEA
TFA5eBVOTOj9509cWI526gCuG4MoNV0u9TlLUdI0tD9/4PjVbQAbb5195tBG7CRx
K6k0iqNLLyBAi9onyn2Cp28/SbHBvIxI0g+WRpl7NE9D5TTEPOx4DsnmCO+c8Oi7
1DoLJZq1cnbluhtocURh7VCPRq2+z2smcmGdck20ambwf3/9tvB5fQmYzQX4nJmx
ziOT9M7tAE+wV+biL0s+/oY4S2hONKyivsm7BG9i9ulO+M4jYkeIcytc7aleIPra
+gMrV5Bj07EPk8vxj7JjZzXuAj7d0yVLLZ+wWwwE/uENikosg4q0QYZ2Q5ezFXqk
ue5/OiDoFztKCDMS0ZyC/g==
-----END CERTIFICATE-----
Generated at Thu Mar 28 11:18:06 2024 by rpki-client on console-fra.rpki-client.org