Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/0043f52c-eeee-4d62-97e6-44c83c8beb9f/db336208bd6ff93fefd05521ad3f75a69898c36e.roa
File:                     db336208bd6ff93fefd05521ad3f75a69898c36e.roa (raw, json)
Hash identifier:          B+Mtwiy//FXLbRQRlYrRx9Z74VBLD0R1QebYtrZ/OqY=
Subject key identifier:   5E:DC:06:8D:6F:EC:A6:8A:04:F2:29:1C:BA:5C:43:83:FC:D4:C6:5C
Certificate issuer:       /CN=52c92f5118962db5a899e9bac9cd1d931aba8f4d
Certificate serial:       0C0725
Authority key identifier: 5B:BD:B3:E1:5B:11:33:CA:60:D5:51:94:0B:65:E4:BC:C0:91:77:12
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/52c92f5118962db5a899e9bac9cd1d931aba8f4d.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/0043f52c-eeee-4d62-97e6-44c83c8beb9f/db336208bd6ff93fefd05521ad3f75a69898c36e.roa
Signing time:             Wed 24 Mar 2021 14:31:49 +0000
ROA not before:           Wed 24 Mar 2021 14:31:49 +0000
ROA not after:            Tue 24 Mar 2026 14:31:49 +0000
asID:                     264742
IP address blocks:        45.173.60.0/22 maxlen: 24
                          2803:60::/32 maxlen: 48

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/0043f52c-eeee-4d62-97e6-44c83c8beb9f/52c92f5118962db5a899e9bac9cd1d931aba8f4d.crl
                          rsync://repository.lacnic.net/rpki/lacnic/0043f52c-eeee-4d62-97e6-44c83c8beb9f/52c92f5118962db5a899e9bac9cd1d931aba8f4d.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/52c92f5118962db5a899e9bac9cd1d931aba8f4d.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 04 Mar 2024 17:26:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 788261 (0xc0725)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=52c92f5118962db5a899e9bac9cd1d931aba8f4d
        Validity
            Not Before: Mar 24 14:31:49 2021 GMT
            Not After : Mar 24 14:31:49 2026 GMT
        Subject: CN=db336208bd6ff93fefd05521ad3f75a69898c36e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:a5:ac:3f:4a:2e:f7:a5:4b:b5:68:e0:43:e9:
                    12:55:fc:a8:32:02:9b:96:b8:90:39:89:ab:38:5e:
                    57:1e:ad:c4:92:65:2a:7b:ce:3f:c7:49:e4:c6:8b:
                    5e:b5:3c:2d:af:85:d7:f6:1b:50:49:e4:11:8f:49:
                    c0:3a:13:da:0e:9d:ba:1e:8f:b0:d7:83:00:87:09:
                    03:2c:32:1c:7a:15:d5:a2:ba:d9:7a:af:98:bd:45:
                    f3:5c:c8:03:0a:10:03:bc:ef:79:88:2d:7e:e1:e9:
                    fd:b2:fd:4c:ef:44:e5:02:ec:d9:9f:9b:43:42:d3:
                    f8:6a:77:af:83:69:12:e6:75:4b:b3:40:96:e9:1a:
                    a7:a1:1b:c0:51:49:31:2b:df:ec:3c:51:88:d4:75:
                    d2:d3:99:32:ab:dc:1e:6e:c4:3d:8e:2f:9b:5c:eb:
                    55:03:5d:df:f1:91:24:d6:95:d0:1e:8a:99:74:af:
                    56:0d:43:3b:a0:86:4c:3c:15:de:c7:21:4b:cf:42:
                    a4:49:d2:4c:5d:73:17:ec:20:af:ae:fd:4e:1e:10:
                    08:b4:5b:42:bd:ac:12:72:d7:aa:b2:04:1b:d7:06:
                    98:48:fb:9a:b2:ed:28:8c:28:08:6c:67:c9:45:e9:
                    82:24:17:02:2e:f4:3b:f3:71:11:a4:6b:31:09:ee:
                    6f:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5E:DC:06:8D:6F:EC:A6:8A:04:F2:29:1C:BA:5C:43:83:FC:D4:C6:5C
            X509v3 Authority Key Identifier:
                keyid:5B:BD:B3:E1:5B:11:33:CA:60:D5:51:94:0B:65:E4:BC:C0:91:77:12

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/52c92f5118962db5a899e9bac9cd1d931aba8f4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/0043f52c-eeee-4d62-97e6-44c83c8beb9f/db336208bd6ff93fefd05521ad3f75a69898c36e.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/0043f52c-eeee-4d62-97e6-44c83c8beb9f/52c92f5118962db5a899e9bac9cd1d931aba8f4d.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.173.60.0/22
                IPv6:
                  2803:60::/32

    Signature Algorithm: sha256WithRSAEncryption
         18:9e:77:76:9a:28:db:9c:24:40:f5:d7:bd:60:0d:f4:ce:d4:
         57:00:83:2f:4c:61:49:55:ca:47:2d:19:66:50:39:47:12:2c:
         3d:98:02:a3:b2:44:fe:99:9c:3d:2c:10:b0:fe:f0:73:1a:6a:
         b2:26:a6:6f:d4:0c:7f:d8:b5:8c:43:dd:b0:3b:e5:18:73:f0:
         7e:fa:03:a0:33:1a:3d:f4:22:e0:ed:45:9b:57:5b:d3:28:0f:
         41:60:67:17:6c:96:0b:4b:63:c1:40:a3:64:b6:62:11:18:d1:
         b0:d7:a2:b8:70:9a:4b:e4:e3:7a:2a:77:c5:e2:2f:c5:ac:2e:
         00:cc:35:5a:a4:8e:a8:b7:33:34:07:73:ee:1a:5f:34:c3:ed:
         d6:27:a9:d3:31:d0:d6:b1:63:f5:52:26:1e:ba:01:be:58:72:
         39:52:46:8d:45:59:0c:c4:f9:48:f2:e9:34:00:af:2f:f5:6b:
         e4:ce:90:11:6d:7f:a8:59:dd:56:c0:32:80:2f:ab:a5:4c:6e:
         ac:40:51:c4:ef:c4:40:ad:5c:3f:8d:62:11:68:a9:e2:f3:19:
         dd:72:f3:2b:3a:ca:ae:cd:01:fa:6b:76:79:10:52:0e:b0:2e:
         88:8a:94:63:9f:e4:10:28:55:9f:5e:08:9c:d5:6e:35:ff:23:
         fd:50:8e:49
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgIDDAclMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDUy
YzkyZjUxMTg5NjJkYjVhODk5ZTliYWM5Y2QxZDkzMWFiYThmNGQwHhcNMjEwMzI0
MTQzMTQ5WhcNMjYwMzI0MTQzMTQ5WjAzMTEwLwYDVQQDEyhkYjMzNjIwOGJkNmZm
OTNmZWZkMDU1MjFhZDNmNzVhNjk4OThjMzZlMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAsKWsP0ou96VLtWjgQ+kSVfyoMgKblriQOYmrOF5XHq3EkmUq
e84/x0nkxotetTwtr4XX9htQSeQRj0nAOhPaDp26Ho+w14MAhwkDLDIcehXVorrZ
eq+YvUXzXMgDChADvO95iC1+4en9sv1M70TlAuzZn5tDQtP4anevg2kS5nVLs0CW
6RqnoRvAUUkxK9/sPFGI1HXS05kyq9websQ9ji+bXOtVA13f8ZEk1pXQHoqZdK9W
DUM7oIZMPBXexyFLz0KkSdJMXXMX7CCvrv1OHhAItFtCvawScteqsgQb1waYSPua
su0ojCgIbGfJRemCJBcCLvQ783ERpGsxCe5vLQIDAQABo4ICajCCAmYwHQYDVR0O
BBYEFF7cBo1v7KaKBPIpHLpcQ4P81MZcMB8GA1UdIwQYMBaAFFu9s+FbETPKYNVR
lAtl5LzAkXcSMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvNTJjOTJm
NTExODk2MmRiNWE4OTllOWJhYzljZDFkOTMxYWJhOGY0ZC5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMDA0M2Y1MmMtZWVlZS00ZDYyLTk3ZTYtNDRjODNj
OGJlYjlmL2RiMzM2MjA4YmQ2ZmY5M2ZlZmQwNTUyMWFkM2Y3NWE2OTg5OGMzNmUu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8wMDQzZjUyYy1lZWVlLTRkNjItOTdlNi00NGM4
M2M4YmViOWYvNTJjOTJmNTExODk2MmRiNWE4OTllOWJhYzljZDFkOTMxYWJhOGY0
ZC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQf
MB0wDAQCAAEwBgMEAi2tPDANBAIAAjAHAwUAKAMAYDANBgkqhkiG9w0BAQsFAAOC
AQEAGJ53dpoo25wkQPXXvWAN9M7UVwCDL0xhSVXKRy0ZZlA5RxIsPZgCo7JE/pmc
PSwQsP7wcxpqsiamb9QMf9i1jEPdsDvlGHPwfvoDoDMaPfQi4O1Fm1db0ygPQWBn
F2yWC0tjwUCjZLZiERjRsNeiuHCaS+Tjeip3xeIvxawuAMw1WqSOqLczNAdz7hpf
NMPt1iep0zHQ1rFj9VImHroBvlhyOVJGjUVZDMT5SPLpNACvL/Vr5M6QEW1/qFnd
VsAygC+rpUxurEBRxO/EQK1cP41iEWip4vMZ3XLzKzrKrs0B+mt2eRBSDrAuiIqU
Y5/kEChVn14InNVuNf8j/VCOSQ==
-----END CERTIFICATE-----
Generated at Fri Mar 1 19:57:22 2024 by rpki-client on console-fra.rpki-client.org