Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/0139fc82-2be3-4c8a-bb94-07a6e6b3b0fe/bf631fd58c4670c06f38514024009ba17664128e.roa
File:                     bf631fd58c4670c06f38514024009ba17664128e.roa (raw, json)
Hash identifier:          ji3fge87DT77OtN8yHICx3MvFbs3cdDVg+SQPPj6SXw=
Subject key identifier:   F1:D8:E4:98:C7:45:9F:0E:A1:3B:F1:1C:88:EF:F5:27:A1:B3:AB:3E
Certificate issuer:       /CN=e559225476bc467cb73e1777186dbca1caa93294
Certificate serial:       08F2D0
Authority key identifier: 02:83:F1:D6:F5:67:C1:2B:26:7F:1F:D2:6C:4D:F6:D4:8E:B3:AB:44
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/e559225476bc467cb73e1777186dbca1caa93294.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/0139fc82-2be3-4c8a-bb94-07a6e6b3b0fe/bf631fd58c4670c06f38514024009ba17664128e.roa
Signing time:             Wed 24 Mar 2021 14:42:29 +0000
ROA not before:           Wed 24 Mar 2021 14:42:28 +0000
ROA not after:            Tue 24 Mar 2026 14:42:28 +0000
asID:                     269934
IP address blocks:        45.190.13.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/0139fc82-2be3-4c8a-bb94-07a6e6b3b0fe/e559225476bc467cb73e1777186dbca1caa93294.crl
                          rsync://repository.lacnic.net/rpki/lacnic/0139fc82-2be3-4c8a-bb94-07a6e6b3b0fe/e559225476bc467cb73e1777186dbca1caa93294.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/e559225476bc467cb73e1777186dbca1caa93294.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 19:38:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 586448 (0x8f2d0)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e559225476bc467cb73e1777186dbca1caa93294
        Validity
            Not Before: Mar 24 14:42:28 2021 GMT
            Not After : Mar 24 14:42:28 2026 GMT
        Subject: CN=bf631fd58c4670c06f38514024009ba17664128e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:58:8f:88:e3:fb:0c:4f:6b:27:76:e4:30:aa:
                    58:23:57:90:c3:c2:bc:f3:f8:7c:62:ed:dd:05:d8:
                    01:8d:2d:f0:98:3c:cf:f9:99:ec:ff:6a:a1:a1:31:
                    79:f8:09:59:74:75:21:bf:e1:38:83:21:f7:dc:db:
                    c9:66:fd:e4:2d:b2:f2:06:68:26:8e:a4:3b:bb:10:
                    83:4d:1f:08:28:d6:ea:5b:aa:6c:f0:52:17:fa:99:
                    9d:92:96:f9:d1:f6:7e:43:d3:49:db:14:85:24:4f:
                    d2:2b:95:31:d8:4b:a5:60:e5:5b:e3:00:8b:b7:d4:
                    e5:32:c1:27:6f:63:7b:b1:b6:2e:5f:11:c6:4a:27:
                    6b:24:23:89:5d:fa:c3:b2:5d:ba:02:23:4b:18:05:
                    5c:dc:16:ef:1a:4b:43:33:f9:4e:52:93:da:c8:ce:
                    69:10:ab:7a:1a:7c:5a:99:fa:a8:f1:b5:be:b5:09:
                    2f:be:ea:88:25:02:70:54:71:ae:e2:69:7a:93:b1:
                    55:57:24:80:24:77:d3:78:82:26:ac:2d:73:62:bf:
                    13:7a:b7:8d:0b:19:91:55:7c:11:28:3c:8f:b2:20:
                    0b:8d:4f:c3:c7:76:01:36:20:24:52:3e:01:cd:6f:
                    9c:02:99:73:6d:4c:c5:6f:3d:fc:bf:6c:bd:c7:f9:
                    27:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F1:D8:E4:98:C7:45:9F:0E:A1:3B:F1:1C:88:EF:F5:27:A1:B3:AB:3E
            X509v3 Authority Key Identifier:
                keyid:02:83:F1:D6:F5:67:C1:2B:26:7F:1F:D2:6C:4D:F6:D4:8E:B3:AB:44

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/e559225476bc467cb73e1777186dbca1caa93294.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/0139fc82-2be3-4c8a-bb94-07a6e6b3b0fe/bf631fd58c4670c06f38514024009ba17664128e.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/0139fc82-2be3-4c8a-bb94-07a6e6b3b0fe/e559225476bc467cb73e1777186dbca1caa93294.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.190.13.0/24

    Signature Algorithm: sha256WithRSAEncryption
         15:5f:e6:89:c3:45:81:6e:05:14:07:26:78:bd:bd:41:61:3b:
         28:0c:84:eb:e7:e9:f1:36:0d:22:2c:14:8e:ed:e4:b7:f2:73:
         e3:c3:f0:9f:c2:47:45:06:5d:ac:8d:32:49:36:26:24:0c:0f:
         4d:ae:bb:c5:6b:4a:57:bb:f5:e7:09:78:99:0b:6e:7e:dd:ab:
         d9:ac:85:a1:24:64:eb:5c:18:45:c9:8f:91:a8:9b:99:e2:6a:
         b1:b6:b6:77:80:f2:5f:63:66:37:21:c4:aa:17:65:41:31:4c:
         42:15:22:54:2b:9f:f9:d8:ec:cb:c0:d6:c6:70:93:eb:75:f9:
         49:53:4d:16:1f:8d:a4:fe:2e:b9:1b:05:87:0b:5c:b2:43:cf:
         63:b2:33:a6:eb:f1:63:71:68:c1:88:9e:07:2c:f7:67:2f:6a:
         a6:28:b1:89:6f:f8:b1:38:d8:4f:a6:24:9b:1b:c9:5a:67:cd:
         e8:cd:f9:df:fd:1f:cb:bd:ce:47:7d:48:8c:0f:0a:62:12:be:
         27:e7:92:5b:63:97:5a:c3:71:7b:5c:11:0f:7d:a5:49:06:ff:
         1b:ce:44:9e:d9:64:ac:89:9b:79:05:91:bb:a2:3c:ad:d6:96:
         b7:8c:fa:aa:a1:de:4b:e6:00:7b:97:c3:00:0c:8e:d3:b9:62:
         82:e8:aa:fc
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDCPLQMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGU1
NTkyMjU0NzZiYzQ2N2NiNzNlMTc3NzE4NmRiY2ExY2FhOTMyOTQwHhcNMjEwMzI0
MTQ0MjI4WhcNMjYwMzI0MTQ0MjI4WjAzMTEwLwYDVQQDEyhiZjYzMWZkNThjNDY3
MGMwNmYzODUxNDAyNDAwOWJhMTc2NjQxMjhlMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAhliPiOP7DE9rJ3bkMKpYI1eQw8K88/h8Yu3dBdgBjS3wmDzP
+Zns/2qhoTF5+AlZdHUhv+E4gyH33NvJZv3kLbLyBmgmjqQ7uxCDTR8IKNbqW6ps
8FIX+pmdkpb50fZ+Q9NJ2xSFJE/SK5Ux2EulYOVb4wCLt9TlMsEnb2N7sbYuXxHG
SidrJCOJXfrDsl26AiNLGAVc3BbvGktDM/lOUpPayM5pEKt6Gnxamfqo8bW+tQkv
vuqIJQJwVHGu4ml6k7FVVySAJHfTeIImrC1zYr8TereNCxmRVXwRKDyPsiALjU/D
x3YBNiAkUj4BzW+cAplzbUzFbz38v2y9x/kn9wIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFPHY5JjHRZ8OoTvxHIjv9Sehs6s+MB8GA1UdIwQYMBaAFAKD8db1Z8ErJn8f
0mxN9tSOs6tEMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvZTU1OTIy
NTQ3NmJjNDY3Y2I3M2UxNzc3MTg2ZGJjYTFjYWE5MzI5NC5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMDEzOWZjODItMmJlMy00YzhhLWJiOTQtMDdhNmU2
YjNiMGZlL2JmNjMxZmQ1OGM0NjcwYzA2ZjM4NTE0MDI0MDA5YmExNzY2NDEyOGUu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8wMTM5ZmM4Mi0yYmUzLTRjOGEtYmI5NC0wN2E2
ZTZiM2IwZmUvZTU1OTIyNTQ3NmJjNDY3Y2I3M2UxNzc3MTg2ZGJjYTFjYWE5MzI5
NC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAC2+DTANBgkqhkiG9w0BAQsFAAOCAQEAFV/micNFgW4FFAcm
eL29QWE7KAyE6+fp8TYNIiwUju3kt/Jz48Pwn8JHRQZdrI0ySTYmJAwPTa67xWtK
V7v15wl4mQtuft2r2ayFoSRk61wYRcmPkaibmeJqsba2d4DyX2NmNyHEqhdlQTFM
QhUiVCuf+djsy8DWxnCT63X5SVNNFh+NpP4uuRsFhwtcskPPY7IzpuvxY3FowYie
Byz3Zy9qpiixiW/4sTjYT6YkmxvJWmfN6M353/0fy73OR31IjA8KYhK+J+eSW2OX
WsNxe1wRD32lSQb/G85EntlkrImbeQWRu6I8rdaWt4z6qqHeS+YAe5fDAAyO07li
guiq/A==
-----END CERTIFICATE-----
Generated at Fri Mar 29 03:42:33 2024 by rpki-client on console-fra.rpki-client.org