Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/025a8781-b222-4d29-adb9-7f54eca8ab0d/5ada688edb77415224a8e0afcbfbaaab8e62beff.roa
File:                     5ada688edb77415224a8e0afcbfbaaab8e62beff.roa (raw, json)
Hash identifier:          OD/BqcpCz4NLED/BHVa3RwIQX8L/GaQZYP4rOpGZLD4=
Subject key identifier:   C7:89:D2:4C:4E:14:FA:79:0B:5F:24:B4:59:03:C0:D1:F6:DE:27:91
Certificate issuer:       /CN=73de61b02a08dcf95a4a193ac4599cea4cf09bd2
Certificate serial:       0C1A2C
Authority key identifier: 1F:55:1B:12:E3:14:10:F1:DA:60:83:48:A1:77:16:5D:B3:09:DE:F9
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/73de61b02a08dcf95a4a193ac4599cea4cf09bd2.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/025a8781-b222-4d29-adb9-7f54eca8ab0d/5ada688edb77415224a8e0afcbfbaaab8e62beff.roa
Signing time:             Wed 24 Mar 2021 14:47:03 +0000
ROA not before:           Wed 24 Mar 2021 14:47:03 +0000
ROA not after:            Tue 24 Mar 2026 14:47:03 +0000
asID:                     265811
IP address blocks:        201.182.24.0/24 maxlen: 24
                          201.182.25.0/24 maxlen: 24
                          201.182.26.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/025a8781-b222-4d29-adb9-7f54eca8ab0d/73de61b02a08dcf95a4a193ac4599cea4cf09bd2.crl
                          rsync://repository.lacnic.net/rpki/lacnic/025a8781-b222-4d29-adb9-7f54eca8ab0d/73de61b02a08dcf95a4a193ac4599cea4cf09bd2.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/73de61b02a08dcf95a4a193ac4599cea4cf09bd2.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 19:38:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 793132 (0xc1a2c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=73de61b02a08dcf95a4a193ac4599cea4cf09bd2
        Validity
            Not Before: Mar 24 14:47:03 2021 GMT
            Not After : Mar 24 14:47:03 2026 GMT
        Subject: CN=5ada688edb77415224a8e0afcbfbaaab8e62beff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:37:cc:ef:c0:f5:9d:b8:47:8b:13:99:83:23:
                    6d:c3:5f:5d:3a:5a:7e:d1:bf:34:16:f0:81:f7:49:
                    8c:c6:18:f5:05:b9:b4:20:94:48:fb:65:7c:a6:79:
                    20:37:1c:1e:19:3b:e7:d8:bf:49:f7:2e:30:6e:4a:
                    2b:76:be:05:7c:19:31:56:56:52:b8:34:b3:9b:4f:
                    7c:bd:6c:74:4a:7b:0f:69:b3:b7:c6:2a:f5:1f:ba:
                    d6:db:91:6e:53:77:8f:02:36:82:f9:26:6e:e6:23:
                    f3:f1:3f:7c:6b:87:94:3d:f5:7d:79:83:56:5e:23:
                    7c:31:63:b4:98:b8:e2:ce:40:fb:d1:e4:5b:e1:16:
                    fc:3d:df:4c:84:e7:ec:b4:83:88:f9:f5:6c:01:4a:
                    1f:fe:06:b3:18:02:5a:be:0c:77:b4:3d:01:88:7d:
                    a5:ba:ff:fe:59:8c:f4:08:57:46:4e:cb:9d:70:ee:
                    33:a2:46:a5:cb:2c:57:7e:bf:c3:64:0a:32:68:a5:
                    55:e1:96:d4:03:61:2d:8f:b3:9b:28:8d:1d:22:9a:
                    ae:fe:05:de:dc:5f:7d:23:ca:8b:bb:66:c3:57:cb:
                    d1:7d:b0:a5:85:fb:c2:2f:0e:6f:df:5e:ea:e8:84:
                    6b:b2:7d:af:63:38:6b:06:89:56:e1:ba:a6:5b:72:
                    98:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C7:89:D2:4C:4E:14:FA:79:0B:5F:24:B4:59:03:C0:D1:F6:DE:27:91
            X509v3 Authority Key Identifier:
                keyid:1F:55:1B:12:E3:14:10:F1:DA:60:83:48:A1:77:16:5D:B3:09:DE:F9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/73de61b02a08dcf95a4a193ac4599cea4cf09bd2.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/025a8781-b222-4d29-adb9-7f54eca8ab0d/5ada688edb77415224a8e0afcbfbaaab8e62beff.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/025a8781-b222-4d29-adb9-7f54eca8ab0d/73de61b02a08dcf95a4a193ac4599cea4cf09bd2.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  201.182.24.0-201.182.26.255

    Signature Algorithm: sha256WithRSAEncryption
         7b:8f:b1:ee:bd:e0:eb:7a:ea:e7:19:54:c8:03:ee:a2:ea:2e:
         94:5c:25:06:09:24:2f:33:03:29:3a:ea:f3:30:69:9d:5b:4f:
         3c:8d:46:23:2a:87:4d:8a:a2:6b:ec:c7:4c:19:5f:c3:78:69:
         4f:e3:3c:b9:ce:61:48:43:68:47:8a:8a:22:ac:75:90:1f:7d:
         12:cf:3a:b5:c1:0b:40:fe:5b:b6:fd:87:38:3c:3b:af:47:6e:
         7d:90:d1:b2:5a:c4:96:50:aa:31:4f:c8:b1:ea:e5:de:61:8e:
         d3:9a:06:2d:03:1b:58:da:30:04:ee:d0:a0:fd:8e:e0:88:ff:
         09:0e:e5:63:02:63:24:53:cf:5a:51:5d:a9:6a:b6:6f:1d:80:
         6d:3a:4c:19:24:ee:03:7d:32:cb:14:90:45:7b:de:77:d4:7e:
         3a:09:2d:1e:b9:14:1f:8f:34:f5:1f:8c:f5:be:11:2b:e7:ce:
         a8:ad:b7:fc:8d:4f:e8:8d:a0:4e:5d:83:7b:89:57:4d:57:2b:
         44:f9:08:17:f2:01:75:72:87:b3:c5:43:e4:8a:de:1e:4b:90:
         7f:a5:dc:28:a5:ca:14:f0:51:48:07:a2:8e:af:f2:99:ad:0b:
         80:43:97:d8:fe:a2:3a:b9:b7:b6:c5:dd:2c:b7:3a:88:3a:10:
         be:ea:c7:fa
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgIDDBosMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDcz
ZGU2MWIwMmEwOGRjZjk1YTRhMTkzYWM0NTk5Y2VhNGNmMDliZDIwHhcNMjEwMzI0
MTQ0NzAzWhcNMjYwMzI0MTQ0NzAzWjAzMTEwLwYDVQQDEyg1YWRhNjg4ZWRiNzc0
MTUyMjRhOGUwYWZjYmZiYWFhYjhlNjJiZWZmMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAsTfM78D1nbhHixOZgyNtw19dOlp+0b80FvCB90mMxhj1Bbm0
IJRI+2V8pnkgNxweGTvn2L9J9y4wbkordr4FfBkxVlZSuDSzm098vWx0SnsPabO3
xir1H7rW25FuU3ePAjaC+SZu5iPz8T98a4eUPfV9eYNWXiN8MWO0mLjizkD70eRb
4Rb8Pd9MhOfstIOI+fVsAUof/gazGAJavgx3tD0BiH2luv/+WYz0CFdGTsudcO4z
okalyyxXfr/DZAoyaKVV4ZbUA2Etj7ObKI0dIpqu/gXe3F99I8qLu2bDV8vRfbCl
hfvCLw5v317q6IRrsn2vYzhrBolW4bqmW3KY/wIDAQABo4ICYzCCAl8wHQYDVR0O
BBYEFMeJ0kxOFPp5C18ktFkDwNH23ieRMB8GA1UdIwQYMBaAFB9VGxLjFBDx2mCD
SKF3Fl2zCd75MA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvNzNkZTYx
YjAyYTA4ZGNmOTVhNGExOTNhYzQ1OTljZWE0Y2YwOWJkMi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMDI1YTg3ODEtYjIyMi00ZDI5LWFkYjktN2Y1NGVj
YThhYjBkLzVhZGE2ODhlZGI3NzQxNTIyNGE4ZTBhZmNiZmJhYWFiOGU2MmJlZmYu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8wMjVhODc4MS1iMjIyLTRkMjktYWRiOS03ZjU0
ZWNhOGFiMGQvNzNkZTYxYjAyYTA4ZGNmOTVhNGExOTNhYzQ1OTljZWE0Y2YwOWJk
Mi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAnBggrBgEFBQcBBwEB/wQY
MBYwFAQCAAEwDjAMAwQDybYYAwQAybYaMA0GCSqGSIb3DQEBCwUAA4IBAQB7j7Hu
veDreurnGVTIA+6i6i6UXCUGCSQvMwMpOurzMGmdW088jUYjKodNiqJr7MdMGV/D
eGlP4zy5zmFIQ2hHiooirHWQH30Szzq1wQtA/lu2/Yc4PDuvR259kNGyWsSWUKox
T8ix6uXeYY7TmgYtAxtY2jAE7tCg/Y7giP8JDuVjAmMkU89aUV2parZvHYBtOkwZ
JO4DfTLLFJBFe9531H46CS0euRQfjzT1H4z1vhEr586orbf8jU/ojaBOXYN7iVdN
VytE+QgX8gF1coezxUPkit4eS5B/pdwopcoU8FFIB6KOr/KZrQuAQ5fY/qI6ube2
xd0stzqIOhC+6sf6
-----END CERTIFICATE-----
Generated at Thu Mar 28 21:28:36 2024 by rpki-client on console-ams.rpki-client.org