Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/02687a4b-2ac2-4d3f-9d0b-96286a0b6a4b/10994a0e1c649ac992a9bd9a082e0bd7769006a9.roa
File:                     10994a0e1c649ac992a9bd9a082e0bd7769006a9.roa (raw, json)
Hash identifier:          DWdBej9Zvo9mLVNS27i463rM/430d/7rEHGwYxZuv5I=
Subject key identifier:   9D:B7:DD:58:44:ED:BA:31:D2:A3:F5:20:5A:6F:6D:7B:2B:F3:E5:FD
Certificate issuer:       /CN=4f17752f3d0b4b3bb5cf630e65f8e199604e5f75
Certificate serial:       07125F
Authority key identifier: 37:F3:58:E7:A7:C1:E7:AC:EA:05:0A:F6:8E:17:FB:3C:2E:57:85:59
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/4f17752f3d0b4b3bb5cf630e65f8e199604e5f75.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/02687a4b-2ac2-4d3f-9d0b-96286a0b6a4b/10994a0e1c649ac992a9bd9a082e0bd7769006a9.roa
Signing time:             Wed 24 Mar 2021 14:31:43 +0000
ROA not before:           Wed 24 Mar 2021 14:31:43 +0000
ROA not after:            Tue 24 Mar 2026 14:31:43 +0000
asID:                     52438
IP address blocks:        131.108.42.0/24 maxlen: 24
                          131.108.43.0/24 maxlen: 24
                          190.185.107.0/24 maxlen: 24
                          190.185.106.0/24 maxlen: 24
                          190.185.105.0/24 maxlen: 24
                          190.185.104.0/24 maxlen: 24
                          131.108.40.0/24 maxlen: 24
                          131.108.41.0/24 maxlen: 24
                          179.63.248.0/24 maxlen: 24
                          179.63.249.0/24 maxlen: 24
                          179.63.250.0/24 maxlen: 24
                          179.63.251.0/24 maxlen: 24
                          2803:bc00::/32 maxlen: 128

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/02687a4b-2ac2-4d3f-9d0b-96286a0b6a4b/4f17752f3d0b4b3bb5cf630e65f8e199604e5f75.crl
                          rsync://repository.lacnic.net/rpki/lacnic/02687a4b-2ac2-4d3f-9d0b-96286a0b6a4b/4f17752f3d0b4b3bb5cf630e65f8e199604e5f75.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/4f17752f3d0b4b3bb5cf630e65f8e199604e5f75.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 19:38:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 463455 (0x7125f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4f17752f3d0b4b3bb5cf630e65f8e199604e5f75
        Validity
            Not Before: Mar 24 14:31:43 2021 GMT
            Not After : Mar 24 14:31:43 2026 GMT
        Subject: CN=10994a0e1c649ac992a9bd9a082e0bd7769006a9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:da:61:4c:02:22:48:17:52:bb:b5:0e:67:a6:
                    20:2f:59:a0:62:2a:eb:90:c4:37:05:26:ba:a0:a9:
                    f4:a5:31:ea:ee:71:98:76:13:7a:22:82:b5:0a:8a:
                    d3:47:74:9e:8f:1d:2e:6c:e5:b0:1a:0e:a9:eb:88:
                    fc:94:b5:33:7d:ac:6d:04:db:2f:bf:39:f5:cd:75:
                    11:00:3b:15:3f:12:2d:c9:a5:61:83:90:30:21:4f:
                    a2:00:9b:a3:54:de:cd:a0:7a:35:5e:2f:70:37:0f:
                    03:ed:a5:72:d8:44:37:79:fc:2d:1b:8b:f3:53:b1:
                    69:49:a3:ef:3f:8b:b1:af:76:4c:a3:22:3c:2e:7f:
                    0a:7e:e1:e9:94:95:b0:31:26:fb:28:de:33:f8:ef:
                    67:11:ba:32:b2:56:47:8d:a3:ef:77:ff:00:02:1d:
                    36:7f:d9:f1:d4:8d:85:5d:15:76:64:7a:9e:54:23:
                    9a:52:a9:ac:08:0f:f4:34:f4:63:20:73:02:75:2c:
                    2c:3c:ee:a5:23:3f:af:0a:3b:ac:f1:74:30:73:f7:
                    08:96:c6:92:2b:19:2d:bc:f9:37:c9:c9:e5:e8:90:
                    19:71:66:82:4e:34:e4:da:28:c2:90:b4:74:53:7f:
                    60:a1:33:7c:52:74:67:d5:32:69:98:84:27:96:6e:
                    b1:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9D:B7:DD:58:44:ED:BA:31:D2:A3:F5:20:5A:6F:6D:7B:2B:F3:E5:FD
            X509v3 Authority Key Identifier:
                keyid:37:F3:58:E7:A7:C1:E7:AC:EA:05:0A:F6:8E:17:FB:3C:2E:57:85:59

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/4f17752f3d0b4b3bb5cf630e65f8e199604e5f75.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/02687a4b-2ac2-4d3f-9d0b-96286a0b6a4b/10994a0e1c649ac992a9bd9a082e0bd7769006a9.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/02687a4b-2ac2-4d3f-9d0b-96286a0b6a4b/4f17752f3d0b4b3bb5cf630e65f8e199604e5f75.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  131.108.40.0/22
                  179.63.248.0/22
                  190.185.104.0/22
                IPv6:
                  2803:bc00::/32

    Signature Algorithm: sha256WithRSAEncryption
         58:37:4a:c9:b5:7f:db:01:ac:dc:ec:d4:e8:42:d8:5e:76:d7:
         59:7a:33:b1:e4:68:0b:99:91:23:1b:42:2e:17:19:87:e8:56:
         0e:95:9f:7f:ee:44:50:cb:2a:8c:b9:11:a1:ab:d0:e2:da:e0:
         ce:df:e7:27:9c:87:ee:4a:45:9b:1c:6b:3e:5c:a2:7e:b4:be:
         aa:c7:7e:80:5b:c2:a5:da:1b:2f:d3:e3:cc:41:b3:16:2d:f6:
         c9:4f:13:98:2e:a8:82:ba:f3:e6:d5:e6:97:76:9c:88:50:20:
         ff:02:35:f9:71:a6:83:1d:03:a4:f3:bb:36:f5:5d:3f:65:67:
         b4:44:6f:8e:a1:27:c0:07:d3:72:55:ec:54:14:23:70:a5:86:
         ac:72:53:50:c4:ed:a2:2a:43:55:d4:c6:76:6f:96:11:04:17:
         91:fc:e8:41:4b:94:a4:c2:5b:19:b5:14:96:63:53:9d:9d:99:
         61:8e:ce:43:dd:02:d1:10:a0:52:3e:4d:50:95:04:47:78:a8:
         92:58:a5:43:fa:49:15:12:9c:4d:eb:40:77:0a:c5:65:a0:1a:
         0c:63:2a:2b:d5:c5:80:25:75:97:45:c8:8d:7f:41:cf:44:07:
         13:cf:24:31:9e:d8:c9:5e:84:99:8c:9a:3e:86:bc:33:62:5c:
         55:b5:51:d7
-----BEGIN CERTIFICATE-----
MIIFWzCCBEOgAwIBAgIDBxJfMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDRm
MTc3NTJmM2QwYjRiM2JiNWNmNjMwZTY1ZjhlMTk5NjA0ZTVmNzUwHhcNMjEwMzI0
MTQzMTQzWhcNMjYwMzI0MTQzMTQzWjAzMTEwLwYDVQQDEygxMDk5NGEwZTFjNjQ5
YWM5OTJhOWJkOWEwODJlMGJkNzc2OTAwNmE5MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAqNphTAIiSBdSu7UOZ6YgL1mgYirrkMQ3BSa6oKn0pTHq7nGY
dhN6IoK1CorTR3Sejx0ubOWwGg6p64j8lLUzfaxtBNsvvzn1zXURADsVPxItyaVh
g5AwIU+iAJujVN7NoHo1Xi9wNw8D7aVy2EQ3efwtG4vzU7FpSaPvP4uxr3ZMoyI8
Ln8KfuHplJWwMSb7KN4z+O9nEboyslZHjaPvd/8AAh02f9nx1I2FXRV2ZHqeVCOa
UqmsCA/0NPRjIHMCdSwsPO6lIz+vCjus8XQwc/cIlsaSKxktvPk3ycnl6JAZcWaC
TjTk2ijCkLR0U39goTN8UnRn1TJpmIQnlm6xqwIDAQABo4ICdjCCAnIwHQYDVR0O
BBYEFJ233VhE7box0qP1IFpvbXsr8+X9MB8GA1UdIwQYMBaAFDfzWOenwees6gUK
9o4X+zwuV4VZMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvNGYxNzc1
MmYzZDBiNGIzYmI1Y2Y2MzBlNjVmOGUxOTk2MDRlNWY3NS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMDI2ODdhNGItMmFjMi00ZDNmLTlkMGItOTYyODZh
MGI2YTRiLzEwOTk0YTBlMWM2NDlhYzk5MmE5YmQ5YTA4MmUwYmQ3NzY5MDA2YTku
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8wMjY4N2E0Yi0yYWMyLTRkM2YtOWQwYi05NjI4
NmEwYjZhNGIvNGYxNzc1MmYzZDBiNGIzYmI1Y2Y2MzBlNjVmOGUxOTk2MDRlNWY3
NS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6BggrBgEFBQcBBwEB/wQr
MCkwGAQCAAEwEgMEAoNsKAMEArM/+AMEAr65aDANBAIAAjAHAwUAKAO8ADANBgkq
hkiG9w0BAQsFAAOCAQEAWDdKybV/2wGs3OzU6ELYXnbXWXozseRoC5mRIxtCLhcZ
h+hWDpWff+5EUMsqjLkRoavQ4trgzt/nJ5yH7kpFmxxrPlyifrS+qsd+gFvCpdob
L9PjzEGzFi32yU8TmC6ogrrz5tXml3aciFAg/wI1+XGmgx0DpPO7NvVdP2VntERv
jqEnwAfTclXsVBQjcKWGrHJTUMTtoipDVdTGdm+WEQQXkfzoQUuUpMJbGbUUlmNT
nZ2ZYY7OQ90C0RCgUj5NUJUER3ioklilQ/pJFRKcTetAdwrFZaAaDGMqK9XFgCV1
l0XIjX9Bz0QHE88kMZ7YyV6EmYyaPoa8M2JcVbVR1w==
-----END CERTIFICATE-----
Generated at Thu Mar 28 22:18:32 2024 by rpki-client on console-fra.rpki-client.org