Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/047a19e0-48b8-45d2-869c-efb969a5170a/a0d9b154b56659ee4b80e720e44afe8e019286db.roa
File:                     a0d9b154b56659ee4b80e720e44afe8e019286db.roa (raw, json)
Hash identifier:          MJhQK2aycY1fuh6P3LyvL4fV7R8+Lk+s1G4nDIbcP/8=
Subject key identifier:   20:04:9D:35:92:57:6C:CA:26:4F:3B:DD:52:17:9B:1B:81:67:05:42
Certificate issuer:       /CN=81287956eb7299acf482795e03d8ae10a1dba595
Certificate serial:       0CFFA8
Authority key identifier: CF:6B:72:B3:46:83:57:92:5E:F0:49:30:49:36:4E:CD:7F:4D:F4:E3
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/81287956eb7299acf482795e03d8ae10a1dba595.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/047a19e0-48b8-45d2-869c-efb969a5170a/a0d9b154b56659ee4b80e720e44afe8e019286db.roa
Signing time:             Wed 24 Mar 2021 14:40:16 +0000
ROA not before:           Wed 24 Mar 2021 14:40:16 +0000
ROA not after:            Tue 24 Mar 2026 14:40:16 +0000
asID:                     263238
IP address blocks:        45.236.104.0/22 maxlen: 24
                          2803:f0a0::/32 maxlen: 64

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/047a19e0-48b8-45d2-869c-efb969a5170a/81287956eb7299acf482795e03d8ae10a1dba595.crl
                          rsync://repository.lacnic.net/rpki/lacnic/047a19e0-48b8-45d2-869c-efb969a5170a/81287956eb7299acf482795e03d8ae10a1dba595.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/81287956eb7299acf482795e03d8ae10a1dba595.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 01 Apr 2024 05:58:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 851880 (0xcffa8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=81287956eb7299acf482795e03d8ae10a1dba595
        Validity
            Not Before: Mar 24 14:40:16 2021 GMT
            Not After : Mar 24 14:40:16 2026 GMT
        Subject: CN=a0d9b154b56659ee4b80e720e44afe8e019286db
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:e5:78:82:36:f3:6a:f6:e1:b0:48:38:29:71:
                    1b:c8:32:33:0c:77:33:4e:ad:be:07:e0:b0:c8:4b:
                    7c:33:b8:ff:89:42:dc:c1:1e:89:95:1d:b1:32:4b:
                    6b:50:87:e5:82:0c:01:42:24:ba:97:02:68:3a:0f:
                    c8:98:c6:b8:93:53:bc:83:19:d5:03:a3:cd:3d:ea:
                    17:cb:51:34:67:60:1a:de:21:c6:91:cf:bb:25:00:
                    77:10:39:f7:e4:2b:4c:7e:d7:36:eb:3d:4f:8f:6a:
                    a5:36:b7:12:fd:ac:ad:f3:88:82:78:f2:9b:e9:15:
                    14:44:bf:0a:ac:4e:4e:a5:49:96:9f:59:09:9f:d8:
                    07:3e:c0:78:dc:1d:a0:3d:98:07:ca:1e:33:44:ca:
                    4b:c7:ad:6a:7b:56:44:70:94:b0:18:53:f3:4a:f4:
                    1d:ff:e3:ab:f1:55:9b:1c:f8:63:be:58:dd:d0:f7:
                    8e:d9:fc:19:f0:b3:63:0e:41:2e:9d:6a:9b:3f:5d:
                    01:2f:65:d4:bb:32:e8:69:19:5b:c9:85:3d:51:b1:
                    7a:7f:55:93:6c:f1:d8:15:c6:1f:64:97:3f:d7:b6:
                    05:bd:5c:89:40:f3:f1:11:4c:b9:d1:96:1d:33:08:
                    1c:d1:ed:d8:06:e9:30:4f:11:00:d6:9d:a1:37:83:
                    41:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                20:04:9D:35:92:57:6C:CA:26:4F:3B:DD:52:17:9B:1B:81:67:05:42
            X509v3 Authority Key Identifier:
                keyid:CF:6B:72:B3:46:83:57:92:5E:F0:49:30:49:36:4E:CD:7F:4D:F4:E3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/81287956eb7299acf482795e03d8ae10a1dba595.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/047a19e0-48b8-45d2-869c-efb969a5170a/a0d9b154b56659ee4b80e720e44afe8e019286db.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/047a19e0-48b8-45d2-869c-efb969a5170a/81287956eb7299acf482795e03d8ae10a1dba595.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.236.104.0/22
                IPv6:
                  2803:f0a0::/32

    Signature Algorithm: sha256WithRSAEncryption
         0e:b3:f8:ba:a6:e2:e8:65:fd:59:ff:5f:a8:fe:0f:9b:a2:f4:
         bb:8e:23:1c:1f:39:ab:0a:69:c0:9e:83:34:61:17:87:96:42:
         8a:93:a4:fb:79:a0:c9:42:b3:ba:eb:42:43:19:fc:71:c1:be:
         1d:69:d4:fd:bd:6c:74:4a:f8:27:31:76:2d:c4:26:54:30:a9:
         32:3a:37:b4:9c:f5:9a:95:9a:20:e4:de:c8:4a:8a:3b:2f:b0:
         d6:c6:f5:d2:66:03:34:a4:31:7f:ef:9b:3b:96:d8:23:37:67:
         80:0e:c9:c0:a0:7b:d4:f5:68:f3:05:ec:4b:b0:b9:84:c1:51:
         ec:72:1c:06:26:74:83:52:6c:61:c4:50:89:cd:1d:a5:ad:28:
         ab:44:4c:b4:d6:73:2c:e8:e2:97:89:a3:80:3d:6a:2e:d0:cf:
         df:98:6c:93:92:a9:54:33:c7:de:9f:e0:23:2c:b0:ab:d9:74:
         87:52:1c:35:16:8b:0c:bd:1d:54:d7:25:f1:b3:f7:60:a9:13:
         6c:c6:1e:01:02:e3:48:8d:90:4c:61:f3:e3:67:f1:50:40:06:
         5c:e2:8e:a6:2b:b2:c6:b1:6a:ac:8e:39:47:4a:8f:07:af:a5:
         f1:50:a7:1c:c4:ba:d2:d5:4b:9e:31:e5:d6:54:92:98:e8:15:
         94:0c:98:4c
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgIDDP+oMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDgx
Mjg3OTU2ZWI3Mjk5YWNmNDgyNzk1ZTAzZDhhZTEwYTFkYmE1OTUwHhcNMjEwMzI0
MTQ0MDE2WhcNMjYwMzI0MTQ0MDE2WjAzMTEwLwYDVQQDEyhhMGQ5YjE1NGI1NjY1
OWVlNGI4MGU3MjBlNDRhZmU4ZTAxOTI4NmRiMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAlOV4gjbzavbhsEg4KXEbyDIzDHczTq2+B+CwyEt8M7j/iULc
wR6JlR2xMktrUIflggwBQiS6lwJoOg/ImMa4k1O8gxnVA6PNPeoXy1E0Z2Aa3iHG
kc+7JQB3EDn35CtMftc26z1Pj2qlNrcS/ayt84iCePKb6RUURL8KrE5OpUmWn1kJ
n9gHPsB43B2gPZgHyh4zRMpLx61qe1ZEcJSwGFPzSvQd/+Or8VWbHPhjvljd0PeO
2fwZ8LNjDkEunWqbP10BL2XUuzLoaRlbyYU9UbF6f1WTbPHYFcYfZJc/17YFvVyJ
QPPxEUy50ZYdMwgc0e3YBukwTxEA1p2hN4NBHwIDAQABo4ICajCCAmYwHQYDVR0O
BBYEFCAEnTWSV2zKJk873VIXmxuBZwVCMB8GA1UdIwQYMBaAFM9rcrNGg1eSXvBJ
MEk2Ts1/TfTjMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvODEyODc5
NTZlYjcyOTlhY2Y0ODI3OTVlMDNkOGFlMTBhMWRiYTU5NS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMDQ3YTE5ZTAtNDhiOC00NWQyLTg2OWMtZWZiOTY5
YTUxNzBhL2EwZDliMTU0YjU2NjU5ZWU0YjgwZTcyMGU0NGFmZThlMDE5Mjg2ZGIu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8wNDdhMTllMC00OGI4LTQ1ZDItODY5Yy1lZmI5
NjlhNTE3MGEvODEyODc5NTZlYjcyOTlhY2Y0ODI3OTVlMDNkOGFlMTBhMWRiYTU5
NS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQf
MB0wDAQCAAEwBgMEAi3saDANBAIAAjAHAwUAKAPwoDANBgkqhkiG9w0BAQsFAAOC
AQEADrP4uqbi6GX9Wf9fqP4Pm6L0u44jHB85qwppwJ6DNGEXh5ZCipOk+3mgyUKz
uutCQxn8ccG+HWnU/b1sdEr4JzF2LcQmVDCpMjo3tJz1mpWaIOTeyEqKOy+w1sb1
0mYDNKQxf++bO5bYIzdngA7JwKB71PVo8wXsS7C5hMFR7HIcBiZ0g1JsYcRQic0d
pa0oq0RMtNZzLOjil4mjgD1qLtDP35hsk5KpVDPH3p/gIyywq9l0h1IcNRaLDL0d
VNcl8bP3YKkTbMYeAQLjSI2QTGHz42fxUEAGXOKOpiuyxrFqrI45R0qPB6+l8VCn
HMS60tVLnjHl1lSSmOgVlAyYTA==
-----END CERTIFICATE-----
Generated at Fri Mar 29 07:06:32 2024 by rpki-client on console-ams.rpki-client.org