Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/05f17b31-bcb2-4a3c-89d6-70e52a73ad8f/bf58fee16bada5386c85c5bbbdc8e803a1f0d015.roa
File:                     bf58fee16bada5386c85c5bbbdc8e803a1f0d015.roa (raw, json)
Hash identifier:          VvKUPyskLed6QHhTkx5J7YSJOTyIqH4VD9jCF0wPyFc=
Subject key identifier:   23:75:69:2A:EA:72:82:D6:07:72:D5:7A:A1:6B:4B:6D:B6:90:CE:1C
Certificate issuer:       /CN=14a5fd5127356fa7b9278f785efa7ad4ef844d12
Certificate serial:       0D1277
Authority key identifier: 9C:ED:74:DC:1E:EB:56:FA:77:8A:77:BD:C3:C7:AC:9F:85:1D:BE:17
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/14a5fd5127356fa7b9278f785efa7ad4ef844d12.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/05f17b31-bcb2-4a3c-89d6-70e52a73ad8f/bf58fee16bada5386c85c5bbbdc8e803a1f0d015.roa
Signing time:             Wed 24 Mar 2021 14:45:04 +0000
ROA not before:           Wed 24 Mar 2021 14:45:04 +0000
ROA not after:            Tue 24 Mar 2026 14:45:04 +0000
asID:                     264609
IP address blocks:        143.202.252.0/22 maxlen: 24
                          2803:9140::/32 maxlen: 32

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/05f17b31-bcb2-4a3c-89d6-70e52a73ad8f/14a5fd5127356fa7b9278f785efa7ad4ef844d12.crl
                          rsync://repository.lacnic.net/rpki/lacnic/05f17b31-bcb2-4a3c-89d6-70e52a73ad8f/14a5fd5127356fa7b9278f785efa7ad4ef844d12.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/14a5fd5127356fa7b9278f785efa7ad4ef844d12.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 03:49:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 856695 (0xd1277)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=14a5fd5127356fa7b9278f785efa7ad4ef844d12
        Validity
            Not Before: Mar 24 14:45:04 2021 GMT
            Not After : Mar 24 14:45:04 2026 GMT
        Subject: CN=bf58fee16bada5386c85c5bbbdc8e803a1f0d015
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:81:4c:f7:39:08:dc:92:30:36:1a:08:0f:ab:5a:
                    32:ae:86:d5:a4:6d:a0:4a:2c:13:f2:39:88:b7:37:
                    0d:8f:5c:91:e4:52:eb:8f:b8:6b:96:5a:01:7f:7f:
                    01:7f:f7:cf:a4:78:26:fc:b8:0d:95:2b:08:cf:c3:
                    b7:13:60:cf:a7:59:96:cb:b0:22:48:da:a2:ea:dc:
                    97:dc:2f:b2:84:55:fe:1e:35:ef:4f:7c:1f:c1:85:
                    50:0c:a4:e0:7f:55:68:13:ec:db:c0:78:cc:0d:98:
                    29:f7:a9:77:56:02:95:b9:7d:d9:31:fe:09:a3:49:
                    cd:47:40:70:37:bb:54:a3:6e:8e:61:24:94:31:bf:
                    71:54:f1:19:ff:f4:2f:c1:16:5f:52:62:80:18:4b:
                    1f:fa:da:2b:ee:41:02:71:57:b8:2a:ad:21:30:d1:
                    a4:20:96:fe:9a:ac:da:8d:d6:95:e1:3a:96:f3:21:
                    fd:74:90:c4:d5:39:d5:cd:10:7a:c6:65:ad:51:c9:
                    f4:f4:4e:8d:e3:32:68:3a:15:81:aa:54:a1:bd:3c:
                    5b:fa:bb:3e:f6:f3:06:41:a8:89:ca:fe:7e:ab:5e:
                    e1:13:0f:50:a6:20:7b:a4:f3:2b:ae:e0:f1:b1:ca:
                    ba:45:5b:02:f7:24:01:f7:64:ec:a7:97:58:df:d5:
                    13:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                23:75:69:2A:EA:72:82:D6:07:72:D5:7A:A1:6B:4B:6D:B6:90:CE:1C
            X509v3 Authority Key Identifier:
                keyid:9C:ED:74:DC:1E:EB:56:FA:77:8A:77:BD:C3:C7:AC:9F:85:1D:BE:17

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/14a5fd5127356fa7b9278f785efa7ad4ef844d12.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/05f17b31-bcb2-4a3c-89d6-70e52a73ad8f/bf58fee16bada5386c85c5bbbdc8e803a1f0d015.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/05f17b31-bcb2-4a3c-89d6-70e52a73ad8f/14a5fd5127356fa7b9278f785efa7ad4ef844d12.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  143.202.252.0/22
                IPv6:
                  2803:9140::/32

    Signature Algorithm: sha256WithRSAEncryption
         7c:e2:6c:9a:25:d0:90:fa:98:b8:ad:9e:3f:42:64:b7:4e:08:
         8f:8f:e7:12:7b:30:e3:38:98:fa:45:f8:5e:cc:7d:a1:03:3a:
         d0:31:65:32:be:c6:a3:b8:a5:9c:e5:68:95:ca:4d:36:ac:de:
         b5:f3:05:8b:38:2a:f2:4d:54:ba:84:2c:0b:4f:db:26:ef:a2:
         81:2c:59:7a:0c:bd:da:d6:a7:87:f4:17:3d:30:d3:08:e6:06:
         5c:b9:9a:7b:4c:da:66:20:20:e2:fe:c5:47:b0:c8:b9:0a:bc:
         0b:ef:4d:f7:3c:56:0a:61:08:bc:5f:89:ba:6c:a0:c7:9d:4a:
         86:e3:d8:69:66:4d:c8:38:9e:6b:f8:77:83:54:a0:dd:c2:ea:
         7e:19:e4:24:83:c3:33:64:b7:82:b9:6c:e2:08:bb:5a:c8:51:
         2b:10:51:2b:e4:3a:f7:3b:cd:14:70:45:1d:33:c8:c4:1c:18:
         12:ec:c0:71:5b:2e:66:9b:3d:91:f0:63:89:a6:19:4b:c6:a8:
         e2:dc:78:1f:a4:71:e9:45:cd:de:ad:23:47:1d:b7:f9:47:38:
         b9:08:d6:2b:45:b5:c7:df:1e:c2:83:2d:46:85:e0:ab:04:69:
         ad:5b:47:64:e5:fa:70:6f:99:65:2a:cf:f8:de:59:5b:3d:94:
         2c:db:1a:38
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgIDDRJ3MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDE0
YTVmZDUxMjczNTZmYTdiOTI3OGY3ODVlZmE3YWQ0ZWY4NDRkMTIwHhcNMjEwMzI0
MTQ0NTA0WhcNMjYwMzI0MTQ0NTA0WjAzMTEwLwYDVQQDEyhiZjU4ZmVlMTZiYWRh
NTM4NmM4NWM1YmJiZGM4ZTgwM2ExZjBkMDE1MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAgUz3OQjckjA2GggPq1oyrobVpG2gSiwT8jmItzcNj1yR5FLr
j7hrlloBf38Bf/fPpHgm/LgNlSsIz8O3E2DPp1mWy7AiSNqi6tyX3C+yhFX+HjXv
T3wfwYVQDKTgf1VoE+zbwHjMDZgp96l3VgKVuX3ZMf4Jo0nNR0BwN7tUo26OYSSU
Mb9xVPEZ//QvwRZfUmKAGEsf+tor7kECcVe4Kq0hMNGkIJb+mqzajdaV4TqW8yH9
dJDE1TnVzRB6xmWtUcn09E6N4zJoOhWBqlShvTxb+rs+9vMGQaiJyv5+q17hEw9Q
piB7pPMrruDxscq6RVsC9yQB92Tsp5dY39UTrwIDAQABo4ICajCCAmYwHQYDVR0O
BBYEFCN1aSrqcoLWB3LVeqFrS222kM4cMB8GA1UdIwQYMBaAFJztdNwe61b6d4p3
vcPHrJ+FHb4XMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvMTRhNWZk
NTEyNzM1NmZhN2I5Mjc4Zjc4NWVmYTdhZDRlZjg0NGQxMi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMDVmMTdiMzEtYmNiMi00YTNjLTg5ZDYtNzBlNTJh
NzNhZDhmL2JmNThmZWUxNmJhZGE1Mzg2Yzg1YzViYmJkYzhlODAzYTFmMGQwMTUu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8wNWYxN2IzMS1iY2IyLTRhM2MtODlkNi03MGU1
MmE3M2FkOGYvMTRhNWZkNTEyNzM1NmZhN2I5Mjc4Zjc4NWVmYTdhZDRlZjg0NGQx
Mi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQf
MB0wDAQCAAEwBgMEAo/K/DANBAIAAjAHAwUAKAORQDANBgkqhkiG9w0BAQsFAAOC
AQEAfOJsmiXQkPqYuK2eP0Jkt04Ij4/nEnsw4ziY+kX4Xsx9oQM60DFlMr7Go7il
nOVolcpNNqzetfMFizgq8k1UuoQsC0/bJu+igSxZegy92tanh/QXPTDTCOYGXLma
e0zaZiAg4v7FR7DIuQq8C+9N9zxWCmEIvF+Jumygx51KhuPYaWZNyDiea/h3g1Sg
3cLqfhnkJIPDM2S3grls4gi7WshRKxBRK+Q69zvNFHBFHTPIxBwYEuzAcVsuZps9
kfBjiaYZS8ao4tx4H6Rx6UXN3q0jRx23+Uc4uQjWK0W1x98ewoMtRoXgqwRprVtH
ZOX6cG+ZZSrP+N5ZWz2ULNsaOA==
-----END CERTIFICATE-----
Generated at Thu Mar 28 08:10:51 2024 by rpki-client on console-ams.rpki-client.org