Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/0e54a05e-e8de-45ad-a23f-9a593a838eaf/bab3128b0b64d41c3aa0b18ac7de1d4c44f4decb.roa
File:                     bab3128b0b64d41c3aa0b18ac7de1d4c44f4decb.roa (raw, json)
Hash identifier:          ruW0VRq+yhdRpZAQOuvoXJx52U/6jdpLnGcoJzT3IcA=
Subject key identifier:   68:C8:8D:4C:B8:BE:70:0C:BA:3D:40:18:98:34:F9:5E:CA:4B:D1:E7
Certificate issuer:       /CN=7047f702e4b88509342b465e0313aa10a406121c
Certificate serial:       1B12D7
Authority key identifier: FA:A0:86:28:B6:67:0A:83:D6:15:73:60:F2:2A:C8:8B:01:A6:51:09
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/7047f702e4b88509342b465e0313aa10a406121c.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/0e54a05e-e8de-45ad-a23f-9a593a838eaf/bab3128b0b64d41c3aa0b18ac7de1d4c44f4decb.roa
Signing time:             Fri 20 Oct 2023 03:50:33 +0000
ROA not before:           Fri 20 Oct 2023 03:50:33 +0000
ROA not after:            Mon 20 Oct 2025 03:50:33 +0000
asID:                     28477
IP address blocks:        148.218.0.0/17 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/0e54a05e-e8de-45ad-a23f-9a593a838eaf/7047f702e4b88509342b465e0313aa10a406121c.crl
                          rsync://repository.lacnic.net/rpki/lacnic/0e54a05e-e8de-45ad-a23f-9a593a838eaf/7047f702e4b88509342b465e0313aa10a406121c.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/7047f702e4b88509342b465e0313aa10a406121c.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 03 Mar 2024 01:34:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1774295 (0x1b12d7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7047f702e4b88509342b465e0313aa10a406121c
        Validity
            Not Before: Oct 20 03:50:33 2023 GMT
            Not After : Oct 20 03:50:33 2025 GMT
        Subject: CN=bab3128b0b64d41c3aa0b18ac7de1d4c44f4decb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:a2:0e:d8:ef:e4:39:b5:7d:5d:20:b5:aa:67:
                    97:6c:ea:87:6c:68:0b:f7:62:f7:33:d9:3c:1b:ef:
                    8c:ba:f1:2f:86:cb:31:f1:c7:58:4e:a5:e2:da:be:
                    30:cc:24:27:92:35:c7:59:28:84:f4:45:e8:b0:23:
                    0a:d5:8a:52:25:6b:42:85:ce:03:4f:2e:c6:03:b9:
                    e6:9a:be:19:27:2f:05:74:c7:86:79:ac:06:8e:04:
                    ab:7a:0f:cd:39:ef:cd:98:98:d9:93:3d:c3:32:56:
                    1a:95:52:78:6a:c3:29:dd:e2:ee:7e:e5:e4:7d:3e:
                    00:62:d7:3a:a5:0d:9c:39:fd:b9:e4:1a:69:33:e2:
                    89:cf:43:f7:db:bc:6d:5c:6f:88:35:d8:e7:39:ff:
                    e3:2d:a3:a1:3e:a2:1b:c0:6f:b4:22:bb:09:00:5a:
                    2b:de:d1:5d:42:0a:32:e5:18:aa:34:a8:29:6c:ea:
                    2d:b1:59:26:b2:59:02:5b:b6:82:c9:2a:ec:86:77:
                    4a:cd:d6:22:62:a0:c4:c0:0b:42:f7:a6:26:d5:d7:
                    cd:df:4b:f6:70:bb:59:b6:f4:ec:1f:bc:9c:db:35:
                    5e:6b:5b:31:ad:6c:9a:17:d3:bc:2c:96:1c:90:0b:
                    2b:60:ee:e9:aa:b1:7e:f4:34:d1:1c:04:d0:e1:83:
                    16:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                68:C8:8D:4C:B8:BE:70:0C:BA:3D:40:18:98:34:F9:5E:CA:4B:D1:E7
            X509v3 Authority Key Identifier:
                keyid:FA:A0:86:28:B6:67:0A:83:D6:15:73:60:F2:2A:C8:8B:01:A6:51:09

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/7047f702e4b88509342b465e0313aa10a406121c.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/0e54a05e-e8de-45ad-a23f-9a593a838eaf/bab3128b0b64d41c3aa0b18ac7de1d4c44f4decb.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/0e54a05e-e8de-45ad-a23f-9a593a838eaf/7047f702e4b88509342b465e0313aa10a406121c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  148.218.0.0/17

    Signature Algorithm: sha256WithRSAEncryption
         16:41:64:a2:3c:cb:35:3d:51:14:36:59:b6:aa:2a:ec:74:64:
         52:73:d7:76:6d:37:9c:34:a5:e0:e8:b7:e8:6c:81:9a:7c:56:
         b4:d6:83:77:fd:5e:68:99:5f:4c:6e:53:7c:82:42:2f:b1:5d:
         f8:e5:ec:45:ad:43:95:fd:3a:38:d7:cc:74:39:a2:df:ea:83:
         1e:19:4f:b7:b2:d1:fd:de:c1:0c:50:59:56:af:fc:8a:5e:a5:
         fd:a1:43:08:83:5d:f5:d4:8e:81:2b:16:33:62:1f:f7:76:5c:
         34:fc:e6:66:59:ba:3e:6b:b5:b8:14:b9:04:26:ec:12:46:91:
         cf:95:fa:6a:61:e7:5f:b0:dc:55:7b:ec:ba:e6:8b:25:92:79:
         07:84:45:0e:dd:52:89:09:8d:93:00:bc:aa:22:21:f4:70:76:
         76:cb:6f:40:4c:fc:23:43:5e:67:b1:f1:8f:4a:e2:1c:76:91:
         6f:82:2e:15:f1:aa:be:e4:11:fc:0c:d8:0b:b1:cb:76:7d:de:
         36:2e:88:f6:9a:6e:61:09:f5:45:a3:83:3e:a8:72:51:9e:d0:
         41:ff:e0:35:0d:92:16:6c:06:98:c6:2e:b6:61:9f:f4:32:71:
         9b:22:f4:7e:db:d0:e9:46:81:cd:74:24:a1:77:40:0c:f0:71:
         e0:cc:91:5b
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDGxLXMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDcw
NDdmNzAyZTRiODg1MDkzNDJiNDY1ZTAzMTNhYTEwYTQwNjEyMWMwHhcNMjMxMDIw
MDM1MDMzWhcNMjUxMDIwMDM1MDMzWjAzMTEwLwYDVQQDEyhiYWIzMTI4YjBiNjRk
NDFjM2FhMGIxOGFjN2RlMWQ0YzQ0ZjRkZWNiMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAkqIO2O/kObV9XSC1qmeXbOqHbGgL92L3M9k8G++MuvEvhssx
8cdYTqXi2r4wzCQnkjXHWSiE9EXosCMK1YpSJWtChc4DTy7GA7nmmr4ZJy8FdMeG
eawGjgSreg/NOe/NmJjZkz3DMlYalVJ4asMp3eLufuXkfT4AYtc6pQ2cOf255Bpp
M+KJz0P327xtXG+INdjnOf/jLaOhPqIbwG+0IrsJAFor3tFdQgoy5RiqNKgpbOot
sVkmslkCW7aCySrshndKzdYiYqDEwAtC96Ym1dfN30v2cLtZtvTsH7yc2zVea1sx
rWyaF9O8LJYckAsrYO7pqrF+9DTRHATQ4YMWowIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFGjIjUy4vnAMuj1AGJg0+V7KS9HnMB8GA1UdIwQYMBaAFPqghii2ZwqD1hVz
YPIqyIsBplEJMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvNzA0N2Y3
MDJlNGI4ODUwOTM0MmI0NjVlMDMxM2FhMTBhNDA2MTIxYy5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMGU1NGEwNWUtZThkZS00NWFkLWEyM2YtOWE1OTNh
ODM4ZWFmL2JhYjMxMjhiMGI2NGQ0MWMzYWEwYjE4YWM3ZGUxZDRjNDRmNGRlY2Iu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8wZTU0YTA1ZS1lOGRlLTQ1YWQtYTIzZi05YTU5
M2E4MzhlYWYvNzA0N2Y3MDJlNGI4ODUwOTM0MmI0NjVlMDMxM2FhMTBhNDA2MTIx
Yy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEB5TaADANBgkqhkiG9w0BAQsFAAOCAQEAFkFkojzLNT1RFDZZ
tqoq7HRkUnPXdm03nDSl4Oi36GyBmnxWtNaDd/1eaJlfTG5TfIJCL7Fd+OXsRa1D
lf06ONfMdDmi3+qDHhlPt7LR/d7BDFBZVq/8il6l/aFDCINd9dSOgSsWM2If93Zc
NPzmZlm6Pmu1uBS5BCbsEkaRz5X6amHnX7DcVXvsuuaLJZJ5B4RFDt1SiQmNkwC8
qiIh9HB2dstvQEz8I0NeZ7Hxj0riHHaRb4IuFfGqvuQR/AzYC7HLdn3eNi6I9ppu
YQn1RaODPqhyUZ7QQf/gNQ2SFmwGmMYutmGf9DJxmyL0ftvQ6UaBzXQkoXdADPBx
4MyRWw==
-----END CERTIFICATE-----
Generated at Thu Feb 29 04:21:52 2024 by rpki-client on console-fra.rpki-client.org