Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/0ee929c9-18cb-4fa6-9fc2-99469e3f41d0/8bdc60ff778d7ce841471a191ed63a675da41b00.roa
File:                     8bdc60ff778d7ce841471a191ed63a675da41b00.roa (raw, json)
Hash identifier:          oSR3fLe6BryQp7wqivaGO53xTnYDDvFG0NgPV+pkD3Q=
Subject key identifier:   BB:B6:31:B3:1C:45:96:21:87:EE:EC:CF:9E:B8:B3:29:42:A3:16:20
Certificate issuer:       /CN=03d8e683660397c96889ff6269b0333c9d69d092
Certificate serial:       0C2797
Authority key identifier: E4:A9:9D:C5:43:CF:C2:5D:F1:8D:F1:71:52:AE:E4:0E:7F:2E:9B:82
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/03d8e683660397c96889ff6269b0333c9d69d092.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/0ee929c9-18cb-4fa6-9fc2-99469e3f41d0/8bdc60ff778d7ce841471a191ed63a675da41b00.roa
Signing time:             Wed 24 Mar 2021 14:30:14 +0000
ROA not before:           Wed 24 Mar 2021 14:30:14 +0000
ROA not after:            Tue 24 Mar 2026 14:30:14 +0000
asID:                     267903
IP address blocks:        45.179.54.0/23 maxlen: 23
                          45.179.60.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/0ee929c9-18cb-4fa6-9fc2-99469e3f41d0/03d8e683660397c96889ff6269b0333c9d69d092.crl
                          rsync://repository.lacnic.net/rpki/lacnic/0ee929c9-18cb-4fa6-9fc2-99469e3f41d0/03d8e683660397c96889ff6269b0333c9d69d092.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/03d8e683660397c96889ff6269b0333c9d69d092.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 18 Mar 2023 02:22:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 796567 (0xc2797)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=03d8e683660397c96889ff6269b0333c9d69d092
        Validity
            Not Before: Mar 24 14:30:14 2021 GMT
            Not After : Mar 24 14:30:14 2026 GMT
        Subject: CN=8bdc60ff778d7ce841471a191ed63a675da41b00
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:c9:77:39:98:9d:a2:ec:1b:fe:b7:9e:67:f5:
                    e9:b8:b5:a0:0c:ae:b7:16:9e:fa:ed:08:c0:da:a1:
                    5b:8f:94:18:77:be:2b:20:9f:a1:c6:23:23:67:e7:
                    fe:67:12:81:22:18:33:c5:f4:72:99:d4:a8:ae:85:
                    63:3c:25:7a:18:0d:91:b6:51:d6:84:73:73:de:dc:
                    67:10:ec:8c:8b:9e:7c:eb:1a:1c:5f:09:fc:0f:cd:
                    2f:87:14:b0:28:95:6d:14:2d:e2:a5:f8:1a:5e:b6:
                    bb:27:82:b5:a5:a4:0d:c8:59:2d:91:94:c7:e8:3b:
                    15:38:a2:bf:8b:8f:f2:9b:d2:fc:1f:ec:be:e9:80:
                    8c:59:49:32:d8:4f:e0:4a:3e:e6:4c:ee:4a:b8:5a:
                    94:52:8a:7a:62:e2:60:98:c3:c9:a4:46:a6:d2:5e:
                    04:5c:c2:57:16:df:a0:c6:6b:c6:37:55:a9:9b:a8:
                    05:d2:8e:3d:31:54:cd:2d:e7:6c:70:92:3e:92:68:
                    f8:61:9b:fb:77:3d:bb:af:bf:64:0c:1c:06:46:ec:
                    96:70:24:ce:1e:af:77:33:67:ad:e8:97:b3:3a:5e:
                    fa:2b:ac:5d:b0:07:d6:64:fe:2c:bf:b2:97:64:25:
                    c3:23:3b:64:41:b8:4e:22:fa:68:b4:e6:01:9b:0d:
                    97:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                BB:B6:31:B3:1C:45:96:21:87:EE:EC:CF:9E:B8:B3:29:42:A3:16:20
            X509v3 Authority Key Identifier: 
                keyid:E4:A9:9D:C5:43:CF:C2:5D:F1:8D:F1:71:52:AE:E4:0E:7F:2E:9B:82

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/03d8e683660397c96889ff6269b0333c9d69d092.cer

            Subject Information Access: 
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/0ee929c9-18cb-4fa6-9fc2-99469e3f41d0/8bdc60ff778d7ce841471a191ed63a675da41b00.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/0ee929c9-18cb-4fa6-9fc2-99469e3f41d0/03d8e683660397c96889ff6269b0333c9d69d092.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.179.54.0/23
                  45.179.60.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1f:3f:0f:5d:ab:31:bb:3a:9d:46:54:2c:01:77:44:20:2c:31:
         66:8f:28:2b:fd:04:98:d6:fc:16:cb:90:a9:26:59:af:20:1c:
         cd:17:75:08:00:e7:d1:69:97:9c:46:3d:05:5a:8b:f4:6b:fa:
         51:fc:a2:78:b1:90:7a:16:f3:c3:71:d9:fe:70:94:e6:35:3a:
         24:bc:b0:0c:5a:b7:dd:48:ef:4e:ad:68:da:c1:ea:02:20:e5:
         f3:d9:c8:0e:3a:41:e2:0f:1b:50:63:3d:e8:9f:e9:43:24:bc:
         d3:2e:a8:9a:4d:d8:83:6d:50:14:08:12:a4:9b:f7:47:e6:95:
         53:96:e5:88:4f:77:e7:7c:c4:83:c7:a7:67:d5:eb:a4:ab:ed:
         f3:e6:51:4c:67:86:3c:07:44:71:3e:9c:9c:be:e3:7f:2c:e9:
         6e:0e:85:b1:d2:99:ab:fc:f6:b4:5d:79:af:25:be:26:95:2f:
         44:6c:df:35:5c:b7:8e:6b:f0:1e:24:9f:73:d8:3b:0d:9f:96:
         e9:5d:36:a1:43:a6:1a:12:45:cb:6d:30:c0:77:19:d9:3d:4a:
         67:c5:28:da:70:dd:f7:b1:96:54:af:d2:30:96:84:61:c8:7e:
         34:6b:00:11:7d:a8:4c:db:1a:71:47:6b:6d:5b:4a:a0:5d:35:
         79:e6:ad:46
-----BEGIN CERTIFICATE-----
MIIFRjCCBC6gAwIBAgIDDCeXMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDAz
ZDhlNjgzNjYwMzk3Yzk2ODg5ZmY2MjY5YjAzMzNjOWQ2OWQwOTIwHhcNMjEwMzI0
MTQzMDE0WhcNMjYwMzI0MTQzMDE0WjAzMTEwLwYDVQQDEyg4YmRjNjBmZjc3OGQ3
Y2U4NDE0NzFhMTkxZWQ2M2E2NzVkYTQxYjAwMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAhMl3OZidouwb/reeZ/XpuLWgDK63Fp767QjA2qFbj5QYd74r
IJ+hxiMjZ+f+ZxKBIhgzxfRymdSoroVjPCV6GA2RtlHWhHNz3txnEOyMi5586xoc
Xwn8D80vhxSwKJVtFC3ipfgaXra7J4K1paQNyFktkZTH6DsVOKK/i4/ym9L8H+y+
6YCMWUky2E/gSj7mTO5KuFqUUop6YuJgmMPJpEam0l4EXMJXFt+gxmvGN1Wpm6gF
0o49MVTNLedscJI+kmj4YZv7dz27r79kDBwGRuyWcCTOHq93M2et6JezOl76K6xd
sAfWZP4sv7KXZCXDIztkQbhOIvpotOYBmw2XMwIDAQABo4ICYTCCAl0wHQYDVR0O
BBYEFLu2MbMcRZYhh+7sz564sylCoxYgMB8GA1UdIwQYMBaAFOSpncVDz8Jd8Y3x
cVKu5A5/LpuCMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvMDNkOGU2
ODM2NjAzOTdjOTY4ODlmZjYyNjliMDMzM2M5ZDY5ZDA5Mi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMGVlOTI5YzktMThjYi00ZmE2LTlmYzItOTk0Njll
M2Y0MWQwLzhiZGM2MGZmNzc4ZDdjZTg0MTQ3MWExOTFlZDYzYTY3NWRhNDFiMDAu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8wZWU5MjljOS0xOGNiLTRmYTYtOWZjMi05OTQ2
OWUzZjQxZDAvMDNkOGU2ODM2NjAzOTdjOTY4ODlmZjYyNjliMDMzM2M5ZDY5ZDA5
Mi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQW
MBQwEgQCAAEwDAMEAS2zNgMEAC2zPDANBgkqhkiG9w0BAQsFAAOCAQEAHz8PXasx
uzqdRlQsAXdEICwxZo8oK/0EmNb8FsuQqSZZryAczRd1CADn0WmXnEY9BVqL9Gv6
UfyieLGQehbzw3HZ/nCU5jU6JLywDFq33UjvTq1o2sHqAiDl89nIDjpB4g8bUGM9
6J/pQyS80y6omk3Yg21QFAgSpJv3R+aVU5bliE9353zEg8enZ9XrpKvt8+ZRTGeG
PAdEcT6cnL7jfyzpbg6FsdKZq/z2tF15ryW+JpUvRGzfNVy3jmvwHiSfc9g7DZ+W
6V02oUOmGhJFy20wwHcZ2T1KZ8Uo2nDd97GWVK/SMJaEYch+NGsAEX2oTNsacUdr
bVtKoF01eeatRg==
-----END CERTIFICATE-----
Generated at Wed Mar 15 11:33:27 2023 by rpki-client on console-ams.rpki-client.org