Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/0ef3f025-4103-4531-b740-b3a46a6da645/8065214fe465f6fe5d8b33a906c01c13717090f4.roa
File:                     8065214fe465f6fe5d8b33a906c01c13717090f4.roa (raw, json)
Hash identifier:          Pb5kzUUbDrnVIkWlWnTYsEFapdVwNczkjE3GP3itciQ=
Subject key identifier:   90:BD:6A:A4:8C:2E:43:FA:F8:9E:79:E7:BA:EB:B6:84:60:E4:15:DD
Certificate issuer:       /CN=f5a6fc62579b19a2435b117b3d5b39a73d68bc1f
Certificate serial:       0C3152
Authority key identifier: D1:93:C5:2D:59:93:7A:5D:CE:B2:8B:41:30:C1:2E:27:F2:5D:6F:F5
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/f5a6fc62579b19a2435b117b3d5b39a73d68bc1f.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/0ef3f025-4103-4531-b740-b3a46a6da645/8065214fe465f6fe5d8b33a906c01c13717090f4.roa
Signing time:             Wed 24 Mar 2021 14:48:01 +0000
ROA not before:           Wed 24 Mar 2021 14:48:00 +0000
ROA not after:            Tue 24 Mar 2026 14:48:00 +0000
asID:                     267809
IP address blocks:        45.173.196.0/22 maxlen: 22

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/0ef3f025-4103-4531-b740-b3a46a6da645/f5a6fc62579b19a2435b117b3d5b39a73d68bc1f.crl
                          rsync://repository.lacnic.net/rpki/lacnic/0ef3f025-4103-4531-b740-b3a46a6da645/f5a6fc62579b19a2435b117b3d5b39a73d68bc1f.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/f5a6fc62579b19a2435b117b3d5b39a73d68bc1f.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 01 Apr 2024 05:14:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 799058 (0xc3152)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f5a6fc62579b19a2435b117b3d5b39a73d68bc1f
        Validity
            Not Before: Mar 24 14:48:00 2021 GMT
            Not After : Mar 24 14:48:00 2026 GMT
        Subject: CN=8065214fe465f6fe5d8b33a906c01c13717090f4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:d9:0f:79:c6:ea:07:97:6a:49:3c:95:86:6e:
                    3f:4a:36:e8:11:da:a2:4d:bd:14:a5:b5:47:80:a2:
                    39:7e:5b:55:f8:69:d9:2d:10:f5:89:93:b3:12:d8:
                    da:2e:f2:37:29:e3:ad:c6:ec:44:f2:fc:91:29:11:
                    b4:81:c8:74:4b:8c:45:f7:37:48:3b:97:2b:7b:ab:
                    f0:b6:5e:32:18:b2:46:5a:bb:a1:e1:c2:11:a9:86:
                    9b:bb:71:79:d3:53:97:68:35:a4:bf:51:13:bb:e4:
                    ec:8e:b1:b5:d3:f5:ea:54:7b:96:d9:68:8a:8c:fb:
                    f5:4d:1a:30:96:94:ca:08:9a:f6:8a:f8:40:27:3b:
                    b4:94:41:55:f4:3d:be:93:0a:8e:12:16:f5:8e:4f:
                    82:3a:eb:94:cc:ed:92:2d:79:17:cc:89:35:ac:8d:
                    89:5e:77:0d:c9:1f:de:07:89:8b:b5:71:b4:84:a2:
                    b3:bf:81:d1:16:47:71:5b:2d:97:9b:0c:84:e2:a8:
                    d1:e7:93:2b:d6:4f:08:f7:9e:fe:31:ee:04:a5:ff:
                    4d:50:a1:71:94:91:5b:de:5a:2c:1e:1e:50:8d:fd:
                    af:4b:c9:d9:01:a8:ad:22:9c:e6:96:fb:64:2e:dc:
                    f8:e2:dd:1f:0e:3f:ea:53:94:28:d6:16:b5:f2:af:
                    0c:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                90:BD:6A:A4:8C:2E:43:FA:F8:9E:79:E7:BA:EB:B6:84:60:E4:15:DD
            X509v3 Authority Key Identifier:
                keyid:D1:93:C5:2D:59:93:7A:5D:CE:B2:8B:41:30:C1:2E:27:F2:5D:6F:F5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/f5a6fc62579b19a2435b117b3d5b39a73d68bc1f.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/0ef3f025-4103-4531-b740-b3a46a6da645/8065214fe465f6fe5d8b33a906c01c13717090f4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/0ef3f025-4103-4531-b740-b3a46a6da645/f5a6fc62579b19a2435b117b3d5b39a73d68bc1f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.173.196.0/22

    Signature Algorithm: sha256WithRSAEncryption
         82:32:9a:9b:2b:f0:c7:36:b4:ce:31:b1:ca:af:af:29:38:c2:
         b7:16:94:ea:d6:ed:ca:3b:8b:ff:0f:c8:66:76:73:86:64:48:
         a9:b2:5b:71:61:e2:2c:af:b4:cc:d8:eb:04:7e:2e:8b:00:74:
         a1:a6:61:b8:69:5e:49:3f:16:f0:54:52:90:a4:74:7e:52:b5:
         68:e9:c0:5f:38:ee:45:df:72:cd:3d:f9:5f:b5:76:0b:36:cd:
         d6:54:8d:92:ab:f7:db:a5:a6:6f:75:99:cf:08:66:ed:78:ad:
         ff:df:c1:85:1f:a2:5c:27:fa:e5:c8:b9:0c:b2:53:12:0d:8c:
         cf:a2:4b:b3:09:4b:cf:4f:e8:26:91:76:c4:c4:59:9a:ff:9a:
         e1:9e:4f:1c:c3:f4:6d:1e:f1:da:62:b2:34:52:87:29:46:36:
         b7:01:16:9f:a7:b4:bf:4a:49:25:14:a5:c5:35:16:32:dd:31:
         2d:bf:54:27:cd:39:36:b9:79:67:ae:43:f2:dd:a2:33:33:36:
         94:54:fd:87:c0:6c:31:14:bd:64:26:ef:47:82:1f:74:ee:79:
         8c:2d:0c:2a:c3:1d:a6:df:7c:95:f6:c2:98:14:3c:60:cb:29:
         7b:7e:e6:07:05:0d:a3:da:32:53:e8:9b:c7:dd:45:f5:d3:97:
         dd:06:68:f9
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDDDFSMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGY1
YTZmYzYyNTc5YjE5YTI0MzViMTE3YjNkNWIzOWE3M2Q2OGJjMWYwHhcNMjEwMzI0
MTQ0ODAwWhcNMjYwMzI0MTQ0ODAwWjAzMTEwLwYDVQQDEyg4MDY1MjE0ZmU0NjVm
NmZlNWQ4YjMzYTkwNmMwMWMxMzcxNzA5MGY0MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAn9kPecbqB5dqSTyVhm4/SjboEdqiTb0UpbVHgKI5fltV+GnZ
LRD1iZOzEtjaLvI3KeOtxuxE8vyRKRG0gch0S4xF9zdIO5cre6vwtl4yGLJGWruh
4cIRqYabu3F501OXaDWkv1ETu+TsjrG10/XqVHuW2WiKjPv1TRowlpTKCJr2ivhA
Jzu0lEFV9D2+kwqOEhb1jk+COuuUzO2SLXkXzIk1rI2JXncNyR/eB4mLtXG0hKKz
v4HRFkdxWy2XmwyE4qjR55Mr1k8I957+Me4Epf9NUKFxlJFb3losHh5Qjf2vS8nZ
AaitIpzmlvtkLtz44t0fDj/qU5Qo1ha18q8MhQIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFJC9aqSMLkP6+J5557rrtoRg5BXdMB8GA1UdIwQYMBaAFNGTxS1Zk3pdzrKL
QTDBLifyXW/1MA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvZjVhNmZj
NjI1NzliMTlhMjQzNWIxMTdiM2Q1YjM5YTczZDY4YmMxZi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMGVmM2YwMjUtNDEwMy00NTMxLWI3NDAtYjNhNDZh
NmRhNjQ1LzgwNjUyMTRmZTQ2NWY2ZmU1ZDhiMzNhOTA2YzAxYzEzNzE3MDkwZjQu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8wZWYzZjAyNS00MTAzLTQ1MzEtYjc0MC1iM2E0
NmE2ZGE2NDUvZjVhNmZjNjI1NzliMTlhMjQzNWIxMTdiM2Q1YjM5YTczZDY4YmMx
Zi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAi2txDANBgkqhkiG9w0BAQsFAAOCAQEAgjKamyvwxza0zjGx
yq+vKTjCtxaU6tbtyjuL/w/IZnZzhmRIqbJbcWHiLK+0zNjrBH4uiwB0oaZhuGle
ST8W8FRSkKR0flK1aOnAXzjuRd9yzT35X7V2CzbN1lSNkqv326Wmb3WZzwhm7Xit
/9/BhR+iXCf65ci5DLJTEg2Mz6JLswlLz0/oJpF2xMRZmv+a4Z5PHMP0bR7x2mKy
NFKHKUY2twEWn6e0v0pJJRSlxTUWMt0xLb9UJ805Nrl5Z65D8t2iMzM2lFT9h8Bs
MRS9ZCbvR4IfdO55jC0MKsMdpt98lfbCmBQ8YMspe37mBwUNo9oyU+ibx91F9dOX
3QZo+Q==
-----END CERTIFICATE-----
Generated at Fri Mar 29 05:44:28 2024 by rpki-client on console-ams.rpki-client.org