Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/0ef3f025-4103-4531-b740-b3a46a6da645/b0cc501c5accad05012f15e45f52c3104e966516.roa
File:                     b0cc501c5accad05012f15e45f52c3104e966516.roa (raw, json)
Hash identifier:          p9osE8FDThtlN0trCHweQybG0LD42vNcOB0Pq6k12j4=
Subject key identifier:   FB:AC:42:44:DB:B6:D2:02:DD:10:FA:F2:5D:27:1B:3D:D0:DE:8C:7F
Certificate issuer:       /CN=f5a6fc62579b19a2435b117b3d5b39a73d68bc1f
Certificate serial:       1E263B
Authority key identifier: D1:93:C5:2D:59:93:7A:5D:CE:B2:8B:41:30:C1:2E:27:F2:5D:6F:F5
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/f5a6fc62579b19a2435b117b3d5b39a73d68bc1f.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/0ef3f025-4103-4531-b740-b3a46a6da645/b0cc501c5accad05012f15e45f52c3104e966516.roa
Signing time:             Fri 24 Mar 2023 08:32:24 +0000
ROA not before:           Thu 23 Mar 2023 08:32:23 +0000
ROA not after:            Sat 22 Mar 2025 08:32:23 +0000
asID:                     267809
IP address blocks:        45.173.196.0/24 maxlen: 24
                          45.173.197.0/24 maxlen: 24
                          45.173.199.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/0ef3f025-4103-4531-b740-b3a46a6da645/f5a6fc62579b19a2435b117b3d5b39a73d68bc1f.crl
                          rsync://repository.lacnic.net/rpki/lacnic/0ef3f025-4103-4531-b740-b3a46a6da645/f5a6fc62579b19a2435b117b3d5b39a73d68bc1f.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/f5a6fc62579b19a2435b117b3d5b39a73d68bc1f.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 13 May 2023 19:39:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1975867 (0x1e263b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f5a6fc62579b19a2435b117b3d5b39a73d68bc1f
        Validity
            Not Before: Mar 23 08:32:23 2023 GMT
            Not After : Mar 22 08:32:23 2025 GMT
        Subject: CN=b0cc501c5accad05012f15e45f52c3104e966516
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:09:81:3e:3b:18:2d:cc:ee:00:10:c9:5f:5e:
                    01:43:06:73:b9:18:99:80:be:d9:01:f6:12:db:6b:
                    62:ef:db:8e:52:5a:b2:31:c3:b2:bb:1d:1e:f2:12:
                    f6:c9:c4:f4:da:ce:28:41:f1:a5:81:81:5f:1c:db:
                    36:46:66:d0:07:a8:39:ee:31:62:d8:3f:83:7a:dc:
                    2b:23:55:88:a7:a0:78:16:43:ff:62:a8:29:66:ea:
                    f7:bf:f3:46:2a:d8:f0:db:7e:24:03:f5:19:94:0b:
                    eb:78:75:9c:49:2b:8d:c9:2c:5f:bb:1b:53:40:b4:
                    b6:32:52:76:94:ee:8e:da:21:71:55:e3:9b:98:df:
                    f4:93:ea:57:b2:f5:aa:e3:48:09:3a:52:0d:f0:e2:
                    ac:e7:c2:90:f5:50:c9:94:6a:09:e6:84:82:e7:c2:
                    bb:76:46:db:3b:2d:ac:e1:40:e4:8a:40:03:5e:01:
                    95:db:0b:92:6e:1d:3a:31:95:fa:29:8b:79:4b:34:
                    ff:3b:d6:a5:1b:dc:1c:7d:ef:b9:b5:c2:27:da:dd:
                    1d:c8:2a:24:b0:45:21:b8:e7:00:97:38:cd:eb:f3:
                    2f:3a:8e:38:56:31:c9:6c:0c:f0:d1:b6:17:c8:b2:
                    03:0f:90:9a:a5:a1:37:73:cc:cf:27:42:cc:01:20:
                    ed:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                FB:AC:42:44:DB:B6:D2:02:DD:10:FA:F2:5D:27:1B:3D:D0:DE:8C:7F
            X509v3 Authority Key Identifier: 
                keyid:D1:93:C5:2D:59:93:7A:5D:CE:B2:8B:41:30:C1:2E:27:F2:5D:6F:F5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/f5a6fc62579b19a2435b117b3d5b39a73d68bc1f.cer

            Subject Information Access: 
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/0ef3f025-4103-4531-b740-b3a46a6da645/b0cc501c5accad05012f15e45f52c3104e966516.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/0ef3f025-4103-4531-b740-b3a46a6da645/f5a6fc62579b19a2435b117b3d5b39a73d68bc1f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.173.196.0/23
                  45.173.199.0/24

    Signature Algorithm: sha256WithRSAEncryption
         46:ee:c3:cc:3e:a9:58:05:d2:4c:6c:f2:bd:86:f7:6a:b2:42:
         a4:72:e6:e3:9b:31:d6:06:33:df:df:df:6e:f7:5a:44:69:96:
         92:c5:32:41:02:84:43:67:09:d9:2b:e8:57:b5:89:ff:88:10:
         80:0a:6d:a9:3c:06:0d:05:7e:e4:7c:79:07:68:2a:61:cb:fa:
         ff:37:91:27:45:a2:e5:99:b3:3a:8b:c0:49:12:0a:d0:ec:06:
         76:36:c0:a9:b7:d1:19:e5:5c:d9:1c:d4:a0:b9:f9:97:75:db:
         33:97:95:d4:8c:c5:53:67:f8:9f:32:17:a3:3b:5a:c4:2f:d4:
         cb:7c:59:4e:bd:64:1c:e2:fd:d1:16:b0:4f:05:3f:3a:01:57:
         4f:eb:60:3e:41:5f:aa:3d:23:46:79:3f:e8:b2:6b:d6:42:b9:
         e7:33:d6:bb:03:b6:2a:15:34:23:ee:79:72:8f:66:39:d1:ea:
         59:09:ba:f0:1f:9c:9e:0b:32:eb:35:2d:f3:73:05:f0:aa:c6:
         e9:c3:aa:eb:a4:91:4e:1a:0b:d0:f7:94:d2:13:59:15:c4:2b:
         24:a0:9c:1b:96:43:32:79:67:6b:da:6b:02:28:c5:41:97:b6:
         a3:f2:79:82:15:df:9d:74:7d:d2:c5:c3:82:47:82:94:15:12:
         79:7e:30:a8
-----BEGIN CERTIFICATE-----
MIIFRjCCBC6gAwIBAgIDHiY7MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGY1
YTZmYzYyNTc5YjE5YTI0MzViMTE3YjNkNWIzOWE3M2Q2OGJjMWYwHhcNMjMwMzIz
MDgzMjIzWhcNMjUwMzIyMDgzMjIzWjAzMTEwLwYDVQQDEyhiMGNjNTAxYzVhY2Nh
ZDA1MDEyZjE1ZTQ1ZjUyYzMxMDRlOTY2NTE2MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAwAmBPjsYLczuABDJX14BQwZzuRiZgL7ZAfYS22ti79uOUlqy
McOyux0e8hL2ycT02s4oQfGlgYFfHNs2RmbQB6g57jFi2D+DetwrI1WIp6B4FkP/
YqgpZur3v/NGKtjw234kA/UZlAvreHWcSSuNySxfuxtTQLS2MlJ2lO6O2iFxVeOb
mN/0k+pXsvWq40gJOlIN8OKs58KQ9VDJlGoJ5oSC58K7dkbbOy2s4UDkikADXgGV
2wuSbh06MZX6KYt5SzT/O9alG9wcfe+5tcIn2t0dyCoksEUhuOcAlzjN6/MvOo44
VjHJbAzw0bYXyLIDD5CapaE3c8zPJ0LMASDtKwIDAQABo4ICYTCCAl0wHQYDVR0O
BBYEFPusQkTbttIC3RD68l0nGz3Q3ox/MB8GA1UdIwQYMBaAFNGTxS1Zk3pdzrKL
QTDBLifyXW/1MA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvZjVhNmZj
NjI1NzliMTlhMjQzNWIxMTdiM2Q1YjM5YTczZDY4YmMxZi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMGVmM2YwMjUtNDEwMy00NTMxLWI3NDAtYjNhNDZh
NmRhNjQ1L2IwY2M1MDFjNWFjY2FkMDUwMTJmMTVlNDVmNTJjMzEwNGU5NjY1MTYu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8wZWYzZjAyNS00MTAzLTQ1MzEtYjc0MC1iM2E0
NmE2ZGE2NDUvZjVhNmZjNjI1NzliMTlhMjQzNWIxMTdiM2Q1YjM5YTczZDY4YmMx
Zi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQW
MBQwEgQCAAEwDAMEAS2txAMEAC2txzANBgkqhkiG9w0BAQsFAAOCAQEARu7DzD6p
WAXSTGzyvYb3arJCpHLm45sx1gYz39/fbvdaRGmWksUyQQKEQ2cJ2SvoV7WJ/4gQ
gAptqTwGDQV+5Hx5B2gqYcv6/zeRJ0Wi5ZmzOovASRIK0OwGdjbAqbfRGeVc2RzU
oLn5l3XbM5eV1IzFU2f4nzIXoztaxC/Uy3xZTr1kHOL90RawTwU/OgFXT+tgPkFf
qj0jRnk/6LJr1kK55zPWuwO2KhU0I+55co9mOdHqWQm68B+cngsy6zUt83MF8KrG
6cOq66SRThoL0PeU0hNZFcQrJKCcG5ZDMnlna9prAijFQZe2o/J5ghXfnXR90sXD
gkeClBUSeX4wqA==
-----END CERTIFICATE-----
Generated at Thu May 11 00:55:07 2023 by rpki-client on console-ams.rpki-client.org