Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/0ef3f025-4103-4531-b740-b3a46a6da645/b3b304016d7994b32cd7772c374ba62193292388.roa
File:                     b3b304016d7994b32cd7772c374ba62193292388.roa (raw, json)
Hash identifier:          xcfSH2PrKPuAzXD0KIml3fMQQt+rl+po74JGRFKtwyw=
Subject key identifier:   DF:87:48:7C:EB:62:B7:06:CC:28:33:9B:4B:6B:51:71:07:99:51:00
Certificate issuer:       /CN=f5a6fc62579b19a2435b117b3d5b39a73d68bc1f
Certificate serial:       0C34D7
Authority key identifier: D1:93:C5:2D:59:93:7A:5D:CE:B2:8B:41:30:C1:2E:27:F2:5D:6F:F5
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/f5a6fc62579b19a2435b117b3d5b39a73d68bc1f.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/0ef3f025-4103-4531-b740-b3a46a6da645/b3b304016d7994b32cd7772c374ba62193292388.roa
Signing time:             Wed 24 Mar 2021 14:48:01 +0000
ROA not before:           Wed 24 Mar 2021 14:48:00 +0000
ROA not after:            Tue 24 Mar 2026 14:48:00 +0000
asID:                     267809
IP address blocks:        45.173.196.0/22 maxlen: 22
                          2803:1060::/32 maxlen: 32

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/0ef3f025-4103-4531-b740-b3a46a6da645/f5a6fc62579b19a2435b117b3d5b39a73d68bc1f.crl
                          rsync://repository.lacnic.net/rpki/lacnic/0ef3f025-4103-4531-b740-b3a46a6da645/f5a6fc62579b19a2435b117b3d5b39a73d68bc1f.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/f5a6fc62579b19a2435b117b3d5b39a73d68bc1f.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 12:22:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 799959 (0xc34d7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f5a6fc62579b19a2435b117b3d5b39a73d68bc1f
        Validity
            Not Before: Mar 24 14:48:00 2021 GMT
            Not After : Mar 24 14:48:00 2026 GMT
        Subject: CN=b3b304016d7994b32cd7772c374ba62193292388
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:d2:d0:18:8a:d6:eb:36:b8:72:82:f0:55:81:
                    2a:7c:90:14:b5:63:d6:75:ba:a6:9b:89:f9:07:b4:
                    38:c9:27:1a:6e:6a:dc:25:82:49:90:b0:98:98:d7:
                    80:b5:01:d4:98:68:39:34:2c:fa:20:4b:a8:83:b7:
                    b4:dd:eb:22:54:d4:0d:89:2a:a5:94:99:31:c4:c1:
                    3c:aa:9d:fb:f4:03:f6:c5:cb:47:f5:f7:e0:a5:22:
                    c1:6a:2b:8d:67:61:3d:9f:17:07:21:52:d1:55:c9:
                    e1:bd:4f:0c:24:67:7e:b6:c4:a2:c3:be:6d:df:a4:
                    9f:cd:72:9b:ba:05:d3:d4:16:9c:6a:e8:79:3e:37:
                    97:33:b0:0e:a7:ce:a8:43:75:cb:8e:82:8a:6d:02:
                    e9:d7:28:2e:74:6e:a5:9a:d8:1c:b4:fe:87:cc:3c:
                    0b:6d:76:44:fc:b0:05:5d:3c:22:41:00:1f:39:a8:
                    3c:f8:c4:48:81:ac:07:22:53:b7:27:83:2d:cc:63:
                    b0:79:9b:e0:10:88:e6:a5:3e:12:25:0d:be:8a:5a:
                    6a:13:ab:74:0b:3c:b3:9b:ec:27:99:31:12:e6:7f:
                    4e:73:df:59:0e:00:c6:1b:50:c9:9d:df:f4:96:5a:
                    55:ca:7a:20:43:ff:a3:c6:80:86:fc:10:15:87:eb:
                    04:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DF:87:48:7C:EB:62:B7:06:CC:28:33:9B:4B:6B:51:71:07:99:51:00
            X509v3 Authority Key Identifier:
                keyid:D1:93:C5:2D:59:93:7A:5D:CE:B2:8B:41:30:C1:2E:27:F2:5D:6F:F5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/f5a6fc62579b19a2435b117b3d5b39a73d68bc1f.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/0ef3f025-4103-4531-b740-b3a46a6da645/b3b304016d7994b32cd7772c374ba62193292388.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/0ef3f025-4103-4531-b740-b3a46a6da645/f5a6fc62579b19a2435b117b3d5b39a73d68bc1f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.173.196.0/22
                IPv6:
                  2803:1060::/32

    Signature Algorithm: sha256WithRSAEncryption
         5a:ee:99:f3:bf:de:8e:e7:b4:0a:7f:ed:d8:e9:ed:a8:ad:42:
         c6:94:39:e1:20:f9:6b:0e:6e:26:5a:00:03:df:e0:3b:a7:7a:
         46:8a:37:44:1b:55:ba:46:e5:0c:a4:df:fc:71:08:44:4f:40:
         c0:88:59:db:68:60:82:2f:a4:77:8a:95:d3:90:91:4e:31:ad:
         f4:d4:5a:64:ed:f4:db:50:aa:3c:ef:73:6c:7d:23:76:3d:01:
         a9:a2:1a:4f:13:0a:f9:3d:98:8e:7a:c8:6e:29:91:8c:c6:09:
         58:38:e1:7d:de:52:02:7a:24:03:59:4c:83:b5:82:00:d2:eb:
         45:81:08:f8:83:db:89:be:25:b8:3f:45:33:99:bc:15:42:33:
         97:a6:58:16:dc:e9:14:2a:e4:ef:fb:79:9a:7d:5d:11:02:fc:
         e5:40:e2:27:21:65:e6:73:b9:23:88:82:62:44:ac:a3:f2:41:
         53:31:43:f6:ed:24:fe:7c:06:66:80:be:11:1d:99:18:ac:70:
         02:21:08:84:11:6f:79:05:86:6c:47:03:81:11:0e:4b:77:44:
         ec:d4:93:28:27:73:bd:9e:00:ae:04:73:8b:63:62:af:17:db:
         fd:1b:d5:08:76:e0:0a:2b:f2:8c:8e:2d:d0:e7:f8:45:d9:75:
         0a:a5:fb:45
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgIDDDTXMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGY1
YTZmYzYyNTc5YjE5YTI0MzViMTE3YjNkNWIzOWE3M2Q2OGJjMWYwHhcNMjEwMzI0
MTQ0ODAwWhcNMjYwMzI0MTQ0ODAwWjAzMTEwLwYDVQQDEyhiM2IzMDQwMTZkNzk5
NGIzMmNkNzc3MmMzNzRiYTYyMTkzMjkyMzg4MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAodLQGIrW6za4coLwVYEqfJAUtWPWdbqmm4n5B7Q4yScabmrc
JYJJkLCYmNeAtQHUmGg5NCz6IEuog7e03esiVNQNiSqllJkxxME8qp379AP2xctH
9ffgpSLBaiuNZ2E9nxcHIVLRVcnhvU8MJGd+tsSiw75t36SfzXKbugXT1Bacauh5
PjeXM7AOp86oQ3XLjoKKbQLp1ygudG6lmtgctP6HzDwLbXZE/LAFXTwiQQAfOag8
+MRIgawHIlO3J4MtzGOweZvgEIjmpT4SJQ2+ilpqE6t0Czyzm+wnmTES5n9Oc99Z
DgDGG1DJnd/0llpVynogQ/+jxoCG/BAVh+sERQIDAQABo4ICajCCAmYwHQYDVR0O
BBYEFN+HSHzrYrcGzCgzm0trUXEHmVEAMB8GA1UdIwQYMBaAFNGTxS1Zk3pdzrKL
QTDBLifyXW/1MA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvZjVhNmZj
NjI1NzliMTlhMjQzNWIxMTdiM2Q1YjM5YTczZDY4YmMxZi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMGVmM2YwMjUtNDEwMy00NTMxLWI3NDAtYjNhNDZh
NmRhNjQ1L2IzYjMwNDAxNmQ3OTk0YjMyY2Q3NzcyYzM3NGJhNjIxOTMyOTIzODgu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8wZWYzZjAyNS00MTAzLTQ1MzEtYjc0MC1iM2E0
NmE2ZGE2NDUvZjVhNmZjNjI1NzliMTlhMjQzNWIxMTdiM2Q1YjM5YTczZDY4YmMx
Zi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQf
MB0wDAQCAAEwBgMEAi2txDANBAIAAjAHAwUAKAMQYDANBgkqhkiG9w0BAQsFAAOC
AQEAWu6Z87/ejue0Cn/t2OntqK1CxpQ54SD5aw5uJloAA9/gO6d6Roo3RBtVukbl
DKTf/HEIRE9AwIhZ22hggi+kd4qV05CRTjGt9NRaZO3021CqPO9zbH0jdj0BqaIa
TxMK+T2YjnrIbimRjMYJWDjhfd5SAnokA1lMg7WCANLrRYEI+IPbib4luD9FM5m8
FUIzl6ZYFtzpFCrk7/t5mn1dEQL85UDiJyFl5nO5I4iCYkSso/JBUzFD9u0k/nwG
ZoC+ER2ZGKxwAiEIhBFveQWGbEcDgREOS3dE7NSTKCdzvZ4ArgRzi2Nirxfb/RvV
CHbgCivyjI4t0Of4Rdl1CqX7RQ==
-----END CERTIFICATE-----
Generated at Thu Mar 28 19:38:54 2024 by rpki-client on console-fra.rpki-client.org