Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/11ddb3b0-0b82-4ed4-88f5-07bb3f2a3944/e1b6dfb5a3695161db44c9e3e14a2d56f62b5e97.roa
File:                     e1b6dfb5a3695161db44c9e3e14a2d56f62b5e97.roa (raw, json)
Hash identifier:          wNprPIk8e4EYP7hML5Dn6Pjzab9FQtg6LCYZ91swe2A=
Subject key identifier:   79:06:BB:55:E5:A0:DC:34:AE:13:27:D6:A9:88:F3:42:30:9C:61:E4
Certificate issuer:       /CN=fd7bd77ee19828cd9c595859fa4fe00dab7bda5c
Certificate serial:       0D937D
Authority key identifier: 93:DF:28:A8:67:B6:88:C8:57:5D:C9:B6:AF:17:93:F0:DA:E6:DD:7F
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/fd7bd77ee19828cd9c595859fa4fe00dab7bda5c.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/11ddb3b0-0b82-4ed4-88f5-07bb3f2a3944/e1b6dfb5a3695161db44c9e3e14a2d56f62b5e97.roa
Signing time:             Wed 24 Mar 2021 14:34:29 +0000
ROA not before:           Wed 24 Mar 2021 14:34:29 +0000
ROA not after:            Tue 24 Mar 2026 14:34:29 +0000
asID:                     52411
IP address blocks:        201.221.123.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/11ddb3b0-0b82-4ed4-88f5-07bb3f2a3944/fd7bd77ee19828cd9c595859fa4fe00dab7bda5c.crl
                          rsync://repository.lacnic.net/rpki/lacnic/11ddb3b0-0b82-4ed4-88f5-07bb3f2a3944/fd7bd77ee19828cd9c595859fa4fe00dab7bda5c.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/fd7bd77ee19828cd9c595859fa4fe00dab7bda5c.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 03:49:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 889725 (0xd937d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fd7bd77ee19828cd9c595859fa4fe00dab7bda5c
        Validity
            Not Before: Mar 24 14:34:29 2021 GMT
            Not After : Mar 24 14:34:29 2026 GMT
        Subject: CN=e1b6dfb5a3695161db44c9e3e14a2d56f62b5e97
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:3d:b8:76:52:4a:99:23:96:ce:a6:5e:40:be:
                    0c:c6:ed:18:93:3e:ed:06:c5:9d:55:84:d3:ed:69:
                    d8:24:79:36:ae:08:86:a3:64:60:95:be:0e:c1:c9:
                    0c:f1:7b:3b:97:be:33:34:c9:04:5b:1f:24:1c:b8:
                    29:3a:96:72:89:df:a9:68:68:e7:8a:74:46:cb:02:
                    8a:a3:50:b5:09:44:ba:b4:75:fc:b1:ae:45:f4:28:
                    b3:93:a5:9b:5f:38:10:df:fa:26:40:b7:71:43:c7:
                    9c:98:75:18:48:93:a6:df:ef:ff:36:89:03:5c:32:
                    e6:f9:a9:f7:22:0c:87:25:e4:b7:2d:da:0b:be:89:
                    b3:6a:fc:7f:6d:97:b6:83:8b:1d:e0:44:92:e2:a4:
                    93:8d:98:ac:da:8e:28:3a:e8:6e:22:06:f2:f3:25:
                    f8:8a:01:9d:57:88:36:36:3b:6a:76:a5:87:e8:8e:
                    ce:d2:99:32:c5:cd:76:1c:32:bd:d4:72:a0:33:87:
                    e1:38:0b:ff:d4:be:bd:62:c0:6c:4e:85:12:24:aa:
                    61:e5:91:a6:12:67:9e:32:1f:2e:4d:b2:c5:30:6a:
                    e6:8d:3f:4a:fb:52:24:8b:37:b8:97:af:f5:0b:26:
                    65:80:11:40:12:33:2d:b9:5d:2a:6f:8a:13:61:40:
                    c8:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                79:06:BB:55:E5:A0:DC:34:AE:13:27:D6:A9:88:F3:42:30:9C:61:E4
            X509v3 Authority Key Identifier:
                keyid:93:DF:28:A8:67:B6:88:C8:57:5D:C9:B6:AF:17:93:F0:DA:E6:DD:7F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/fd7bd77ee19828cd9c595859fa4fe00dab7bda5c.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/11ddb3b0-0b82-4ed4-88f5-07bb3f2a3944/e1b6dfb5a3695161db44c9e3e14a2d56f62b5e97.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/11ddb3b0-0b82-4ed4-88f5-07bb3f2a3944/fd7bd77ee19828cd9c595859fa4fe00dab7bda5c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  201.221.123.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0b:60:3c:eb:68:14:36:b8:ed:d8:eb:3d:3a:03:86:d8:53:2b:
         3f:f9:f0:4d:43:91:8f:19:97:72:bd:10:1f:4c:cb:69:98:01:
         61:df:48:52:d6:85:91:22:46:19:8a:7f:12:21:4f:74:e1:a7:
         30:f5:af:8c:1e:b3:5b:94:5d:6b:38:d2:29:89:4b:16:d6:da:
         f2:09:61:72:d0:4d:34:9a:bc:11:e4:94:16:5f:31:7e:96:b3:
         37:52:78:84:20:c5:c3:45:b5:5c:ff:41:4b:7e:7d:43:12:c7:
         f2:cd:5a:59:9f:30:e3:17:96:7d:14:b8:ff:c8:fd:98:2d:1c:
         2a:ef:97:8e:6a:e2:7d:4e:28:b8:93:e8:47:7d:c4:48:3d:63:
         11:97:fc:a3:56:c4:93:ea:e1:05:af:2a:d2:a2:bc:43:25:de:
         02:19:1c:48:ab:9b:6e:15:1c:f3:13:fa:06:9f:56:35:35:c5:
         74:d2:90:d7:ad:b0:30:0e:f2:25:0f:85:24:e0:07:75:af:f2:
         7d:5c:20:cb:16:a6:28:f0:05:01:ad:b1:8b:35:a8:09:0f:d3:
         1e:70:89:61:e5:dc:d4:c0:f7:fe:90:d2:a3:53:da:3c:ce:01:
         9d:41:93:41:7f:58:a9:61:8b:d1:cc:81:37:14:34:d0:5b:d1:
         0e:c3:9d:a8
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDDZN9MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGZk
N2JkNzdlZTE5ODI4Y2Q5YzU5NTg1OWZhNGZlMDBkYWI3YmRhNWMwHhcNMjEwMzI0
MTQzNDI5WhcNMjYwMzI0MTQzNDI5WjAzMTEwLwYDVQQDEyhlMWI2ZGZiNWEzNjk1
MTYxZGI0NGM5ZTNlMTRhMmQ1NmY2MmI1ZTk3MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAhD24dlJKmSOWzqZeQL4Mxu0Ykz7tBsWdVYTT7WnYJHk2rgiG
o2Rglb4OwckM8Xs7l74zNMkEWx8kHLgpOpZyid+paGjninRGywKKo1C1CUS6tHX8
sa5F9Cizk6WbXzgQ3/omQLdxQ8ecmHUYSJOm3+//NokDXDLm+an3IgyHJeS3LdoL
vomzavx/bZe2g4sd4ESS4qSTjZis2o4oOuhuIgby8yX4igGdV4g2NjtqdqWH6I7O
0pkyxc12HDK91HKgM4fhOAv/1L69YsBsToUSJKph5ZGmEmeeMh8uTbLFMGrmjT9K
+1Ikize4l6/1CyZlgBFAEjMtuV0qb4oTYUDIuQIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFHkGu1XloNw0rhMn1qmI80IwnGHkMB8GA1UdIwQYMBaAFJPfKKhntojIV13J
tq8Xk/Da5t1/MA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvZmQ3YmQ3
N2VlMTk4MjhjZDljNTk1ODU5ZmE0ZmUwMGRhYjdiZGE1Yy5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMTFkZGIzYjAtMGI4Mi00ZWQ0LTg4ZjUtMDdiYjNm
MmEzOTQ0L2UxYjZkZmI1YTM2OTUxNjFkYjQ0YzllM2UxNGEyZDU2ZjYyYjVlOTcu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8xMWRkYjNiMC0wYjgyLTRlZDQtODhmNS0wN2Ji
M2YyYTM5NDQvZmQ3YmQ3N2VlMTk4MjhjZDljNTk1ODU5ZmE0ZmUwMGRhYjdiZGE1
Yy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAMndezANBgkqhkiG9w0BAQsFAAOCAQEAC2A862gUNrjt2Os9
OgOG2FMrP/nwTUORjxmXcr0QH0zLaZgBYd9IUtaFkSJGGYp/EiFPdOGnMPWvjB6z
W5RdazjSKYlLFtba8glhctBNNJq8EeSUFl8xfpazN1J4hCDFw0W1XP9BS359QxLH
8s1aWZ8w4xeWfRS4/8j9mC0cKu+XjmrifU4ouJPoR33ESD1jEZf8o1bEk+rhBa8q
0qK8QyXeAhkcSKubbhUc8xP6Bp9WNTXFdNKQ162wMA7yJQ+FJOAHda/yfVwgyxam
KPAFAa2xizWoCQ/THnCJYeXc1MD3/pDSo1PaPM4BnUGTQX9YqWGL0cyBNxQ00FvR
DsOdqA==
-----END CERTIFICATE-----
Generated at Thu Mar 28 08:34:27 2024 by rpki-client on console-fra.rpki-client.org