Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/133cc484-8e51-4e59-9897-e4fc3ca3588b/f4ca96241047b9b8076e9886fb76e52fa22053a3.roa
File:                     f4ca96241047b9b8076e9886fb76e52fa22053a3.roa (raw, json)
Hash identifier:          e7vxr0IQjOgBmyfLn953BD0m0rxqO5w3EPGJNgx5bOY=
Subject key identifier:   17:22:83:79:8B:84:D7:FC:44:C1:E8:A6:DE:E6:78:50:F5:CB:3C:6C
Certificate issuer:       /CN=ef640f7ea7a6b188596318dadeffcac5ca26a907
Certificate serial:       0DCDDD
Authority key identifier: 38:2B:1B:14:3C:85:03:51:C2:70:92:9B:A3:6D:48:65:F0:31:01:0F
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ef640f7ea7a6b188596318dadeffcac5ca26a907.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/133cc484-8e51-4e59-9897-e4fc3ca3588b/f4ca96241047b9b8076e9886fb76e52fa22053a3.roa
Signing time:             Wed 24 Mar 2021 14:31:12 +0000
ROA not before:           Wed 24 Mar 2021 14:31:12 +0000
ROA not after:            Tue 24 Mar 2026 14:31:12 +0000
asID:                     264689
IP address blocks:        168.228.140.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/133cc484-8e51-4e59-9897-e4fc3ca3588b/ef640f7ea7a6b188596318dadeffcac5ca26a907.crl
                          rsync://repository.lacnic.net/rpki/lacnic/133cc484-8e51-4e59-9897-e4fc3ca3588b/ef640f7ea7a6b188596318dadeffcac5ca26a907.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ef640f7ea7a6b188596318dadeffcac5ca26a907.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 19:38:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 904669 (0xdcddd)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ef640f7ea7a6b188596318dadeffcac5ca26a907
        Validity
            Not Before: Mar 24 14:31:12 2021 GMT
            Not After : Mar 24 14:31:12 2026 GMT
        Subject: CN=f4ca96241047b9b8076e9886fb76e52fa22053a3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:0a:f1:6c:8f:8c:31:a2:33:dd:2e:37:cb:95:
                    cc:45:11:11:e2:67:66:3b:ca:72:65:cc:4b:7b:a7:
                    00:7a:d6:8b:7a:d6:89:53:99:ae:06:e5:07:b5:fe:
                    55:3d:f6:ad:9f:05:ce:bf:e7:2b:7d:bd:09:e8:d4:
                    c7:07:77:d8:1b:2a:9b:ee:91:5c:6a:f9:16:ed:31:
                    22:47:04:89:b7:24:25:3f:79:8c:39:23:ce:39:8a:
                    cb:a9:49:08:bb:16:2a:01:87:18:e9:0e:6d:ed:7a:
                    e0:9a:9b:94:f7:b5:84:22:2f:83:87:78:32:e0:97:
                    84:ee:38:1f:38:b8:26:d4:02:3b:97:eb:dc:c8:9c:
                    88:39:9d:7f:08:8b:5d:5c:56:69:58:b2:af:f9:0c:
                    9c:97:9f:8e:16:e5:c7:88:e5:f1:ca:c1:27:ec:89:
                    d3:49:58:a9:2e:1b:b9:c6:b4:aa:9f:af:70:68:89:
                    91:83:3a:a6:f3:ba:2b:64:a6:02:bb:6f:65:cd:20:
                    ff:65:70:b5:4b:d0:58:2e:55:f8:97:be:7b:a7:71:
                    99:90:75:a5:96:99:a0:90:dd:00:8f:1e:5a:14:ed:
                    ad:d1:3f:ec:60:a5:63:db:d8:6e:63:d5:97:bc:d9:
                    1b:df:0a:74:c3:31:6a:d1:39:22:23:39:50:e1:6b:
                    b0:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                17:22:83:79:8B:84:D7:FC:44:C1:E8:A6:DE:E6:78:50:F5:CB:3C:6C
            X509v3 Authority Key Identifier:
                keyid:38:2B:1B:14:3C:85:03:51:C2:70:92:9B:A3:6D:48:65:F0:31:01:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ef640f7ea7a6b188596318dadeffcac5ca26a907.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/133cc484-8e51-4e59-9897-e4fc3ca3588b/f4ca96241047b9b8076e9886fb76e52fa22053a3.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/133cc484-8e51-4e59-9897-e4fc3ca3588b/ef640f7ea7a6b188596318dadeffcac5ca26a907.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  168.228.140.0/22

    Signature Algorithm: sha256WithRSAEncryption
         7f:37:84:7e:e6:90:4d:fd:89:ba:7b:2e:2b:d5:da:2d:fa:89:
         32:24:79:b5:f4:c3:7f:a0:1f:46:17:7a:b7:7f:63:dc:ad:b2:
         f7:81:d4:93:30:ae:25:65:15:83:9f:a3:eb:24:4f:b2:7c:ce:
         bd:e2:1e:4b:aa:ca:81:5b:bc:22:07:88:f8:9e:d2:33:b9:b1:
         0d:25:28:e8:a7:f7:93:29:81:30:64:4e:25:a5:37:0d:bb:3c:
         9b:b7:34:59:09:c8:ad:94:74:d6:e3:ba:d3:c7:58:33:c3:59:
         6a:df:f4:0d:b3:25:b2:ba:03:55:3a:c5:e8:fc:1e:b2:20:e6:
         d6:d3:dc:52:a3:f2:87:b1:f0:c1:fe:05:64:bc:0e:ec:bb:cf:
         ce:fc:96:d7:92:3e:63:fe:65:f3:c9:1a:8a:56:7e:d3:48:0b:
         c6:16:8d:8b:43:a0:7a:b8:14:96:33:a0:11:3f:50:bf:0a:70:
         8e:68:09:f4:95:58:16:1a:35:ad:d4:8e:c2:a7:8f:b1:80:7d:
         64:be:f4:e1:6b:3e:6c:45:dd:ce:01:f7:b5:12:8d:f1:f5:4c:
         57:25:3f:fc:27:4a:13:8b:d5:48:1d:cc:e1:4c:b6:ed:cf:25:
         fb:32:0e:94:a9:44:ac:be:80:20:22:84:7b:57:36:fd:f3:e1:
         1a:65:11:99
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDDc3dMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGVm
NjQwZjdlYTdhNmIxODg1OTYzMThkYWRlZmZjYWM1Y2EyNmE5MDcwHhcNMjEwMzI0
MTQzMTEyWhcNMjYwMzI0MTQzMTEyWjAzMTEwLwYDVQQDEyhmNGNhOTYyNDEwNDdi
OWI4MDc2ZTk4ODZmYjc2ZTUyZmEyMjA1M2EzMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA3wrxbI+MMaIz3S43y5XMRRER4mdmO8pyZcxLe6cAetaLetaJ
U5muBuUHtf5VPfatnwXOv+crfb0J6NTHB3fYGyqb7pFcavkW7TEiRwSJtyQlP3mM
OSPOOYrLqUkIuxYqAYcY6Q5t7XrgmpuU97WEIi+Dh3gy4JeE7jgfOLgm1AI7l+vc
yJyIOZ1/CItdXFZpWLKv+Qycl5+OFuXHiOXxysEn7InTSVipLhu5xrSqn69waImR
gzqm87orZKYCu29lzSD/ZXC1S9BYLlX4l757p3GZkHWllpmgkN0Ajx5aFO2t0T/s
YKVj29huY9WXvNkb3wp0wzFq0TkiIzlQ4WuwDQIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFBcig3mLhNf8RMHopt7meFD1yzxsMB8GA1UdIwQYMBaAFDgrGxQ8hQNRwnCS
m6NtSGXwMQEPMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvZWY2NDBm
N2VhN2E2YjE4ODU5NjMxOGRhZGVmZmNhYzVjYTI2YTkwNy5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMTMzY2M0ODQtOGU1MS00ZTU5LTk4OTctZTRmYzNj
YTM1ODhiL2Y0Y2E5NjI0MTA0N2I5YjgwNzZlOTg4NmZiNzZlNTJmYTIyMDUzYTMu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8xMzNjYzQ4NC04ZTUxLTRlNTktOTg5Ny1lNGZj
M2NhMzU4OGIvZWY2NDBmN2VhN2E2YjE4ODU5NjMxOGRhZGVmZmNhYzVjYTI2YTkw
Ny5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAqjkjDANBgkqhkiG9w0BAQsFAAOCAQEAfzeEfuaQTf2Junsu
K9XaLfqJMiR5tfTDf6AfRhd6t39j3K2y94HUkzCuJWUVg5+j6yRPsnzOveIeS6rK
gVu8IgeI+J7SM7mxDSUo6Kf3kymBMGROJaU3Dbs8m7c0WQnIrZR01uO608dYM8NZ
at/0DbMlsroDVTrF6PwesiDm1tPcUqPyh7Hwwf4FZLwO7LvPzvyW15I+Y/5l88ka
ilZ+00gLxhaNi0OgergUljOgET9QvwpwjmgJ9JVYFho1rdSOwqePsYB9ZL704Ws+
bEXdzgH3tRKN8fVMVyU//CdKE4vVSB3M4Uy27c8l+zIOlKlErL6AICKEe1c2/fPh
GmURmQ==
-----END CERTIFICATE-----
Generated at Thu Mar 28 23:57:45 2024 by rpki-client on console-fra.rpki-client.org