Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/16b3e31d-6e47-4985-a4df-70aa6269bd6f/520a74edc819fd31b2dd3bb58fd740bf28eb3701.roa
File:                     520a74edc819fd31b2dd3bb58fd740bf28eb3701.roa (raw, json)
Hash identifier:          CfMrJGEzXdksGsC449nlVS42m3WPciAB7tUuNx2DpVU=
Subject key identifier:   79:7B:C9:77:99:B5:13:CC:3E:38:B2:27:29:9B:B4:9B:9D:AB:86:ED
Certificate issuer:       /CN=2d32ebe916009a3fc3780b7e96e2b0141d847585
Certificate serial:       052EA4
Authority key identifier: 54:3E:24:9D:BD:D5:AB:0F:65:A8:44:B7:B6:AE:CB:85:73:2B:1E:AD
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/2d32ebe916009a3fc3780b7e96e2b0141d847585.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/16b3e31d-6e47-4985-a4df-70aa6269bd6f/520a74edc819fd31b2dd3bb58fd740bf28eb3701.roa
Signing time:             Wed 24 Mar 2021 14:31:44 +0000
ROA not before:           Wed 24 Mar 2021 14:31:44 +0000
ROA not after:            Tue 24 Mar 2026 14:31:44 +0000
asID:                     264675
IP address blocks:        168.121.56.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/16b3e31d-6e47-4985-a4df-70aa6269bd6f/2d32ebe916009a3fc3780b7e96e2b0141d847585.crl
                          rsync://repository.lacnic.net/rpki/lacnic/16b3e31d-6e47-4985-a4df-70aa6269bd6f/2d32ebe916009a3fc3780b7e96e2b0141d847585.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/2d32ebe916009a3fc3780b7e96e2b0141d847585.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 18 Mar 2023 02:22:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 339620 (0x52ea4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2d32ebe916009a3fc3780b7e96e2b0141d847585
        Validity
            Not Before: Mar 24 14:31:44 2021 GMT
            Not After : Mar 24 14:31:44 2026 GMT
        Subject: CN=520a74edc819fd31b2dd3bb58fd740bf28eb3701
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:bf:06:2b:11:1e:bb:33:2f:6f:af:6e:88:ef:
                    86:2d:47:0a:6f:5c:72:2a:d3:f4:27:a5:a0:32:db:
                    aa:25:e0:de:16:8b:76:fd:84:4c:79:26:55:c3:0a:
                    33:47:c3:b1:0a:fa:17:7c:7c:f7:71:0f:7d:9e:5c:
                    8b:08:d3:01:dd:19:a2:a0:a6:68:fb:4d:60:4b:05:
                    d0:18:dd:ec:44:c7:50:ec:a4:a5:89:62:d9:39:bd:
                    b5:5b:db:14:a5:7f:7c:1b:03:ae:f7:b2:a6:a8:88:
                    92:90:56:a3:52:f3:69:c8:f8:41:1a:fa:48:76:e1:
                    26:b8:1c:18:c4:ef:a6:86:62:fe:9c:75:8e:fe:8d:
                    82:6e:d6:5f:e6:a0:90:2d:fe:90:41:26:a4:cc:af:
                    f7:ef:b5:d1:e9:c8:8f:d9:07:33:38:c1:59:54:0c:
                    e7:17:a4:10:bc:14:3e:7d:4b:ea:51:ac:0f:63:d7:
                    39:40:67:fa:d6:84:52:e2:d0:df:45:98:12:27:24:
                    90:8e:5f:9e:6e:73:6d:cb:5c:3f:26:ba:55:be:31:
                    5e:67:8e:56:4f:f9:30:91:79:b9:51:63:12:4f:b8:
                    52:2c:b4:13:89:d1:e3:0d:58:75:2c:c3:0c:b0:a8:
                    04:d6:a3:e5:aa:d4:25:49:f5:64:51:68:01:ef:47:
                    b9:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                79:7B:C9:77:99:B5:13:CC:3E:38:B2:27:29:9B:B4:9B:9D:AB:86:ED
            X509v3 Authority Key Identifier: 
                keyid:54:3E:24:9D:BD:D5:AB:0F:65:A8:44:B7:B6:AE:CB:85:73:2B:1E:AD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/2d32ebe916009a3fc3780b7e96e2b0141d847585.cer

            Subject Information Access: 
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/16b3e31d-6e47-4985-a4df-70aa6269bd6f/520a74edc819fd31b2dd3bb58fd740bf28eb3701.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/16b3e31d-6e47-4985-a4df-70aa6269bd6f/2d32ebe916009a3fc3780b7e96e2b0141d847585.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  168.121.56.0/22

    Signature Algorithm: sha256WithRSAEncryption
         4d:4b:b3:1b:d1:18:ea:c5:f0:7d:1e:3d:81:57:17:63:eb:17:
         23:aa:87:08:62:46:a3:53:87:d1:0c:db:dc:6c:23:74:d7:23:
         a4:13:29:61:4a:dd:b0:4c:ca:05:b6:e2:a8:f0:55:3e:8c:5f:
         45:fe:a3:76:d5:d3:9b:b1:ce:e0:97:0d:9b:93:79:12:0a:64:
         ef:96:b4:37:91:26:6c:d1:fc:c0:c5:23:9a:58:0e:3c:11:fe:
         29:67:e9:44:fb:7b:4b:f2:98:57:cb:f0:9c:54:e1:67:82:49:
         9d:74:ad:e3:49:7d:aa:98:bf:1b:c1:f3:41:b4:94:32:59:3e:
         b0:29:ed:b9:6a:a5:55:db:a9:63:dc:7e:5d:63:a4:94:66:b1:
         98:60:ad:16:e1:02:a9:a1:62:6c:12:8f:02:97:0a:bc:aa:97:
         d7:c5:d1:a8:47:cf:52:a9:0e:d9:18:b0:b8:8e:fa:3e:67:3b:
         77:d2:8c:ea:84:11:e7:93:d3:38:4e:0f:ea:98:31:91:48:ac:
         12:52:0a:93:9b:11:35:ac:ba:70:19:e2:bb:0e:9c:51:da:ae:
         2c:3b:1e:91:ac:dc:a3:ab:ea:4a:b8:54:1c:ed:ef:68:21:ac:
         21:20:3c:d6:46:d4:74:c6:02:57:cf:aa:7b:2e:01:1c:df:41:
         ca:21:41:de
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDBS6kMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDJk
MzJlYmU5MTYwMDlhM2ZjMzc4MGI3ZTk2ZTJiMDE0MWQ4NDc1ODUwHhcNMjEwMzI0
MTQzMTQ0WhcNMjYwMzI0MTQzMTQ0WjAzMTEwLwYDVQQDEyg1MjBhNzRlZGM4MTlm
ZDMxYjJkZDNiYjU4ZmQ3NDBiZjI4ZWIzNzAxMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEApr8GKxEeuzMvb69uiO+GLUcKb1xyKtP0J6WgMtuqJeDeFot2
/YRMeSZVwwozR8OxCvoXfHz3cQ99nlyLCNMB3RmioKZo+01gSwXQGN3sRMdQ7KSl
iWLZOb21W9sUpX98GwOu97KmqIiSkFajUvNpyPhBGvpIduEmuBwYxO+mhmL+nHWO
/o2CbtZf5qCQLf6QQSakzK/377XR6ciP2QczOMFZVAznF6QQvBQ+fUvqUawPY9c5
QGf61oRS4tDfRZgSJySQjl+ebnNty1w/JrpVvjFeZ45WT/kwkXm5UWMST7hSLLQT
idHjDVh1LMMMsKgE1qPlqtQlSfVkUWgB70e5tQIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFHl7yXeZtRPMPjiyJymbtJudq4btMB8GA1UdIwQYMBaAFFQ+JJ291asPZahE
t7auy4VzKx6tMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvMmQzMmVi
ZTkxNjAwOWEzZmMzNzgwYjdlOTZlMmIwMTQxZDg0NzU4NS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMTZiM2UzMWQtNmU0Ny00OTg1LWE0ZGYtNzBhYTYy
NjliZDZmLzUyMGE3NGVkYzgxOWZkMzFiMmRkM2JiNThmZDc0MGJmMjhlYjM3MDEu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8xNmIzZTMxZC02ZTQ3LTQ5ODUtYTRkZi03MGFh
NjI2OWJkNmYvMmQzMmViZTkxNjAwOWEzZmMzNzgwYjdlOTZlMmIwMTQxZDg0NzU4
NS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAqh5ODANBgkqhkiG9w0BAQsFAAOCAQEATUuzG9EY6sXwfR49
gVcXY+sXI6qHCGJGo1OH0Qzb3GwjdNcjpBMpYUrdsEzKBbbiqPBVPoxfRf6jdtXT
m7HO4JcNm5N5Egpk75a0N5EmbNH8wMUjmlgOPBH+KWfpRPt7S/KYV8vwnFThZ4JJ
nXSt40l9qpi/G8HzQbSUMlk+sCntuWqlVdupY9x+XWOklGaxmGCtFuECqaFibBKP
ApcKvKqX18XRqEfPUqkO2RiwuI76Pmc7d9KM6oQR55PTOE4P6pgxkUisElIKk5sR
Nay6cBniuw6cUdquLDsekazco6vqSrhUHO3vaCGsISA81kbUdMYCV8+qey4BHN9B
yiFB3g==
-----END CERTIFICATE-----
Generated at Wed Mar 15 11:33:29 2023 by rpki-client on console-ams.rpki-client.org