Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/16b3e31d-6e47-4985-a4df-70aa6269bd6f/e9f700330ca69c11f6383f904dacf5addc31c9ea.roa
File:                     e9f700330ca69c11f6383f904dacf5addc31c9ea.roa (raw, json)
Hash identifier:          WI7Wyj3AB7goL/et5M7uE3hn9WJcI2F56oE7RgI1YYg=
Subject key identifier:   F5:8A:94:18:8C:84:2D:CE:5D:97:03:F7:BC:32:90:29:20:89:32:32
Certificate issuer:       /CN=2d32ebe916009a3fc3780b7e96e2b0141d847585
Certificate serial:       052FA1
Authority key identifier: 54:3E:24:9D:BD:D5:AB:0F:65:A8:44:B7:B6:AE:CB:85:73:2B:1E:AD
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/2d32ebe916009a3fc3780b7e96e2b0141d847585.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/16b3e31d-6e47-4985-a4df-70aa6269bd6f/e9f700330ca69c11f6383f904dacf5addc31c9ea.roa
Signing time:             Wed 24 Mar 2021 14:31:44 +0000
ROA not before:           Wed 24 Mar 2021 14:31:44 +0000
ROA not after:            Tue 24 Mar 2026 14:31:44 +0000
asID:                     264675
IP address blocks:        168.121.56.0/22 maxlen: 22

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/16b3e31d-6e47-4985-a4df-70aa6269bd6f/2d32ebe916009a3fc3780b7e96e2b0141d847585.crl
                          rsync://repository.lacnic.net/rpki/lacnic/16b3e31d-6e47-4985-a4df-70aa6269bd6f/2d32ebe916009a3fc3780b7e96e2b0141d847585.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/2d32ebe916009a3fc3780b7e96e2b0141d847585.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 18 Mar 2023 06:28:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 339873 (0x52fa1)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2d32ebe916009a3fc3780b7e96e2b0141d847585
        Validity
            Not Before: Mar 24 14:31:44 2021 GMT
            Not After : Mar 24 14:31:44 2026 GMT
        Subject: CN=e9f700330ca69c11f6383f904dacf5addc31c9ea
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:1b:bd:5c:94:76:82:07:4e:e8:19:9e:b8:07:
                    bd:8d:5f:86:d8:c8:9b:c6:de:26:9d:1d:95:b4:d1:
                    d0:c7:0c:45:1a:55:39:98:a2:d3:d6:a1:17:fa:2c:
                    17:f8:f7:80:21:79:4c:0d:52:01:63:de:83:5a:94:
                    62:e6:56:97:4d:e3:f2:86:6e:05:1c:df:c3:c8:9a:
                    c7:f7:e5:87:cf:7a:18:ef:9d:8e:af:d4:83:84:d6:
                    5f:df:d0:a5:23:c0:37:73:f3:ce:43:27:18:ba:2b:
                    6a:b4:fb:c0:2c:7e:98:6b:92:12:84:6e:b3:d4:9f:
                    14:71:7e:21:fe:ca:cf:27:6a:90:5d:d9:89:58:b1:
                    d3:af:13:ce:d3:81:a7:99:26:da:07:ec:bc:24:09:
                    6e:8b:dc:c0:f6:a5:a7:20:23:3d:01:8e:4d:7e:7c:
                    a0:97:3c:83:f4:ac:52:5f:48:21:50:5f:15:23:0f:
                    dc:7f:c3:80:62:20:db:19:5f:36:00:c7:03:18:88:
                    ef:8d:66:3b:2e:56:4f:b4:78:29:97:14:e7:a2:4a:
                    46:d1:7e:cd:05:50:94:d4:51:0c:1f:5a:01:e1:74:
                    cd:66:d3:e5:c7:8d:b4:37:58:84:47:ec:7e:cb:d1:
                    a0:39:0f:76:dc:99:1c:6c:97:c5:3b:34:19:a6:dc:
                    6a:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                F5:8A:94:18:8C:84:2D:CE:5D:97:03:F7:BC:32:90:29:20:89:32:32
            X509v3 Authority Key Identifier: 
                keyid:54:3E:24:9D:BD:D5:AB:0F:65:A8:44:B7:B6:AE:CB:85:73:2B:1E:AD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/2d32ebe916009a3fc3780b7e96e2b0141d847585.cer

            Subject Information Access: 
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/16b3e31d-6e47-4985-a4df-70aa6269bd6f/e9f700330ca69c11f6383f904dacf5addc31c9ea.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/16b3e31d-6e47-4985-a4df-70aa6269bd6f/2d32ebe916009a3fc3780b7e96e2b0141d847585.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  168.121.56.0/22

    Signature Algorithm: sha256WithRSAEncryption
         59:45:6b:5b:19:21:73:35:6d:fd:c6:4e:c2:03:fd:ce:65:cf:
         3e:1b:34:2f:00:72:24:5f:3e:1c:1c:7b:dc:30:20:48:aa:65:
         74:aa:19:0b:b9:0a:5a:ab:f3:4f:94:ce:41:2e:8c:f8:5b:fa:
         99:69:d6:b5:30:15:c4:e2:34:97:4c:31:93:7e:bd:84:bb:62:
         19:e1:87:eb:6b:6a:f3:19:cb:3e:6c:0f:5b:99:e8:57:c5:0b:
         a6:85:92:b6:31:a0:62:5a:ae:e8:4a:82:e6:01:89:de:7b:22:
         e8:71:20:09:c3:2a:f0:62:a9:7f:4d:74:18:d1:8d:f6:df:8b:
         d8:9a:84:3f:9e:c1:72:d3:a0:cb:38:63:0d:96:80:58:24:17:
         85:fd:57:46:cd:0d:d0:00:e6:87:67:fb:be:31:d9:da:28:97:
         b4:bd:14:1b:b4:06:f1:e3:2b:84:86:c1:cd:3a:c7:e1:3c:9e:
         b2:61:ee:38:48:4c:32:3f:fb:d2:9a:81:68:94:28:80:b5:f0:
         68:f8:38:f0:42:d4:1a:2b:f6:c2:b9:c0:51:f7:26:38:ba:42:
         57:50:dc:2c:56:95:f1:91:eb:57:85:96:30:e4:7f:45:ec:fd:
         a5:cd:35:d3:50:7b:38:b1:5f:c8:58:80:7d:f3:bd:a5:20:51:
         e9:36:d7:4d
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDBS+hMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDJk
MzJlYmU5MTYwMDlhM2ZjMzc4MGI3ZTk2ZTJiMDE0MWQ4NDc1ODUwHhcNMjEwMzI0
MTQzMTQ0WhcNMjYwMzI0MTQzMTQ0WjAzMTEwLwYDVQQDEyhlOWY3MDAzMzBjYTY5
YzExZjYzODNmOTA0ZGFjZjVhZGRjMzFjOWVhMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAsBu9XJR2ggdO6BmeuAe9jV+G2Mibxt4mnR2VtNHQxwxFGlU5
mKLT1qEX+iwX+PeAIXlMDVIBY96DWpRi5laXTePyhm4FHN/DyJrH9+WHz3oY752O
r9SDhNZf39ClI8A3c/POQycYuitqtPvALH6Ya5IShG6z1J8UcX4h/srPJ2qQXdmJ
WLHTrxPO04GnmSbaB+y8JAlui9zA9qWnICM9AY5NfnyglzyD9KxSX0ghUF8VIw/c
f8OAYiDbGV82AMcDGIjvjWY7LlZPtHgplxTnokpG0X7NBVCU1FEMH1oB4XTNZtPl
x420N1iER+x+y9GgOQ923JkcbJfFOzQZptxqUwIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFPWKlBiMhC3OXZcD97wykCkgiTIyMB8GA1UdIwQYMBaAFFQ+JJ291asPZahE
t7auy4VzKx6tMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvMmQzMmVi
ZTkxNjAwOWEzZmMzNzgwYjdlOTZlMmIwMTQxZDg0NzU4NS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMTZiM2UzMWQtNmU0Ny00OTg1LWE0ZGYtNzBhYTYy
NjliZDZmL2U5ZjcwMDMzMGNhNjljMTFmNjM4M2Y5MDRkYWNmNWFkZGMzMWM5ZWEu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8xNmIzZTMxZC02ZTQ3LTQ5ODUtYTRkZi03MGFh
NjI2OWJkNmYvMmQzMmViZTkxNjAwOWEzZmMzNzgwYjdlOTZlMmIwMTQxZDg0NzU4
NS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAqh5ODANBgkqhkiG9w0BAQsFAAOCAQEAWUVrWxkhczVt/cZO
wgP9zmXPPhs0LwByJF8+HBx73DAgSKpldKoZC7kKWqvzT5TOQS6M+Fv6mWnWtTAV
xOI0l0wxk369hLtiGeGH62tq8xnLPmwPW5noV8ULpoWStjGgYlqu6EqC5gGJ3nsi
6HEgCcMq8GKpf010GNGN9t+L2JqEP57BctOgyzhjDZaAWCQXhf1XRs0N0ADmh2f7
vjHZ2iiXtL0UG7QG8eMrhIbBzTrH4TyesmHuOEhMMj/70pqBaJQogLXwaPg48ELU
Giv2wrnAUfcmOLpCV1DcLFaV8ZHrV4WWMOR/Rez9pc0101B7OLFfyFiAffO9pSBR
6TbXTQ==
-----END CERTIFICATE-----
Generated at Wed Mar 15 11:45:42 2023 by rpki-client on console-fra.rpki-client.org