Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/17a5fff3-ce5c-45bf-8e7b-7c38526167bc/b58f072726b7984f55e48e8f252cb8c6a798a229.roa
File:                     b58f072726b7984f55e48e8f252cb8c6a798a229.roa (raw, json)
Hash identifier:          zkJTerL2QChNSlJSRt1bC+xulfZXTSTRT6clhhdBxPM=
Subject key identifier:   54:C2:2D:B1:D4:61:CE:5D:D0:3C:55:8D:4A:AB:FB:63:68:37:C2:F4
Certificate issuer:       /CN=41d303e19ed96f1a50fe58310ca4f4f2cbdbca2c
Certificate serial:       1BD8BB
Authority key identifier: B2:80:5E:48:A7:88:4C:74:39:F1:4F:AA:54:F3:38:DA:4B:56:60:E6
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/41d303e19ed96f1a50fe58310ca4f4f2cbdbca2c.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/17a5fff3-ce5c-45bf-8e7b-7c38526167bc/b58f072726b7984f55e48e8f252cb8c6a798a229.roa
Signing time:             Wed 09 Nov 2022 13:40:26 +0000
ROA not before:           Sat 05 Nov 2022 12:44:06 +0000
ROA not after:            Sat 09 Nov 2024 12:44:06 +0000
asID:                     266800
IP address blocks:        45.234.121.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/17a5fff3-ce5c-45bf-8e7b-7c38526167bc/41d303e19ed96f1a50fe58310ca4f4f2cbdbca2c.crl
                          rsync://repository.lacnic.net/rpki/lacnic/17a5fff3-ce5c-45bf-8e7b-7c38526167bc/41d303e19ed96f1a50fe58310ca4f4f2cbdbca2c.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/41d303e19ed96f1a50fe58310ca4f4f2cbdbca2c.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 19:38:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1824955 (0x1bd8bb)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=41d303e19ed96f1a50fe58310ca4f4f2cbdbca2c
        Validity
            Not Before: Nov  5 12:44:06 2022 GMT
            Not After : Nov  9 12:44:06 2024 GMT
        Subject: CN=b58f072726b7984f55e48e8f252cb8c6a798a229
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:f8:ef:07:c9:4b:3a:34:83:b5:fe:bd:83:6e:
                    59:2c:5d:ce:df:64:6e:d8:31:53:2c:91:8f:e5:20:
                    f9:6d:b2:71:c2:c0:b5:d3:94:82:37:80:86:76:c4:
                    00:28:38:41:de:57:c6:f3:c8:ff:ce:4a:32:6d:87:
                    04:7e:57:fe:55:2f:41:a8:59:0a:cc:51:84:48:ea:
                    cd:ca:d4:8a:66:d8:5d:55:7d:34:56:a6:3b:91:50:
                    ef:49:63:14:a2:e8:24:01:8d:4d:0f:ee:f3:70:e0:
                    e2:f7:15:34:7f:c0:0f:4b:0d:af:96:f1:83:58:c0:
                    e1:c9:9f:ea:74:24:e1:34:fb:c5:2a:27:d1:5e:58:
                    6d:49:13:8d:1c:e1:30:57:bc:7f:99:1c:33:47:f7:
                    ac:e1:f2:84:0f:9b:aa:3c:a4:04:97:c9:67:4d:b1:
                    09:1a:f1:f7:00:41:b9:61:20:f0:99:34:b2:f2:9f:
                    ce:2d:98:92:40:6e:73:49:97:0d:38:0f:0f:b7:40:
                    55:5c:df:5b:83:35:68:f4:54:fa:6e:99:5d:81:00:
                    64:7e:24:bf:88:b0:72:82:3d:1e:bb:6b:c4:74:03:
                    52:be:90:e8:24:07:10:3f:32:33:f0:72:2d:10:4c:
                    32:6f:c5:0b:78:8e:fc:1d:03:86:de:ba:61:13:8b:
                    a1:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                54:C2:2D:B1:D4:61:CE:5D:D0:3C:55:8D:4A:AB:FB:63:68:37:C2:F4
            X509v3 Authority Key Identifier:
                keyid:B2:80:5E:48:A7:88:4C:74:39:F1:4F:AA:54:F3:38:DA:4B:56:60:E6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/41d303e19ed96f1a50fe58310ca4f4f2cbdbca2c.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/17a5fff3-ce5c-45bf-8e7b-7c38526167bc/b58f072726b7984f55e48e8f252cb8c6a798a229.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/17a5fff3-ce5c-45bf-8e7b-7c38526167bc/41d303e19ed96f1a50fe58310ca4f4f2cbdbca2c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.234.121.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2a:a8:47:6a:1b:39:6b:89:55:6b:a3:db:fc:dd:64:04:41:7b:
         e7:f8:9d:f3:e6:9e:e3:c5:96:fa:f1:0f:2c:a1:ac:22:7e:63:
         c8:90:3c:ec:b1:7a:2e:8b:7c:c7:78:33:ad:f0:f2:f0:3b:fa:
         91:5c:96:11:2f:85:16:86:ab:07:96:64:c4:4f:f1:b7:e7:3a:
         de:1e:58:f0:94:47:46:6b:39:01:3e:29:1d:13:df:df:5f:d3:
         33:92:46:95:0a:3a:7d:d5:58:9f:04:c4:b3:a1:85:de:38:7c:
         19:d0:44:93:6a:48:66:bd:19:b5:2e:44:47:8f:43:44:f7:be:
         9e:90:8a:48:31:6e:58:0d:19:be:33:a2:4b:d7:80:6a:3e:ee:
         97:a4:35:3e:2b:5d:69:49:6a:c0:39:79:c0:1f:f1:5d:90:fd:
         60:d3:55:02:58:17:f6:cb:a5:85:28:fd:8e:b6:a1:ca:be:55:
         e4:42:6b:11:e0:f5:78:a2:50:70:2d:b9:4e:26:05:8b:15:8e:
         5f:1e:23:31:c1:f6:fd:48:7d:65:92:12:3b:87:fc:cc:12:a8:
         00:14:78:a8:15:c1:a4:34:1c:ef:3c:fa:e6:12:87:29:9f:82:
         11:60:0a:d5:29:45:9c:bf:9b:38:64:ac:10:e4:fd:7f:a6:c1:
         26:a9:3f:85
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDG9i7MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDQx
ZDMwM2UxOWVkOTZmMWE1MGZlNTgzMTBjYTRmNGYyY2JkYmNhMmMwHhcNMjIxMTA1
MTI0NDA2WhcNMjQxMTA5MTI0NDA2WjAzMTEwLwYDVQQDEyhiNThmMDcyNzI2Yjc5
ODRmNTVlNDhlOGYyNTJjYjhjNmE3OThhMjI5MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAsfjvB8lLOjSDtf69g25ZLF3O32Ru2DFTLJGP5SD5bbJxwsC1
05SCN4CGdsQAKDhB3lfG88j/zkoybYcEflf+VS9BqFkKzFGESOrNytSKZthdVX00
VqY7kVDvSWMUougkAY1ND+7zcODi9xU0f8APSw2vlvGDWMDhyZ/qdCThNPvFKifR
XlhtSRONHOEwV7x/mRwzR/es4fKED5uqPKQEl8lnTbEJGvH3AEG5YSDwmTSy8p/O
LZiSQG5zSZcNOA8Pt0BVXN9bgzVo9FT6bpldgQBkfiS/iLBygj0eu2vEdANSvpDo
JAcQPzIz8HItEEwyb8ULeI78HQOG3rphE4uh4QIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFFTCLbHUYc5d0DxVjUqr+2NoN8L0MB8GA1UdIwQYMBaAFLKAXkiniEx0OfFP
qlTzONpLVmDmMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvNDFkMzAz
ZTE5ZWQ5NmYxYTUwZmU1ODMxMGNhNGY0ZjJjYmRiY2EyYy5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMTdhNWZmZjMtY2U1Yy00NWJmLThlN2ItN2MzODUy
NjE2N2JjL2I1OGYwNzI3MjZiNzk4NGY1NWU0OGU4ZjI1MmNiOGM2YTc5OGEyMjku
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8xN2E1ZmZmMy1jZTVjLTQ1YmYtOGU3Yi03YzM4
NTI2MTY3YmMvNDFkMzAzZTE5ZWQ5NmYxYTUwZmU1ODMxMGNhNGY0ZjJjYmRiY2Ey
Yy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAC3qeTANBgkqhkiG9w0BAQsFAAOCAQEAKqhHahs5a4lVa6Pb
/N1kBEF75/id8+ae48WW+vEPLKGsIn5jyJA87LF6Lot8x3gzrfDy8Dv6kVyWES+F
FoarB5ZkxE/xt+c63h5Y8JRHRms5AT4pHRPf31/TM5JGlQo6fdVYnwTEs6GF3jh8
GdBEk2pIZr0ZtS5ER49DRPe+npCKSDFuWA0ZvjOiS9eAaj7ul6Q1PitdaUlqwDl5
wB/xXZD9YNNVAlgX9sulhSj9jrahyr5V5EJrEeD1eKJQcC25TiYFixWOXx4jMcH2
/Uh9ZZISO4f8zBKoABR4qBXBpDQc7zz65hKHKZ+CEWAK1SlFnL+bOGSsEOT9f6bB
Jqk/hQ==
-----END CERTIFICATE-----
Generated at Fri Mar 29 02:12:55 2024 by rpki-client on console-ams.rpki-client.org