Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/1b639f57-328c-4304-96a5-c462937dcbd4/583cce5a25d39df638be3f5bbe1307ae9c110059.roa
File:                     583cce5a25d39df638be3f5bbe1307ae9c110059.roa (raw, json)
Hash identifier:          I0gi8FBLtHCkhZkA/g6iePubV5hQkQagZyPRMN79S0M=
Subject key identifier:   A7:D1:60:E6:BB:49:2A:E7:CE:65:94:7B:4C:F2:0D:8B:92:A2:2D:75
Certificate issuer:       /CN=b21961a01ca0e4d8ae0616af0d1f34b14d3d0855
Certificate serial:       036B
Authority key identifier: 7C:B2:36:EC:6A:30:FA:44:A5:8B:A6:F3:49:0D:80:5F:CE:34:74:A9
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/b21961a01ca0e4d8ae0616af0d1f34b14d3d0855.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/1b639f57-328c-4304-96a5-c462937dcbd4/583cce5a25d39df638be3f5bbe1307ae9c110059.roa
Signing time:             Fri 26 Aug 2022 21:48:02 +0000
ROA not before:           Fri 26 Aug 2022 21:45:41 +0000
ROA not after:            Mon 26 Aug 2024 21:45:41 +0000
asID:                     265675
IP address blocks:        143.255.104.0/24 maxlen: 24
                          143.255.105.0/24 maxlen: 24
                          143.255.106.0/24 maxlen: 24
                          143.255.107.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/1b639f57-328c-4304-96a5-c462937dcbd4/b21961a01ca0e4d8ae0616af0d1f34b14d3d0855.crl
                          rsync://repository.lacnic.net/rpki/lacnic/1b639f57-328c-4304-96a5-c462937dcbd4/b21961a01ca0e4d8ae0616af0d1f34b14d3d0855.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/b21961a01ca0e4d8ae0616af0d1f34b14d3d0855.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 03:49:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 875 (0x36b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b21961a01ca0e4d8ae0616af0d1f34b14d3d0855
        Validity
            Not Before: Aug 26 21:45:41 2022 GMT
            Not After : Aug 26 21:45:41 2024 GMT
        Subject: CN=583cce5a25d39df638be3f5bbe1307ae9c110059
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:8d:18:fc:8e:df:ba:4a:2d:c5:34:81:73:be:
                    d0:0d:fb:ae:4c:54:e8:78:59:62:34:f8:b9:7c:09:
                    63:af:d4:56:90:6f:cd:32:0b:a7:24:68:9d:e7:1b:
                    32:7e:ce:8d:1c:d6:73:24:7f:71:a0:63:47:13:5b:
                    16:7e:86:7e:85:87:79:4b:e2:38:be:26:3a:09:b0:
                    f6:4b:1a:13:9c:cb:e2:07:b5:f4:ff:6a:62:ac:f9:
                    f5:15:ad:64:8d:6b:ae:a3:25:d7:d5:e9:dd:b1:8c:
                    5d:18:b6:10:ff:0b:20:8e:0c:b1:5b:01:de:10:b0:
                    e0:ef:e4:33:01:f1:d0:97:b1:82:e4:28:5a:6a:f0:
                    33:ba:e2:a1:c4:39:ac:2f:24:3a:9f:91:6c:83:06:
                    46:8a:b3:5d:27:57:b3:b7:42:2a:a9:79:ea:de:b9:
                    35:bc:01:e3:e9:a2:48:76:2d:e4:01:e4:e4:75:39:
                    b5:3a:31:79:ac:00:3d:d7:28:b5:15:71:aa:47:2b:
                    5d:33:d1:01:c9:20:ce:38:82:4a:61:d4:76:f6:3b:
                    aa:bc:fe:a2:a6:a4:54:31:4c:77:1c:65:db:dc:07:
                    b3:ea:70:b1:38:7d:dc:20:ea:d0:78:61:e5:7e:7e:
                    f8:21:cc:7c:8b:54:4e:9a:ad:30:78:f7:65:6b:a6:
                    f0:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A7:D1:60:E6:BB:49:2A:E7:CE:65:94:7B:4C:F2:0D:8B:92:A2:2D:75
            X509v3 Authority Key Identifier:
                keyid:7C:B2:36:EC:6A:30:FA:44:A5:8B:A6:F3:49:0D:80:5F:CE:34:74:A9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/b21961a01ca0e4d8ae0616af0d1f34b14d3d0855.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/1b639f57-328c-4304-96a5-c462937dcbd4/583cce5a25d39df638be3f5bbe1307ae9c110059.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/1b639f57-328c-4304-96a5-c462937dcbd4/b21961a01ca0e4d8ae0616af0d1f34b14d3d0855.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  143.255.104.0/22

    Signature Algorithm: sha256WithRSAEncryption
         58:e0:5b:b8:c0:db:69:86:0a:cd:69:62:3b:e8:38:2c:ab:89:
         6f:ac:f3:50:2b:3e:97:c0:0b:20:c8:f1:c1:c9:56:19:03:98:
         cb:62:0f:e2:10:10:a2:81:dd:11:be:0b:ab:8c:dd:4c:a9:ba:
         ed:28:fc:00:e7:54:ba:78:7d:64:6c:c7:f9:3a:7d:c8:17:5f:
         a4:7a:ef:fb:59:93:30:b4:53:22:b9:72:ff:77:68:11:97:97:
         dc:ce:dc:65:44:e8:b9:a6:08:f6:10:9c:1f:e7:8d:81:c2:b1:
         4e:73:c7:15:41:05:81:1b:21:4b:e9:e1:23:cd:a2:7a:a6:3b:
         82:82:83:04:9c:b0:c2:64:c0:bf:a5:c3:b8:e6:f8:eb:11:ac:
         eb:39:5c:6d:64:25:6e:c6:62:b5:59:ae:09:68:5d:b1:18:ec:
         84:d3:47:fe:2e:ab:9b:d4:fa:44:d9:0d:fa:ce:ca:e2:7c:00:
         20:99:f7:21:29:ea:a7:b9:1d:c7:7c:a4:dc:3f:57:c2:87:c5:
         da:d5:47:ff:c4:6d:ae:34:9b:00:9b:42:33:d4:ff:e2:94:7a:
         e5:73:27:66:e1:47:6e:83:e3:b2:c2:20:ac:f4:0d:2c:fb:a8:
         75:29:93:17:98:2e:c0:d6:2f:10:fd:5d:c4:a5:90:29:b8:c0:
         93:02:99:88
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgICA2swDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoYjIx
OTYxYTAxY2EwZTRkOGFlMDYxNmFmMGQxZjM0YjE0ZDNkMDg1NTAeFw0yMjA4MjYy
MTQ1NDFaFw0yNDA4MjYyMTQ1NDFaMDMxMTAvBgNVBAMTKDU4M2NjZTVhMjVkMzlk
ZjYzOGJlM2Y1YmJlMTMwN2FlOWMxMTAwNTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCxjRj8jt+6Si3FNIFzvtAN+65MVOh4WWI0+Ll8CWOv1FaQb80y
C6ckaJ3nGzJ+zo0c1nMkf3GgY0cTWxZ+hn6Fh3lL4ji+JjoJsPZLGhOcy+IHtfT/
amKs+fUVrWSNa66jJdfV6d2xjF0YthD/CyCODLFbAd4QsODv5DMB8dCXsYLkKFpq
8DO64qHEOawvJDqfkWyDBkaKs10nV7O3QiqpeereuTW8AePpokh2LeQB5OR1ObU6
MXmsAD3XKLUVcapHK10z0QHJIM44gkph1Hb2O6q8/qKmpFQxTHccZdvcB7PqcLE4
fdwg6tB4YeV+fvghzHyLVE6arTB492VrpvCrAgMBAAGjggJbMIICVzAdBgNVHQ4E
FgQUp9Fg5rtJKufOZZR7TPINi5KiLXUwHwYDVR0jBBgwFoAUfLI27Gow+kSli6bz
SQ2AX840dKkwDgYDVR0PAQH/BAQDAgeAMIGaBggrBgEFBQcBAQSBjTCBijCBhwYI
KwYBBQUHMAKGe3JzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jwa2kvbGFj
bmljLzQ4ZjA4M2JiLWY2MDMtNDg5My05OTkwLTAyODRjMDRjZWI4NS9iMjE5NjFh
MDFjYTBlNGQ4YWUwNjE2YWYwZDFmMzRiMTRkM2QwODU1LmNlcjCBmgYIKwYBBQUH
AQsEgY0wgYowgYcGCCsGAQUFBzALhntyc3luYzovL3JlcG9zaXRvcnkubGFjbmlj
Lm5ldC9ycGtpL2xhY25pYy8xYjYzOWY1Ny0zMjhjLTQzMDQtOTZhNS1jNDYyOTM3
ZGNiZDQvNTgzY2NlNWEyNWQzOWRmNjM4YmUzZjViYmUxMzA3YWU5YzExMDA1OS5y
b2EwgY8GA1UdHwSBhzCBhDCBgaB/oH2Ge3JzeW5jOi8vcmVwb3NpdG9yeS5sYWNu
aWMubmV0L3Jwa2kvbGFjbmljLzFiNjM5ZjU3LTMyOGMtNDMwNC05NmE1LWM0NjI5
MzdkY2JkNC9iMjE5NjFhMDFjYTBlNGQ4YWUwNjE2YWYwZDFmMzRiMTRkM2QwODU1
LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAw
DjAMBAIAATAGAwQCj/9oMA0GCSqGSIb3DQEBCwUAA4IBAQBY4Fu4wNtphgrNaWI7
6Dgsq4lvrPNQKz6XwAsgyPHByVYZA5jLYg/iEBCigd0RvgurjN1MqbrtKPwA51S6
eH1kbMf5On3IF1+keu/7WZMwtFMiuXL/d2gRl5fcztxlROi5pgj2EJwf542BwrFO
c8cVQQWBGyFL6eEjzaJ6pjuCgoMEnLDCZMC/pcO45vjrEazrOVxtZCVuxmK1Wa4J
aF2xGOyE00f+Lqub1PpE2Q36zsrifAAgmfchKeqnuR3HfKTcP1fCh8Xa1Uf/xG2u
NJsAm0Iz1P/ilHrlcydm4Udug+OywiCs9A0s+6h1KZMXmC7A1i8Q/V3EpZApuMCT
ApmI
-----END CERTIFICATE-----
Generated at Thu Mar 28 08:34:28 2024 by rpki-client on console-fra.rpki-client.org