Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/1b639f57-328c-4304-96a5-c462937dcbd4/93e6492fd5360000444578242da0edc4841fa4aa.roa
File:                     93e6492fd5360000444578242da0edc4841fa4aa.roa (raw, json)
Hash identifier:          z5pd4lyDeoQkVwCBMnKZFmMg1NPKRIugAFmcJAQiqdA=
Subject key identifier:   00:22:49:CC:BE:E1:B2:88:9C:B5:54:64:07:E5:72:09:D9:B1:3D:9C
Certificate issuer:       /CN=b21961a01ca0e4d8ae0616af0d1f34b14d3d0855
Certificate serial:       0584
Authority key identifier: 7C:B2:36:EC:6A:30:FA:44:A5:8B:A6:F3:49:0D:80:5F:CE:34:74:A9
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/b21961a01ca0e4d8ae0616af0d1f34b14d3d0855.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/1b639f57-328c-4304-96a5-c462937dcbd4/93e6492fd5360000444578242da0edc4841fa4aa.roa
Signing time:             Fri 26 Aug 2022 21:49:42 +0000
ROA not before:           Fri 26 Aug 2022 21:48:46 +0000
ROA not after:            Mon 26 Aug 2024 21:48:46 +0000
asID:                     265675
IP address blocks:        143.255.104.0/23 maxlen: 23
                          143.255.106.0/23 maxlen: 23

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/1b639f57-328c-4304-96a5-c462937dcbd4/b21961a01ca0e4d8ae0616af0d1f34b14d3d0855.crl
                          rsync://repository.lacnic.net/rpki/lacnic/1b639f57-328c-4304-96a5-c462937dcbd4/b21961a01ca0e4d8ae0616af0d1f34b14d3d0855.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/b21961a01ca0e4d8ae0616af0d1f34b14d3d0855.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 19:38:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1412 (0x584)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b21961a01ca0e4d8ae0616af0d1f34b14d3d0855
        Validity
            Not Before: Aug 26 21:48:46 2022 GMT
            Not After : Aug 26 21:48:46 2024 GMT
        Subject: CN=93e6492fd5360000444578242da0edc4841fa4aa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:7f:ef:77:9b:1a:fc:3c:d5:f7:66:56:f4:8a:
                    b1:2a:d4:6d:5a:40:87:8f:35:dd:42:d9:20:2d:61:
                    e3:ce:f9:0a:b3:97:43:8f:a8:2d:25:85:7e:7f:1b:
                    24:8a:82:0d:05:4c:66:a1:3d:14:52:5d:8a:05:69:
                    3e:61:62:f4:48:ed:cb:92:32:01:df:87:d0:7b:47:
                    4f:c4:e7:de:01:e2:18:f8:8c:b2:87:d9:25:b3:c9:
                    7c:70:1f:f2:a7:47:09:24:dd:1d:bc:05:fd:df:ec:
                    61:a4:a0:77:44:f3:7f:9a:fe:25:cd:e3:9c:83:92:
                    e3:af:14:1a:37:9a:55:05:79:d4:8c:2d:9e:f6:11:
                    6d:f4:eb:8f:14:3d:e3:20:0e:95:be:03:8d:b9:84:
                    8f:32:dc:73:e9:80:4f:1c:fb:cb:b2:76:91:84:a6:
                    a7:cc:4c:28:55:30:fb:4d:49:86:98:09:07:07:94:
                    d9:f1:ac:28:ff:6c:e0:1c:83:c3:d1:f8:52:70:04:
                    f0:df:40:aa:47:53:3b:da:e2:e1:a5:94:8a:66:a9:
                    76:07:2d:d9:96:73:0a:30:35:ae:5e:f4:79:58:ee:
                    86:87:ce:c5:00:34:24:c1:df:42:04:a9:f3:de:86:
                    09:3c:cb:f7:09:8f:eb:19:18:5d:4a:90:e5:87:43:
                    51:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                00:22:49:CC:BE:E1:B2:88:9C:B5:54:64:07:E5:72:09:D9:B1:3D:9C
            X509v3 Authority Key Identifier:
                keyid:7C:B2:36:EC:6A:30:FA:44:A5:8B:A6:F3:49:0D:80:5F:CE:34:74:A9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/b21961a01ca0e4d8ae0616af0d1f34b14d3d0855.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/1b639f57-328c-4304-96a5-c462937dcbd4/93e6492fd5360000444578242da0edc4841fa4aa.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/1b639f57-328c-4304-96a5-c462937dcbd4/b21961a01ca0e4d8ae0616af0d1f34b14d3d0855.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  143.255.104.0/22

    Signature Algorithm: sha256WithRSAEncryption
         50:d9:d4:05:0f:2b:b0:3c:44:1f:b0:ae:54:d7:ef:90:37:fa:
         a5:75:f1:99:54:e8:af:9e:57:d9:50:b3:25:2c:a9:79:32:25:
         23:f7:26:ad:57:56:a2:e5:67:1e:7c:c0:69:de:96:b3:b7:a4:
         00:b1:aa:e6:e3:35:9e:a7:a2:01:34:aa:ec:0b:c0:b2:dd:2c:
         e6:9a:f7:dd:fe:ed:f1:e3:b9:c1:6a:a5:ed:ef:85:1f:2c:84:
         6a:40:26:e0:bd:ff:ac:d6:3b:0a:47:a5:40:fc:11:b3:a5:3d:
         f3:7c:b7:94:88:5a:aa:d1:92:a2:a2:bc:b2:ee:49:30:e9:a8:
         d5:73:08:83:73:0a:6d:9d:74:2a:32:0a:64:68:43:5a:6c:49:
         0e:77:2f:fc:19:da:ea:d7:b4:63:52:e1:73:be:7a:09:2d:80:
         cb:80:cb:55:e3:57:57:8c:9d:7e:84:d9:f8:2a:b7:23:f7:3a:
         fc:49:fd:54:c2:f1:1c:55:6d:06:a8:20:06:66:58:a5:80:f8:
         43:cc:35:ae:ad:9a:41:52:aa:1a:c1:0a:12:e8:81:8d:b4:fa:
         0a:6a:4c:63:da:ea:c0:8b:bd:bd:4f:f7:56:05:d4:ab:58:be:
         fb:7a:40:07:6d:65:1c:a6:3c:6d:1f:a3:25:9b:db:d4:d9:7a:
         cc:66:66:cf
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgICBYQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoYjIx
OTYxYTAxY2EwZTRkOGFlMDYxNmFmMGQxZjM0YjE0ZDNkMDg1NTAeFw0yMjA4MjYy
MTQ4NDZaFw0yNDA4MjYyMTQ4NDZaMDMxMTAvBgNVBAMTKDkzZTY0OTJmZDUzNjAw
MDA0NDQ1NzgyNDJkYTBlZGM0ODQxZmE0YWEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCOf+93mxr8PNX3Zlb0irEq1G1aQIePNd1C2SAtYePO+Qqzl0OP
qC0lhX5/GySKgg0FTGahPRRSXYoFaT5hYvRI7cuSMgHfh9B7R0/E594B4hj4jLKH
2SWzyXxwH/KnRwkk3R28Bf3f7GGkoHdE83+a/iXN45yDkuOvFBo3mlUFedSMLZ72
EW30648UPeMgDpW+A425hI8y3HPpgE8c+8uydpGEpqfMTChVMPtNSYaYCQcHlNnx
rCj/bOAcg8PR+FJwBPDfQKpHUzva4uGllIpmqXYHLdmWcwowNa5e9HlY7oaHzsUA
NCTB30IEqfPehgk8y/cJj+sZGF1KkOWHQ1G/AgMBAAGjggJbMIICVzAdBgNVHQ4E
FgQUACJJzL7hsoictVRkB+VyCdmxPZwwHwYDVR0jBBgwFoAUfLI27Gow+kSli6bz
SQ2AX840dKkwDgYDVR0PAQH/BAQDAgeAMIGaBggrBgEFBQcBAQSBjTCBijCBhwYI
KwYBBQUHMAKGe3JzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jwa2kvbGFj
bmljLzQ4ZjA4M2JiLWY2MDMtNDg5My05OTkwLTAyODRjMDRjZWI4NS9iMjE5NjFh
MDFjYTBlNGQ4YWUwNjE2YWYwZDFmMzRiMTRkM2QwODU1LmNlcjCBmgYIKwYBBQUH
AQsEgY0wgYowgYcGCCsGAQUFBzALhntyc3luYzovL3JlcG9zaXRvcnkubGFjbmlj
Lm5ldC9ycGtpL2xhY25pYy8xYjYzOWY1Ny0zMjhjLTQzMDQtOTZhNS1jNDYyOTM3
ZGNiZDQvOTNlNjQ5MmZkNTM2MDAwMDQ0NDU3ODI0MmRhMGVkYzQ4NDFmYTRhYS5y
b2EwgY8GA1UdHwSBhzCBhDCBgaB/oH2Ge3JzeW5jOi8vcmVwb3NpdG9yeS5sYWNu
aWMubmV0L3Jwa2kvbGFjbmljLzFiNjM5ZjU3LTMyOGMtNDMwNC05NmE1LWM0NjI5
MzdkY2JkNC9iMjE5NjFhMDFjYTBlNGQ4YWUwNjE2YWYwZDFmMzRiMTRkM2QwODU1
LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAw
DjAMBAIAATAGAwQCj/9oMA0GCSqGSIb3DQEBCwUAA4IBAQBQ2dQFDyuwPEQfsK5U
1++QN/qldfGZVOivnlfZULMlLKl5MiUj9yatV1ai5WcefMBp3pazt6QAsarm4zWe
p6IBNKrsC8Cy3Szmmvfd/u3x47nBaqXt74UfLIRqQCbgvf+s1jsKR6VA/BGzpT3z
fLeUiFqq0ZKioryy7kkw6ajVcwiDcwptnXQqMgpkaENabEkOdy/8Gdrq17RjUuFz
vnoJLYDLgMtV41dXjJ1+hNn4Krcj9zr8Sf1UwvEcVW0GqCAGZlilgPhDzDWurZpB
UqoawQoS6IGNtPoKakxj2urAi729T/dWBdSrWL77ekAHbWUcpjxtH6Mlm9vU2XrM
ZmbP
-----END CERTIFICATE-----
Generated at Fri Mar 29 02:12:55 2024 by rpki-client on console-ams.rpki-client.org