Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/1cc548ff-8f0c-4e75-8125-5e095fbf24c0/a72066a23575a5170111ca66d182dd2443084643.roa
File:                     a72066a23575a5170111ca66d182dd2443084643.roa (raw, json)
Hash identifier:          BOFiK/xHd4639c8LW4gOQsMrKee+pzv2XuyZy05qxmY=
Subject key identifier:   6C:45:43:73:DE:5D:F0:E5:13:FF:01:25:4D:CE:BD:AC:3E:0E:12:48
Certificate issuer:       /CN=d85da304334fb36204a370e950487689e811a2c8
Certificate serial:       221ABF
Authority key identifier: 95:A8:9C:41:76:01:10:8E:0E:98:02:3D:07:26:F4:4A:7C:51:0F:4B
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/d85da304334fb36204a370e950487689e811a2c8.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/1cc548ff-8f0c-4e75-8125-5e095fbf24c0/a72066a23575a5170111ca66d182dd2443084643.roa
Signing time:             Tue 25 Apr 2023 15:04:53 +0000
ROA not before:           Mon 24 Apr 2023 15:04:37 +0000
ROA not after:            Fri 25 Apr 2025 15:04:37 +0000
asID:                     28064
IP address blocks:        201.218.244.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/1cc548ff-8f0c-4e75-8125-5e095fbf24c0/d85da304334fb36204a370e950487689e811a2c8.crl
                          rsync://repository.lacnic.net/rpki/lacnic/1cc548ff-8f0c-4e75-8125-5e095fbf24c0/d85da304334fb36204a370e950487689e811a2c8.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/d85da304334fb36204a370e950487689e811a2c8.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 14 Apr 2024 19:18:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2235071 (0x221abf)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d85da304334fb36204a370e950487689e811a2c8
        Validity
            Not Before: Apr 24 15:04:37 2023 GMT
            Not After : Apr 25 15:04:37 2025 GMT
        Subject: CN=a72066a23575a5170111ca66d182dd2443084643
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:83:f0:9f:dd:8a:52:75:f4:fa:c5:5c:f7:f9:22:
                    15:60:67:47:56:18:87:8c:d1:ff:40:31:ea:43:cb:
                    8a:60:4b:46:07:89:3b:97:80:1e:5d:b4:a1:9e:23:
                    b6:18:91:c9:21:e9:a1:ce:7e:21:56:04:b5:d6:83:
                    6a:d4:bc:f9:04:e1:c7:af:e6:5c:4b:e4:a0:e6:eb:
                    da:d8:73:98:7e:65:45:55:1f:76:96:2f:57:1b:5d:
                    21:74:d4:f8:43:ae:f8:9a:29:de:96:9b:c5:98:fa:
                    45:31:84:bd:c2:dc:d8:a2:2b:ed:b5:04:bf:92:52:
                    97:30:6a:13:e8:a1:2c:5c:33:57:3a:18:5f:be:b0:
                    e3:7a:1e:27:e9:26:bb:51:12:6a:be:5b:49:e0:53:
                    ea:40:64:30:36:84:e6:73:b2:c5:7b:34:cc:f6:50:
                    0b:d5:7b:2f:6b:ba:6c:23:20:97:67:ed:3d:88:e5:
                    ad:f1:da:d6:e4:83:98:78:f7:5a:66:a5:f2:ca:d1:
                    a2:0c:78:b8:ea:cd:28:90:1d:be:87:d2:eb:59:52:
                    a4:f7:d6:8c:ce:14:41:90:4f:25:03:d2:36:2e:e9:
                    9b:b0:2e:d1:4d:bb:4f:9f:99:84:7a:8d:dd:ae:24:
                    e4:36:07:eb:77:2b:7f:38:17:0d:0c:93:b6:e2:d5:
                    a7:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6C:45:43:73:DE:5D:F0:E5:13:FF:01:25:4D:CE:BD:AC:3E:0E:12:48
            X509v3 Authority Key Identifier:
                keyid:95:A8:9C:41:76:01:10:8E:0E:98:02:3D:07:26:F4:4A:7C:51:0F:4B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/d85da304334fb36204a370e950487689e811a2c8.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/1cc548ff-8f0c-4e75-8125-5e095fbf24c0/a72066a23575a5170111ca66d182dd2443084643.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/1cc548ff-8f0c-4e75-8125-5e095fbf24c0/d85da304334fb36204a370e950487689e811a2c8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  201.218.244.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1a:a6:f8:20:42:28:6d:4c:f4:f7:ab:cb:08:66:af:3c:38:7d:
         40:46:22:4c:83:e3:3a:43:99:4e:ee:30:32:1c:1f:56:55:5a:
         72:61:36:a8:78:e3:f7:dd:f5:0b:68:f3:ec:ee:20:ed:be:d5:
         57:3f:18:e6:46:e4:4f:ec:a0:2f:66:e3:96:c8:b4:d4:d2:e7:
         1a:b1:45:a9:fd:dd:67:60:14:ad:63:0d:9d:b9:c6:1b:d0:7e:
         03:63:71:16:98:cd:7c:47:e3:10:85:c7:10:0c:1f:20:8c:68:
         7f:2b:4e:65:58:02:3d:6d:a3:72:5b:bb:52:97:ed:98:56:ad:
         53:95:cb:50:59:6d:33:30:40:2a:72:95:83:95:d8:8a:c7:b9:
         da:cf:af:30:17:09:48:07:45:4a:42:05:c6:d8:ed:69:9c:a0:
         42:3e:44:48:08:86:fd:64:e3:a1:ea:e6:9b:d5:4b:ea:9d:b1:
         cc:43:8d:86:b6:e4:64:2f:a6:89:57:44:45:40:e9:f5:10:b1:
         bf:91:08:31:b0:31:f0:86:6c:3c:43:11:6c:30:3c:6e:bd:7a:
         51:74:a0:12:f7:b1:f0:a5:48:b3:fe:bf:e3:cf:5e:70:d8:15:
         a7:1b:1e:01:fc:f5:3a:f3:53:75:d3:35:a2:e4:6b:72:1a:df:
         18:53:e9:41
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDIhq/MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGQ4
NWRhMzA0MzM0ZmIzNjIwNGEzNzBlOTUwNDg3Njg5ZTgxMWEyYzgwHhcNMjMwNDI0
MTUwNDM3WhcNMjUwNDI1MTUwNDM3WjAzMTEwLwYDVQQDEyhhNzIwNjZhMjM1NzVh
NTE3MDExMWNhNjZkMTgyZGQyNDQzMDg0NjQzMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAg/Cf3YpSdfT6xVz3+SIVYGdHVhiHjNH/QDHqQ8uKYEtGB4k7
l4AeXbShniO2GJHJIemhzn4hVgS11oNq1Lz5BOHHr+ZcS+Sg5uva2HOYfmVFVR92
li9XG10hdNT4Q674minelpvFmPpFMYS9wtzYoivttQS/klKXMGoT6KEsXDNXOhhf
vrDjeh4n6Sa7URJqvltJ4FPqQGQwNoTmc7LFezTM9lAL1Xsva7psIyCXZ+09iOWt
8drW5IOYePdaZqXyytGiDHi46s0okB2+h9LrWVKk99aMzhRBkE8lA9I2LumbsC7R
TbtPn5mEeo3driTkNgfrdyt/OBcNDJO24tWnuwIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFGxFQ3PeXfDlE/8BJU3Ovaw+DhJIMB8GA1UdIwQYMBaAFJWonEF2ARCODpgC
PQcm9Ep8UQ9LMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvZDg1ZGEz
MDQzMzRmYjM2MjA0YTM3MGU5NTA0ODc2ODllODExYTJjOC5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMWNjNTQ4ZmYtOGYwYy00ZTc1LTgxMjUtNWUwOTVm
YmYyNGMwL2E3MjA2NmEyMzU3NWE1MTcwMTExY2E2NmQxODJkZDI0NDMwODQ2NDMu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8xY2M1NDhmZi04ZjBjLTRlNzUtODEyNS01ZTA5
NWZiZjI0YzAvZDg1ZGEzMDQzMzRmYjM2MjA0YTM3MGU5NTA0ODc2ODllODExYTJj
OC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAMna9DANBgkqhkiG9w0BAQsFAAOCAQEAGqb4IEIobUz096vL
CGavPDh9QEYiTIPjOkOZTu4wMhwfVlVacmE2qHjj9931C2jz7O4g7b7VVz8Y5kbk
T+ygL2bjlsi01NLnGrFFqf3dZ2AUrWMNnbnGG9B+A2NxFpjNfEfjEIXHEAwfIIxo
fytOZVgCPW2jclu7UpftmFatU5XLUFltMzBAKnKVg5XYise52s+vMBcJSAdFSkIF
xtjtaZygQj5ESAiG/WTjoermm9VL6p2xzEONhrbkZC+miVdERUDp9RCxv5EIMbAx
8IZsPEMRbDA8br16UXSgEvex8KVIs/6/489ecNgVpxseAfz1OvNTddM1ouRrchrf
GFPpQQ==
-----END CERTIFICATE-----
Generated at Fri Apr 12 03:03:43 2024 by rpki-client on console-ams.rpki-client.org