Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/1d7a6a90-15a2-4446-bda5-b33ffdb9b1f0/73c2831667dba31f080268e9d9e05985b1f12a7e.roa
File:                     73c2831667dba31f080268e9d9e05985b1f12a7e.roa (raw, json)
Hash identifier:          ShhO374otoU26JMhlmk5kEjqllHPsHBHYLKrzlways4=
Subject key identifier:   44:1F:41:FB:4B:9F:F8:5B:C1:4F:68:09:32:57:99:42:81:0F:7B:25
Certificate issuer:       /CN=ce8ad999d6105021e8219e6a1a5fcc0d07e1d715
Certificate serial:       0B9B21
Authority key identifier: 4F:30:90:95:19:77:7E:69:FC:F7:10:21:60:06:BA:4B:1D:4A:DD:11
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ce8ad999d6105021e8219e6a1a5fcc0d07e1d715.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/1d7a6a90-15a2-4446-bda5-b33ffdb9b1f0/73c2831667dba31f080268e9d9e05985b1f12a7e.roa
Signing time:             Wed 24 Mar 2021 14:46:19 +0000
ROA not before:           Wed 24 Mar 2021 14:46:19 +0000
ROA not after:            Tue 24 Mar 2026 14:46:19 +0000
asID:                     266858
IP address blocks:        45.239.47.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/1d7a6a90-15a2-4446-bda5-b33ffdb9b1f0/ce8ad999d6105021e8219e6a1a5fcc0d07e1d715.crl
                          rsync://repository.lacnic.net/rpki/lacnic/1d7a6a90-15a2-4446-bda5-b33ffdb9b1f0/ce8ad999d6105021e8219e6a1a5fcc0d07e1d715.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ce8ad999d6105021e8219e6a1a5fcc0d07e1d715.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 03:49:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 760609 (0xb9b21)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ce8ad999d6105021e8219e6a1a5fcc0d07e1d715
        Validity
            Not Before: Mar 24 14:46:19 2021 GMT
            Not After : Mar 24 14:46:19 2026 GMT
        Subject: CN=73c2831667dba31f080268e9d9e05985b1f12a7e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:63:e8:3b:b0:b7:cd:a2:16:41:61:c8:b6:fa:
                    96:09:9a:88:9a:56:be:be:71:4d:cf:59:fa:0d:71:
                    ad:8e:8c:64:b3:77:0b:be:6b:6d:b5:4b:a4:49:7b:
                    91:35:ab:87:2c:cc:ac:8b:36:28:94:70:0a:e5:71:
                    e0:e4:8f:b2:3a:36:fa:b7:b6:e8:0b:b0:b5:d8:b4:
                    e4:4e:83:ff:26:e2:fb:92:53:45:a6:b9:d0:c8:ad:
                    cb:3f:15:73:da:be:19:c8:e3:14:ff:43:b2:04:d1:
                    00:7d:51:02:c8:37:0b:de:dd:a6:27:b7:76:90:25:
                    16:90:0f:a2:26:61:dc:e0:11:89:50:ae:c1:08:49:
                    00:fc:76:92:8a:e8:72:50:25:e3:6a:06:bf:2b:b6:
                    15:2d:3c:c4:ed:32:94:75:9e:e6:aa:c4:8d:93:d3:
                    75:31:30:d6:4a:ab:fc:61:03:85:70:5f:42:6f:74:
                    96:07:a5:3b:2f:7d:ae:25:08:08:ff:1c:a4:4c:8c:
                    7c:1b:cc:32:b9:f9:78:42:3d:f9:a2:21:2a:b2:31:
                    11:aa:ed:26:65:14:64:6f:8a:ae:a8:6d:fd:51:cd:
                    54:46:8f:a4:73:53:52:8a:5e:78:02:8d:f0:1a:58:
                    05:bf:d9:62:c3:69:6f:9a:97:f1:88:5c:bc:6f:6d:
                    eb:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                44:1F:41:FB:4B:9F:F8:5B:C1:4F:68:09:32:57:99:42:81:0F:7B:25
            X509v3 Authority Key Identifier:
                keyid:4F:30:90:95:19:77:7E:69:FC:F7:10:21:60:06:BA:4B:1D:4A:DD:11

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ce8ad999d6105021e8219e6a1a5fcc0d07e1d715.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/1d7a6a90-15a2-4446-bda5-b33ffdb9b1f0/73c2831667dba31f080268e9d9e05985b1f12a7e.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/1d7a6a90-15a2-4446-bda5-b33ffdb9b1f0/ce8ad999d6105021e8219e6a1a5fcc0d07e1d715.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.239.47.0/24

    Signature Algorithm: sha256WithRSAEncryption
         35:47:25:87:78:57:93:19:c8:10:d8:40:8b:44:52:e9:5a:01:
         cd:49:e1:c1:fa:40:b4:00:c8:92:44:9f:5c:53:3a:f1:d0:90:
         6a:e9:4c:20:5b:57:9a:82:d2:98:1a:4f:34:fd:14:f3:dd:55:
         9a:01:9d:4b:85:28:d7:fb:b3:d6:88:5a:95:36:9e:b5:aa:28:
         4f:d9:11:53:e0:06:47:e9:04:dc:50:59:aa:28:0c:4a:39:b3:
         b2:5c:f3:aa:78:d4:ef:c2:2d:8b:c8:3a:a8:57:58:07:2b:a7:
         1f:5d:c8:02:59:7e:7d:6a:06:16:0f:5f:c8:15:78:bc:4a:f6:
         6d:d4:ef:cd:4f:30:93:7d:07:a2:4f:15:28:59:79:7a:62:f3:
         c9:fa:c5:63:5a:92:4f:bb:1f:43:7c:d6:6d:5d:84:e0:aa:3a:
         c8:b7:65:60:b0:13:e3:b1:82:a9:59:9e:14:3c:88:ec:9c:c7:
         82:2a:d8:69:5a:11:0a:db:7f:b6:65:e4:e4:08:7f:32:3e:e6:
         65:e1:82:fa:82:4c:e5:4f:26:03:df:49:41:53:12:30:6b:31:
         cf:d1:e5:54:73:27:66:c1:33:98:f4:c1:c1:12:49:cc:2e:75:
         b7:51:c9:6f:34:82:e3:db:6e:87:20:ba:3a:1f:ca:48:4c:10:
         80:13:8c:6f
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDC5shMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGNl
OGFkOTk5ZDYxMDUwMjFlODIxOWU2YTFhNWZjYzBkMDdlMWQ3MTUwHhcNMjEwMzI0
MTQ0NjE5WhcNMjYwMzI0MTQ0NjE5WjAzMTEwLwYDVQQDEyg3M2MyODMxNjY3ZGJh
MzFmMDgwMjY4ZTlkOWUwNTk4NWIxZjEyYTdlMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEArWPoO7C3zaIWQWHItvqWCZqImla+vnFNz1n6DXGtjoxks3cL
vmtttUukSXuRNauHLMysizYolHAK5XHg5I+yOjb6t7boC7C12LTkToP/JuL7klNF
prnQyK3LPxVz2r4ZyOMU/0OyBNEAfVECyDcL3t2mJ7d2kCUWkA+iJmHc4BGJUK7B
CEkA/HaSiuhyUCXjaga/K7YVLTzE7TKUdZ7mqsSNk9N1MTDWSqv8YQOFcF9Cb3SW
B6U7L32uJQgI/xykTIx8G8wyufl4Qj35oiEqsjERqu0mZRRkb4quqG39Uc1URo+k
c1NSil54Ao3wGlgFv9liw2lvmpfxiFy8b23reQIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFEQfQftLn/hbwU9oCTJXmUKBD3slMB8GA1UdIwQYMBaAFE8wkJUZd35p/PcQ
IWAGuksdSt0RMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvY2U4YWQ5
OTlkNjEwNTAyMWU4MjE5ZTZhMWE1ZmNjMGQwN2UxZDcxNS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMWQ3YTZhOTAtMTVhMi00NDQ2LWJkYTUtYjMzZmZk
YjliMWYwLzczYzI4MzE2NjdkYmEzMWYwODAyNjhlOWQ5ZTA1OTg1YjFmMTJhN2Uu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8xZDdhNmE5MC0xNWEyLTQ0NDYtYmRhNS1iMzNm
ZmRiOWIxZjAvY2U4YWQ5OTlkNjEwNTAyMWU4MjE5ZTZhMWE1ZmNjMGQwN2UxZDcx
NS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAC3vLzANBgkqhkiG9w0BAQsFAAOCAQEANUclh3hXkxnIENhA
i0RS6VoBzUnhwfpAtADIkkSfXFM68dCQaulMIFtXmoLSmBpPNP0U891VmgGdS4Uo
1/uz1ohalTaetaooT9kRU+AGR+kE3FBZqigMSjmzslzzqnjU78Iti8g6qFdYByun
H13IAll+fWoGFg9fyBV4vEr2bdTvzU8wk30Hok8VKFl5emLzyfrFY1qST7sfQ3zW
bV2E4Ko6yLdlYLAT47GCqVmeFDyI7JzHgirYaVoRCtt/tmXk5Ah/Mj7mZeGC+oJM
5U8mA99JQVMSMGsxz9HlVHMnZsEzmPTBwRJJzC51t1HJbzSC49tuhyC6Oh/KSEwQ
gBOMbw==
-----END CERTIFICATE-----
Generated at Thu Mar 28 08:10:55 2024 by rpki-client on console-ams.rpki-client.org