Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/1d7a6a90-15a2-4446-bda5-b33ffdb9b1f0/d8a63df6ef9e4d324a2f5b35006aabc7509c09e1.roa
File:                     d8a63df6ef9e4d324a2f5b35006aabc7509c09e1.roa (raw, json)
Hash identifier:          TB6Yrsx8G8Dg7yp5iK9AlhztqcoPErUISaGz3Lmse2Y=
Subject key identifier:   25:DE:9A:52:DE:4F:20:04:DA:A6:76:9E:AD:81:A3:B0:58:C2:35:EB
Certificate issuer:       /CN=ce8ad999d6105021e8219e6a1a5fcc0d07e1d715
Certificate serial:       0B9D0B
Authority key identifier: 4F:30:90:95:19:77:7E:69:FC:F7:10:21:60:06:BA:4B:1D:4A:DD:11
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ce8ad999d6105021e8219e6a1a5fcc0d07e1d715.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/1d7a6a90-15a2-4446-bda5-b33ffdb9b1f0/d8a63df6ef9e4d324a2f5b35006aabc7509c09e1.roa
Signing time:             Wed 24 Mar 2021 14:46:19 +0000
ROA not before:           Wed 24 Mar 2021 14:46:19 +0000
ROA not after:            Tue 24 Mar 2026 14:46:19 +0000
asID:                     266858
IP address blocks:        45.239.44.0/24 maxlen: 24
                          45.239.45.0/24 maxlen: 24
                          45.239.46.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/1d7a6a90-15a2-4446-bda5-b33ffdb9b1f0/ce8ad999d6105021e8219e6a1a5fcc0d07e1d715.crl
                          rsync://repository.lacnic.net/rpki/lacnic/1d7a6a90-15a2-4446-bda5-b33ffdb9b1f0/ce8ad999d6105021e8219e6a1a5fcc0d07e1d715.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ce8ad999d6105021e8219e6a1a5fcc0d07e1d715.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 19:38:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 761099 (0xb9d0b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ce8ad999d6105021e8219e6a1a5fcc0d07e1d715
        Validity
            Not Before: Mar 24 14:46:19 2021 GMT
            Not After : Mar 24 14:46:19 2026 GMT
        Subject: CN=d8a63df6ef9e4d324a2f5b35006aabc7509c09e1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:ae:50:22:1d:f1:d0:a9:c0:0f:b7:1c:76:06:
                    76:0d:80:f9:83:a4:b8:7b:f3:b0:7d:c6:c3:d8:29:
                    68:ac:9a:df:dc:9b:13:70:44:47:c5:7f:3d:71:d0:
                    97:e4:f0:fa:9c:93:ce:19:9d:55:fd:09:ca:b9:5f:
                    c2:98:eb:81:38:4e:b6:67:7f:39:64:14:30:3a:77:
                    21:23:f8:b3:d9:d5:a3:f8:63:eb:65:51:63:b1:fa:
                    86:76:9c:b2:2a:df:2d:80:77:f2:10:95:ad:e6:c3:
                    67:1e:ea:da:79:80:b0:21:80:40:93:b1:c3:94:4b:
                    69:a7:f1:21:df:a6:f7:95:84:7d:5b:f2:44:c9:18:
                    5b:60:ae:f4:20:c5:72:90:f8:63:fb:11:5b:3b:6c:
                    c9:91:54:fc:86:ee:8a:21:d7:44:02:bd:78:bb:91:
                    a5:4f:e7:74:f1:16:de:53:e6:b1:99:94:9c:1b:46:
                    83:6f:6b:7c:bc:95:56:46:83:cd:47:57:11:ae:2b:
                    33:fe:57:0a:9a:65:ce:87:26:ad:cf:97:ce:d8:f4:
                    bb:8f:22:8d:a3:3d:8f:e6:75:56:4d:7b:02:27:5b:
                    37:23:f9:f4:bc:cc:31:81:22:42:dd:d8:da:81:fc:
                    04:ac:2f:d3:9c:47:96:8f:2d:ab:5a:df:51:e4:89:
                    9d:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                25:DE:9A:52:DE:4F:20:04:DA:A6:76:9E:AD:81:A3:B0:58:C2:35:EB
            X509v3 Authority Key Identifier:
                keyid:4F:30:90:95:19:77:7E:69:FC:F7:10:21:60:06:BA:4B:1D:4A:DD:11

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ce8ad999d6105021e8219e6a1a5fcc0d07e1d715.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/1d7a6a90-15a2-4446-bda5-b33ffdb9b1f0/d8a63df6ef9e4d324a2f5b35006aabc7509c09e1.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/1d7a6a90-15a2-4446-bda5-b33ffdb9b1f0/ce8ad999d6105021e8219e6a1a5fcc0d07e1d715.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.239.44.0-45.239.46.255

    Signature Algorithm: sha256WithRSAEncryption
         6f:41:be:e7:cf:b9:d8:6d:dd:2d:1a:44:34:e4:99:e8:4c:c6:
         38:50:2b:aa:74:a2:83:d4:42:15:cf:1e:2f:3f:a1:7b:91:70:
         5e:5c:c0:f8:68:6d:3c:83:5b:fd:83:d1:40:3a:f5:9e:dd:3a:
         0b:27:ea:f4:b1:13:3b:6e:48:6b:a8:de:1b:84:3f:5d:ea:db:
         6a:6f:30:41:8e:eb:1a:4f:e9:d7:f1:94:49:90:d1:05:4c:a2:
         da:c5:a7:6a:8f:0c:3f:28:f6:f5:a5:b7:e3:8b:72:5a:60:84:
         06:d0:e0:d3:5d:ab:23:b3:53:c6:0c:8a:b7:cd:01:6b:c0:c9:
         6d:41:9a:e6:49:9f:42:7e:e6:ef:75:e8:af:48:cb:ba:a9:70:
         83:db:27:ad:64:13:f2:fc:7c:0c:b4:7b:9b:bb:57:5f:37:36:
         b7:28:a9:14:4b:b0:06:d5:82:7b:5b:4a:47:fb:ce:6c:d9:2a:
         60:9c:42:cd:9a:d8:d8:08:06:d1:34:c2:60:24:eb:59:31:e1:
         06:6f:9e:a9:22:a4:ff:20:db:47:42:cc:72:50:4b:af:b7:0a:
         a8:60:9d:ea:87:98:be:0d:9a:61:b3:40:96:e2:5d:4e:83:58:
         86:1b:58:bd:c1:f3:63:9d:82:60:12:78:7a:1d:79:ed:b0:01:
         a6:b7:f9:46
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgIDC50LMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGNl
OGFkOTk5ZDYxMDUwMjFlODIxOWU2YTFhNWZjYzBkMDdlMWQ3MTUwHhcNMjEwMzI0
MTQ0NjE5WhcNMjYwMzI0MTQ0NjE5WjAzMTEwLwYDVQQDEyhkOGE2M2RmNmVmOWU0
ZDMyNGEyZjViMzUwMDZhYWJjNzUwOWMwOWUxMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAtK5QIh3x0KnAD7ccdgZ2DYD5g6S4e/OwfcbD2ClorJrf3JsT
cERHxX89cdCX5PD6nJPOGZ1V/QnKuV/CmOuBOE62Z385ZBQwOnchI/iz2dWj+GPr
ZVFjsfqGdpyyKt8tgHfyEJWt5sNnHuraeYCwIYBAk7HDlEtpp/Eh36b3lYR9W/JE
yRhbYK70IMVykPhj+xFbO2zJkVT8hu6KIddEAr14u5GlT+d08RbeU+axmZScG0aD
b2t8vJVWRoPNR1cRrisz/lcKmmXOhyatz5fO2PS7jyKNoz2P5nVWTXsCJ1s3I/n0
vMwxgSJC3djagfwErC/TnEeWjy2rWt9R5Imd1QIDAQABo4ICYzCCAl8wHQYDVR0O
BBYEFCXemlLeTyAE2qZ2nq2Bo7BYwjXrMB8GA1UdIwQYMBaAFE8wkJUZd35p/PcQ
IWAGuksdSt0RMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvY2U4YWQ5
OTlkNjEwNTAyMWU4MjE5ZTZhMWE1ZmNjMGQwN2UxZDcxNS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMWQ3YTZhOTAtMTVhMi00NDQ2LWJkYTUtYjMzZmZk
YjliMWYwL2Q4YTYzZGY2ZWY5ZTRkMzI0YTJmNWIzNTAwNmFhYmM3NTA5YzA5ZTEu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8xZDdhNmE5MC0xNWEyLTQ0NDYtYmRhNS1iMzNm
ZmRiOWIxZjAvY2U4YWQ5OTlkNjEwNTAyMWU4MjE5ZTZhMWE1ZmNjMGQwN2UxZDcx
NS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAnBggrBgEFBQcBBwEB/wQY
MBYwFAQCAAEwDjAMAwQCLe8sAwQALe8uMA0GCSqGSIb3DQEBCwUAA4IBAQBvQb7n
z7nYbd0tGkQ05JnoTMY4UCuqdKKD1EIVzx4vP6F7kXBeXMD4aG08g1v9g9FAOvWe
3ToLJ+r0sRM7bkhrqN4bhD9d6ttqbzBBjusaT+nX8ZRJkNEFTKLaxadqjww/KPb1
pbfji3JaYIQG0ODTXasjs1PGDIq3zQFrwMltQZrmSZ9CfubvdeivSMu6qXCD2yet
ZBPy/HwMtHubu1dfNza3KKkUS7AG1YJ7W0pH+85s2SpgnELNmtjYCAbRNMJgJOtZ
MeEGb56pIqT/INtHQsxyUEuvtwqoYJ3qh5i+DZphs0CW4l1Og1iGG1i9wfNjnYJg
Enh6HXntsAGmt/lG
-----END CERTIFICATE-----
Generated at Thu Mar 28 21:28:41 2024 by rpki-client on console-ams.rpki-client.org