Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/1f1f1cc1-247d-4f2b-a1e9-d6910bc6b651/30685a0d6e320c2d0400c047362d8cb8805d6926.roa
File:                     30685a0d6e320c2d0400c047362d8cb8805d6926.roa (raw, json)
Hash identifier:          L3r/g5/y0h28B1nQCFu4zJQTQltZSiGEyxzYa1pWah8=
Subject key identifier:   48:E2:F9:C3:16:63:D4:41:F0:62:8D:93:CB:5A:4A:19:99:18:46:91
Certificate issuer:       /CN=8b212b3e5e4578c90e2826cd05317ea5fc56e905
Certificate serial:       0B722C
Authority key identifier: 4F:E8:6D:76:9C:07:98:95:E0:0C:CF:90:9A:79:7B:CA:0B:83:03:1A
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/8b212b3e5e4578c90e2826cd05317ea5fc56e905.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/1f1f1cc1-247d-4f2b-a1e9-d6910bc6b651/30685a0d6e320c2d0400c047362d8cb8805d6926.roa
Signing time:             Wed 24 Mar 2021 14:45:18 +0000
ROA not before:           Wed 24 Mar 2021 14:45:18 +0000
ROA not after:            Tue 24 Mar 2026 14:45:18 +0000
asID:                     52468
IP address blocks:        45.185.129.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/1f1f1cc1-247d-4f2b-a1e9-d6910bc6b651/8b212b3e5e4578c90e2826cd05317ea5fc56e905.crl
                          rsync://repository.lacnic.net/rpki/lacnic/1f1f1cc1-247d-4f2b-a1e9-d6910bc6b651/8b212b3e5e4578c90e2826cd05317ea5fc56e905.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/8b212b3e5e4578c90e2826cd05317ea5fc56e905.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Tue 27 Feb 2024 21:42:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 750124 (0xb722c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8b212b3e5e4578c90e2826cd05317ea5fc56e905
        Validity
            Not Before: Mar 24 14:45:18 2021 GMT
            Not After : Mar 24 14:45:18 2026 GMT
        Subject: CN=30685a0d6e320c2d0400c047362d8cb8805d6926
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:15:07:a2:f7:49:6a:e0:f1:88:0c:f2:4d:d6:
                    2d:a1:1e:e5:ee:2b:85:13:1e:c8:68:02:aa:61:14:
                    3f:5c:9e:5a:3e:f4:5d:cf:45:bd:11:ea:ff:27:a4:
                    72:6e:2f:a8:a9:61:a9:45:65:17:d5:a2:26:da:01:
                    28:4a:e6:d9:bb:ce:02:4b:5b:a4:28:d0:86:27:c6:
                    ba:bf:bb:98:68:33:dd:81:c3:e1:53:79:8d:84:19:
                    7f:23:19:45:e8:a9:2c:df:5e:ff:3b:a5:53:92:cd:
                    33:f6:d1:77:15:b2:24:3a:7a:1d:f0:34:45:ac:8c:
                    b8:4c:c5:e9:25:09:34:dc:e6:87:0a:74:f0:77:2d:
                    b0:8c:40:a5:34:8d:54:d9:86:81:16:5a:73:a8:f1:
                    24:dc:38:ec:3d:b5:10:99:da:3d:c2:83:2f:27:3e:
                    84:cf:62:27:41:ba:ce:49:ca:a9:85:9d:e4:09:c1:
                    76:7f:90:fd:83:52:1a:93:dd:22:10:68:78:10:fd:
                    df:15:bb:b6:66:39:08:3a:0e:e9:37:da:22:f0:f4:
                    2a:32:97:e2:a8:88:70:1a:31:66:2a:9a:f1:82:bd:
                    ff:23:4f:d9:f6:84:65:e6:e0:a9:81:85:9a:9f:8e:
                    aa:c2:e7:26:7b:1f:56:1a:66:cf:49:61:71:05:dc:
                    aa:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                48:E2:F9:C3:16:63:D4:41:F0:62:8D:93:CB:5A:4A:19:99:18:46:91
            X509v3 Authority Key Identifier:
                keyid:4F:E8:6D:76:9C:07:98:95:E0:0C:CF:90:9A:79:7B:CA:0B:83:03:1A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/8b212b3e5e4578c90e2826cd05317ea5fc56e905.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/1f1f1cc1-247d-4f2b-a1e9-d6910bc6b651/30685a0d6e320c2d0400c047362d8cb8805d6926.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/1f1f1cc1-247d-4f2b-a1e9-d6910bc6b651/8b212b3e5e4578c90e2826cd05317ea5fc56e905.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.185.129.0/24

    Signature Algorithm: sha256WithRSAEncryption
         00:ac:d6:00:29:47:8f:1a:c4:de:3c:2e:10:2b:f4:34:fc:2b:
         44:95:94:cc:f7:e0:d9:61:fe:3d:a2:a3:f6:38:1b:d8:fb:aa:
         f3:d7:76:43:0e:48:4e:05:4f:78:2a:27:f1:be:67:c8:cf:49:
         6e:74:ec:fb:22:48:57:4e:a4:4b:bb:32:ee:d1:54:3d:8b:83:
         77:67:98:93:23:26:0e:63:52:21:03:dd:cd:a6:8e:8f:8f:1e:
         8b:7b:dd:29:3a:8f:4d:4a:e2:44:a1:41:62:10:62:be:e6:89:
         20:62:cf:ef:99:fb:e4:88:da:1f:16:d4:86:fc:5a:b1:c1:ad:
         07:c9:d6:58:02:ab:9e:04:dd:58:35:d7:da:25:92:44:ea:c3:
         a2:6b:2e:98:ea:f1:bf:a1:8e:20:53:04:8f:09:e6:29:07:7e:
         df:15:39:27:db:41:7b:a3:c8:fb:bc:29:10:c1:f4:50:e8:d8:
         75:74:ad:d3:99:33:9b:d7:b4:3b:56:34:18:60:dc:d4:71:7c:
         38:6c:65:ee:2e:e2:02:1b:93:d9:f4:4b:09:fc:b8:9d:b2:99:
         c3:8f:b2:7f:89:d4:e4:d1:1a:e2:6c:8b:e1:f5:ed:1d:c7:a0:
         75:50:89:fe:9c:27:93:43:2a:55:59:3f:0e:5d:4b:91:87:e3:
         bd:7a:8a:51
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDC3IsMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDhi
MjEyYjNlNWU0NTc4YzkwZTI4MjZjZDA1MzE3ZWE1ZmM1NmU5MDUwHhcNMjEwMzI0
MTQ0NTE4WhcNMjYwMzI0MTQ0NTE4WjAzMTEwLwYDVQQDEygzMDY4NWEwZDZlMzIw
YzJkMDQwMGMwNDczNjJkOGNiODgwNWQ2OTI2MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAzxUHovdJauDxiAzyTdYtoR7l7iuFEx7IaAKqYRQ/XJ5aPvRd
z0W9Eer/J6Rybi+oqWGpRWUX1aIm2gEoSubZu84CS1ukKNCGJ8a6v7uYaDPdgcPh
U3mNhBl/IxlF6Kks317/O6VTks0z9tF3FbIkOnod8DRFrIy4TMXpJQk03OaHCnTw
dy2wjEClNI1U2YaBFlpzqPEk3DjsPbUQmdo9woMvJz6Ez2InQbrOScqphZ3kCcF2
f5D9g1Iak90iEGh4EP3fFbu2ZjkIOg7pN9oi8PQqMpfiqIhwGjFmKprxgr3/I0/Z
9oRl5uCpgYWan46qwucmex9WGmbPSWFxBdyq2wIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFEji+cMWY9RB8GKNk8taShmZGEaRMB8GA1UdIwQYMBaAFE/obXacB5iV4AzP
kJp5e8oLgwMaMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvOGIyMTJi
M2U1ZTQ1NzhjOTBlMjgyNmNkMDUzMTdlYTVmYzU2ZTkwNS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMWYxZjFjYzEtMjQ3ZC00ZjJiLWExZTktZDY5MTBi
YzZiNjUxLzMwNjg1YTBkNmUzMjBjMmQwNDAwYzA0NzM2MmQ4Y2I4ODA1ZDY5MjYu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8xZjFmMWNjMS0yNDdkLTRmMmItYTFlOS1kNjkx
MGJjNmI2NTEvOGIyMTJiM2U1ZTQ1NzhjOTBlMjgyNmNkMDUzMTdlYTVmYzU2ZTkw
NS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAC25gTANBgkqhkiG9w0BAQsFAAOCAQEAAKzWAClHjxrE3jwu
ECv0NPwrRJWUzPfg2WH+PaKj9jgb2Puq89d2Qw5ITgVPeCon8b5nyM9JbnTs+yJI
V06kS7sy7tFUPYuDd2eYkyMmDmNSIQPdzaaOj48ei3vdKTqPTUriRKFBYhBivuaJ
IGLP75n75IjaHxbUhvxascGtB8nWWAKrngTdWDXX2iWSROrDomsumOrxv6GOIFME
jwnmKQd+3xU5J9tBe6PI+7wpEMH0UOjYdXSt05kzm9e0O1Y0GGDc1HF8OGxl7i7i
AhuT2fRLCfy4nbKZw4+yf4nU5NEa4myL4fXtHcegdVCJ/pwnk0MqVVk/Dl1LkYfj
vXqKUQ==
-----END CERTIFICATE-----
Generated at Sat Feb 24 22:29:12 2024 by rpki-client on console-fra.rpki-client.org