Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/1f39b4c3-9753-4ff1-928b-a871b7199d9a/88fbb7ca7fff3f7f166e72e863cef05dfc456070.roa
File:                     88fbb7ca7fff3f7f166e72e863cef05dfc456070.roa (raw, json)
Hash identifier:          L1Ek/eqvgP7IQ+HBhNWMkoMSuoxFYkk1fkl09SCTlgI=
Subject key identifier:   21:9C:54:7D:F1:13:E6:EB:9B:E1:21:B6:FA:3B:2B:B0:6C:43:F1:F1
Certificate issuer:       /CN=9335683e4b18488db2c2495f3084999892751bfe
Certificate serial:       1C011A
Authority key identifier: F6:70:84:93:7A:11:D9:A6:92:CE:36:2D:A7:8A:AE:3A:9A:4F:12:D4
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/9335683e4b18488db2c2495f3084999892751bfe.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/1f39b4c3-9753-4ff1-928b-a871b7199d9a/88fbb7ca7fff3f7f166e72e863cef05dfc456070.roa
Signing time:             Tue 24 Jan 2023 18:10:02 +0000
ROA not before:           Sun 22 Jan 2023 17:57:04 +0000
ROA not after:            Fri 24 Jan 2025 17:57:04 +0000
asID:                     264738
IP address blocks:        170.233.28.0/22 maxlen: 22
                          170.233.28.0/24 maxlen: 24
                          170.233.29.0/24 maxlen: 24
                          170.233.30.0/23 maxlen: 23
                          170.233.30.0/24 maxlen: 24
                          170.233.31.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/1f39b4c3-9753-4ff1-928b-a871b7199d9a/9335683e4b18488db2c2495f3084999892751bfe.crl
                          rsync://repository.lacnic.net/rpki/lacnic/1f39b4c3-9753-4ff1-928b-a871b7199d9a/9335683e4b18488db2c2495f3084999892751bfe.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/9335683e4b18488db2c2495f3084999892751bfe.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 01 Apr 2024 05:58:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1835290 (0x1c011a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9335683e4b18488db2c2495f3084999892751bfe
        Validity
            Not Before: Jan 22 17:57:04 2023 GMT
            Not After : Jan 24 17:57:04 2025 GMT
        Subject: CN=88fbb7ca7fff3f7f166e72e863cef05dfc456070
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:d0:84:5c:6b:4e:a2:4d:60:4e:53:a8:9b:18:
                    ec:28:ea:5d:92:df:04:3a:1f:5a:fb:4c:91:b2:20:
                    78:19:fe:db:a9:d2:f5:08:05:50:06:79:70:79:37:
                    d6:02:51:3d:15:2a:46:4f:30:07:a9:a1:6a:10:e5:
                    a9:27:50:6a:3a:75:0d:5b:f7:ea:99:0c:4b:10:8c:
                    fe:e4:c3:38:87:42:2c:ba:74:1d:4a:c7:79:85:ed:
                    79:13:ae:80:90:e4:56:55:93:6a:24:82:a1:7f:d7:
                    b9:90:df:d4:23:f6:ea:bb:11:26:bb:26:a1:c8:80:
                    82:ea:64:af:9c:88:f6:e1:06:a5:0c:be:5f:16:be:
                    25:d6:87:00:b3:c8:1f:fc:b6:30:79:f1:0c:07:e5:
                    7c:25:1e:a6:31:dc:b2:93:b4:2f:a5:a8:e7:9c:8d:
                    59:48:57:ed:66:aa:73:c7:c8:15:ec:92:46:44:18:
                    11:af:8d:b6:e9:a7:12:c3:2a:c8:d6:64:15:90:ba:
                    08:87:c0:d2:60:ba:f3:4d:6a:5b:f2:01:28:a4:33:
                    3a:a7:49:f6:2c:c3:2e:54:d0:9b:e3:69:06:e8:af:
                    68:9c:2b:42:ba:d1:44:b0:cd:21:97:8a:07:5c:78:
                    e8:b5:82:05:6b:ad:ef:7e:4f:3e:ef:7f:a8:87:15:
                    58:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                21:9C:54:7D:F1:13:E6:EB:9B:E1:21:B6:FA:3B:2B:B0:6C:43:F1:F1
            X509v3 Authority Key Identifier:
                keyid:F6:70:84:93:7A:11:D9:A6:92:CE:36:2D:A7:8A:AE:3A:9A:4F:12:D4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/9335683e4b18488db2c2495f3084999892751bfe.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/1f39b4c3-9753-4ff1-928b-a871b7199d9a/88fbb7ca7fff3f7f166e72e863cef05dfc456070.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/1f39b4c3-9753-4ff1-928b-a871b7199d9a/9335683e4b18488db2c2495f3084999892751bfe.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  170.233.28.0/22

    Signature Algorithm: sha256WithRSAEncryption
         61:ab:7e:a6:73:94:b7:75:23:b6:ae:77:7a:cb:68:1f:4f:c1:
         47:22:a7:0a:d0:73:67:73:38:8a:fd:85:0f:23:d6:a2:17:83:
         ba:dc:e6:a4:4d:74:b0:53:06:63:7c:26:3e:0a:e9:c6:90:14:
         f8:dc:ec:c3:ac:9e:1a:2b:f4:15:ef:d6:6c:ac:73:73:3f:48:
         53:07:13:b5:b4:e0:f4:27:c9:49:c0:0f:9d:50:e7:a4:52:f1:
         17:48:34:d5:74:e3:d9:47:64:e1:54:34:62:4d:b3:4e:5f:1b:
         0b:d7:c0:1b:f4:55:cd:28:9f:00:d5:a0:87:2e:5b:cd:6b:c6:
         c2:be:52:43:ec:59:bc:f9:f0:1a:0a:a0:4a:bc:09:6b:b2:b9:
         e8:0f:79:06:8d:3f:f7:dd:52:6b:4e:e2:72:22:0a:ea:40:a0:
         ba:e8:1e:04:b2:22:4d:f7:03:4e:9b:95:1c:30:7c:0e:48:ec:
         f4:90:e8:a1:a7:12:7f:da:06:7c:f6:dd:2c:8c:71:3a:1e:70:
         f4:19:c3:46:d5:75:23:b2:b2:0a:a3:47:9d:8e:e9:d3:ac:c4:
         de:e1:e2:5b:95:6b:14:4f:19:6f:92:bc:fe:a0:9f:5e:89:de:
         75:6a:1e:00:19:ab:d6:c0:6d:a0:55:db:82:f8:d7:3b:06:3d:
         b8:43:f1:e0
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDHAEaMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDkz
MzU2ODNlNGIxODQ4OGRiMmMyNDk1ZjMwODQ5OTk4OTI3NTFiZmUwHhcNMjMwMTIy
MTc1NzA0WhcNMjUwMTI0MTc1NzA0WjAzMTEwLwYDVQQDEyg4OGZiYjdjYTdmZmYz
ZjdmMTY2ZTcyZTg2M2NlZjA1ZGZjNDU2MDcwMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAldCEXGtOok1gTlOomxjsKOpdkt8EOh9a+0yRsiB4Gf7bqdL1
CAVQBnlweTfWAlE9FSpGTzAHqaFqEOWpJ1BqOnUNW/fqmQxLEIz+5MM4h0IsunQd
Ssd5he15E66AkORWVZNqJIKhf9e5kN/UI/bquxEmuyahyICC6mSvnIj24QalDL5f
Fr4l1ocAs8gf/LYwefEMB+V8JR6mMdyyk7QvpajnnI1ZSFftZqpzx8gV7JJGRBgR
r4226acSwyrI1mQVkLoIh8DSYLrzTWpb8gEopDM6p0n2LMMuVNCb42kG6K9onCtC
utFEsM0hl4oHXHjotYIFa63vfk8+73+ohxVYMwIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFCGcVH3xE+brm+Ehtvo7K7BsQ/HxMB8GA1UdIwQYMBaAFPZwhJN6Edmmks42
LaeKrjqaTxLUMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvOTMzNTY4
M2U0YjE4NDg4ZGIyYzI0OTVmMzA4NDk5OTg5Mjc1MWJmZS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMWYzOWI0YzMtOTc1My00ZmYxLTkyOGItYTg3MWI3
MTk5ZDlhLzg4ZmJiN2NhN2ZmZjNmN2YxNjZlNzJlODYzY2VmMDVkZmM0NTYwNzAu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8xZjM5YjRjMy05NzUzLTRmZjEtOTI4Yi1hODcx
YjcxOTlkOWEvOTMzNTY4M2U0YjE4NDg4ZGIyYzI0OTVmMzA4NDk5OTg5Mjc1MWJm
ZS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAqrpHDANBgkqhkiG9w0BAQsFAAOCAQEAYat+pnOUt3Ujtq53
estoH0/BRyKnCtBzZ3M4iv2FDyPWoheDutzmpE10sFMGY3wmPgrpxpAU+Nzsw6ye
Giv0Fe/WbKxzcz9IUwcTtbTg9CfJScAPnVDnpFLxF0g01XTj2Udk4VQ0Yk2zTl8b
C9fAG/RVzSifANWghy5bzWvGwr5SQ+xZvPnwGgqgSrwJa7K56A95Bo0/991Sa07i
ciIK6kCguugeBLIiTfcDTpuVHDB8Dkjs9JDooacSf9oGfPbdLIxxOh5w9BnDRtV1
I7KyCqNHnY7p06zE3uHiW5VrFE8Zb5K8/qCfXonedWoeABmr1sBtoFXbgvjXOwY9
uEPx4A==
-----END CERTIFICATE-----
Generated at Fri Mar 29 11:04:59 2024 by rpki-client on console-ams.rpki-client.org