Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/21900da0-a9eb-4d98-bf72-d415b2bfa7e0/bfd47ce07fc9a7b4f70a18dfe1dc0d00807ad5ce.roa
File:                     bfd47ce07fc9a7b4f70a18dfe1dc0d00807ad5ce.roa (raw, json)
Hash identifier:          5pC1bt5F+G+UXS9+MCdblXTQsUSUhX1/pc3CWvUfB/c=
Subject key identifier:   61:09:7E:8F:2B:02:BC:5D:B6:30:89:93:0D:C8:D3:E2:2D:FF:37:F5
Certificate issuer:       /CN=7301727ac2c04bf0b74625766b1a1dc6f6fa9b2f
Certificate serial:       1846D2
Authority key identifier: B8:33:7A:CF:B6:CD:40:63:B4:39:7B:9E:08:33:D9:04:00:5D:58:2A
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/7301727ac2c04bf0b74625766b1a1dc6f6fa9b2f.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/21900da0-a9eb-4d98-bf72-d415b2bfa7e0/bfd47ce07fc9a7b4f70a18dfe1dc0d00807ad5ce.roa
Signing time:             Mon 13 Jun 2022 22:20:03 +0000
ROA not before:           Wed 24 Mar 2021 03:00:00 +0000
ROA not after:            Tue 24 Mar 2026 03:00:00 +0000
asID:                     264780
IP address blocks:        168.228.248.0/22 maxlen: 24
                          170.247.136.0/22 maxlen: 24
                          200.12.28.0/22 maxlen: 24
                          200.126.32.0/20 maxlen: 24
                          160.238.252.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/21900da0-a9eb-4d98-bf72-d415b2bfa7e0/7301727ac2c04bf0b74625766b1a1dc6f6fa9b2f.crl
                          rsync://repository.lacnic.net/rpki/lacnic/21900da0-a9eb-4d98-bf72-d415b2bfa7e0/7301727ac2c04bf0b74625766b1a1dc6f6fa9b2f.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/7301727ac2c04bf0b74625766b1a1dc6f6fa9b2f.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 12:22:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1590994 (0x1846d2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7301727ac2c04bf0b74625766b1a1dc6f6fa9b2f
        Validity
            Not Before: Mar 24 03:00:00 2021 GMT
            Not After : Mar 24 03:00:00 2026 GMT
        Subject: CN=bfd47ce07fc9a7b4f70a18dfe1dc0d00807ad5ce
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:65:46:35:fd:35:a7:59:75:01:3b:15:9f:1d:
                    3a:7f:e6:80:df:72:4e:60:c3:f5:3e:09:3c:c6:b7:
                    88:d3:6e:9f:cb:a2:a6:2b:00:2d:42:17:5d:41:96:
                    4d:86:f6:e2:6b:cb:23:4e:57:98:c1:3e:c1:e0:bd:
                    2c:63:52:f7:9d:2b:b9:2d:e2:5a:f5:38:c9:7b:ad:
                    12:c1:b3:1f:db:8b:36:44:bb:57:dc:94:4a:d6:f4:
                    fd:32:4d:23:4b:2b:a1:5c:ef:3f:d7:17:4c:a0:cb:
                    0c:1c:9f:4c:77:9e:df:f7:63:12:11:1f:cf:41:31:
                    26:83:4f:db:ee:3d:5a:ed:19:08:61:b0:ca:4b:f0:
                    5f:b3:23:e2:b6:bb:6f:10:9b:c6:cf:32:a1:61:6b:
                    a0:4a:b5:e7:a7:05:ef:20:b5:fc:b3:34:10:56:5c:
                    32:18:a7:db:0c:a8:67:2e:85:7a:76:a0:eb:87:cf:
                    f7:cf:56:18:79:b1:97:fd:fe:82:31:27:9a:36:0d:
                    03:bb:41:f4:e8:56:85:86:b8:b4:f7:e5:0f:49:fd:
                    78:68:c1:53:77:b0:68:ce:ac:c0:da:6f:30:96:88:
                    7f:56:bd:8b:1e:92:7f:e1:18:2a:ce:8f:42:b4:00:
                    74:07:2b:d9:57:67:2c:4b:fe:d9:fd:4b:82:33:13:
                    d4:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                61:09:7E:8F:2B:02:BC:5D:B6:30:89:93:0D:C8:D3:E2:2D:FF:37:F5
            X509v3 Authority Key Identifier:
                keyid:B8:33:7A:CF:B6:CD:40:63:B4:39:7B:9E:08:33:D9:04:00:5D:58:2A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/7301727ac2c04bf0b74625766b1a1dc6f6fa9b2f.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/21900da0-a9eb-4d98-bf72-d415b2bfa7e0/bfd47ce07fc9a7b4f70a18dfe1dc0d00807ad5ce.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/21900da0-a9eb-4d98-bf72-d415b2bfa7e0/7301727ac2c04bf0b74625766b1a1dc6f6fa9b2f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  160.238.252.0/22
                  168.228.248.0/22
                  170.247.136.0/22
                  200.12.28.0/22
                  200.126.32.0/20

    Signature Algorithm: sha256WithRSAEncryption
         54:80:06:db:25:53:05:62:67:73:1e:fd:59:bb:d4:09:ca:7f:
         e4:41:16:11:39:92:55:25:c5:0d:48:e8:a5:6e:69:bc:05:68:
         83:b7:82:61:69:ee:ff:08:0a:6f:6d:17:88:f1:aa:5b:a2:c1:
         04:80:83:d5:47:3f:03:50:5c:7b:ee:1e:4c:0b:25:32:6b:c6:
         ab:bf:33:7a:d8:51:d3:93:21:a3:47:ca:ef:0e:d8:84:a7:33:
         a8:27:fd:ba:7b:c9:27:7c:47:4f:81:0c:47:ce:68:89:e7:f2:
         5d:31:80:b7:1c:ca:ce:a0:a3:94:74:22:c8:a7:92:b6:d5:56:
         a3:1b:28:4e:48:1c:52:b3:96:71:43:64:0b:b8:34:39:ec:3a:
         ba:a2:55:28:84:b1:33:9d:8b:2a:8d:aa:9b:ed:9d:00:b3:44:
         2d:73:1f:9d:40:90:74:f3:bd:a5:9a:96:d2:f3:e8:28:59:2a:
         69:87:4d:9b:25:c7:c7:ad:dd:57:59:47:8d:80:60:b7:d7:fc:
         f5:06:72:95:bd:5d:1c:af:01:2f:9b:70:d8:73:c2:00:c4:88:
         fc:a3:7e:3c:6b:24:9d:63:a5:d6:8f:c2:eb:75:34:03:82:89:
         6a:44:2b:a6:6b:cd:8e:af:53:e4:6d:e7:5a:2a:34:26:fd:fd:
         38:53:24:52
-----BEGIN CERTIFICATE-----
MIIFWDCCBECgAwIBAgIDGEbSMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDcz
MDE3MjdhYzJjMDRiZjBiNzQ2MjU3NjZiMWExZGM2ZjZmYTliMmYwHhcNMjEwMzI0
MDMwMDAwWhcNMjYwMzI0MDMwMDAwWjAzMTEwLwYDVQQDEyhiZmQ0N2NlMDdmYzlh
N2I0ZjcwYTE4ZGZlMWRjMGQwMDgwN2FkNWNlMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEApGVGNf01p1l1ATsVnx06f+aA33JOYMP1Pgk8xreI026fy6Km
KwAtQhddQZZNhvbia8sjTleYwT7B4L0sY1L3nSu5LeJa9TjJe60SwbMf24s2RLtX
3JRK1vT9Mk0jSyuhXO8/1xdMoMsMHJ9Md57f92MSER/PQTEmg0/b7j1a7RkIYbDK
S/BfsyPitrtvEJvGzzKhYWugSrXnpwXvILX8szQQVlwyGKfbDKhnLoV6dqDrh8/3
z1YYebGX/f6CMSeaNg0Du0H06FaFhri09+UPSf14aMFTd7BozqzA2m8wloh/Vr2L
HpJ/4Rgqzo9CtAB0ByvZV2csS/7Z/UuCMxPUNwIDAQABo4ICczCCAm8wHQYDVR0O
BBYEFGEJfo8rArxdtjCJkw3I0+It/zf1MB8GA1UdIwQYMBaAFLgzes+2zUBjtDl7
nggz2QQAXVgqMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvNzMwMTcy
N2FjMmMwNGJmMGI3NDYyNTc2NmIxYTFkYzZmNmZhOWIyZi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMjE5MDBkYTAtYTllYi00ZDk4LWJmNzItZDQxNWIy
YmZhN2UwL2JmZDQ3Y2UwN2ZjOWE3YjRmNzBhMThkZmUxZGMwZDAwODA3YWQ1Y2Uu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8yMTkwMGRhMC1hOWViLTRkOTgtYmY3Mi1kNDE1
YjJiZmE3ZTAvNzMwMTcyN2FjMmMwNGJmMGI3NDYyNTc2NmIxYTFkYzZmNmZhOWIy
Zi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA3BggrBgEFBQcBBwEB/wQo
MCYwJAQCAAEwHgMEAqDu/AMEAqjk+AMEAqr3iAMEAsgMHAMEBMh+IDANBgkqhkiG
9w0BAQsFAAOCAQEAVIAG2yVTBWJncx79WbvUCcp/5EEWETmSVSXFDUjopW5pvAVo
g7eCYWnu/wgKb20XiPGqW6LBBICD1Uc/A1Bce+4eTAslMmvGq78zethR05Mho0fK
7w7YhKczqCf9unvJJ3xHT4EMR85oiefyXTGAtxzKzqCjlHQiyKeSttVWoxsoTkgc
UrOWcUNkC7g0Oew6uqJVKISxM52LKo2qm+2dALNELXMfnUCQdPO9pZqW0vPoKFkq
aYdNmyXHx63dV1lHjYBgt9f89QZylb1dHK8BL5tw2HPCAMSI/KN+PGsknWOl1o/C
63U0A4KJakQrpmvNjq9T5G3nWio0Jv39OFMkUg==
-----END CERTIFICATE-----
Generated at Thu Mar 28 16:02:50 2024 by rpki-client on console-ams.rpki-client.org