Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/2269a985-f40e-4452-b4ab-c12239d9e993/8e04c4893cfed6e3ac68eb84caf9468664d28c8a.roa
File:                     8e04c4893cfed6e3ac68eb84caf9468664d28c8a.roa (raw, json)
Hash identifier:          ratTU25vdhomyW1L7kxNHk7qBRU/N78fgNH5YjjN0hQ=
Subject key identifier:   BC:C7:B2:52:AF:F4:AC:AB:82:23:E1:B6:EB:0E:3E:59:F4:86:3F:D0
Certificate issuer:       /CN=cb00b3d70dd9cb79681cd490843163b3a4674f12
Certificate serial:       0C887D
Authority key identifier: 9D:D0:C8:1A:A4:CD:00:87:45:BE:B0:07:4C:E0:52:7D:F3:8B:DA:02
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/cb00b3d70dd9cb79681cd490843163b3a4674f12.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/2269a985-f40e-4452-b4ab-c12239d9e993/8e04c4893cfed6e3ac68eb84caf9468664d28c8a.roa
Signing time:             Wed 24 Mar 2021 14:33:08 +0000
ROA not before:           Wed 24 Mar 2021 14:33:08 +0000
ROA not after:            Tue 24 Mar 2026 14:33:08 +0000
asID:                     267818
IP address blocks:        45.173.120.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/2269a985-f40e-4452-b4ab-c12239d9e993/cb00b3d70dd9cb79681cd490843163b3a4674f12.crl
                          rsync://repository.lacnic.net/rpki/lacnic/2269a985-f40e-4452-b4ab-c12239d9e993/cb00b3d70dd9cb79681cd490843163b3a4674f12.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/cb00b3d70dd9cb79681cd490843163b3a4674f12.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 01 Apr 2024 05:58:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 821373 (0xc887d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cb00b3d70dd9cb79681cd490843163b3a4674f12
        Validity
            Not Before: Mar 24 14:33:08 2021 GMT
            Not After : Mar 24 14:33:08 2026 GMT
        Subject: CN=8e04c4893cfed6e3ac68eb84caf9468664d28c8a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:fc:2c:b4:84:dc:b5:07:e3:cc:6e:91:80:ce:
                    95:0a:1b:be:38:6b:72:66:cb:40:da:99:96:4f:80:
                    d6:7f:69:ae:42:7d:68:42:85:c5:04:a5:d8:4b:37:
                    0f:a5:6c:d7:45:d3:31:08:b1:78:04:45:75:e4:40:
                    dd:15:31:6d:70:45:c1:bf:1a:f5:29:6c:27:1f:e9:
                    8e:38:f6:52:4c:a0:7b:50:1b:c2:9c:8e:52:5f:b1:
                    b8:21:af:79:f4:7d:af:50:2b:69:ce:e5:21:9b:2d:
                    78:dd:2a:57:62:a7:cd:25:6b:7f:aa:28:8e:5f:f5:
                    7d:22:d6:e5:b3:62:fd:b8:a9:e9:5d:9c:2b:99:10:
                    21:cd:ac:86:e9:80:ea:67:c7:aa:da:fa:0a:de:56:
                    95:60:ba:6f:34:4a:98:bd:4d:12:3e:61:c1:3a:68:
                    a2:4a:dc:50:5d:56:89:fb:3c:00:9d:85:82:fc:d2:
                    38:59:1b:fb:6d:45:c1:16:ac:20:d4:fd:c8:0d:f6:
                    ff:8f:28:9e:94:f9:cf:9e:62:56:c0:ba:e3:3b:2a:
                    4f:ac:0e:d3:50:8c:79:68:9c:7b:8b:79:20:07:48:
                    d5:50:7b:ec:e8:6b:ed:30:6e:06:79:5c:dd:0c:a7:
                    5a:16:fe:30:96:f6:8a:49:c4:cb:63:b1:9a:bb:79:
                    8e:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BC:C7:B2:52:AF:F4:AC:AB:82:23:E1:B6:EB:0E:3E:59:F4:86:3F:D0
            X509v3 Authority Key Identifier:
                keyid:9D:D0:C8:1A:A4:CD:00:87:45:BE:B0:07:4C:E0:52:7D:F3:8B:DA:02

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/cb00b3d70dd9cb79681cd490843163b3a4674f12.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/2269a985-f40e-4452-b4ab-c12239d9e993/8e04c4893cfed6e3ac68eb84caf9468664d28c8a.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/2269a985-f40e-4452-b4ab-c12239d9e993/cb00b3d70dd9cb79681cd490843163b3a4674f12.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.173.120.0/22

    Signature Algorithm: sha256WithRSAEncryption
         a3:27:e2:e7:36:bb:68:19:89:83:86:1b:7d:f5:b0:64:e6:a9:
         0d:58:58:74:af:b5:e2:8a:8e:7d:0c:7e:0f:46:69:0c:7b:24:
         81:9e:54:a0:b7:a6:ab:74:c3:8f:8d:f3:02:1e:5c:0e:50:98:
         7c:e2:3a:a0:14:0d:8b:88:57:a7:55:41:d6:72:ba:b1:c0:2c:
         5c:ba:e8:16:96:39:92:2e:45:7d:59:77:0b:96:1e:d3:3e:7b:
         2a:a4:34:c5:9f:e0:1f:d9:f7:62:b1:ab:fe:9a:cd:3f:03:ee:
         30:f4:d9:15:c4:b0:34:58:35:5a:f9:09:18:44:0e:c7:4b:a2:
         71:95:6c:df:9e:d2:13:57:1c:f9:28:e8:ac:95:d0:12:57:ed:
         17:ac:6b:5a:13:b6:b8:45:b5:31:5c:41:5a:2e:07:90:b8:8f:
         93:e7:03:8c:b8:15:51:02:19:1c:54:d4:f5:b4:88:74:be:7f:
         35:4f:ae:51:0c:9a:ed:b3:ab:2e:a2:00:0d:b0:5c:55:96:2b:
         b1:29:3e:7a:04:f7:b0:f7:d8:a4:92:a1:17:1f:65:a0:33:cc:
         6b:c6:ce:be:2d:ca:76:4f:40:a4:cd:d3:bc:d8:34:64:fe:04:
         2d:a9:91:b0:cf:37:67:7e:29:24:75:58:6c:3e:e2:83:50:49:
         63:dc:04:fe
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDDIh9MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGNi
MDBiM2Q3MGRkOWNiNzk2ODFjZDQ5MDg0MzE2M2IzYTQ2NzRmMTIwHhcNMjEwMzI0
MTQzMzA4WhcNMjYwMzI0MTQzMzA4WjAzMTEwLwYDVQQDEyg4ZTA0YzQ4OTNjZmVk
NmUzYWM2OGViODRjYWY5NDY4NjY0ZDI4YzhhMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEArPwstITctQfjzG6RgM6VChu+OGtyZstA2pmWT4DWf2muQn1o
QoXFBKXYSzcPpWzXRdMxCLF4BEV15EDdFTFtcEXBvxr1KWwnH+mOOPZSTKB7UBvC
nI5SX7G4Ia959H2vUCtpzuUhmy143SpXYqfNJWt/qiiOX/V9Itbls2L9uKnpXZwr
mRAhzayG6YDqZ8eq2voK3laVYLpvNEqYvU0SPmHBOmiiStxQXVaJ+zwAnYWC/NI4
WRv7bUXBFqwg1P3IDfb/jyielPnPnmJWwLrjOypPrA7TUIx5aJx7i3kgB0jVUHvs
6GvtMG4GeVzdDKdaFv4wlvaKScTLY7Gau3mORQIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFLzHslKv9KyrgiPhtusOPln0hj/QMB8GA1UdIwQYMBaAFJ3QyBqkzQCHRb6w
B0zgUn3zi9oCMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvY2IwMGIz
ZDcwZGQ5Y2I3OTY4MWNkNDkwODQzMTYzYjNhNDY3NGYxMi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMjI2OWE5ODUtZjQwZS00NDUyLWI0YWItYzEyMjM5
ZDllOTkzLzhlMDRjNDg5M2NmZWQ2ZTNhYzY4ZWI4NGNhZjk0Njg2NjRkMjhjOGEu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8yMjY5YTk4NS1mNDBlLTQ0NTItYjRhYi1jMTIy
MzlkOWU5OTMvY2IwMGIzZDcwZGQ5Y2I3OTY4MWNkNDkwODQzMTYzYjNhNDY3NGYx
Mi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAi2teDANBgkqhkiG9w0BAQsFAAOCAQEAoyfi5za7aBmJg4Yb
ffWwZOapDVhYdK+14oqOfQx+D0ZpDHskgZ5UoLemq3TDj43zAh5cDlCYfOI6oBQN
i4hXp1VB1nK6scAsXLroFpY5ki5FfVl3C5Ye0z57KqQ0xZ/gH9n3YrGr/prNPwPu
MPTZFcSwNFg1WvkJGEQOx0uicZVs357SE1cc+SjorJXQElftF6xrWhO2uEW1MVxB
Wi4HkLiPk+cDjLgVUQIZHFTU9bSIdL5/NU+uUQya7bOrLqIADbBcVZYrsSk+egT3
sPfYpJKhFx9loDPMa8bOvi3Kdk9ApM3TvNg0ZP4ELamRsM83Z34pJHVYbD7ig1BJ
Y9wE/g==
-----END CERTIFICATE-----
Generated at Fri Mar 29 11:04:59 2024 by rpki-client on console-ams.rpki-client.org