Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/237dd3f6-48fa-4f1a-9158-deb553600ccf/3110fdded26d05d5054f988ab77d312a917a28b8.roa
File:                     3110fdded26d05d5054f988ab77d312a917a28b8.roa (raw, json)
Hash identifier:          FHUR8+G/RSao/TCS4SlJJdsY/N7O+nMwAllD3YmxwuY=
Subject key identifier:   E9:EA:5F:06:26:C6:E9:A8:F7:19:18:D1:66:C2:3F:EA:06:5F:12:85
Certificate issuer:       /CN=422dc8daaee10e58ba4d2326d8ac255f9b9994e0
Certificate serial:       60EA
Authority key identifier: 95:BB:CD:72:F2:F6:AA:D0:1F:CD:3B:31:F9:5D:5C:D1:07:0F:AC:35
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/422dc8daaee10e58ba4d2326d8ac255f9b9994e0.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/237dd3f6-48fa-4f1a-9158-deb553600ccf/3110fdded26d05d5054f988ab77d312a917a28b8.roa
Signing time:             Wed 24 Mar 2021 14:30:04 +0000
ROA not before:           Wed 24 Mar 2021 14:30:04 +0000
ROA not after:            Tue 24 Mar 2026 14:30:04 +0000
asID:                     266806
IP address blocks:        45.174.20.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/237dd3f6-48fa-4f1a-9158-deb553600ccf/422dc8daaee10e58ba4d2326d8ac255f9b9994e0.crl
                          rsync://repository.lacnic.net/rpki/lacnic/237dd3f6-48fa-4f1a-9158-deb553600ccf/422dc8daaee10e58ba4d2326d8ac255f9b9994e0.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/422dc8daaee10e58ba4d2326d8ac255f9b9994e0.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 19:38:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 24810 (0x60ea)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=422dc8daaee10e58ba4d2326d8ac255f9b9994e0
        Validity
            Not Before: Mar 24 14:30:04 2021 GMT
            Not After : Mar 24 14:30:04 2026 GMT
        Subject: CN=3110fdded26d05d5054f988ab77d312a917a28b8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:81:45:48:65:57:35:80:bd:09:43:c5:24:fa:93:
                    97:46:8b:74:4c:9c:15:b0:9e:f9:d0:04:0d:b1:8c:
                    91:3c:f6:86:ab:0e:33:ba:d6:a2:20:98:aa:5f:20:
                    84:24:0c:4f:44:28:b7:fa:fc:c8:b2:70:b4:b3:9e:
                    ff:06:8d:bc:f1:8d:3a:cd:04:5c:b7:04:3e:fc:de:
                    9a:ed:cd:e0:97:23:9f:3e:43:42:d2:a7:0f:6b:e1:
                    df:11:42:4e:42:b5:a8:5c:03:75:27:49:35:d6:d9:
                    29:4e:ef:39:33:d8:85:89:45:fa:53:81:fc:ea:3e:
                    b4:ae:19:6d:27:92:62:0e:6f:be:20:17:e2:bc:24:
                    fa:f6:c3:13:ac:2f:4f:cf:1d:0c:b0:42:5d:7d:09:
                    1c:25:d7:a2:37:9b:9f:b3:bd:1e:96:23:be:3f:d0:
                    62:6a:ca:b5:22:e5:76:75:64:11:42:c2:db:be:3a:
                    10:83:da:69:f3:7b:2e:59:5e:71:6e:6f:ea:77:cb:
                    d3:bc:a7:d4:ec:df:dc:f8:98:f2:e2:16:80:87:33:
                    20:5c:32:37:0c:f8:ab:51:cc:83:89:a9:ce:a7:bd:
                    d5:31:07:9d:52:93:1f:64:0c:39:9a:80:5a:6c:00:
                    96:3a:b9:c8:1f:13:64:72:2f:49:b2:ff:6c:02:8c:
                    44:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E9:EA:5F:06:26:C6:E9:A8:F7:19:18:D1:66:C2:3F:EA:06:5F:12:85
            X509v3 Authority Key Identifier:
                keyid:95:BB:CD:72:F2:F6:AA:D0:1F:CD:3B:31:F9:5D:5C:D1:07:0F:AC:35

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/422dc8daaee10e58ba4d2326d8ac255f9b9994e0.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/237dd3f6-48fa-4f1a-9158-deb553600ccf/3110fdded26d05d5054f988ab77d312a917a28b8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/237dd3f6-48fa-4f1a-9158-deb553600ccf/422dc8daaee10e58ba4d2326d8ac255f9b9994e0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.174.20.0/22

    Signature Algorithm: sha256WithRSAEncryption
         a6:88:84:84:e5:10:1a:e8:3a:ac:42:ef:23:0e:99:b4:a3:43:
         17:22:87:a3:a2:80:21:4b:9c:0a:96:19:4f:d7:e5:1c:e5:70:
         44:53:5d:f7:eb:4f:ca:b4:eb:4a:51:1b:64:f0:47:03:58:2a:
         27:d8:f9:df:99:6c:6f:74:b7:eb:99:90:8f:a8:5b:b6:2e:01:
         07:58:dc:2a:35:b9:40:8c:d0:83:6e:93:50:49:37:bd:87:bf:
         15:70:9b:f1:cf:a5:03:60:7f:5a:e7:c5:2d:62:81:a1:96:ab:
         8c:f0:26:a5:f0:13:5f:c8:1b:a0:0e:4d:8c:94:80:2e:f2:c9:
         a2:5a:a6:a1:7f:ac:9e:50:2d:e5:9f:62:c0:3a:a5:8a:ca:cc:
         fa:64:4d:93:f1:2d:0d:e3:39:b5:26:90:c2:57:0c:7b:97:c4:
         54:ae:7f:5b:f9:08:a2:5e:b3:f8:0b:a9:89:66:38:26:a7:2b:
         53:17:82:1e:ad:3c:b1:01:50:1e:cd:af:5a:49:f8:02:3d:72:
         3a:f7:87:f1:26:a1:64:f0:ab:c3:6f:38:58:b8:f6:9a:0b:0a:
         f3:9c:57:28:f1:4f:3a:92:38:35:28:29:94:48:b9:e8:5e:bf:
         b3:14:3c:f9:06:4b:8e:d3:3b:3b:30:3b:a3:58:dd:98:8a:14:
         c2:9b:44:b0
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgICYOowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDIy
ZGM4ZGFhZWUxMGU1OGJhNGQyMzI2ZDhhYzI1NWY5Yjk5OTRlMDAeFw0yMTAzMjQx
NDMwMDRaFw0yNjAzMjQxNDMwMDRaMDMxMTAvBgNVBAMTKDMxMTBmZGRlZDI2ZDA1
ZDUwNTRmOTg4YWI3N2QzMTJhOTE3YTI4YjgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCBRUhlVzWAvQlDxST6k5dGi3RMnBWwnvnQBA2xjJE89oarDjO6
1qIgmKpfIIQkDE9EKLf6/MiycLSznv8GjbzxjTrNBFy3BD783prtzeCXI58+Q0LS
pw9r4d8RQk5CtahcA3UnSTXW2SlO7zkz2IWJRfpTgfzqPrSuGW0nkmIOb74gF+K8
JPr2wxOsL0/PHQywQl19CRwl16I3m5+zvR6WI74/0GJqyrUi5XZ1ZBFCwtu+OhCD
2mnzey5ZXnFub+p3y9O8p9Ts39z4mPLiFoCHMyBcMjcM+KtRzIOJqc6nvdUxB51S
kx9kDDmagFpsAJY6ucgfE2RyL0my/2wCjETxAgMBAAGjggJbMIICVzAdBgNVHQ4E
FgQU6epfBibG6aj3GRjRZsI/6gZfEoUwHwYDVR0jBBgwFoAUlbvNcvL2qtAfzTsx
+V1c0QcPrDUwDgYDVR0PAQH/BAQDAgeAMIGaBggrBgEFBQcBAQSBjTCBijCBhwYI
KwYBBQUHMAKGe3JzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jwa2kvbGFj
bmljLzQ4ZjA4M2JiLWY2MDMtNDg5My05OTkwLTAyODRjMDRjZWI4NS80MjJkYzhk
YWFlZTEwZTU4YmE0ZDIzMjZkOGFjMjU1ZjliOTk5NGUwLmNlcjCBmgYIKwYBBQUH
AQsEgY0wgYowgYcGCCsGAQUFBzALhntyc3luYzovL3JlcG9zaXRvcnkubGFjbmlj
Lm5ldC9ycGtpL2xhY25pYy8yMzdkZDNmNi00OGZhLTRmMWEtOTE1OC1kZWI1NTM2
MDBjY2YvMzExMGZkZGVkMjZkMDVkNTA1NGY5ODhhYjc3ZDMxMmE5MTdhMjhiOC5y
b2EwgY8GA1UdHwSBhzCBhDCBgaB/oH2Ge3JzeW5jOi8vcmVwb3NpdG9yeS5sYWNu
aWMubmV0L3Jwa2kvbGFjbmljLzIzN2RkM2Y2LTQ4ZmEtNGYxYS05MTU4LWRlYjU1
MzYwMGNjZi80MjJkYzhkYWFlZTEwZTU4YmE0ZDIzMjZkOGFjMjU1ZjliOTk5NGUw
LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAw
DjAMBAIAATAGAwQCLa4UMA0GCSqGSIb3DQEBCwUAA4IBAQCmiISE5RAa6DqsQu8j
Dpm0o0MXIoejooAhS5wKlhlP1+Uc5XBEU13360/KtOtKURtk8EcDWCon2PnfmWxv
dLfrmZCPqFu2LgEHWNwqNblAjNCDbpNQSTe9h78VcJvxz6UDYH9a58UtYoGhlquM
8Cal8BNfyBugDk2MlIAu8smiWqahf6yeUC3ln2LAOqWKysz6ZE2T8S0N4zm1JpDC
Vwx7l8RUrn9b+QiiXrP4C6mJZjgmpytTF4IerTyxAVAeza9aSfgCPXI694fxJqFk
8KvDbzhYuPaaCwrznFco8U86kjg1KCmUSLnoXr+zFDz5BkuO0zs7MDujWN2YihTC
m0Sw
-----END CERTIFICATE-----
Generated at Fri Mar 29 03:23:51 2024 by rpki-client on console-ams.rpki-client.org