Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/27644c4f-083b-4264-a95f-89b13ee1dd66/10462e390b870e585859cf119d7de8ba78152976.roa
File:                     10462e390b870e585859cf119d7de8ba78152976.roa (raw, json)
Hash identifier:          IliqH6fTmndHIekgnqP7ueeAy9lM8HMWsbPu1pN/C68=
Subject key identifier:   A9:59:F2:92:F3:0B:30:93:68:F0:CF:74:26:C2:12:0F:0A:37:01:C2
Certificate issuer:       /CN=2ee860d7ae057539e895d1293eae7aad56d34c53
Certificate serial:       1AE176
Authority key identifier: 46:38:C8:83:DB:1C:FA:4A:03:22:D2:2B:65:57:8B:1B:34:5D:7A:91
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/2ee860d7ae057539e895d1293eae7aad56d34c53.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/27644c4f-083b-4264-a95f-89b13ee1dd66/10462e390b870e585859cf119d7de8ba78152976.roa
Signing time:             Fri 16 Sep 2022 20:21:59 +0000
ROA not before:           Mon 12 Sep 2022 21:39:36 +0000
ROA not after:            Thu 12 Sep 2024 21:39:36 +0000
asID:                     265746
IP address blocks:        128.201.168.0/23 maxlen: 23
                          128.201.168.0/24 maxlen: 24
                          128.201.169.0/24 maxlen: 24
                          128.201.170.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/27644c4f-083b-4264-a95f-89b13ee1dd66/2ee860d7ae057539e895d1293eae7aad56d34c53.crl
                          rsync://repository.lacnic.net/rpki/lacnic/27644c4f-083b-4264-a95f-89b13ee1dd66/2ee860d7ae057539e895d1293eae7aad56d34c53.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/2ee860d7ae057539e895d1293eae7aad56d34c53.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Tue 27 Feb 2024 12:23:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1761654 (0x1ae176)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2ee860d7ae057539e895d1293eae7aad56d34c53
        Validity
            Not Before: Sep 12 21:39:36 2022 GMT
            Not After : Sep 12 21:39:36 2024 GMT
        Subject: CN=10462e390b870e585859cf119d7de8ba78152976
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:aa:89:e0:c6:b1:6b:6a:5c:56:46:4b:8f:c5:
                    5a:ab:23:36:8a:b2:72:6e:26:c3:19:00:fc:95:85:
                    04:93:50:bf:bf:b1:f7:eb:46:b6:83:39:2f:85:bd:
                    37:06:0b:ae:79:15:13:8e:b0:e6:d0:d5:28:90:3c:
                    7f:cc:89:dd:cd:73:da:df:1d:14:4a:7a:e0:00:20:
                    c8:c9:21:9a:cb:61:86:8a:c9:a7:6d:4e:8a:b1:26:
                    45:df:2d:3b:93:78:89:74:01:21:0a:3d:d4:75:aa:
                    17:94:16:7b:99:9c:61:8f:85:d2:48:8d:5f:49:e0:
                    98:a0:96:0f:ea:ed:51:5e:91:ce:6f:8b:ea:63:0d:
                    f1:08:f2:c0:e8:ec:24:e0:da:d5:86:17:03:be:0e:
                    d0:74:d7:33:93:e7:ea:cf:d5:7d:ad:10:89:f4:24:
                    ce:fa:2f:e7:b7:e9:db:d0:a2:8f:de:d7:85:c6:1d:
                    2d:b0:77:a2:7a:7e:39:af:cc:54:46:8b:75:f8:95:
                    25:b8:ad:13:fb:7b:39:07:9e:45:44:51:b1:9c:03:
                    65:3e:f2:67:71:2d:7c:c8:48:c8:68:69:d1:39:e1:
                    6f:e6:d1:5a:5a:80:24:66:7f:a2:bf:16:41:f3:73:
                    24:8a:77:8b:e5:8e:35:28:a4:bc:65:34:63:b3:3c:
                    b0:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A9:59:F2:92:F3:0B:30:93:68:F0:CF:74:26:C2:12:0F:0A:37:01:C2
            X509v3 Authority Key Identifier:
                keyid:46:38:C8:83:DB:1C:FA:4A:03:22:D2:2B:65:57:8B:1B:34:5D:7A:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/2ee860d7ae057539e895d1293eae7aad56d34c53.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/27644c4f-083b-4264-a95f-89b13ee1dd66/10462e390b870e585859cf119d7de8ba78152976.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/27644c4f-083b-4264-a95f-89b13ee1dd66/2ee860d7ae057539e895d1293eae7aad56d34c53.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  128.201.168.0-128.201.170.255

    Signature Algorithm: sha256WithRSAEncryption
         77:a8:f9:f1:0e:67:67:c6:13:91:c4:f2:b6:0b:a8:cb:08:3d:
         aa:12:1a:aa:06:c4:d9:6a:fe:5a:b2:e1:8b:aa:be:07:be:56:
         89:25:db:8f:a2:ab:38:f9:89:c6:1e:e8:1d:11:79:c8:c8:83:
         40:18:51:d8:28:73:eb:4b:72:eb:9a:98:d3:a3:fb:10:f0:64:
         ca:2b:a9:d9:f7:60:8b:d8:ad:e4:c0:e7:18:a2:2e:97:ce:63:
         3e:02:34:2b:a2:e0:f5:42:39:49:f9:1f:39:55:4f:f8:e4:e4:
         db:ea:ff:45:5b:9a:b3:75:03:e0:71:06:89:c8:6b:24:2a:4c:
         92:11:45:75:94:c8:48:91:3f:86:f1:64:3e:eb:57:35:7b:35:
         07:b7:d2:ab:29:1f:3b:90:32:1c:02:f1:39:47:5e:6d:bd:5c:
         98:98:fd:39:b7:f5:04:30:d5:f1:21:8a:93:75:76:36:e0:d1:
         57:85:84:6d:6b:94:71:a9:24:83:44:db:40:67:14:c0:4d:a0:
         74:22:d8:c4:1d:15:f5:05:2a:53:b7:f7:06:a9:0e:e6:b0:a9:
         f3:13:7a:b4:44:b7:aa:fd:af:d1:74:10:02:86:2d:7f:c3:7e:
         a0:61:40:35:a3:c8:98:6b:0c:c1:6b:a6:e5:5e:e2:d8:eb:c2:
         7b:c4:8f:02
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgIDGuF2MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDJl
ZTg2MGQ3YWUwNTc1MzllODk1ZDEyOTNlYWU3YWFkNTZkMzRjNTMwHhcNMjIwOTEy
MjEzOTM2WhcNMjQwOTEyMjEzOTM2WjAzMTEwLwYDVQQDEygxMDQ2MmUzOTBiODcw
ZTU4NTg1OWNmMTE5ZDdkZThiYTc4MTUyOTc2MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA3aqJ4Maxa2pcVkZLj8VaqyM2irJybibDGQD8lYUEk1C/v7H3
60a2gzkvhb03BguueRUTjrDm0NUokDx/zIndzXPa3x0USnrgACDIySGay2GGismn
bU6KsSZF3y07k3iJdAEhCj3UdaoXlBZ7mZxhj4XSSI1fSeCYoJYP6u1RXpHOb4vq
Yw3xCPLA6Owk4NrVhhcDvg7QdNczk+fqz9V9rRCJ9CTO+i/nt+nb0KKP3teFxh0t
sHeien45r8xURot1+JUluK0T+3s5B55FRFGxnANlPvJncS18yEjIaGnROeFv5tFa
WoAkZn+ivxZB83MkineL5Y41KKS8ZTRjszywxwIDAQABo4ICYzCCAl8wHQYDVR0O
BBYEFKlZ8pLzCzCTaPDPdCbCEg8KNwHCMB8GA1UdIwQYMBaAFEY4yIPbHPpKAyLS
K2VXixs0XXqRMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvMmVlODYw
ZDdhZTA1NzUzOWU4OTVkMTI5M2VhZTdhYWQ1NmQzNGM1My5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMjc2NDRjNGYtMDgzYi00MjY0LWE5NWYtODliMTNl
ZTFkZDY2LzEwNDYyZTM5MGI4NzBlNTg1ODU5Y2YxMTlkN2RlOGJhNzgxNTI5NzYu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8yNzY0NGM0Zi0wODNiLTQyNjQtYTk1Zi04OWIx
M2VlMWRkNjYvMmVlODYwZDdhZTA1NzUzOWU4OTVkMTI5M2VhZTdhYWQ1NmQzNGM1
My5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAnBggrBgEFBQcBBwEB/wQY
MBYwFAQCAAEwDjAMAwQDgMmoAwQAgMmqMA0GCSqGSIb3DQEBCwUAA4IBAQB3qPnx
DmdnxhORxPK2C6jLCD2qEhqqBsTZav5asuGLqr4HvlaJJduPoqs4+YnGHugdEXnI
yINAGFHYKHPrS3LrmpjTo/sQ8GTKK6nZ92CL2K3kwOcYoi6XzmM+AjQrouD1QjlJ
+R85VU/45OTb6v9FW5qzdQPgcQaJyGskKkySEUV1lMhIkT+G8WQ+61c1ezUHt9Kr
KR87kDIcAvE5R15tvVyYmP05t/UEMNXxIYqTdXY24NFXhYRta5RxqSSDRNtAZxTA
TaB0ItjEHRX1BSpTt/cGqQ7msKnzE3q0RLeq/a/RdBAChi1/w36gYUA1o8iYawzB
a6blXuLY68J7xI8C
-----END CERTIFICATE-----
Generated at Sat Feb 24 21:41:49 2024 by rpki-client on console-fra.rpki-client.org