Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/28f0e3f6-654c-4ced-95b0-f9c013181813/bdfb21303b36fc20be3816da3bdf5d2af5509e16.roa
File:                     bdfb21303b36fc20be3816da3bdf5d2af5509e16.roa (raw, json)
Hash identifier:          JooUMZTDb/9Y2yVXGUll3hsSzFRXg4C61JhcH4mZesc=
Subject key identifier:   35:9E:C2:F7:BA:20:01:6E:0E:FB:D0:C8:03:2E:A3:A7:81:E6:36:57
Certificate issuer:       /CN=7cc7c9c848edfc8a4b400418499abe1d71cd53af
Certificate serial:       0DABFE
Authority key identifier: 42:34:65:69:0A:1D:F8:6B:DF:9B:90:43:B9:D6:D8:40:39:D7:78:CE
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/7cc7c9c848edfc8a4b400418499abe1d71cd53af.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/28f0e3f6-654c-4ced-95b0-f9c013181813/bdfb21303b36fc20be3816da3bdf5d2af5509e16.roa
Signing time:             Wed 24 Mar 2021 14:31:25 +0000
ROA not before:           Wed 24 Mar 2021 14:31:25 +0000
ROA not after:            Tue 24 Mar 2026 14:31:25 +0000
asID:                     265648
IP address blocks:        170.246.176.0/22 maxlen: 22

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/28f0e3f6-654c-4ced-95b0-f9c013181813/7cc7c9c848edfc8a4b400418499abe1d71cd53af.crl
                          rsync://repository.lacnic.net/rpki/lacnic/28f0e3f6-654c-4ced-95b0-f9c013181813/7cc7c9c848edfc8a4b400418499abe1d71cd53af.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/7cc7c9c848edfc8a4b400418499abe1d71cd53af.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 12:06:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 895998 (0xdabfe)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7cc7c9c848edfc8a4b400418499abe1d71cd53af
        Validity
            Not Before: Mar 24 14:31:25 2021 GMT
            Not After : Mar 24 14:31:25 2026 GMT
        Subject: CN=bdfb21303b36fc20be3816da3bdf5d2af5509e16
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:4b:24:60:54:6b:f3:40:55:eb:8c:3e:de:d4:
                    69:a9:e2:e9:5c:e7:d9:cf:fb:e2:59:b2:f6:8a:c8:
                    2b:0b:de:04:df:e0:cd:73:08:ea:80:b8:19:87:23:
                    b4:8f:42:1e:03:18:29:a2:68:aa:66:79:9e:8a:6a:
                    5b:cc:1a:38:cb:b2:fd:e2:53:a2:39:24:66:b9:11:
                    02:fc:ea:85:fd:5d:be:a0:fb:a7:ed:b2:7b:d1:5d:
                    79:83:2a:71:64:70:34:a7:6e:4d:25:df:18:29:e3:
                    cc:83:fa:17:7c:50:5e:78:00:17:af:36:6c:2c:90:
                    ba:90:d4:26:d6:fa:b5:b1:41:af:f1:7a:be:d8:6e:
                    e2:5e:fe:5f:d0:48:75:bc:5e:df:aa:cb:6b:fa:e8:
                    26:87:9f:27:1e:fd:64:4c:a6:e1:72:94:f5:dd:b7:
                    e2:34:ab:a0:48:0b:88:2c:6f:f8:24:2a:2d:9d:6b:
                    1c:7d:b5:b4:85:16:54:5d:18:68:e1:a6:a4:2c:99:
                    90:62:14:61:58:a0:68:4b:53:c6:25:83:b8:84:cd:
                    72:0a:2a:6d:75:d9:c3:46:0b:b4:23:d4:04:9a:5a:
                    d9:8d:bb:1a:9a:7d:bf:54:31:43:ca:b4:29:39:42:
                    2e:0f:10:df:d7:8a:fe:46:cb:9a:7e:7e:17:1a:68:
                    ce:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                35:9E:C2:F7:BA:20:01:6E:0E:FB:D0:C8:03:2E:A3:A7:81:E6:36:57
            X509v3 Authority Key Identifier:
                keyid:42:34:65:69:0A:1D:F8:6B:DF:9B:90:43:B9:D6:D8:40:39:D7:78:CE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/7cc7c9c848edfc8a4b400418499abe1d71cd53af.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/28f0e3f6-654c-4ced-95b0-f9c013181813/bdfb21303b36fc20be3816da3bdf5d2af5509e16.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/28f0e3f6-654c-4ced-95b0-f9c013181813/7cc7c9c848edfc8a4b400418499abe1d71cd53af.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  170.246.176.0/22

    Signature Algorithm: sha256WithRSAEncryption
         08:b9:0d:2f:4a:9d:e8:db:eb:b2:78:33:c2:a1:f3:a4:6b:17:
         fd:7a:9b:ee:4e:83:7f:38:4b:35:b2:b4:92:47:00:43:b1:ed:
         68:69:5f:a2:04:7d:92:43:49:c8:76:aa:57:62:1b:98:40:92:
         2e:2a:73:14:d2:86:ae:57:a8:66:9d:83:38:1d:23:7d:cc:e8:
         00:5a:3c:5a:5b:8f:64:a2:48:8e:59:f4:da:a9:33:e2:92:ff:
         02:17:c1:d2:0c:4c:39:f3:c1:7b:24:f9:c3:91:44:1c:68:49:
         49:59:99:1c:3c:b7:82:65:18:9e:f2:ce:7b:ed:bd:5c:87:f6:
         de:2b:d8:e1:26:eb:21:17:77:9a:53:64:df:ae:bb:78:ae:9e:
         52:80:1d:5b:36:20:75:d4:0b:7e:e2:d4:2c:27:77:95:ab:27:
         69:ef:75:b3:cc:c1:e8:34:53:a8:1e:d7:c4:b3:95:7c:f2:a4:
         ce:06:61:0f:6f:c3:af:e3:92:ef:97:db:4f:94:eb:e6:9c:7b:
         0d:e3:a0:ba:a4:25:12:38:72:1c:24:69:f2:0b:fd:4c:2e:59:
         df:c5:5c:95:ac:4f:ea:f9:90:9b:35:65:d8:a2:cd:58:ed:3f:
         09:64:f7:d8:94:b0:87:b7:bd:3e:0b:8b:bc:82:31:82:80:64:
         70:aa:ee:2f
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDDav+MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDdj
YzdjOWM4NDhlZGZjOGE0YjQwMDQxODQ5OWFiZTFkNzFjZDUzYWYwHhcNMjEwMzI0
MTQzMTI1WhcNMjYwMzI0MTQzMTI1WjAzMTEwLwYDVQQDEyhiZGZiMjEzMDNiMzZm
YzIwYmUzODE2ZGEzYmRmNWQyYWY1NTA5ZTE2MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAm0skYFRr80BV64w+3tRpqeLpXOfZz/viWbL2isgrC94E3+DN
cwjqgLgZhyO0j0IeAxgpomiqZnmeimpbzBo4y7L94lOiOSRmuREC/OqF/V2+oPun
7bJ70V15gypxZHA0p25NJd8YKePMg/oXfFBeeAAXrzZsLJC6kNQm1vq1sUGv8Xq+
2G7iXv5f0Eh1vF7fqstr+ugmh58nHv1kTKbhcpT13bfiNKugSAuILG/4JCotnWsc
fbW0hRZUXRho4aakLJmQYhRhWKBoS1PGJYO4hM1yCiptddnDRgu0I9QEmlrZjbsa
mn2/VDFDyrQpOUIuDxDf14r+Rsuafn4XGmjO9wIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFDWewve6IAFuDvvQyAMuo6eB5jZXMB8GA1UdIwQYMBaAFEI0ZWkKHfhr35uQ
Q7nW2EA513jOMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvN2NjN2M5
Yzg0OGVkZmM4YTRiNDAwNDE4NDk5YWJlMWQ3MWNkNTNhZi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMjhmMGUzZjYtNjU0Yy00Y2VkLTk1YjAtZjljMDEz
MTgxODEzL2JkZmIyMTMwM2IzNmZjMjBiZTM4MTZkYTNiZGY1ZDJhZjU1MDllMTYu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8yOGYwZTNmNi02NTRjLTRjZWQtOTViMC1mOWMw
MTMxODE4MTMvN2NjN2M5Yzg0OGVkZmM4YTRiNDAwNDE4NDk5YWJlMWQ3MWNkNTNh
Zi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAqr2sDANBgkqhkiG9w0BAQsFAAOCAQEACLkNL0qd6Nvrsngz
wqHzpGsX/Xqb7k6DfzhLNbK0kkcAQ7HtaGlfogR9kkNJyHaqV2IbmECSLipzFNKG
rleoZp2DOB0jfczoAFo8WluPZKJIjln02qkz4pL/AhfB0gxMOfPBeyT5w5FEHGhJ
SVmZHDy3gmUYnvLOe+29XIf23ivY4SbrIRd3mlNk3667eK6eUoAdWzYgddQLfuLU
LCd3lasnae91s8zB6DRTqB7XxLOVfPKkzgZhD2/Dr+OS75fbT5Tr5px7DeOguqQl
EjhyHCRp8gv9TC5Z38VclaxP6vmQmzVl2KLNWO0/CWT32JSwh7e9PguLvIIxgoBk
cKruLw==
-----END CERTIFICATE-----
Generated at Thu Mar 28 13:27:50 2024 by rpki-client on console-ams.rpki-client.org