Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/2dde13d1-a0c9-4391-87df-bb9f35c7cf96/81ef616194e51bc6098309498c5b95dac58deb8e.roa
File:                     81ef616194e51bc6098309498c5b95dac58deb8e.roa (raw, json)
Hash identifier:          XlizdxhJrBUCpsuxzui5fnwGAZwIcBJwGES4T29chHU=
Subject key identifier:   ED:BB:E9:50:88:90:67:09:DE:78:6C:A4:D6:BD:3D:B2:D7:84:C8:99
Certificate issuer:       /CN=2ab3c7cf52a8ce275e026127c8b74ae7b577cab0
Certificate serial:       048D53
Authority key identifier: DD:1C:DF:C9:2E:45:94:EE:5B:BE:55:DA:0B:1C:49:17:E3:86:96:46
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/2ab3c7cf52a8ce275e026127c8b74ae7b577cab0.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/2dde13d1-a0c9-4391-87df-bb9f35c7cf96/81ef616194e51bc6098309498c5b95dac58deb8e.roa
Signing time:             Wed 24 Mar 2021 14:32:36 +0000
ROA not before:           Wed 24 Mar 2021 14:32:36 +0000
ROA not after:            Tue 24 Mar 2026 14:32:36 +0000
asID:                     61486
IP address blocks:        207.248.74.0/24 maxlen: 24
                          207.248.75.0/24 maxlen: 24
                          2801:11:2000::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/2dde13d1-a0c9-4391-87df-bb9f35c7cf96/2ab3c7cf52a8ce275e026127c8b74ae7b577cab0.crl
                          rsync://repository.lacnic.net/rpki/lacnic/2dde13d1-a0c9-4391-87df-bb9f35c7cf96/2ab3c7cf52a8ce275e026127c8b74ae7b577cab0.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/2ab3c7cf52a8ce275e026127c8b74ae7b577cab0.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 18 Mar 2023 02:22:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 298323 (0x48d53)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2ab3c7cf52a8ce275e026127c8b74ae7b577cab0
        Validity
            Not Before: Mar 24 14:32:36 2021 GMT
            Not After : Mar 24 14:32:36 2026 GMT
        Subject: CN=81ef616194e51bc6098309498c5b95dac58deb8e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:2e:75:3b:15:70:9b:53:3f:0c:d6:11:63:29:
                    c9:bd:54:ba:71:16:96:36:8a:e7:61:db:b8:56:c4:
                    4f:80:57:db:39:3c:5f:75:21:2f:ba:7f:69:3b:19:
                    71:48:4e:b3:43:99:17:95:00:ef:b5:46:e3:a8:7a:
                    3c:f1:a5:8f:f8:51:0f:df:9a:37:44:b9:4e:ca:f3:
                    58:5f:8c:cc:d1:28:9f:64:f8:e2:03:d2:f2:b1:dc:
                    ae:23:42:b1:29:22:78:33:f3:a2:5d:e5:fe:38:8e:
                    f6:37:c6:ba:9e:8c:d0:80:54:ff:cc:bb:bf:b3:4d:
                    ac:6e:e9:0a:2b:e8:9a:5c:e0:f8:98:bc:ed:79:ad:
                    d3:94:12:9b:ed:ba:f0:a3:f0:7b:b9:99:6a:87:d6:
                    28:5a:b6:32:db:2a:19:8b:3e:73:fa:45:9a:14:91:
                    ec:35:b6:a6:34:1a:ca:f3:43:55:a7:d6:a3:e7:8a:
                    5a:b4:ff:5b:8b:20:2e:69:d8:7e:3f:b6:79:ec:4d:
                    a7:a2:e5:4b:eb:af:12:05:c0:56:f8:ae:04:d8:a0:
                    31:c5:21:9d:42:92:5f:4c:56:3f:41:59:56:a8:c9:
                    ad:7e:a4:b7:56:c8:cf:bf:72:e1:c0:e2:ad:04:e0:
                    6d:5c:9e:97:72:f7:f0:67:5b:24:3b:2e:ce:20:d5:
                    1f:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                ED:BB:E9:50:88:90:67:09:DE:78:6C:A4:D6:BD:3D:B2:D7:84:C8:99
            X509v3 Authority Key Identifier: 
                keyid:DD:1C:DF:C9:2E:45:94:EE:5B:BE:55:DA:0B:1C:49:17:E3:86:96:46

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/2ab3c7cf52a8ce275e026127c8b74ae7b577cab0.cer

            Subject Information Access: 
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/2dde13d1-a0c9-4391-87df-bb9f35c7cf96/81ef616194e51bc6098309498c5b95dac58deb8e.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/2dde13d1-a0c9-4391-87df-bb9f35c7cf96/2ab3c7cf52a8ce275e026127c8b74ae7b577cab0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  207.248.74.0/23
                IPv6:
                  2801:11:2000::/48

    Signature Algorithm: sha256WithRSAEncryption
         54:dc:7b:1e:6b:50:31:9d:fd:30:80:00:9f:b7:ea:e1:83:4b:
         74:05:46:69:b4:82:1e:8c:6f:f7:02:1d:f7:cd:30:b7:72:9b:
         d0:7b:54:e2:19:dc:f2:5b:6d:dc:58:c8:ce:4c:8f:3c:62:f9:
         38:e8:64:f8:63:41:5a:d8:de:fc:9e:74:4c:a6:4d:50:6a:7e:
         f5:ae:05:07:d0:fd:df:17:72:e2:9d:58:6c:f5:75:3f:3e:7e:
         83:3b:34:de:9f:2d:a2:93:d6:af:1a:87:c5:b7:df:46:11:ac:
         8c:35:43:04:5a:73:0e:f8:69:5d:55:2f:16:30:d1:d6:10:6f:
         d5:02:d4:5a:aa:e8:e1:3c:65:eb:7b:44:b2:b2:58:84:03:f0:
         57:b8:da:2a:76:cf:39:3e:0f:bb:05:7a:55:bf:f3:ff:10:d8:
         3f:ed:28:e1:b0:5c:f6:6b:e8:58:c0:fa:8f:bb:d0:ea:1b:bf:
         74:a5:27:58:3f:fd:2f:c6:15:06:ba:39:c3:62:33:4d:ca:fc:
         4b:32:d5:c6:bf:1a:49:7c:04:89:56:7e:70:c0:88:44:3e:14:
         19:94:94:a6:bf:92:c6:89:92:ec:a4:28:b6:7e:a0:5a:44:1e:
         0c:73:43:a4:ac:cc:7b:42:fd:17:49:ef:a5:bb:e0:da:bf:4a:
         53:ea:84:f0
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgIDBI1TMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDJh
YjNjN2NmNTJhOGNlMjc1ZTAyNjEyN2M4Yjc0YWU3YjU3N2NhYjAwHhcNMjEwMzI0
MTQzMjM2WhcNMjYwMzI0MTQzMjM2WjAzMTEwLwYDVQQDEyg4MWVmNjE2MTk0ZTUx
YmM2MDk4MzA5NDk4YzViOTVkYWM1OGRlYjhlMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAkS51OxVwm1M/DNYRYynJvVS6cRaWNornYdu4VsRPgFfbOTxf
dSEvun9pOxlxSE6zQ5kXlQDvtUbjqHo88aWP+FEP35o3RLlOyvNYX4zM0SifZPji
A9LysdyuI0KxKSJ4M/OiXeX+OI72N8a6nozQgFT/zLu/s02sbukKK+iaXOD4mLzt
ea3TlBKb7brwo/B7uZlqh9YoWrYy2yoZiz5z+kWaFJHsNbamNBrK80NVp9aj54pa
tP9biyAuadh+P7Z57E2nouVL668SBcBW+K4E2KAxxSGdQpJfTFY/QVlWqMmtfqS3
VsjPv3LhwOKtBOBtXJ6XcvfwZ1skOy7OINUfaQIDAQABo4ICbDCCAmgwHQYDVR0O
BBYEFO276VCIkGcJ3nhspNa9PbLXhMiZMB8GA1UdIwQYMBaAFN0c38kuRZTuW75V
2gscSRfjhpZGMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvMmFiM2M3
Y2Y1MmE4Y2UyNzVlMDI2MTI3YzhiNzRhZTdiNTc3Y2FiMC5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMmRkZTEzZDEtYTBjOS00MzkxLTg3ZGYtYmI5ZjM1
YzdjZjk2LzgxZWY2MTYxOTRlNTFiYzYwOTgzMDk0OThjNWI5NWRhYzU4ZGViOGUu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8yZGRlMTNkMS1hMGM5LTQzOTEtODdkZi1iYjlm
MzVjN2NmOTYvMmFiM2M3Y2Y1MmE4Y2UyNzVlMDI2MTI3YzhiNzRhZTdiNTc3Y2Fi
MC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAwBggrBgEFBQcBBwEB/wQh
MB8wDAQCAAEwBgMEAc/4SjAPBAIAAjAJAwcAKAEAESAAMA0GCSqGSIb3DQEBCwUA
A4IBAQBU3Hsea1Axnf0wgACft+rhg0t0BUZptIIejG/3Ah33zTC3cpvQe1TiGdzy
W23cWMjOTI88Yvk46GT4Y0Fa2N78nnRMpk1Qan71rgUH0P3fF3LinVhs9XU/Pn6D
OzTeny2ik9avGofFt99GEayMNUMEWnMO+GldVS8WMNHWEG/VAtRaqujhPGXre0Sy
sliEA/BXuNoqds85Pg+7BXpVv/P/ENg/7SjhsFz2a+hYwPqPu9DqG790pSdYP/0v
xhUGujnDYjNNyvxLMtXGvxpJfASJVn5wwIhEPhQZlJSmv5LGiZLspCi2fqBaRB4M
c0OkrMx7Qv0XSe+lu+Dav0pT6oTw
-----END CERTIFICATE-----
Generated at Wed Mar 15 11:33:36 2023 by rpki-client on console-ams.rpki-client.org