Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/2fc42fdf-2d8b-46a5-8f9b-68d6e3403e4e/5feaf6a7d5485690894a1310061dd30d2ad69a68.roa
File:                     5feaf6a7d5485690894a1310061dd30d2ad69a68.roa (raw, json)
Hash identifier:          xoEpiutKQnHC0VVE+T7b970CfzLJX5/RVTLW/5TzqVc=
Subject key identifier:   9F:EB:CB:B3:2A:FF:19:63:74:A8:1E:12:F2:14:16:A7:A5:F3:87:3C
Certificate issuer:       /CN=259c4fb25c604824d214cf7cbe588eab433a5691
Certificate serial:       25BB77
Authority key identifier: 3F:31:C8:54:2E:52:5E:69:30:FE:E3:42:F0:40:D8:8D:07:34:6E:D0
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/259c4fb25c604824d214cf7cbe588eab433a5691.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/2fc42fdf-2d8b-46a5-8f9b-68d6e3403e4e/5feaf6a7d5485690894a1310061dd30d2ad69a68.roa
Signing time:             Tue 28 Nov 2023 21:27:08 +0000
ROA not before:           Tue 28 Nov 2023 21:27:08 +0000
ROA not after:            Fri 28 Nov 2025 21:27:08 +0000
asID:                     52468
IP address blocks:        45.225.88.0/22 maxlen: 24
                          2803:e620::/32 maxlen: 48

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/2fc42fdf-2d8b-46a5-8f9b-68d6e3403e4e/259c4fb25c604824d214cf7cbe588eab433a5691.crl
                          rsync://repository.lacnic.net/rpki/lacnic/2fc42fdf-2d8b-46a5-8f9b-68d6e3403e4e/259c4fb25c604824d214cf7cbe588eab433a5691.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/259c4fb25c604824d214cf7cbe588eab433a5691.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 04 Mar 2024 08:17:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2472823 (0x25bb77)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=259c4fb25c604824d214cf7cbe588eab433a5691
        Validity
            Not Before: Nov 28 21:27:08 2023 GMT
            Not After : Nov 28 21:27:08 2025 GMT
        Subject: CN=5feaf6a7d5485690894a1310061dd30d2ad69a68
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:12:34:74:87:0f:56:93:1b:4e:2f:f7:d5:bb:
                    53:83:16:dd:a2:d0:87:c5:03:e9:2f:0a:47:c0:62:
                    e5:5b:9f:61:92:c9:6f:50:36:9b:02:82:c4:02:65:
                    87:79:36:13:f0:54:63:33:87:82:75:6b:f9:30:9f:
                    5a:6f:74:86:b4:b5:dd:c2:1a:6c:5d:82:b8:2e:42:
                    46:bf:fb:bb:a5:82:57:59:7d:00:71:6f:71:b7:47:
                    20:b2:27:f5:0b:1f:0d:24:ec:d4:c4:bc:81:23:e0:
                    d4:fd:cb:7e:af:9e:98:38:d9:6b:d2:87:5a:9f:71:
                    f2:11:25:c7:ce:e4:06:37:cb:eb:d3:4f:7c:bc:9b:
                    43:6e:bc:0a:28:53:5f:db:6b:b7:52:2e:df:3f:af:
                    6a:08:00:c4:fd:c8:d8:ce:58:10:49:7e:22:ed:e8:
                    0d:f2:5f:f0:fe:0b:ca:16:c1:8b:f9:a9:a4:f9:c9:
                    fd:4d:b5:63:c2:4b:fc:30:e3:07:59:a4:89:f8:48:
                    f6:e4:70:6f:b5:15:61:a1:12:2f:cd:df:b0:98:9d:
                    40:77:c5:8a:57:05:03:48:e5:aa:2a:7f:66:95:d1:
                    e8:ce:25:c5:ea:c8:1b:c9:9e:e6:92:df:f3:9c:f6:
                    a8:b8:43:9b:bb:34:e6:ea:75:e6:8a:d3:cc:1f:5b:
                    7a:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9F:EB:CB:B3:2A:FF:19:63:74:A8:1E:12:F2:14:16:A7:A5:F3:87:3C
            X509v3 Authority Key Identifier:
                keyid:3F:31:C8:54:2E:52:5E:69:30:FE:E3:42:F0:40:D8:8D:07:34:6E:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/259c4fb25c604824d214cf7cbe588eab433a5691.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/2fc42fdf-2d8b-46a5-8f9b-68d6e3403e4e/5feaf6a7d5485690894a1310061dd30d2ad69a68.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/2fc42fdf-2d8b-46a5-8f9b-68d6e3403e4e/259c4fb25c604824d214cf7cbe588eab433a5691.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.225.88.0/22
                IPv6:
                  2803:e620::/32

    Signature Algorithm: sha256WithRSAEncryption
         59:a9:e0:3e:8d:59:4d:02:98:1e:31:e7:3c:b9:9e:eb:a2:62:
         99:5f:df:ac:34:c2:d9:02:ca:0a:12:be:42:b4:27:52:71:2e:
         06:c8:87:6f:1a:f9:3d:11:16:90:56:70:fe:99:f0:e5:ba:8f:
         61:b4:f5:2a:29:f3:f8:2b:71:ad:e9:9d:40:7d:64:04:a4:15:
         2a:c8:1d:ec:eb:5e:66:f8:24:96:28:37:e8:ae:3e:0a:3e:24:
         51:a5:f2:b4:f4:e5:d9:1d:b7:71:91:f3:3a:d5:89:d2:3e:c5:
         01:91:2d:23:e7:59:60:25:28:51:65:b1:97:bb:5f:71:81:92:
         ce:2e:86:3b:ff:02:55:b0:1f:8c:49:5e:41:5f:79:57:e6:96:
         19:09:c9:5d:3a:26:41:ba:42:02:40:96:01:7f:d4:79:6c:d9:
         ef:2d:2c:8b:e0:35:d8:9c:15:65:46:56:75:68:95:fd:ef:a2:
         ea:9f:8f:d9:a5:8d:a0:88:e0:65:3d:d7:05:ae:d9:7d:29:e1:
         a6:68:11:c0:e4:33:06:44:7c:34:1c:91:06:bb:2d:89:d9:d2:
         82:b2:2d:9a:be:3a:2b:f2:c6:35:5d:3d:1f:77:ff:c0:6b:a5:
         99:c4:f0:87:3e:13:da:50:62:95:c4:53:79:dc:c9:54:f4:6d:
         28:b4:7d:c7
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgIDJbt3MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDI1
OWM0ZmIyNWM2MDQ4MjRkMjE0Y2Y3Y2JlNTg4ZWFiNDMzYTU2OTEwHhcNMjMxMTI4
MjEyNzA4WhcNMjUxMTI4MjEyNzA4WjAzMTEwLwYDVQQDEyg1ZmVhZjZhN2Q1NDg1
NjkwODk0YTEzMTAwNjFkZDMwZDJhZDY5YTY4MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAixI0dIcPVpMbTi/31btTgxbdotCHxQPpLwpHwGLlW59hkslv
UDabAoLEAmWHeTYT8FRjM4eCdWv5MJ9ab3SGtLXdwhpsXYK4LkJGv/u7pYJXWX0A
cW9xt0cgsif1Cx8NJOzUxLyBI+DU/ct+r56YONlr0odan3HyESXHzuQGN8vr0098
vJtDbrwKKFNf22u3Ui7fP69qCADE/cjYzlgQSX4i7egN8l/w/gvKFsGL+amk+cn9
TbVjwkv8MOMHWaSJ+Ej25HBvtRVhoRIvzd+wmJ1Ad8WKVwUDSOWqKn9mldHoziXF
6sgbyZ7mkt/znPaouEObuzTm6nXmitPMH1t6xQIDAQABo4ICajCCAmYwHQYDVR0O
BBYEFJ/ry7Mq/xljdKgeEvIUFqel84c8MB8GA1UdIwQYMBaAFD8xyFQuUl5pMP7j
QvBA2I0HNG7QMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvMjU5YzRm
YjI1YzYwNDgyNGQyMTRjZjdjYmU1ODhlYWI0MzNhNTY5MS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMmZjNDJmZGYtMmQ4Yi00NmE1LThmOWItNjhkNmUz
NDAzZTRlLzVmZWFmNmE3ZDU0ODU2OTA4OTRhMTMxMDA2MWRkMzBkMmFkNjlhNjgu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8yZmM0MmZkZi0yZDhiLTQ2YTUtOGY5Yi02OGQ2
ZTM0MDNlNGUvMjU5YzRmYjI1YzYwNDgyNGQyMTRjZjdjYmU1ODhlYWI0MzNhNTY5
MS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQf
MB0wDAQCAAEwBgMEAi3hWDANBAIAAjAHAwUAKAPmIDANBgkqhkiG9w0BAQsFAAOC
AQEAWangPo1ZTQKYHjHnPLme66JimV/frDTC2QLKChK+QrQnUnEuBsiHbxr5PREW
kFZw/pnw5bqPYbT1Kinz+CtxremdQH1kBKQVKsgd7OteZvgklig36K4+Cj4kUaXy
tPTl2R23cZHzOtWJ0j7FAZEtI+dZYCUoUWWxl7tfcYGSzi6GO/8CVbAfjEleQV95
V+aWGQnJXTomQbpCAkCWAX/UeWzZ7y0si+A12JwVZUZWdWiV/e+i6p+P2aWNoIjg
ZT3XBa7ZfSnhpmgRwOQzBkR8NByRBrstidnSgrItmr46K/LGNV09H3f/wGulmcTw
hz4T2lBilcRTedzJVPRtKLR9xw==
-----END CERTIFICATE-----
Generated at Fri Mar 1 16:37:38 2024 by rpki-client on console-fra.rpki-client.org