Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/2fc42fdf-2d8b-46a5-8f9b-68d6e3403e4e/f4b135fb135f1e812fefd732e69cd0972d4b5fc7.roa
File:                     f4b135fb135f1e812fefd732e69cd0972d4b5fc7.roa (raw, json)
Hash identifier:          JZwqT3zyk39jITat7YvZPdogX/ANXXL+O8Y5rdQKeSw=
Subject key identifier:   16:20:FE:79:5D:95:D9:72:37:25:AE:C3:DD:33:9E:23:C1:5D:34:BB
Certificate issuer:       /CN=259c4fb25c604824d214cf7cbe588eab433a5691
Certificate serial:       25BDAC
Authority key identifier: 3F:31:C8:54:2E:52:5E:69:30:FE:E3:42:F0:40:D8:8D:07:34:6E:D0
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/259c4fb25c604824d214cf7cbe588eab433a5691.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/2fc42fdf-2d8b-46a5-8f9b-68d6e3403e4e/f4b135fb135f1e812fefd732e69cd0972d4b5fc7.roa
Signing time:             Tue 28 Nov 2023 21:27:09 +0000
ROA not before:           Tue 28 Nov 2023 21:27:08 +0000
ROA not after:            Fri 28 Nov 2025 21:27:08 +0000
asID:                     264668
IP address blocks:        45.225.88.0/22 maxlen: 24
                          2803:e620::/32 maxlen: 48

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/2fc42fdf-2d8b-46a5-8f9b-68d6e3403e4e/259c4fb25c604824d214cf7cbe588eab433a5691.crl
                          rsync://repository.lacnic.net/rpki/lacnic/2fc42fdf-2d8b-46a5-8f9b-68d6e3403e4e/259c4fb25c604824d214cf7cbe588eab433a5691.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/259c4fb25c604824d214cf7cbe588eab433a5691.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 04 Mar 2024 08:17:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2473388 (0x25bdac)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=259c4fb25c604824d214cf7cbe588eab433a5691
        Validity
            Not Before: Nov 28 21:27:08 2023 GMT
            Not After : Nov 28 21:27:08 2025 GMT
        Subject: CN=f4b135fb135f1e812fefd732e69cd0972d4b5fc7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:d5:b8:00:27:28:b8:2f:96:4d:e5:3f:9e:9b:
                    7d:9e:a2:10:99:d4:44:30:d2:33:3f:af:fd:73:8c:
                    a6:31:f8:34:73:a7:e4:59:ca:e0:d2:aa:95:71:5d:
                    31:eb:9f:44:ac:8a:41:97:95:8e:5a:3a:40:f2:89:
                    5f:86:23:5c:d4:7b:be:05:6b:c1:04:80:da:f6:92:
                    2e:ff:7d:c4:91:f2:8b:1f:cc:6d:84:e4:b6:73:68:
                    fb:fd:e5:5d:c3:f7:c3:a9:69:99:27:5d:98:69:c9:
                    d6:5b:e4:74:d2:5d:25:bf:6e:20:a1:e0:f5:bf:f4:
                    bd:4d:be:46:e1:a6:2f:71:e3:10:05:1b:77:41:ba:
                    94:a5:f1:34:66:62:c0:31:34:98:19:dc:13:f8:c0:
                    80:54:a2:64:f1:84:53:d5:5c:ca:03:91:14:d6:0f:
                    7b:60:4b:4b:cc:af:9a:ae:0b:45:a1:94:04:15:6e:
                    b8:4a:de:f0:17:b8:b3:a6:23:21:88:f9:7d:c2:d2:
                    68:57:e9:f9:9e:5d:69:0b:24:dd:b5:f0:b1:b8:b9:
                    78:63:8a:d2:a1:d7:77:25:78:1c:4d:4e:a7:1d:b1:
                    10:7a:33:12:da:c1:9a:4e:ed:34:f0:87:a4:cc:4a:
                    c5:7c:76:0c:be:e2:59:f1:54:4c:7b:8d:93:9d:ac:
                    03:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                16:20:FE:79:5D:95:D9:72:37:25:AE:C3:DD:33:9E:23:C1:5D:34:BB
            X509v3 Authority Key Identifier:
                keyid:3F:31:C8:54:2E:52:5E:69:30:FE:E3:42:F0:40:D8:8D:07:34:6E:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/259c4fb25c604824d214cf7cbe588eab433a5691.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/2fc42fdf-2d8b-46a5-8f9b-68d6e3403e4e/f4b135fb135f1e812fefd732e69cd0972d4b5fc7.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/2fc42fdf-2d8b-46a5-8f9b-68d6e3403e4e/259c4fb25c604824d214cf7cbe588eab433a5691.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.225.88.0/22
                IPv6:
                  2803:e620::/32

    Signature Algorithm: sha256WithRSAEncryption
         7a:48:6b:7d:d2:b7:15:33:28:54:5a:6a:65:78:ee:c5:63:9c:
         78:17:05:96:b4:c0:a0:e3:a1:41:fb:96:70:3a:d6:67:ba:41:
         ba:8a:16:18:e9:c1:4a:f8:1a:25:6f:c7:52:00:57:c2:89:00:
         4d:2e:04:b3:9d:47:93:19:ed:da:bb:bf:b5:a5:11:ee:17:63:
         a4:39:1d:0d:ad:d0:e3:b5:37:c4:1c:96:e4:ce:b2:a1:c1:cd:
         10:eb:b4:cc:51:b7:11:0e:0e:58:ef:06:10:51:fb:f0:47:fa:
         d1:73:5b:0c:2b:8a:86:a3:12:8c:79:1a:58:e0:5a:63:ab:6a:
         a7:ea:92:30:c9:04:37:13:88:70:c7:54:1f:f2:cb:e1:b4:d2:
         0a:76:27:b9:82:b2:a1:d0:05:e2:49:5a:65:84:d8:12:0e:71:
         f4:e8:ac:ef:d0:8a:2b:f8:5d:45:37:02:ff:c8:c7:22:75:5e:
         e4:7e:9e:bb:25:d7:a8:62:41:ef:71:24:92:55:b8:2d:73:9a:
         61:f4:15:a8:3a:2c:a6:3e:8b:41:72:98:76:d2:a0:2f:09:e4:
         3e:12:fc:4a:45:0b:06:32:8d:bc:9c:84:65:a3:8a:49:7b:45:
         b7:5b:cf:13:04:a2:65:c0:2d:61:4f:2b:b6:8b:fa:7c:fe:f2:
         a6:0d:df:bb
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgIDJb2sMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDI1
OWM0ZmIyNWM2MDQ4MjRkMjE0Y2Y3Y2JlNTg4ZWFiNDMzYTU2OTEwHhcNMjMxMTI4
MjEyNzA4WhcNMjUxMTI4MjEyNzA4WjAzMTEwLwYDVQQDEyhmNGIxMzVmYjEzNWYx
ZTgxMmZlZmQ3MzJlNjljZDA5NzJkNGI1ZmM3MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAkdW4ACcouC+WTeU/npt9nqIQmdREMNIzP6/9c4ymMfg0c6fk
Wcrg0qqVcV0x659ErIpBl5WOWjpA8olfhiNc1Hu+BWvBBIDa9pIu/33EkfKLH8xt
hOS2c2j7/eVdw/fDqWmZJ12YacnWW+R00l0lv24goeD1v/S9Tb5G4aYvceMQBRt3
QbqUpfE0ZmLAMTSYGdwT+MCAVKJk8YRT1VzKA5EU1g97YEtLzK+argtFoZQEFW64
St7wF7izpiMhiPl9wtJoV+n5nl1pCyTdtfCxuLl4Y4rSodd3JXgcTU6nHbEQejMS
2sGaTu008IekzErFfHYMvuJZ8VRMe42TnawDKwIDAQABo4ICajCCAmYwHQYDVR0O
BBYEFBYg/nldldlyNyWuw90zniPBXTS7MB8GA1UdIwQYMBaAFD8xyFQuUl5pMP7j
QvBA2I0HNG7QMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvMjU5YzRm
YjI1YzYwNDgyNGQyMTRjZjdjYmU1ODhlYWI0MzNhNTY5MS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMmZjNDJmZGYtMmQ4Yi00NmE1LThmOWItNjhkNmUz
NDAzZTRlL2Y0YjEzNWZiMTM1ZjFlODEyZmVmZDczMmU2OWNkMDk3MmQ0YjVmYzcu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8yZmM0MmZkZi0yZDhiLTQ2YTUtOGY5Yi02OGQ2
ZTM0MDNlNGUvMjU5YzRmYjI1YzYwNDgyNGQyMTRjZjdjYmU1ODhlYWI0MzNhNTY5
MS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQf
MB0wDAQCAAEwBgMEAi3hWDANBAIAAjAHAwUAKAPmIDANBgkqhkiG9w0BAQsFAAOC
AQEAekhrfdK3FTMoVFpqZXjuxWOceBcFlrTAoOOhQfuWcDrWZ7pBuooWGOnBSvga
JW/HUgBXwokATS4Es51Hkxnt2ru/taUR7hdjpDkdDa3Q47U3xByW5M6yocHNEOu0
zFG3EQ4OWO8GEFH78Ef60XNbDCuKhqMSjHkaWOBaY6tqp+qSMMkENxOIcMdUH/LL
4bTSCnYnuYKyodAF4klaZYTYEg5x9Ois79CKK/hdRTcC/8jHInVe5H6euyXXqGJB
73EkklW4LXOaYfQVqDospj6LQXKYdtKgLwnkPhL8SkULBjKNvJyEZaOKSXtFt1vP
EwSiZcAtYU8rtov6fP7ypg3fuw==
-----END CERTIFICATE-----
Generated at Fri Mar 1 16:44:50 2024 by rpki-client on console-ams.rpki-client.org