Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/3095bbff-551b-48d3-951e-d12adeaffb96/bd24a4e70f495d4edd3cb6f98d182646b4de0487.roa
File:                     bd24a4e70f495d4edd3cb6f98d182646b4de0487.roa (raw, json)
Hash identifier:          jme4ViBmb+ACXYlF1H8jB0oBGfuV1fE2t0mTd8NV2Sc=
Subject key identifier:   E1:6A:B6:E0:AE:7A:6F:54:77:83:2F:06:B1:F9:4A:F5:21:BB:19:C1
Certificate issuer:       /CN=9e0e83f3cebc2aea02f980d61f692a2025c4202e
Certificate serial:       204B3F
Authority key identifier: 56:21:3F:85:55:51:04:38:A8:DF:4D:1E:77:D9:3E:22:D2:C4:09:A5
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/9e0e83f3cebc2aea02f980d61f692a2025c4202e.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/3095bbff-551b-48d3-951e-d12adeaffb96/bd24a4e70f495d4edd3cb6f98d182646b4de0487.roa
Signing time:             Mon 08 May 2023 18:34:16 +0000
ROA not before:           Sun 07 May 2023 18:34:16 +0000
ROA not after:            Thu 08 May 2025 18:34:16 +0000
asID:                     52337
IP address blocks:        131.72.224.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/3095bbff-551b-48d3-951e-d12adeaffb96/9e0e83f3cebc2aea02f980d61f692a2025c4202e.crl
                          rsync://repository.lacnic.net/rpki/lacnic/3095bbff-551b-48d3-951e-d12adeaffb96/9e0e83f3cebc2aea02f980d61f692a2025c4202e.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/9e0e83f3cebc2aea02f980d61f692a2025c4202e.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Tue 05 Mar 2024 04:16:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2116415 (0x204b3f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9e0e83f3cebc2aea02f980d61f692a2025c4202e
        Validity
            Not Before: May  7 18:34:16 2023 GMT
            Not After : May  8 18:34:16 2025 GMT
        Subject: CN=bd24a4e70f495d4edd3cb6f98d182646b4de0487
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:64:e7:9f:9b:d1:92:df:ee:0b:be:e8:aa:f8:
                    62:69:1e:b9:51:6c:d1:77:91:c4:70:95:25:aa:ef:
                    fb:2d:f3:84:a1:60:5f:da:ad:2a:9b:1e:88:db:95:
                    20:ac:2d:8d:0e:94:6c:6d:58:bf:94:c0:91:2a:d2:
                    1f:79:2c:35:34:8e:62:c4:a6:89:45:28:81:c8:d2:
                    66:83:b3:f6:4a:fb:51:12:e0:4b:2a:3e:fe:99:30:
                    0f:a0:69:bc:93:97:e6:b8:2a:74:0b:9c:a9:22:a6:
                    29:e2:28:c2:30:39:4a:e1:96:72:c5:a0:1a:3c:21:
                    51:07:2d:b7:9d:4c:f6:37:f5:9b:92:2e:8d:57:0c:
                    14:a7:1e:be:8b:49:6b:34:53:53:12:73:1f:d2:a3:
                    6f:2e:d0:49:a2:95:36:a5:7e:ee:97:27:90:1d:cb:
                    14:81:bb:f5:89:6a:66:9c:9a:35:e1:ab:4b:39:49:
                    75:2d:67:04:11:76:30:a5:40:73:aa:04:bd:30:7f:
                    7a:ce:13:7d:43:7a:59:15:94:42:c7:7f:5e:53:19:
                    1c:72:ce:ce:b8:51:5f:f2:c1:29:90:3b:16:76:42:
                    b9:fe:f8:1d:40:3a:48:ef:7a:c8:1c:14:e7:fc:9b:
                    94:00:66:06:4d:29:26:4e:a1:68:f4:77:fd:c9:7d:
                    26:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E1:6A:B6:E0:AE:7A:6F:54:77:83:2F:06:B1:F9:4A:F5:21:BB:19:C1
            X509v3 Authority Key Identifier:
                keyid:56:21:3F:85:55:51:04:38:A8:DF:4D:1E:77:D9:3E:22:D2:C4:09:A5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/9e0e83f3cebc2aea02f980d61f692a2025c4202e.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/3095bbff-551b-48d3-951e-d12adeaffb96/bd24a4e70f495d4edd3cb6f98d182646b4de0487.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/3095bbff-551b-48d3-951e-d12adeaffb96/9e0e83f3cebc2aea02f980d61f692a2025c4202e.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  131.72.224.0/22

    Signature Algorithm: sha256WithRSAEncryption
         76:ea:fa:7f:0f:9a:ff:1b:cb:08:65:ff:d5:b0:52:46:82:16:
         c4:26:60:d5:5a:46:70:92:f9:d9:ae:f1:4f:53:0b:36:75:2f:
         b4:98:38:e5:49:e3:70:4a:cf:46:e6:c6:4f:c7:0e:de:83:81:
         5a:ec:ff:b7:03:c8:58:da:7f:61:92:9c:45:b1:60:e2:3d:d4:
         c7:fc:a7:d1:3e:27:02:c8:a0:a5:5f:12:4f:c1:f4:c3:47:2b:
         0b:e9:8b:4a:84:ab:d3:7e:52:5e:3c:c0:0e:4c:40:4c:99:ef:
         64:31:89:77:37:25:0e:60:ef:5d:61:2e:bf:5a:1f:12:bb:f6:
         d3:24:8d:7f:99:da:6b:f8:c3:9e:7f:98:04:8d:7f:94:bb:94:
         d6:c6:fc:3b:53:21:76:1c:c6:32:b8:f4:f0:53:e1:b6:bc:97:
         dd:38:55:20:3b:b9:78:23:f2:46:0a:8c:38:22:0f:69:eb:a8:
         bc:cc:34:a9:f1:6c:65:0b:b3:c6:79:74:3d:42:50:08:32:99:
         34:b0:72:00:b2:24:05:a3:4e:6d:06:4d:6b:48:8d:c0:89:6c:
         09:51:c5:0e:71:c6:58:f4:10:5a:f2:3c:46:7e:31:1a:10:81:
         1e:57:37:53:1d:f8:39:06:da:35:5e:fc:95:ba:18:74:c2:c1:
         75:10:13:7c
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDIEs/MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDll
MGU4M2YzY2ViYzJhZWEwMmY5ODBkNjFmNjkyYTIwMjVjNDIwMmUwHhcNMjMwNTA3
MTgzNDE2WhcNMjUwNTA4MTgzNDE2WjAzMTEwLwYDVQQDEyhiZDI0YTRlNzBmNDk1
ZDRlZGQzY2I2Zjk4ZDE4MjY0NmI0ZGUwNDg3MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAiGTnn5vRkt/uC77oqvhiaR65UWzRd5HEcJUlqu/7LfOEoWBf
2q0qmx6I25UgrC2NDpRsbVi/lMCRKtIfeSw1NI5ixKaJRSiByNJmg7P2SvtREuBL
Kj7+mTAPoGm8k5fmuCp0C5ypIqYp4ijCMDlK4ZZyxaAaPCFRBy23nUz2N/Wbki6N
VwwUpx6+i0lrNFNTEnMf0qNvLtBJopU2pX7ulyeQHcsUgbv1iWpmnJo14atLOUl1
LWcEEXYwpUBzqgS9MH96zhN9Q3pZFZRCx39eUxkccs7OuFFf8sEpkDsWdkK5/vgd
QDpI73rIHBTn/JuUAGYGTSkmTqFo9Hf9yX0mbQIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFOFqtuCuem9Ud4MvBrH5SvUhuxnBMB8GA1UdIwQYMBaAFFYhP4VVUQQ4qN9N
HnfZPiLSxAmlMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvOWUwZTgz
ZjNjZWJjMmFlYTAyZjk4MGQ2MWY2OTJhMjAyNWM0MjAyZS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMzA5NWJiZmYtNTUxYi00OGQzLTk1MWUtZDEyYWRl
YWZmYjk2L2JkMjRhNGU3MGY0OTVkNGVkZDNjYjZmOThkMTgyNjQ2YjRkZTA0ODcu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8zMDk1YmJmZi01NTFiLTQ4ZDMtOTUxZS1kMTJh
ZGVhZmZiOTYvOWUwZTgzZjNjZWJjMmFlYTAyZjk4MGQ2MWY2OTJhMjAyNWM0MjAy
ZS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAoNI4DANBgkqhkiG9w0BAQsFAAOCAQEAdur6fw+a/xvLCGX/
1bBSRoIWxCZg1VpGcJL52a7xT1MLNnUvtJg45UnjcErPRubGT8cO3oOBWuz/twPI
WNp/YZKcRbFg4j3Ux/yn0T4nAsigpV8ST8H0w0crC+mLSoSr035SXjzADkxATJnv
ZDGJdzclDmDvXWEuv1ofErv20ySNf5naa/jDnn+YBI1/lLuU1sb8O1MhdhzGMrj0
8FPhtryX3ThVIDu5eCPyRgqMOCIPaeuovMw0qfFsZQuzxnl0PUJQCDKZNLByALIk
BaNObQZNa0iNwIlsCVHFDnHGWPQQWvI8Rn4xGhCBHlc3Ux34OQbaNV78lboYdMLB
dRATfA==
-----END CERTIFICATE-----
Generated at Sat Mar 2 04:26:56 2024 by rpki-client on console-ams.rpki-client.org