Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/3111c8fc-9f5a-4cbd-af4d-f75e816d868b/63fc60848f557080f751f99352034c33d60bd1d1.roa
File:                     63fc60848f557080f751f99352034c33d60bd1d1.roa (raw, json)
Hash identifier:          RVZpN68rsMJim/BY1O5rYVsxlV1SXh6Rzt9h79vqWT4=
Subject key identifier:   CD:19:EC:07:B6:DA:72:91:3E:55:63:F7:6E:57:48:C4:AC:89:9B:05
Certificate issuer:       /CN=98ed72dea7a8aa7184e7d6198a0c657cfa9458fb
Certificate serial:       100F31
Authority key identifier: EF:BA:9A:1B:CE:DD:C3:BE:B9:A3:F5:8D:37:F8:C3:2C:41:4E:03:2C
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/98ed72dea7a8aa7184e7d6198a0c657cfa9458fb.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/3111c8fc-9f5a-4cbd-af4d-f75e816d868b/63fc60848f557080f751f99352034c33d60bd1d1.roa
Signing time:             Thu 09 Jun 2022 22:52:48 +0000
ROA not before:           Thu 09 Jun 2022 03:00:00 +0000
ROA not after:            Sun 09 Jun 2024 03:00:00 +0000
asID:                     269874
IP address blocks:        45.189.184.0/22 maxlen: 24
                          2803:68e0::/32 maxlen: 32

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/3111c8fc-9f5a-4cbd-af4d-f75e816d868b/98ed72dea7a8aa7184e7d6198a0c657cfa9458fb.crl
                          rsync://repository.lacnic.net/rpki/lacnic/3111c8fc-9f5a-4cbd-af4d-f75e816d868b/98ed72dea7a8aa7184e7d6198a0c657cfa9458fb.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/98ed72dea7a8aa7184e7d6198a0c657cfa9458fb.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 03:49:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1052465 (0x100f31)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=98ed72dea7a8aa7184e7d6198a0c657cfa9458fb
        Validity
            Not Before: Jun  9 03:00:00 2022 GMT
            Not After : Jun  9 03:00:00 2024 GMT
        Subject: CN=63fc60848f557080f751f99352034c33d60bd1d1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:5a:4f:49:84:d1:5a:e8:69:47:a9:3f:bc:0a:
                    21:fb:0c:3a:e0:d9:da:d0:dc:d2:1b:68:46:9f:75:
                    ca:f9:d6:98:a6:ca:19:b0:ee:88:c8:5f:e6:2a:a6:
                    92:e2:58:85:19:8d:22:84:b8:0f:28:79:b8:7e:70:
                    79:8a:09:a0:66:8b:d3:fb:d9:6c:cc:74:6e:77:e9:
                    c2:55:2c:e4:d0:81:40:bd:d4:99:48:47:b4:73:9a:
                    ed:b9:12:70:63:c9:8d:d8:71:a8:97:e6:2d:ca:cf:
                    b0:83:18:97:30:22:ad:22:80:b9:30:52:f7:40:00:
                    f9:07:39:28:27:5f:a6:4b:87:a3:77:ac:cd:81:e7:
                    a0:11:35:8b:83:25:b7:e0:9d:94:e1:0e:50:98:1a:
                    c2:3d:f7:ec:8d:12:cb:9f:32:a6:e2:72:2c:e5:48:
                    e8:cf:40:4e:cf:b0:d2:4b:44:5c:9e:af:3f:b3:09:
                    43:24:9b:f9:dd:2c:06:84:43:b5:a8:a8:3c:08:42:
                    aa:a5:9b:e2:6d:96:a9:1f:f6:65:ad:98:40:de:7b:
                    72:35:f5:26:b4:5a:d3:5a:19:5b:cd:67:43:95:f9:
                    c7:86:dc:09:a6:82:dd:85:70:cc:fc:f0:ce:25:7a:
                    43:e2:f0:d7:4a:ac:94:9a:23:49:36:f4:24:26:ea:
                    1a:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CD:19:EC:07:B6:DA:72:91:3E:55:63:F7:6E:57:48:C4:AC:89:9B:05
            X509v3 Authority Key Identifier:
                keyid:EF:BA:9A:1B:CE:DD:C3:BE:B9:A3:F5:8D:37:F8:C3:2C:41:4E:03:2C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/98ed72dea7a8aa7184e7d6198a0c657cfa9458fb.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/3111c8fc-9f5a-4cbd-af4d-f75e816d868b/63fc60848f557080f751f99352034c33d60bd1d1.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/3111c8fc-9f5a-4cbd-af4d-f75e816d868b/98ed72dea7a8aa7184e7d6198a0c657cfa9458fb.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.189.184.0/22
                IPv6:
                  2803:68e0::/32

    Signature Algorithm: sha256WithRSAEncryption
         c2:60:b1:a2:97:78:9e:09:d2:6a:43:11:54:46:d7:c7:90:a0:
         16:6c:94:96:09:4a:32:20:3e:46:93:95:cc:cb:05:07:ce:0b:
         45:90:04:57:ec:7a:d2:17:7c:3f:c0:b5:93:0c:86:65:ae:dd:
         2b:6f:8d:33:d6:f6:1d:f5:91:2b:49:58:02:f8:9c:d5:c4:87:
         d4:67:10:e6:11:e1:3f:7e:62:55:d2:31:34:0e:d1:19:3c:20:
         fe:fa:67:f2:93:8c:d7:67:cc:c4:c3:45:86:c3:d1:99:8b:99:
         0b:27:6c:97:ab:b5:36:64:94:ce:51:38:6d:aa:27:5e:60:d4:
         fe:b5:6c:ab:86:59:5f:e1:34:42:b5:24:d7:b7:dd:2c:db:ae:
         70:ca:73:4b:56:b9:79:c8:92:09:e2:4a:60:a0:76:6a:cd:75:
         ce:a5:62:8b:59:2a:3d:a6:97:50:c7:85:d2:6e:e1:2c:88:7e:
         e6:65:4c:59:05:33:76:b2:bd:ab:6e:d9:ff:11:79:12:15:69:
         45:15:4c:fc:15:ac:3c:34:aa:c9:bb:c3:2c:34:0e:50:cc:a8:
         3e:56:dd:3d:f1:df:11:11:5d:32:cc:f9:6a:10:e8:9d:de:29:
         44:96:6a:9e:77:b0:cd:25:ac:a8:2b:6b:b5:17:0f:0b:86:14:
         04:5f:98:2e
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgIDEA8xMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDk4
ZWQ3MmRlYTdhOGFhNzE4NGU3ZDYxOThhMGM2NTdjZmE5NDU4ZmIwHhcNMjIwNjA5
MDMwMDAwWhcNMjQwNjA5MDMwMDAwWjAzMTEwLwYDVQQDEyg2M2ZjNjA4NDhmNTU3
MDgwZjc1MWY5OTM1MjAzNGMzM2Q2MGJkMWQxMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAiVpPSYTRWuhpR6k/vAoh+ww64Nna0NzSG2hGn3XK+daYpsoZ
sO6IyF/mKqaS4liFGY0ihLgPKHm4fnB5igmgZovT+9lszHRud+nCVSzk0IFAvdSZ
SEe0c5rtuRJwY8mN2HGol+Ytys+wgxiXMCKtIoC5MFL3QAD5BzkoJ1+mS4ejd6zN
geegETWLgyW34J2U4Q5QmBrCPffsjRLLnzKm4nIs5Ujoz0BOz7DSS0Rcnq8/swlD
JJv53SwGhEO1qKg8CEKqpZvibZapH/ZlrZhA3ntyNfUmtFrTWhlbzWdDlfnHhtwJ
poLdhXDM/PDOJXpD4vDXSqyUmiNJNvQkJuoakQIDAQABo4ICajCCAmYwHQYDVR0O
BBYEFM0Z7Ae22nKRPlVj925XSMSsiZsFMB8GA1UdIwQYMBaAFO+6mhvO3cO+uaP1
jTf4wyxBTgMsMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvOThlZDcy
ZGVhN2E4YWE3MTg0ZTdkNjE5OGEwYzY1N2NmYTk0NThmYi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMzExMWM4ZmMtOWY1YS00Y2JkLWFmNGQtZjc1ZTgx
NmQ4NjhiLzYzZmM2MDg0OGY1NTcwODBmNzUxZjk5MzUyMDM0YzMzZDYwYmQxZDEu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8zMTExYzhmYy05ZjVhLTRjYmQtYWY0ZC1mNzVl
ODE2ZDg2OGIvOThlZDcyZGVhN2E4YWE3MTg0ZTdkNjE5OGEwYzY1N2NmYTk0NThm
Yi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQf
MB0wDAQCAAEwBgMEAi29uDANBAIAAjAHAwUAKANo4DANBgkqhkiG9w0BAQsFAAOC
AQEAwmCxopd4ngnSakMRVEbXx5CgFmyUlglKMiA+RpOVzMsFB84LRZAEV+x60hd8
P8C1kwyGZa7dK2+NM9b2HfWRK0lYAvic1cSH1GcQ5hHhP35iVdIxNA7RGTwg/vpn
8pOM12fMxMNFhsPRmYuZCydsl6u1NmSUzlE4baonXmDU/rVsq4ZZX+E0QrUk17fd
LNuucMpzS1a5eciSCeJKYKB2as11zqVii1kqPaaXUMeF0m7hLIh+5mVMWQUzdrK9
q27Z/xF5EhVpRRVM/BWsPDSqybvDLDQOUMyoPlbdPfHfERFdMsz5ahDond4pRJZq
nnewzSWsqCtrtRcPC4YUBF+YLg==
-----END CERTIFICATE-----
Generated at Thu Mar 28 04:37:39 2024 by rpki-client on console-fra.rpki-client.org