Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/334cdd23-fcf6-407c-ace2-f3a211f3ca81/9033412c7540a10b527acb09cccea410cd948e6e.roa
File:                     9033412c7540a10b527acb09cccea410cd948e6e.roa (raw, json)
Hash identifier:          CUrRyTJnIaMwvw3lI2903oU5m4Tvl2cyc2HrFsHcCfM=
Subject key identifier:   B8:EB:D6:B7:70:E9:BE:EE:E5:CE:DD:EA:AC:55:D9:37:CD:B9:85:46
Certificate issuer:       /CN=4b8b57b22334a0b12bef09679148c1c681fc8149
Certificate serial:       1BD0D6
Authority key identifier: 97:A7:0D:2F:FD:B3:3C:24:7D:48:B4:2E:CB:CF:94:D5:41:EE:E2:51
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/4b8b57b22334a0b12bef09679148c1c681fc8149.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/334cdd23-fcf6-407c-ace2-f3a211f3ca81/9033412c7540a10b527acb09cccea410cd948e6e.roa
Signing time:             Mon 17 Oct 2022 12:23:55 +0000
ROA not before:           Mon 22 Mar 2021 14:29:33 +0000
ROA not after:            Tue 24 Mar 2026 14:29:33 +0000
asID:                     266685
IP address blocks:        45.228.16.0/22 maxlen: 22
                          2803:a520::/32 maxlen: 32

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/334cdd23-fcf6-407c-ace2-f3a211f3ca81/4b8b57b22334a0b12bef09679148c1c681fc8149.crl
                          rsync://repository.lacnic.net/rpki/lacnic/334cdd23-fcf6-407c-ace2-f3a211f3ca81/4b8b57b22334a0b12bef09679148c1c681fc8149.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/4b8b57b22334a0b12bef09679148c1c681fc8149.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 02:49:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1822934 (0x1bd0d6)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4b8b57b22334a0b12bef09679148c1c681fc8149
        Validity
            Not Before: Mar 22 14:29:33 2021 GMT
            Not After : Mar 24 14:29:33 2026 GMT
        Subject: CN=9033412c7540a10b527acb09cccea410cd948e6e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:0a:21:78:99:ff:6d:fa:a3:31:e7:48:1b:06:
                    ab:3f:8c:ff:d2:88:f4:92:c2:5d:41:c6:53:a8:b9:
                    6a:8e:fb:2d:42:99:21:fc:d6:93:6e:57:4e:bb:13:
                    f5:6c:c4:33:60:98:bd:9e:57:60:7a:db:92:3f:32:
                    fb:a2:b3:e9:0c:85:e8:ab:3b:b0:c7:e5:40:a9:14:
                    2d:76:b3:79:03:9f:64:64:08:2e:8d:1c:dc:d7:77:
                    1b:0a:7a:87:46:88:03:1a:a9:94:2e:fe:6e:1e:38:
                    f3:bb:e5:dd:be:ef:97:d4:9e:b1:44:05:f0:0a:f2:
                    d9:89:b2:da:8f:78:bf:c8:c8:34:b3:0a:af:65:48:
                    01:6e:10:ed:a9:d1:88:66:cf:67:da:75:11:bc:5b:
                    1c:39:f3:d9:c4:5f:b5:48:51:eb:ab:ac:15:76:ef:
                    45:44:64:be:c0:8d:1b:ec:92:ea:77:13:89:ed:16:
                    3e:54:75:7e:5b:af:71:da:6d:e3:95:7b:6d:a7:87:
                    f1:ce:a9:22:bd:fd:06:94:6c:0e:55:5d:4b:54:af:
                    18:d6:24:69:a7:c1:b8:a3:5b:e5:ec:38:57:93:e3:
                    62:88:6e:ff:bc:47:1b:31:0f:75:7e:19:6e:06:13:
                    69:fe:0b:ea:4c:5f:d7:ea:b4:eb:c3:9f:49:4a:1d:
                    0e:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B8:EB:D6:B7:70:E9:BE:EE:E5:CE:DD:EA:AC:55:D9:37:CD:B9:85:46
            X509v3 Authority Key Identifier:
                keyid:97:A7:0D:2F:FD:B3:3C:24:7D:48:B4:2E:CB:CF:94:D5:41:EE:E2:51

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/4b8b57b22334a0b12bef09679148c1c681fc8149.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/334cdd23-fcf6-407c-ace2-f3a211f3ca81/9033412c7540a10b527acb09cccea410cd948e6e.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/334cdd23-fcf6-407c-ace2-f3a211f3ca81/4b8b57b22334a0b12bef09679148c1c681fc8149.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.228.16.0/22
                IPv6:
                  2803:a520::/32

    Signature Algorithm: sha256WithRSAEncryption
         7d:a9:a1:ed:cb:1c:9e:ec:45:02:f3:ef:1b:99:c9:e4:1e:47:
         40:05:b3:af:e4:96:3b:60:8e:1c:8d:9c:9f:90:34:68:96:de:
         e8:cc:b3:a0:70:68:95:cf:86:8e:c7:d5:2b:4a:c8:f3:9c:a1:
         2b:24:f2:b9:7f:a5:74:29:7c:8e:da:80:05:56:ac:da:07:09:
         05:bf:37:87:9e:d7:00:bc:50:86:15:3f:58:22:10:85:e1:cb:
         d8:bd:9c:ec:fc:81:d2:e5:6e:da:92:bb:2a:9d:af:cd:d7:37:
         e7:d1:54:d6:e1:e4:e2:18:8b:cf:66:47:00:e2:18:ec:e9:a8:
         40:61:99:53:4f:91:4d:cd:37:41:03:2a:a4:2c:c4:24:73:29:
         ea:9f:bd:f7:c2:d2:04:0f:2f:be:0a:9e:71:0c:06:b7:86:a2:
         1c:ac:60:88:27:48:39:9c:13:a6:73:93:82:91:e7:19:aa:8c:
         5c:dd:61:1f:f0:96:f0:68:10:1c:c5:f5:b2:b9:45:6f:0a:e8:
         26:4a:90:f3:60:f1:33:53:59:d6:b8:af:97:5d:67:d0:44:55:
         39:4d:ec:f4:58:be:f4:b8:11:f2:3f:3f:4c:29:e8:5f:ad:33:
         51:4c:6e:4f:31:eb:ec:b1:e0:cf:1c:f4:ec:f0:bb:b1:e0:64:
         e9:80:31:12
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgIDG9DWMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDRi
OGI1N2IyMjMzNGEwYjEyYmVmMDk2NzkxNDhjMWM2ODFmYzgxNDkwHhcNMjEwMzIy
MTQyOTMzWhcNMjYwMzI0MTQyOTMzWjAzMTEwLwYDVQQDEyg5MDMzNDEyYzc1NDBh
MTBiNTI3YWNiMDljY2NlYTQxMGNkOTQ4ZTZlMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAiAoheJn/bfqjMedIGwarP4z/0oj0ksJdQcZTqLlqjvstQpkh
/NaTbldOuxP1bMQzYJi9nldgetuSPzL7orPpDIXoqzuwx+VAqRQtdrN5A59kZAgu
jRzc13cbCnqHRogDGqmULv5uHjjzu+Xdvu+X1J6xRAXwCvLZibLaj3i/yMg0swqv
ZUgBbhDtqdGIZs9n2nURvFscOfPZxF+1SFHrq6wVdu9FRGS+wI0b7JLqdxOJ7RY+
VHV+W69x2m3jlXttp4fxzqkivf0GlGwOVV1LVK8Y1iRpp8G4o1vl7DhXk+NiiG7/
vEcbMQ91fhluBhNp/gvqTF/X6rTrw59JSh0OJQIDAQABo4ICajCCAmYwHQYDVR0O
BBYEFLjr1rdw6b7u5c7d6qxV2TfNuYVGMB8GA1UdIwQYMBaAFJenDS/9szwkfUi0
LsvPlNVB7uJRMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvNGI4YjU3
YjIyMzM0YTBiMTJiZWYwOTY3OTE0OGMxYzY4MWZjODE0OS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMzM0Y2RkMjMtZmNmNi00MDdjLWFjZTItZjNhMjEx
ZjNjYTgxLzkwMzM0MTJjNzU0MGExMGI1MjdhY2IwOWNjY2VhNDEwY2Q5NDhlNmUu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8zMzRjZGQyMy1mY2Y2LTQwN2MtYWNlMi1mM2Ey
MTFmM2NhODEvNGI4YjU3YjIyMzM0YTBiMTJiZWYwOTY3OTE0OGMxYzY4MWZjODE0
OS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQf
MB0wDAQCAAEwBgMEAi3kEDANBAIAAjAHAwUAKAOlIDANBgkqhkiG9w0BAQsFAAOC
AQEAfamh7cscnuxFAvPvG5nJ5B5HQAWzr+SWO2COHI2cn5A0aJbe6MyzoHBolc+G
jsfVK0rI85yhKyTyuX+ldCl8jtqABVas2gcJBb83h57XALxQhhU/WCIQheHL2L2c
7PyB0uVu2pK7Kp2vzdc359FU1uHk4hiLz2ZHAOIY7OmoQGGZU0+RTc03QQMqpCzE
JHMp6p+998LSBA8vvgqecQwGt4aiHKxgiCdIOZwTpnOTgpHnGaqMXN1hH/CW8GgQ
HMX1srlFbwroJkqQ82DxM1NZ1rivl11n0ERVOU3s9Fi+9LgR8j8/TCnoX60zUUxu
TzHr7LHgzxz07PC7seBk6YAxEg==
-----END CERTIFICATE-----
Generated at Thu Mar 28 02:03:01 2024 by rpki-client on console-ams.rpki-client.org