Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/338af84c-2399-49a6-8ac1-a3335d5de813/cf297c52c9508c63b8a1bace5d4dbddaafc36bbf.roa
File:                     cf297c52c9508c63b8a1bace5d4dbddaafc36bbf.roa (raw, json)
Hash identifier:          bbgIL4Cq8t7XEATRjUg8XxMvU5CTx6IcvM/3wN00zU8=
Subject key identifier:   46:65:88:EA:A1:BA:9F:62:9A:E0:81:85:DA:30:10:2A:AE:76:5F:D9
Certificate issuer:       /CN=8864966ee9b1969ff07e2beb8bb4f6c083ced70d
Certificate serial:       2CAC
Authority key identifier: D5:40:B7:6A:AB:B4:BB:00:4E:24:7F:15:42:7E:3A:63:33:4C:B9:95
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/8864966ee9b1969ff07e2beb8bb4f6c083ced70d.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/338af84c-2399-49a6-8ac1-a3335d5de813/cf297c52c9508c63b8a1bace5d4dbddaafc36bbf.roa
Signing time:             Thu 25 Mar 2021 01:14:12 +0000
ROA not before:           Wed 24 Mar 2021 03:00:00 +0000
ROA not after:            Tue 24 Mar 2026 03:00:00 +0000
asID:                     267686
IP address blocks:        45.163.140.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/338af84c-2399-49a6-8ac1-a3335d5de813/8864966ee9b1969ff07e2beb8bb4f6c083ced70d.crl
                          rsync://repository.lacnic.net/rpki/lacnic/338af84c-2399-49a6-8ac1-a3335d5de813/8864966ee9b1969ff07e2beb8bb4f6c083ced70d.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/8864966ee9b1969ff07e2beb8bb4f6c083ced70d.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 01 Apr 2024 05:58:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 11436 (0x2cac)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8864966ee9b1969ff07e2beb8bb4f6c083ced70d
        Validity
            Not Before: Mar 24 03:00:00 2021 GMT
            Not After : Mar 24 03:00:00 2026 GMT
        Subject: CN=cf297c52c9508c63b8a1bace5d4dbddaafc36bbf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:24:3d:15:4e:02:e9:16:2d:08:81:0a:08:b7:
                    a0:76:82:ab:78:67:da:a4:bf:c3:4f:41:1e:f4:48:
                    fb:67:3c:1d:68:4e:70:55:41:d4:e4:91:26:63:7d:
                    84:6c:1c:20:70:e6:d0:13:60:03:68:e7:a9:d7:c8:
                    3a:c0:6f:1b:23:73:0f:da:a6:7f:b2:7a:39:3f:42:
                    7d:fc:c7:52:00:ae:2d:2e:65:68:8d:53:ae:4f:0c:
                    b6:69:43:3f:85:5e:4c:e8:10:69:e7:16:62:3d:da:
                    10:00:ea:da:7e:29:d8:a9:ca:e8:31:0f:9b:68:83:
                    a0:86:b3:2a:ff:83:3e:f6:8c:f4:3f:a0:d2:a4:a2:
                    9b:9c:b2:71:58:99:a8:a8:24:83:c7:80:b6:82:1a:
                    59:0f:e5:05:01:8b:2f:7b:7d:07:34:57:b7:c9:f7:
                    77:4a:5b:93:6a:9e:dc:14:8f:a5:bd:41:24:61:a6:
                    8d:44:64:5a:b5:e8:d7:f1:76:c0:a0:69:e4:87:85:
                    ff:63:a5:20:8d:c1:f6:5b:28:cb:40:e1:b2:d2:fd:
                    82:47:3a:38:a5:55:13:0a:d9:69:3e:61:01:22:ae:
                    cd:20:21:5f:96:44:ef:4f:a0:9c:a2:4d:87:ee:d3:
                    a8:78:c7:34:9c:7b:73:b9:e5:07:74:b7:8c:ac:74:
                    d2:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                46:65:88:EA:A1:BA:9F:62:9A:E0:81:85:DA:30:10:2A:AE:76:5F:D9
            X509v3 Authority Key Identifier:
                keyid:D5:40:B7:6A:AB:B4:BB:00:4E:24:7F:15:42:7E:3A:63:33:4C:B9:95

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/8864966ee9b1969ff07e2beb8bb4f6c083ced70d.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/338af84c-2399-49a6-8ac1-a3335d5de813/cf297c52c9508c63b8a1bace5d4dbddaafc36bbf.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/338af84c-2399-49a6-8ac1-a3335d5de813/8864966ee9b1969ff07e2beb8bb4f6c083ced70d.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.163.140.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2a:a3:17:0b:8a:e3:08:39:1b:1e:66:7f:da:09:96:a0:05:31:
         01:5c:02:71:06:20:2e:95:15:2d:6c:cc:18:07:60:26:11:1a:
         70:4a:f8:d7:d5:29:30:ba:eb:75:bb:9e:69:2f:14:ad:8a:dd:
         89:00:01:0c:23:db:81:74:4e:f7:be:30:2d:55:5f:0a:ba:6b:
         4c:45:94:d9:1c:a3:e5:e8:dc:af:a6:cf:3a:38:12:9c:a6:ad:
         5e:cc:2a:38:de:41:0d:1b:59:11:6c:d5:4c:fa:61:37:36:f8:
         8d:e7:a5:46:7c:71:32:20:81:17:9f:b8:ea:a1:52:af:10:ee:
         f8:b8:10:9c:e6:11:c3:d0:c1:f4:c4:48:62:1d:c0:43:49:bb:
         c6:e7:ab:38:95:6b:39:de:ba:9b:1d:25:46:3f:6e:ba:45:9e:
         6f:9d:75:ba:61:2b:71:ac:ca:75:bc:bf:cc:27:94:f8:e6:fb:
         0a:52:c4:46:1f:aa:13:09:5d:f6:80:18:8f:5e:99:6e:1d:06:
         19:d0:85:72:49:bf:24:2c:40:c3:7a:29:6f:85:9b:4b:67:15:
         cf:db:c1:e2:08:50:b5:41:81:ff:0e:d9:6d:4d:3f:a5:8c:ec:
         dc:aa:ec:05:ee:42:51:e9:ad:30:82:f9:b2:4c:a9:57:24:27:
         7f:df:4c:55
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgICLKwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODg2
NDk2NmVlOWIxOTY5ZmYwN2UyYmViOGJiNGY2YzA4M2NlZDcwZDAeFw0yMTAzMjQw
MzAwMDBaFw0yNjAzMjQwMzAwMDBaMDMxMTAvBgNVBAMTKGNmMjk3YzUyYzk1MDhj
NjNiOGExYmFjZTVkNGRiZGRhYWZjMzZiYmYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCjJD0VTgLpFi0IgQoIt6B2gqt4Z9qkv8NPQR70SPtnPB1oTnBV
QdTkkSZjfYRsHCBw5tATYANo56nXyDrAbxsjcw/apn+yejk/Qn38x1IAri0uZWiN
U65PDLZpQz+FXkzoEGnnFmI92hAA6tp+KdipyugxD5tog6CGsyr/gz72jPQ/oNKk
opucsnFYmaioJIPHgLaCGlkP5QUBiy97fQc0V7fJ93dKW5NqntwUj6W9QSRhpo1E
ZFq16NfxdsCgaeSHhf9jpSCNwfZbKMtA4bLS/YJHOjilVRMK2Wk+YQEirs0gIV+W
RO9PoJyiTYfu06h4xzSce3O55Qd0t4ysdNJVAgMBAAGjggJbMIICVzAdBgNVHQ4E
FgQURmWI6qG6n2Ka4IGF2jAQKq52X9kwHwYDVR0jBBgwFoAU1UC3aqu0uwBOJH8V
Qn46YzNMuZUwDgYDVR0PAQH/BAQDAgeAMIGaBggrBgEFBQcBAQSBjTCBijCBhwYI
KwYBBQUHMAKGe3JzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jwa2kvbGFj
bmljLzQ4ZjA4M2JiLWY2MDMtNDg5My05OTkwLTAyODRjMDRjZWI4NS84ODY0OTY2
ZWU5YjE5NjlmZjA3ZTJiZWI4YmI0ZjZjMDgzY2VkNzBkLmNlcjCBmgYIKwYBBQUH
AQsEgY0wgYowgYcGCCsGAQUFBzALhntyc3luYzovL3JlcG9zaXRvcnkubGFjbmlj
Lm5ldC9ycGtpL2xhY25pYy8zMzhhZjg0Yy0yMzk5LTQ5YTYtOGFjMS1hMzMzNWQ1
ZGU4MTMvY2YyOTdjNTJjOTUwOGM2M2I4YTFiYWNlNWQ0ZGJkZGFhZmMzNmJiZi5y
b2EwgY8GA1UdHwSBhzCBhDCBgaB/oH2Ge3JzeW5jOi8vcmVwb3NpdG9yeS5sYWNu
aWMubmV0L3Jwa2kvbGFjbmljLzMzOGFmODRjLTIzOTktNDlhNi04YWMxLWEzMzM1
ZDVkZTgxMy84ODY0OTY2ZWU5YjE5NjlmZjA3ZTJiZWI4YmI0ZjZjMDgzY2VkNzBk
LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAw
DjAMBAIAATAGAwQALaOMMA0GCSqGSIb3DQEBCwUAA4IBAQAqoxcLiuMIORseZn/a
CZagBTEBXAJxBiAulRUtbMwYB2AmERpwSvjX1Skwuut1u55pLxStit2JAAEMI9uB
dE73vjAtVV8KumtMRZTZHKPl6Nyvps86OBKcpq1ezCo43kENG1kRbNVM+mE3NviN
56VGfHEyIIEXn7jqoVKvEO74uBCc5hHD0MH0xEhiHcBDSbvG56s4lWs53rqbHSVG
P266RZ5vnXW6YStxrMp1vL/MJ5T45vsKUsRGH6oTCV32gBiPXpluHQYZ0IVySb8k
LEDDeilvhZtLZxXP28HiCFC1QYH/DtltTT+ljOzcquwF7kJR6a0wgvmyTKlXJCd/
30xV
-----END CERTIFICATE-----
Generated at Fri Mar 29 07:30:55 2024 by rpki-client on console-fra.rpki-client.org