Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/350b06c7-448f-4125-80cb-fc0d869542d0/aabdc178595de1cdb7bdc7e55e4e7a7ce4651d6e.roa
File:                     aabdc178595de1cdb7bdc7e55e4e7a7ce4651d6e.roa (raw, json)
Hash identifier:          owUf9Jd7ASOiBxSQnsP90ny3H2rOSeSG73sZG7DZC7s=
Subject key identifier:   C4:52:3B:CD:E3:3D:90:99:DA:74:0D:12:1C:09:BE:53:0C:EF:0F:E4
Certificate issuer:       /CN=ca57033023e73c5b1a524aa43f058bd1ed72d47f
Certificate serial:       0DC840
Authority key identifier: 96:5B:C5:F5:C2:25:AD:63:AB:03:78:DF:22:AF:94:19:43:DB:B9:E6
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ca57033023e73c5b1a524aa43f058bd1ed72d47f.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/350b06c7-448f-4125-80cb-fc0d869542d0/aabdc178595de1cdb7bdc7e55e4e7a7ce4651d6e.roa
Signing time:             Wed 24 Mar 2021 14:37:03 +0000
ROA not before:           Wed 24 Mar 2021 14:37:01 +0000
ROA not after:            Tue 24 Mar 2026 14:37:01 +0000
asID:                     262197
IP address blocks:        131.108.36.0/22 maxlen: 22
                          186.4.0.0/18 maxlen: 18
                          186.32.0.0/18 maxlen: 18
                          186.32.160.0/19 maxlen: 19
                          186.32.192.0/19 maxlen: 19
                          186.176.0.0/17 maxlen: 17
                          186.176.128.0/17 maxlen: 17
                          186.177.0.0/17 maxlen: 17
                          186.177.128.0/18 maxlen: 18
                          2800:860::/32 maxlen: 32

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/350b06c7-448f-4125-80cb-fc0d869542d0/ca57033023e73c5b1a524aa43f058bd1ed72d47f.crl
                          rsync://repository.lacnic.net/rpki/lacnic/350b06c7-448f-4125-80cb-fc0d869542d0/ca57033023e73c5b1a524aa43f058bd1ed72d47f.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ca57033023e73c5b1a524aa43f058bd1ed72d47f.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 19:38:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 903232 (0xdc840)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ca57033023e73c5b1a524aa43f058bd1ed72d47f
        Validity
            Not Before: Mar 24 14:37:01 2021 GMT
            Not After : Mar 24 14:37:01 2026 GMT
        Subject: CN=aabdc178595de1cdb7bdc7e55e4e7a7ce4651d6e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:a2:9f:59:72:d1:54:cb:94:da:12:af:1e:21:
                    79:1a:f5:83:ba:8c:ce:f7:60:1b:1c:21:2b:24:b9:
                    46:ac:65:f7:c0:7b:79:61:b6:09:37:8e:66:ee:5a:
                    6c:8b:50:96:3c:bc:39:da:7b:82:90:c2:47:75:be:
                    b7:6a:94:37:da:47:99:89:94:d6:82:e2:59:78:f0:
                    3a:bd:2b:86:d9:3b:01:18:3e:ba:13:2f:19:16:fa:
                    5a:52:c6:bf:73:c7:17:29:6a:1c:92:e4:92:f8:98:
                    96:00:ad:88:75:5d:ce:ac:50:43:c3:e7:b1:3d:a6:
                    e2:9d:ef:a0:0a:f4:6b:5e:4e:af:1b:16:ed:19:61:
                    aa:1e:53:53:e9:8a:ed:79:3b:52:d4:4d:32:1f:75:
                    36:56:fc:e3:5a:fb:ef:58:98:5d:d2:bd:13:19:ab:
                    5d:0a:0c:7a:f2:98:16:a1:eb:7e:96:70:6d:12:3d:
                    a0:0c:40:ee:37:eb:e4:c3:da:5c:fd:1d:b0:56:4f:
                    35:09:77:9b:5e:90:85:3a:3e:de:05:8a:42:05:27:
                    d1:30:57:a6:1d:40:bd:d7:24:12:0f:a1:20:94:82:
                    27:b2:96:f7:bb:65:e3:cc:58:a8:9a:0f:89:4c:45:
                    34:b4:1f:7b:25:89:77:2a:5a:fe:73:28:c7:2d:ee:
                    68:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C4:52:3B:CD:E3:3D:90:99:DA:74:0D:12:1C:09:BE:53:0C:EF:0F:E4
            X509v3 Authority Key Identifier:
                keyid:96:5B:C5:F5:C2:25:AD:63:AB:03:78:DF:22:AF:94:19:43:DB:B9:E6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ca57033023e73c5b1a524aa43f058bd1ed72d47f.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/350b06c7-448f-4125-80cb-fc0d869542d0/aabdc178595de1cdb7bdc7e55e4e7a7ce4651d6e.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/350b06c7-448f-4125-80cb-fc0d869542d0/ca57033023e73c5b1a524aa43f058bd1ed72d47f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  131.108.36.0/22
                  186.4.0.0/18
                  186.32.0.0/18
                  186.32.160.0-186.32.223.255
                  186.176.0.0-186.177.191.255
                IPv6:
                  2800:860::/32

    Signature Algorithm: sha256WithRSAEncryption
         c9:c0:8c:fa:f1:d0:16:fc:26:f7:60:7a:9d:15:97:78:9a:99:
         3a:08:3b:17:7b:85:2e:90:14:67:cc:b2:10:76:41:ac:2a:ee:
         33:57:fa:68:b2:1a:70:91:fe:6b:50:56:e1:00:39:8b:be:54:
         4e:0d:c4:bf:62:3b:cf:82:df:25:07:7e:05:1a:57:d5:22:28:
         00:ea:d2:13:25:f4:fb:e2:cb:ac:67:f3:a1:a8:26:27:60:cb:
         ba:c0:9a:4c:45:50:f1:31:4b:f7:14:e9:9a:19:89:b9:26:e4:
         22:09:08:c9:74:9b:18:a5:d7:0a:fb:00:41:3c:fc:2d:bc:98:
         b8:6c:1c:80:b0:ca:6e:90:e9:58:91:66:41:dd:86:25:0c:bd:
         ac:b0:2a:10:10:51:36:cc:22:a9:34:ba:2d:0a:0a:4b:84:28:
         3a:ee:e6:5b:dd:b1:0f:ff:fa:56:18:97:d3:9c:b2:52:a3:54:
         a6:a2:71:61:d2:83:91:cd:7b:2e:28:aa:93:c4:cd:9b:2f:f3:
         76:e3:f7:74:32:20:02:74:b3:a2:b8:37:ec:5c:95:6a:47:82:
         85:7a:95:74:97:be:29:95:9e:5c:20:ce:d8:75:b6:7e:bd:ea:
         ef:35:84:22:b9:4b:fd:8d:38:97:dc:b7:37:22:57:f0:38:84:
         fe:e7:b9:bd
-----BEGIN CERTIFICATE-----
MIIFdjCCBF6gAwIBAgIDDchAMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGNh
NTcwMzMwMjNlNzNjNWIxYTUyNGFhNDNmMDU4YmQxZWQ3MmQ0N2YwHhcNMjEwMzI0
MTQzNzAxWhcNMjYwMzI0MTQzNzAxWjAzMTEwLwYDVQQDEyhhYWJkYzE3ODU5NWRl
MWNkYjdiZGM3ZTU1ZTRlN2E3Y2U0NjUxZDZlMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAqaKfWXLRVMuU2hKvHiF5GvWDuozO92AbHCErJLlGrGX3wHt5
YbYJN45m7lpsi1CWPLw52nuCkMJHdb63apQ32keZiZTWguJZePA6vSuG2TsBGD66
Ey8ZFvpaUsa/c8cXKWockuSS+JiWAK2IdV3OrFBDw+exPabine+gCvRrXk6vGxbt
GWGqHlNT6YrteTtS1E0yH3U2VvzjWvvvWJhd0r0TGatdCgx68pgWoet+lnBtEj2g
DEDuN+vkw9pc/R2wVk81CXebXpCFOj7eBYpCBSfRMFemHUC91yQSD6EglIInspb3
u2XjzFiomg+JTEU0tB97JYl3Klr+cyjHLe5o6wIDAQABo4ICkTCCAo0wHQYDVR0O
BBYEFMRSO83jPZCZ2nQNEhwJvlMM7w/kMB8GA1UdIwQYMBaAFJZbxfXCJa1jqwN4
3yKvlBlD27nmMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvY2E1NzAz
MzAyM2U3M2M1YjFhNTI0YWE0M2YwNThiZDFlZDcyZDQ3Zi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMzUwYjA2YzctNDQ4Zi00MTI1LTgwY2ItZmMwZDg2
OTU0MmQwL2FhYmRjMTc4NTk1ZGUxY2RiN2JkYzdlNTVlNGU3YTdjZTQ2NTFkNmUu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8zNTBiMDZjNy00NDhmLTQxMjUtODBjYi1mYzBk
ODY5NTQyZDAvY2E1NzAzMzAyM2U3M2M1YjFhNTI0YWE0M2YwNThiZDFlZDcyZDQ3
Zi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBVBggrBgEFBQcBBwEB/wRG
MEQwMwQCAAEwLQMEAoNsJAMEBroEAAMEBrogADAMAwQFuiCgAwQFuiDAMAsDAwS6
sAMEBrqxgDANBAIAAjAHAwUAKAAIYDANBgkqhkiG9w0BAQsFAAOCAQEAycCM+vHQ
Fvwm92B6nRWXeJqZOgg7F3uFLpAUZ8yyEHZBrCruM1f6aLIacJH+a1BW4QA5i75U
Tg3Ev2I7z4LfJQd+BRpX1SIoAOrSEyX0++LLrGfzoagmJ2DLusCaTEVQ8TFL9xTp
mhmJuSbkIgkIyXSbGKXXCvsAQTz8LbyYuGwcgLDKbpDpWJFmQd2GJQy9rLAqEBBR
NswiqTS6LQoKS4QoOu7mW92xD//6VhiX05yyUqNUpqJxYdKDkc17Liiqk8TNmy/z
duP3dDIgAnSzorg37FyVakeChXqVdJe+KZWeXCDO2HW2fr3q7zWEIrlL/Y04l9y3
NyJX8DiE/ue5vQ==
-----END CERTIFICATE-----
Generated at Fri Mar 29 02:32:06 2024 by rpki-client on console-fra.rpki-client.org