Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/394fcefe-81c9-4a07-a0f0-f8010152a20e/60e9dfcc5ed2ab7848143aa28b86e7d69fb347b4.roa
File:                     60e9dfcc5ed2ab7848143aa28b86e7d69fb347b4.roa (raw, json)
Hash identifier:          3dvj1gmJ6eBSXkGxW/WaFbNL9FDTcPNT/xZsX0kTCkk=
Subject key identifier:   3B:C8:F4:0A:94:83:9E:79:37:9E:AF:88:E7:54:AE:A8:99:8F:39:F7
Certificate issuer:       /CN=73d8c5c151d3d4813127482165f2c6714ba65d28
Certificate serial:       0BCA50
Authority key identifier: 5B:7F:32:5B:51:42:36:74:70:E0:B4:6A:17:51:09:64:FA:E5:8B:A2
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/73d8c5c151d3d4813127482165f2c6714ba65d28.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/394fcefe-81c9-4a07-a0f0-f8010152a20e/60e9dfcc5ed2ab7848143aa28b86e7d69fb347b4.roa
Signing time:             Wed 24 Mar 2021 14:47:05 +0000
ROA not before:           Wed 24 Mar 2021 14:47:04 +0000
ROA not after:            Tue 24 Mar 2026 14:47:04 +0000
asID:                     27781
IP address blocks:        201.220.0.0/20 maxlen: 24
                          2800:280::/32 maxlen: 64

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/394fcefe-81c9-4a07-a0f0-f8010152a20e/73d8c5c151d3d4813127482165f2c6714ba65d28.crl
                          rsync://repository.lacnic.net/rpki/lacnic/394fcefe-81c9-4a07-a0f0-f8010152a20e/73d8c5c151d3d4813127482165f2c6714ba65d28.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/73d8c5c151d3d4813127482165f2c6714ba65d28.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 03:49:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 772688 (0xbca50)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=73d8c5c151d3d4813127482165f2c6714ba65d28
        Validity
            Not Before: Mar 24 14:47:04 2021 GMT
            Not After : Mar 24 14:47:04 2026 GMT
        Subject: CN=60e9dfcc5ed2ab7848143aa28b86e7d69fb347b4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:db:12:54:cc:75:e6:5f:27:01:72:d4:f6:58:
                    db:34:99:76:bc:2b:b6:a8:f5:e6:0a:56:a0:40:41:
                    bf:82:33:19:75:f7:6a:37:99:b3:3c:a3:eb:4c:f8:
                    9a:1e:d2:83:6e:ed:ea:dc:70:7f:5c:ca:e1:85:af:
                    37:48:b8:b5:b6:d5:4f:96:61:39:c6:c1:04:12:f2:
                    2e:d7:ac:e6:0c:e6:33:16:6d:19:f1:7b:0e:4b:7c:
                    2b:d3:f1:98:67:f3:99:be:b1:6b:7a:f0:f9:e4:37:
                    58:9b:d3:93:36:61:5d:fe:cd:63:8d:20:59:4c:18:
                    f4:6b:e2:56:98:3e:9e:b5:d3:1f:18:41:4d:05:4c:
                    53:e2:b9:e6:32:24:32:38:22:2b:c6:fd:41:1c:82:
                    0e:09:15:fd:08:84:ce:b1:f0:0e:6e:41:f4:26:bb:
                    89:40:4c:40:b0:ba:39:3d:20:5b:fb:86:fb:92:10:
                    8a:d5:71:91:45:09:42:db:cc:71:2e:5d:e6:5b:ba:
                    0e:93:23:87:07:34:60:c5:7f:c8:48:75:c5:46:8b:
                    d5:70:f9:5c:96:55:76:cf:8b:04:42:5f:73:af:cf:
                    2a:c7:f0:16:ae:1f:f9:c4:80:eb:5d:21:1d:5f:4d:
                    7f:e8:1d:69:da:71:f1:e9:9e:dc:14:6e:13:b5:0f:
                    db:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3B:C8:F4:0A:94:83:9E:79:37:9E:AF:88:E7:54:AE:A8:99:8F:39:F7
            X509v3 Authority Key Identifier:
                keyid:5B:7F:32:5B:51:42:36:74:70:E0:B4:6A:17:51:09:64:FA:E5:8B:A2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/73d8c5c151d3d4813127482165f2c6714ba65d28.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/394fcefe-81c9-4a07-a0f0-f8010152a20e/60e9dfcc5ed2ab7848143aa28b86e7d69fb347b4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/394fcefe-81c9-4a07-a0f0-f8010152a20e/73d8c5c151d3d4813127482165f2c6714ba65d28.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  201.220.0.0/20
                IPv6:
                  2800:280::/32

    Signature Algorithm: sha256WithRSAEncryption
         01:34:80:f1:9a:76:0d:90:84:4b:ce:cb:1e:eb:51:1c:8d:e1:
         9d:8e:71:88:d9:44:8d:3c:02:1b:eb:98:ac:ac:c4:37:05:90:
         8c:8c:bc:4d:70:0b:a0:1e:10:b8:b3:64:f6:37:c2:2f:4d:a9:
         94:4d:47:34:68:18:4a:10:c6:bf:cc:42:25:40:10:0d:e1:bd:
         0f:83:a5:26:85:4b:5a:63:39:bb:b8:89:e7:38:14:a1:03:54:
         84:96:bb:f0:51:61:e1:9b:19:ad:47:73:57:5f:5b:8f:dd:ed:
         5f:3b:54:c6:3c:8c:3a:a2:f6:cc:0e:ed:0f:47:27:0c:12:d6:
         3a:cf:cc:9b:43:52:02:10:a6:1a:2b:2f:35:d0:08:cb:18:5b:
         cb:62:c3:1c:b5:17:b9:5d:18:9b:e7:64:3b:6b:39:04:bb:fe:
         83:6f:ce:74:3e:85:34:c7:47:ee:2d:63:be:d6:d1:70:b5:75:
         29:c2:72:c9:04:fc:2a:f7:77:d3:c4:fc:1b:ce:ec:16:14:e6:
         f3:00:2d:ef:0b:1c:94:05:93:58:e8:7a:ac:50:67:54:c0:15:
         60:10:73:dc:b9:79:e8:6d:68:3e:40:b8:1b:9b:dd:11:ba:59:
         03:a0:79:bc:1a:72:b5:c6:31:bf:fe:30:c3:b4:25:1b:0e:a8:
         4a:f7:0d:03
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgIDC8pQMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDcz
ZDhjNWMxNTFkM2Q0ODEzMTI3NDgyMTY1ZjJjNjcxNGJhNjVkMjgwHhcNMjEwMzI0
MTQ0NzA0WhcNMjYwMzI0MTQ0NzA0WjAzMTEwLwYDVQQDEyg2MGU5ZGZjYzVlZDJh
Yjc4NDgxNDNhYTI4Yjg2ZTdkNjlmYjM0N2I0MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAjtsSVMx15l8nAXLU9ljbNJl2vCu2qPXmClagQEG/gjMZdfdq
N5mzPKPrTPiaHtKDbu3q3HB/XMrhha83SLi1ttVPlmE5xsEEEvIu16zmDOYzFm0Z
8XsOS3wr0/GYZ/OZvrFrevD55DdYm9OTNmFd/s1jjSBZTBj0a+JWmD6etdMfGEFN
BUxT4rnmMiQyOCIrxv1BHIIOCRX9CITOsfAObkH0JruJQExAsLo5PSBb+4b7khCK
1XGRRQlC28xxLl3mW7oOkyOHBzRgxX/ISHXFRovVcPlcllV2z4sEQl9zr88qx/AW
rh/5xIDrXSEdX01/6B1p2nHx6Z7cFG4TtQ/bgwIDAQABo4ICajCCAmYwHQYDVR0O
BBYEFDvI9AqUg555N56viOdUrqiZjzn3MB8GA1UdIwQYMBaAFFt/MltRQjZ0cOC0
ahdRCWT65YuiMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvNzNkOGM1
YzE1MWQzZDQ4MTMxMjc0ODIxNjVmMmM2NzE0YmE2NWQyOC5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMzk0ZmNlZmUtODFjOS00YTA3LWEwZjAtZjgwMTAx
NTJhMjBlLzYwZTlkZmNjNWVkMmFiNzg0ODE0M2FhMjhiODZlN2Q2OWZiMzQ3YjQu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8zOTRmY2VmZS04MWM5LTRhMDctYTBmMC1mODAx
MDE1MmEyMGUvNzNkOGM1YzE1MWQzZDQ4MTMxMjc0ODIxNjVmMmM2NzE0YmE2NWQy
OC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQf
MB0wDAQCAAEwBgMEBMncADANBAIAAjAHAwUAKAACgDANBgkqhkiG9w0BAQsFAAOC
AQEAATSA8Zp2DZCES87LHutRHI3hnY5xiNlEjTwCG+uYrKzENwWQjIy8TXALoB4Q
uLNk9jfCL02plE1HNGgYShDGv8xCJUAQDeG9D4OlJoVLWmM5u7iJ5zgUoQNUhJa7
8FFh4ZsZrUdzV19bj93tXztUxjyMOqL2zA7tD0cnDBLWOs/Mm0NSAhCmGisvNdAI
yxhby2LDHLUXuV0Ym+dkO2s5BLv+g2/OdD6FNMdH7i1jvtbRcLV1KcJyyQT8Kvd3
08T8G87sFhTm8wAt7wsclAWTWOh6rFBnVMAVYBBz3Ll56G1oPkC4G5vdEbpZA6B5
vBpytcYxv/4ww7QlGw6oSvcNAw==
-----END CERTIFICATE-----
Generated at Thu Mar 28 08:10:57 2024 by rpki-client on console-ams.rpki-client.org