Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/3d3f4333-895e-44f0-b79b-bc82144cff0d/6537261c3087f7af19bd4d7e7bc7ba910946a401.roa
File:                     6537261c3087f7af19bd4d7e7bc7ba910946a401.roa (raw, json)
Hash identifier:          FyYPZO7b4fMDmWCfJbGq9m6Ne9VakzXMMRgV5oqAd9Y=
Subject key identifier:   75:8A:58:71:AA:22:F5:48:2E:67:E0:0A:BC:CC:2D:C3:11:7D:9F:66
Certificate issuer:       /CN=2c51acd36879d6316902d3556f8724f5b58def5e
Certificate serial:       0C8E4F
Authority key identifier: 1B:1D:AD:16:3D:2F:B5:1B:42:C4:DD:E2:73:FD:00:0A:1F:AD:A9:3C
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/2c51acd36879d6316902d3556f8724f5b58def5e.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/3d3f4333-895e-44f0-b79b-bc82144cff0d/6537261c3087f7af19bd4d7e7bc7ba910946a401.roa
Signing time:             Wed 24 Mar 2021 14:32:27 +0000
ROA not before:           Wed 24 Mar 2021 14:32:27 +0000
ROA not after:            Tue 24 Mar 2026 14:32:27 +0000
asID:                     52399
IP address blocks:        45.239.114.0/24 maxlen: 24
                          2803:e2a0::/32 maxlen: 48

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/3d3f4333-895e-44f0-b79b-bc82144cff0d/2c51acd36879d6316902d3556f8724f5b58def5e.crl
                          rsync://repository.lacnic.net/rpki/lacnic/3d3f4333-895e-44f0-b79b-bc82144cff0d/2c51acd36879d6316902d3556f8724f5b58def5e.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/2c51acd36879d6316902d3556f8724f5b58def5e.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 01 Apr 2024 04:28:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 822863 (0xc8e4f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2c51acd36879d6316902d3556f8724f5b58def5e
        Validity
            Not Before: Mar 24 14:32:27 2021 GMT
            Not After : Mar 24 14:32:27 2026 GMT
        Subject: CN=6537261c3087f7af19bd4d7e7bc7ba910946a401
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:4d:35:98:4f:d2:04:bc:62:2c:b7:f1:c3:b5:
                    e6:11:f5:1d:f1:08:e9:51:7a:bf:ca:78:10:05:2a:
                    57:37:c8:e0:75:05:46:1e:a2:ed:df:46:a3:6c:6a:
                    a4:23:c6:de:f5:70:10:44:be:22:0c:ab:c6:ea:53:
                    1f:54:be:bf:b4:c2:2f:ac:76:89:f0:5e:4f:23:24:
                    a8:c6:e6:12:32:33:49:2e:0f:a3:b6:7e:9c:a4:83:
                    87:ff:d7:57:aa:4b:02:9b:fd:1b:e0:77:c6:58:c3:
                    1c:ea:93:38:43:a3:3d:a3:05:8a:43:87:6b:85:d7:
                    2f:39:af:51:40:60:29:7c:2f:28:fd:f9:77:df:ac:
                    ff:d2:e9:2b:1d:96:95:5a:fa:f1:8d:3e:10:1f:c5:
                    d5:c2:67:bb:02:b5:b2:4e:46:ad:64:fc:09:c1:90:
                    c8:68:fd:f8:35:4a:c7:0c:e0:9a:d0:5f:f9:a3:70:
                    92:bb:0d:b3:b0:b7:05:6d:a4:79:da:66:d5:64:ce:
                    68:59:80:b1:a7:19:76:a3:ce:c0:02:c3:d6:93:c2:
                    a4:e6:4e:ff:4c:a4:d8:fa:dc:61:db:4c:0b:1b:00:
                    3e:c4:a9:61:97:e5:2e:f4:b6:68:4c:a8:ab:08:ec:
                    33:da:8e:ec:21:c5:69:08:b3:98:44:09:e2:e4:43:
                    ee:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                75:8A:58:71:AA:22:F5:48:2E:67:E0:0A:BC:CC:2D:C3:11:7D:9F:66
            X509v3 Authority Key Identifier:
                keyid:1B:1D:AD:16:3D:2F:B5:1B:42:C4:DD:E2:73:FD:00:0A:1F:AD:A9:3C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/2c51acd36879d6316902d3556f8724f5b58def5e.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/3d3f4333-895e-44f0-b79b-bc82144cff0d/6537261c3087f7af19bd4d7e7bc7ba910946a401.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/3d3f4333-895e-44f0-b79b-bc82144cff0d/2c51acd36879d6316902d3556f8724f5b58def5e.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.239.114.0/24
                IPv6:
                  2803:e2a0::/32

    Signature Algorithm: sha256WithRSAEncryption
         b5:b2:ec:8b:f8:06:fc:20:63:62:20:12:c5:19:5f:06:91:cd:
         c4:8a:3d:c2:74:00:78:b0:4e:c6:7f:27:f2:6b:a6:4b:cc:37:
         35:bf:a3:7a:f1:ac:84:97:d5:f0:ed:3b:e0:f5:78:0a:d7:e3:
         5c:0c:aa:8e:84:96:e1:bc:96:b8:49:b9:07:d5:d6:61:9b:b6:
         9f:42:7a:6d:d9:4e:c2:31:0a:53:2e:55:f5:2e:de:69:59:be:
         66:01:b5:06:8e:9e:c0:ef:32:ad:06:dd:c0:1b:e5:2c:f8:ba:
         ee:f3:ee:6d:80:20:7f:fc:dd:92:01:cf:01:69:0e:a7:79:de:
         95:36:36:29:12:67:62:80:d8:21:22:d1:e7:43:e6:c1:92:1c:
         c5:d0:1d:38:14:01:9b:e6:d2:ad:96:4d:d3:f1:02:61:92:9c:
         2b:86:ca:47:c8:63:f9:8e:dc:75:4a:28:3d:b0:c8:a0:0e:45:
         b5:1d:59:c2:0c:a2:0b:ea:1e:98:ba:e6:e7:63:4a:04:21:ab:
         f4:f5:ff:02:43:50:20:8d:4e:a8:60:3c:3d:1a:50:4f:cb:9f:
         47:cb:c5:78:a0:de:4b:60:81:0b:41:89:6c:5a:58:5b:7c:e4:
         9d:41:53:83:7a:fb:a7:f1:01:2f:17:10:62:05:c9:91:a2:0f:
         7b:6a:d1:cb
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgIDDI5PMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDJj
NTFhY2QzNjg3OWQ2MzE2OTAyZDM1NTZmODcyNGY1YjU4ZGVmNWUwHhcNMjEwMzI0
MTQzMjI3WhcNMjYwMzI0MTQzMjI3WjAzMTEwLwYDVQQDEyg2NTM3MjYxYzMwODdm
N2FmMTliZDRkN2U3YmM3YmE5MTA5NDZhNDAxMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEArU01mE/SBLxiLLfxw7XmEfUd8QjpUXq/yngQBSpXN8jgdQVG
HqLt30ajbGqkI8be9XAQRL4iDKvG6lMfVL6/tMIvrHaJ8F5PIySoxuYSMjNJLg+j
tn6cpIOH/9dXqksCm/0b4HfGWMMc6pM4Q6M9owWKQ4drhdcvOa9RQGApfC8o/fl3
36z/0ukrHZaVWvrxjT4QH8XVwme7ArWyTkatZPwJwZDIaP34NUrHDOCa0F/5o3CS
uw2zsLcFbaR52mbVZM5oWYCxpxl2o87AAsPWk8Kk5k7/TKTY+txh20wLGwA+xKlh
l+Uu9LZoTKirCOwz2o7sIcVpCLOYRAni5EPuJwIDAQABo4ICajCCAmYwHQYDVR0O
BBYEFHWKWHGqIvVILmfgCrzMLcMRfZ9mMB8GA1UdIwQYMBaAFBsdrRY9L7UbQsTd
4nP9AAofrak8MA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvMmM1MWFj
ZDM2ODc5ZDYzMTY5MDJkMzU1NmY4NzI0ZjViNThkZWY1ZS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvM2QzZjQzMzMtODk1ZS00NGYwLWI3OWItYmM4MjE0
NGNmZjBkLzY1MzcyNjFjMzA4N2Y3YWYxOWJkNGQ3ZTdiYzdiYTkxMDk0NmE0MDEu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8zZDNmNDMzMy04OTVlLTQ0ZjAtYjc5Yi1iYzgy
MTQ0Y2ZmMGQvMmM1MWFjZDM2ODc5ZDYzMTY5MDJkMzU1NmY4NzI0ZjViNThkZWY1
ZS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQf
MB0wDAQCAAEwBgMEAC3vcjANBAIAAjAHAwUAKAPioDANBgkqhkiG9w0BAQsFAAOC
AQEAtbLsi/gG/CBjYiASxRlfBpHNxIo9wnQAeLBOxn8n8mumS8w3Nb+jevGshJfV
8O074PV4CtfjXAyqjoSW4byWuEm5B9XWYZu2n0J6bdlOwjEKUy5V9S7eaVm+ZgG1
Bo6ewO8yrQbdwBvlLPi67vPubYAgf/zdkgHPAWkOp3nelTY2KRJnYoDYISLR50Pm
wZIcxdAdOBQBm+bSrZZN0/ECYZKcK4bKR8hj+Y7cdUooPbDIoA5FtR1ZwgyiC+oe
mLrm52NKBCGr9PX/AkNQII1OqGA8PRpQT8ufR8vFeKDeS2CBC0GJbFpYW3zknUFT
g3r7p/EBLxcQYgXJkaIPe2rRyw==
-----END CERTIFICATE-----
Generated at Fri Mar 29 04:58:04 2024 by rpki-client on console-fra.rpki-client.org