Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/3d793535-cdba-4b0c-986c-d49d8ca657ea/422c5782c40716a6b62d8f04e7d8a12e450011c0.roa
File:                     422c5782c40716a6b62d8f04e7d8a12e450011c0.roa (raw, json)
Hash identifier:          ApkSUOfkAFSQzg7CA69ZESYYY1dUXDvoCFmOKcsopTw=
Subject key identifier:   90:1F:19:B8:14:6D:5E:A4:B7:80:A3:3F:EE:1F:CA:E2:79:3C:A7:4A
Certificate issuer:       /CN=9aa6f0faf06b0e820543ffb07cae0e88c6810fef
Certificate serial:       13845A
Authority key identifier: C6:CE:D1:A0:30:39:FD:A9:27:3B:AD:3B:53:4D:F2:6B:D7:B5:C4:C6
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/9aa6f0faf06b0e820543ffb07cae0e88c6810fef.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/3d793535-cdba-4b0c-986c-d49d8ca657ea/422c5782c40716a6b62d8f04e7d8a12e450011c0.roa
Signing time:             Sun 13 Nov 2022 01:06:53 +0000
ROA not before:           Sat 12 Nov 2022 01:05:17 +0000
ROA not after:            Wed 13 Nov 2024 01:05:17 +0000
asID:                     270036
IP address blocks:        179.60.226.0/24 maxlen: 30

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/3d793535-cdba-4b0c-986c-d49d8ca657ea/9aa6f0faf06b0e820543ffb07cae0e88c6810fef.crl
                          rsync://repository.lacnic.net/rpki/lacnic/3d793535-cdba-4b0c-986c-d49d8ca657ea/9aa6f0faf06b0e820543ffb07cae0e88c6810fef.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/9aa6f0faf06b0e820543ffb07cae0e88c6810fef.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 01 Apr 2024 05:58:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1279066 (0x13845a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9aa6f0faf06b0e820543ffb07cae0e88c6810fef
        Validity
            Not Before: Nov 12 01:05:17 2022 GMT
            Not After : Nov 13 01:05:17 2024 GMT
        Subject: CN=422c5782c40716a6b62d8f04e7d8a12e450011c0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:b7:07:db:9d:ce:78:f2:e9:f3:ba:b0:ea:d6:
                    0c:03:fa:3c:72:87:f9:3a:11:6e:bf:05:e4:1f:27:
                    5c:c2:a4:58:c6:44:d6:6e:73:75:5e:3f:05:ac:6a:
                    c4:9e:05:5c:20:ea:df:9a:9d:72:2d:6e:73:d5:0a:
                    8e:a3:35:3e:ae:80:d3:9c:e6:c0:8d:3e:8a:f8:11:
                    fe:30:92:7a:cb:0f:78:b6:38:78:da:85:45:16:ee:
                    a4:1e:4e:44:9f:91:d4:a7:16:e0:15:3a:46:54:13:
                    e4:bf:9a:9a:3f:7f:dd:6a:cd:dd:37:ce:76:25:07:
                    0b:30:0c:75:72:7e:2a:5e:b0:91:19:1a:8c:df:d0:
                    63:25:78:c0:6f:ec:0b:21:5a:7c:6b:8a:59:dd:d6:
                    c7:f9:05:4c:cc:85:0e:7e:ec:ea:bb:79:1f:6b:7d:
                    4a:a2:a1:bf:22:b3:e3:02:7a:a6:12:60:6f:dd:db:
                    08:4f:38:b2:bb:b7:f1:53:7a:d2:58:ab:77:8d:6d:
                    8b:f9:72:9c:9b:75:5e:76:81:fa:16:a2:27:92:0e:
                    21:23:ac:7f:27:d8:e5:7f:89:7e:23:40:bb:5a:d7:
                    5a:d7:86:f2:2a:d7:b7:bc:e9:ac:ce:10:7b:e7:f9:
                    63:36:fb:48:4a:f5:7c:7b:d8:d1:25:d8:6e:64:1f:
                    ba:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                90:1F:19:B8:14:6D:5E:A4:B7:80:A3:3F:EE:1F:CA:E2:79:3C:A7:4A
            X509v3 Authority Key Identifier:
                keyid:C6:CE:D1:A0:30:39:FD:A9:27:3B:AD:3B:53:4D:F2:6B:D7:B5:C4:C6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/9aa6f0faf06b0e820543ffb07cae0e88c6810fef.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/3d793535-cdba-4b0c-986c-d49d8ca657ea/422c5782c40716a6b62d8f04e7d8a12e450011c0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/3d793535-cdba-4b0c-986c-d49d8ca657ea/9aa6f0faf06b0e820543ffb07cae0e88c6810fef.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  179.60.226.0/24

    Signature Algorithm: sha256WithRSAEncryption
         83:c7:4c:6b:af:f2:cc:24:88:c5:7a:cc:17:9c:46:9a:af:47:
         ec:b6:87:27:7f:7a:08:69:70:d2:02:c3:df:38:cd:79:c4:57:
         67:bf:2d:e4:0f:bb:19:1d:85:9e:26:61:e3:e2:d1:40:3a:18:
         1d:05:21:7d:f8:a3:3a:aa:2b:6d:e1:de:37:0f:d7:a8:01:ca:
         85:11:f8:1f:35:71:bd:cf:c4:a0:e2:6c:2c:d9:bf:e5:cc:49:
         fe:f9:4a:da:ca:61:b0:5a:fb:2d:9e:ee:b5:92:32:89:31:7c:
         a8:47:c6:66:e0:9e:08:95:de:f2:b1:06:be:64:be:dc:dd:2d:
         f1:73:8f:61:f6:52:b1:ff:c0:5f:f3:e4:0a:03:43:54:80:20:
         ae:e6:a7:7e:5c:c7:c4:1f:bb:b9:35:33:39:1f:0f:9b:41:a6:
         9f:af:8c:c8:46:bd:5a:43:13:b8:cf:d5:58:cd:b3:25:c1:0a:
         ec:9b:e1:f6:46:ed:d1:da:23:dc:53:14:32:7b:25:b1:2e:10:
         4c:48:b0:1c:a2:6e:f8:c1:49:b8:79:47:60:60:e6:b6:0c:82:
         2e:be:1c:53:c0:b0:62:02:8e:8b:2d:3f:1b:eb:08:c6:e1:97:
         ff:dd:1a:e6:05:c1:0f:e8:2e:16:c7:03:41:16:5e:fa:21:8c:
         6d:34:2b:63
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDE4RaMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDlh
YTZmMGZhZjA2YjBlODIwNTQzZmZiMDdjYWUwZTg4YzY4MTBmZWYwHhcNMjIxMTEy
MDEwNTE3WhcNMjQxMTEzMDEwNTE3WjAzMTEwLwYDVQQDEyg0MjJjNTc4MmM0MDcx
NmE2YjYyZDhmMDRlN2Q4YTEyZTQ1MDAxMWMwMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAk7cH253OePLp87qw6tYMA/o8cof5OhFuvwXkHydcwqRYxkTW
bnN1Xj8FrGrEngVcIOrfmp1yLW5z1QqOozU+roDTnObAjT6K+BH+MJJ6yw94tjh4
2oVFFu6kHk5En5HUpxbgFTpGVBPkv5qaP3/das3dN852JQcLMAx1cn4qXrCRGRqM
39BjJXjAb+wLIVp8a4pZ3dbH+QVMzIUOfuzqu3kfa31KoqG/IrPjAnqmEmBv3dsI
Tziyu7fxU3rSWKt3jW2L+XKcm3VedoH6FqInkg4hI6x/J9jlf4l+I0C7Wtda14by
Kte3vOmszhB75/ljNvtISvV8e9jRJdhuZB+6uwIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFJAfGbgUbV6kt4CjP+4fyuJ5PKdKMB8GA1UdIwQYMBaAFMbO0aAwOf2pJzut
O1NN8mvXtcTGMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvOWFhNmYw
ZmFmMDZiMGU4MjA1NDNmZmIwN2NhZTBlODhjNjgxMGZlZi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvM2Q3OTM1MzUtY2RiYS00YjBjLTk4NmMtZDQ5ZDhj
YTY1N2VhLzQyMmM1NzgyYzQwNzE2YTZiNjJkOGYwNGU3ZDhhMTJlNDUwMDExYzAu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8zZDc5MzUzNS1jZGJhLTRiMGMtOTg2Yy1kNDlk
OGNhNjU3ZWEvOWFhNmYwZmFmMDZiMGU4MjA1NDNmZmIwN2NhZTBlODhjNjgxMGZl
Zi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEALM84jANBgkqhkiG9w0BAQsFAAOCAQEAg8dMa6/yzCSIxXrM
F5xGmq9H7LaHJ396CGlw0gLD3zjNecRXZ78t5A+7GR2FniZh4+LRQDoYHQUhffij
OqorbeHeNw/XqAHKhRH4HzVxvc/EoOJsLNm/5cxJ/vlK2sphsFr7LZ7utZIyiTF8
qEfGZuCeCJXe8rEGvmS+3N0t8XOPYfZSsf/AX/PkCgNDVIAgruanflzHxB+7uTUz
OR8Pm0Gmn6+MyEa9WkMTuM/VWM2zJcEK7Jvh9kbt0doj3FMUMnslsS4QTEiwHKJu
+MFJuHlHYGDmtgyCLr4cU8CwYgKOiy0/G+sIxuGX/90a5gXBD+guFscDQRZe+iGM
bTQrYw==
-----END CERTIFICATE-----
Generated at Fri Mar 29 07:06:34 2024 by rpki-client on console-ams.rpki-client.org