Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/4042023c-6d97-47cf-8018-67c5d58add42/0b2b6311b130c6123a65af275d1ea53450fc60b8.roa
File:                     0b2b6311b130c6123a65af275d1ea53450fc60b8.roa (raw, json)
Hash identifier:          QoJVqDWCygp267vKcTrsp9m7nDcsB3Uk5wxp5w2dB+E=
Subject key identifier:   6C:10:59:EE:3C:7D:AA:B2:B2:C3:D0:10:32:EC:38:3F:29:1D:DB:89
Certificate issuer:       /CN=c2be57a8c0fd76452079fcf2d4dc569819c2ed31
Certificate serial:       0CEC15
Authority key identifier: 25:E8:84:D7:24:AC:85:71:45:FF:9F:71:0D:06:B9:ED:F5:8E:37:EC
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/c2be57a8c0fd76452079fcf2d4dc569819c2ed31.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/4042023c-6d97-47cf-8018-67c5d58add42/0b2b6311b130c6123a65af275d1ea53450fc60b8.roa
Signing time:             Wed 24 Mar 2021 14:47:08 +0000
ROA not before:           Wed 24 Mar 2021 14:47:07 +0000
ROA not after:            Tue 24 Mar 2026 14:47:07 +0000
asID:                     27665
IP address blocks:        131.100.160.0/22 maxlen: 24
                          138.59.24.0/22 maxlen: 24
                          143.0.172.0/22 maxlen: 24
                          161.0.224.0/19 maxlen: 24
                          181.188.0.0/17 maxlen: 24
                          190.6.224.0/20 maxlen: 24
                          190.83.128.0/17 maxlen: 24
                          190.213.0.0/18 maxlen: 24
                          190.213.64.0/18 maxlen: 24
                          190.213.128.0/17 maxlen: 24
                          200.1.104.0/21 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/4042023c-6d97-47cf-8018-67c5d58add42/c2be57a8c0fd76452079fcf2d4dc569819c2ed31.crl
                          rsync://repository.lacnic.net/rpki/lacnic/4042023c-6d97-47cf-8018-67c5d58add42/c2be57a8c0fd76452079fcf2d4dc569819c2ed31.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/c2be57a8c0fd76452079fcf2d4dc569819c2ed31.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 01 Apr 2024 05:58:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 846869 (0xcec15)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c2be57a8c0fd76452079fcf2d4dc569819c2ed31
        Validity
            Not Before: Mar 24 14:47:07 2021 GMT
            Not After : Mar 24 14:47:07 2026 GMT
        Subject: CN=0b2b6311b130c6123a65af275d1ea53450fc60b8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:56:27:88:c4:2f:49:ab:48:ff:71:11:4a:72:
                    b5:b0:f5:ae:7a:e6:c0:7a:71:7f:89:15:ba:1f:49:
                    26:53:85:5e:fc:fc:2a:4a:a8:61:02:52:d9:0c:77:
                    de:23:80:1c:7e:b5:39:8d:8e:b1:f7:0a:e3:3c:d1:
                    56:0d:ac:71:90:79:94:89:f9:72:17:0e:a4:95:33:
                    9b:c0:42:ff:5b:8d:4a:83:27:ef:b4:43:90:f9:7f:
                    2f:d8:2d:24:94:fb:cf:e8:6f:51:70:ad:f2:79:97:
                    ff:b9:e7:c3:16:12:f7:9c:64:25:50:78:18:4f:6b:
                    ad:ad:a5:8b:cc:97:73:d0:ae:a7:07:3e:36:0b:a0:
                    ee:33:7b:af:98:09:8b:ad:a7:87:a8:d5:1b:0a:89:
                    4e:85:68:38:c2:81:4e:35:e3:f0:6d:b5:5a:cf:ce:
                    b9:70:4e:a6:c6:12:fc:28:78:a0:00:cb:f5:9f:e7:
                    59:e7:68:8a:0f:8c:e6:f6:67:72:bb:cc:a8:56:11:
                    b5:06:15:0b:11:a9:9b:b3:c9:68:42:fb:3d:17:38:
                    f4:f6:c0:73:93:d5:54:3f:c3:bc:23:88:66:fc:20:
                    69:64:aa:81:f0:50:aa:82:9e:be:12:77:6a:f4:06:
                    57:51:00:1b:18:67:b4:56:f6:c8:64:05:4a:d1:41:
                    db:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6C:10:59:EE:3C:7D:AA:B2:B2:C3:D0:10:32:EC:38:3F:29:1D:DB:89
            X509v3 Authority Key Identifier:
                keyid:25:E8:84:D7:24:AC:85:71:45:FF:9F:71:0D:06:B9:ED:F5:8E:37:EC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/c2be57a8c0fd76452079fcf2d4dc569819c2ed31.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/4042023c-6d97-47cf-8018-67c5d58add42/0b2b6311b130c6123a65af275d1ea53450fc60b8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/4042023c-6d97-47cf-8018-67c5d58add42/c2be57a8c0fd76452079fcf2d4dc569819c2ed31.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  131.100.160.0/22
                  138.59.24.0/22
                  143.0.172.0/22
                  161.0.224.0/19
                  181.188.0.0/17
                  190.6.224.0/20
                  190.83.128.0/17
                  190.213.0.0/16
                  200.1.104.0/21

    Signature Algorithm: sha256WithRSAEncryption
         25:f6:e4:56:9b:04:5f:b4:68:40:f2:c8:12:23:5a:b4:e5:d2:
         03:88:ae:3b:cb:f5:49:fa:5b:3d:82:2c:99:f6:ad:da:a5:a9:
         45:1a:63:44:c8:54:67:a0:ab:ef:04:b2:24:a6:41:83:1c:40:
         63:ee:fc:2e:c8:5d:83:75:13:bc:24:8e:98:59:1f:e8:c6:fe:
         a2:fb:68:51:f4:26:1d:b4:d5:23:c1:2d:93:54:2c:ed:10:6f:
         d8:8d:38:87:70:40:b8:ec:6e:61:f2:b9:8e:7f:14:7c:23:e3:
         e8:67:a4:09:ec:bd:39:c9:27:fc:5d:79:77:e8:76:79:79:03:
         59:3f:02:bc:86:ea:0b:74:82:31:a1:fd:b2:e8:b5:b1:03:fb:
         45:a2:c4:3c:ca:04:3a:ba:60:e7:40:22:e9:72:7e:ac:c3:16:
         55:58:38:b2:4b:8e:08:d2:23:e7:c4:7a:11:db:5d:86:05:7c:
         fc:4d:7e:a8:cc:51:d7:42:e6:38:5c:d3:c1:7b:1b:77:3e:10:
         15:a9:f5:c5:1d:25:0f:bf:e8:fa:27:00:a7:05:27:7e:0e:d2:
         39:05:75:67:39:0d:d2:af:33:ec:92:96:c5:d5:11:6a:cb:b8:
         4f:d2:87:00:09:d2:7a:d7:66:ca:8b:d7:76:cc:1a:69:db:b6:
         10:32:1f:e6
-----BEGIN CERTIFICATE-----
MIIFbzCCBFegAwIBAgIDDOwVMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGMy
YmU1N2E4YzBmZDc2NDUyMDc5ZmNmMmQ0ZGM1Njk4MTljMmVkMzEwHhcNMjEwMzI0
MTQ0NzA3WhcNMjYwMzI0MTQ0NzA3WjAzMTEwLwYDVQQDEygwYjJiNjMxMWIxMzBj
NjEyM2E2NWFmMjc1ZDFlYTUzNDUwZmM2MGI4MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAkVYniMQvSatI/3ERSnK1sPWueubAenF/iRW6H0kmU4Ve/Pwq
SqhhAlLZDHfeI4AcfrU5jY6x9wrjPNFWDaxxkHmUiflyFw6klTObwEL/W41Kgyfv
tEOQ+X8v2C0klPvP6G9RcK3yeZf/uefDFhL3nGQlUHgYT2utraWLzJdz0K6nBz42
C6DuM3uvmAmLraeHqNUbColOhWg4woFONePwbbVaz865cE6mxhL8KHigAMv1n+dZ
52iKD4zm9mdyu8yoVhG1BhULEambs8loQvs9Fzj09sBzk9VUP8O8I4hm/CBpZKqB
8FCqgp6+Endq9AZXUQAbGGe0VvbIZAVK0UHb7wIDAQABo4ICijCCAoYwHQYDVR0O
BBYEFGwQWe48faqyssPQEDLsOD8pHduJMB8GA1UdIwQYMBaAFCXohNckrIVxRf+f
cQ0Gue31jjfsMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYzJiZTU3
YThjMGZkNzY0NTIwNzlmY2YyZDRkYzU2OTgxOWMyZWQzMS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNDA0MjAyM2MtNmQ5Ny00N2NmLTgwMTgtNjdjNWQ1
OGFkZDQyLzBiMmI2MzExYjEzMGM2MTIzYTY1YWYyNzVkMWVhNTM0NTBmYzYwYjgu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy80MDQyMDIzYy02ZDk3LTQ3Y2YtODAxOC02N2M1
ZDU4YWRkNDIvYzJiZTU3YThjMGZkNzY0NTIwNzlmY2YyZDRkYzU2OTgxOWMyZWQz
MS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBOBggrBgEFBQcBBwEB/wQ/
MD0wOwQCAAEwNQMEAoNkoAMEAoo7GAMEAo8ArAMEBaEA4AMEB7W8AAMEBL4G4AME
B75TgAMDAL7VAwQDyAFoMA0GCSqGSIb3DQEBCwUAA4IBAQAl9uRWmwRftGhA8sgS
I1q05dIDiK47y/VJ+ls9giyZ9q3apalFGmNEyFRnoKvvBLIkpkGDHEBj7vwuyF2D
dRO8JI6YWR/oxv6i+2hR9CYdtNUjwS2TVCztEG/YjTiHcEC47G5h8rmOfxR8I+Po
Z6QJ7L05ySf8XXl36HZ5eQNZPwK8huoLdIIxof2y6LWxA/tFosQ8ygQ6umDnQCLp
cn6swxZVWDiyS44I0iPnxHoR212GBXz8TX6ozFHXQuY4XNPBext3PhAVqfXFHSUP
v+j6JwCnBSd+DtI5BXVnOQ3SrzPskpbF1RFqy7hP0ocACdJ612bKi9d2zBpp27YQ
Mh/m
-----END CERTIFICATE-----
Generated at Fri Mar 29 06:25:29 2024 by rpki-client on console-ams.rpki-client.org