Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/405c3edd-d580-4d5b-b8bd-a6b455bb51ce/a5fba939e0b103992ce6492ab981ab6c2cf2d045.roa
File:                     a5fba939e0b103992ce6492ab981ab6c2cf2d045.roa (raw, json)
Hash identifier:          hN4SxbOynICywhRH8wqZAMPq6Hyu/13/5O5ltD5Y68A=
Subject key identifier:   18:7E:FB:D5:D0:29:89:B3:23:D0:D7:C8:6D:71:F6:71:B2:37:BD:17
Certificate issuer:       /CN=162120a907b927853fa0759b89cb5523b33e976c
Certificate serial:       12474C
Authority key identifier: C1:2A:F9:89:CC:E1:DD:AE:C2:D4:AB:AD:77:34:74:8C:1C:CF:62:F6
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/162120a907b927853fa0759b89cb5523b33e976c.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/405c3edd-d580-4d5b-b8bd-a6b455bb51ce/a5fba939e0b103992ce6492ab981ab6c2cf2d045.roa
Signing time:             Fri 14 Jan 2022 22:33:18 +0000
ROA not before:           Fri 14 Jan 2022 03:00:00 +0000
ROA not after:            Wed 24 Mar 2027 03:00:00 +0000
asID:                     23487
IP address blocks:        45.178.36.0/22 maxlen: 24
                          2803:a660::/32 maxlen: 48

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/405c3edd-d580-4d5b-b8bd-a6b455bb51ce/162120a907b927853fa0759b89cb5523b33e976c.crl
                          rsync://repository.lacnic.net/rpki/lacnic/405c3edd-d580-4d5b-b8bd-a6b455bb51ce/162120a907b927853fa0759b89cb5523b33e976c.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/162120a907b927853fa0759b89cb5523b33e976c.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 19:38:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1197900 (0x12474c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=162120a907b927853fa0759b89cb5523b33e976c
        Validity
            Not Before: Jan 14 03:00:00 2022 GMT
            Not After : Mar 24 03:00:00 2027 GMT
        Subject: CN=a5fba939e0b103992ce6492ab981ab6c2cf2d045
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:99:7c:71:35:6c:d9:d3:97:aa:79:f8:f6:07:
                    12:b8:57:ba:2c:9b:e0:f6:d6:94:e1:21:80:ab:1d:
                    31:aa:35:e0:6b:27:23:ec:6f:30:1f:82:81:31:ca:
                    b7:0f:69:33:53:10:3c:98:86:58:16:d1:c4:ca:91:
                    9f:db:a1:34:be:2c:8c:d5:5b:7d:b5:82:05:d4:63:
                    6b:4f:ca:40:35:95:11:af:7a:b2:2e:30:fd:94:51:
                    45:ea:35:97:da:b1:36:f2:a1:f1:ff:d6:42:48:85:
                    3a:0f:cb:d5:07:89:8d:6b:c7:0a:a8:c5:7d:11:3b:
                    2e:50:de:fe:cf:bf:a5:43:01:f9:33:3e:22:28:5e:
                    65:c3:63:7a:5f:11:b7:82:ce:3d:a2:c6:5c:36:5f:
                    6d:5c:f5:14:c8:b9:43:ba:40:c3:4b:b1:6f:dc:58:
                    83:a9:34:f2:65:ed:87:86:00:46:f4:c4:28:33:5f:
                    99:7e:72:5a:80:d3:a2:d7:40:01:34:6a:98:91:02:
                    24:ab:7a:ed:78:3f:ec:20:b2:e6:86:34:5d:51:66:
                    11:5c:64:c3:e5:83:f5:43:43:7c:2f:af:9e:52:56:
                    f7:de:c3:b0:b2:ed:63:ee:87:a8:b3:e1:a9:07:26:
                    8e:87:d6:7a:85:d6:ac:77:f5:a3:13:ea:b7:db:1f:
                    6d:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                18:7E:FB:D5:D0:29:89:B3:23:D0:D7:C8:6D:71:F6:71:B2:37:BD:17
            X509v3 Authority Key Identifier:
                keyid:C1:2A:F9:89:CC:E1:DD:AE:C2:D4:AB:AD:77:34:74:8C:1C:CF:62:F6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/162120a907b927853fa0759b89cb5523b33e976c.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/405c3edd-d580-4d5b-b8bd-a6b455bb51ce/a5fba939e0b103992ce6492ab981ab6c2cf2d045.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/405c3edd-d580-4d5b-b8bd-a6b455bb51ce/162120a907b927853fa0759b89cb5523b33e976c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.178.36.0/22
                IPv6:
                  2803:a660::/32

    Signature Algorithm: sha256WithRSAEncryption
         18:2c:99:64:f1:09:f2:72:f0:9a:68:2a:02:a4:74:18:24:39:
         37:38:a8:42:06:d6:54:5c:ba:da:fd:7f:8e:79:90:97:03:07:
         e0:72:84:f4:b2:22:77:fe:36:da:4d:ef:8d:54:bb:f2:e3:3c:
         b4:a7:8d:6d:40:61:81:59:32:5e:60:79:e9:87:06:76:45:60:
         92:32:54:91:2d:f2:d0:63:f7:45:e2:f9:94:c8:5b:3f:cf:fb:
         14:7f:07:9a:55:64:25:2e:f4:10:ae:02:ed:7b:a8:c5:a5:e1:
         85:15:db:42:36:2a:e7:3f:99:28:59:b3:44:05:50:dc:f1:ab:
         b8:2a:7d:c4:8f:df:1a:ff:70:15:fa:d0:67:06:3f:00:05:29:
         e8:db:b8:d3:44:65:b6:b7:d4:9c:71:51:db:e8:ed:e9:7b:26:
         cc:cb:82:85:16:0c:ec:9a:96:eb:99:36:40:c1:ff:93:3b:4b:
         6e:12:01:77:5e:4a:16:7e:4c:3b:b9:11:fc:c7:3c:d6:67:aa:
         ce:96:7a:c6:09:13:4b:3b:9c:04:00:bc:96:e4:21:9e:4e:aa:
         a9:07:08:c9:7c:5a:27:0a:26:58:04:d9:94:8a:6a:c9:d7:ca:
         aa:cc:8e:1c:21:85:0d:bd:86:6d:89:cb:94:57:b6:96:76:0d:
         7d:b7:6e:d4
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgIDEkdMMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDE2
MjEyMGE5MDdiOTI3ODUzZmEwNzU5Yjg5Y2I1NTIzYjMzZTk3NmMwHhcNMjIwMTE0
MDMwMDAwWhcNMjcwMzI0MDMwMDAwWjAzMTEwLwYDVQQDEyhhNWZiYTkzOWUwYjEw
Mzk5MmNlNjQ5MmFiOTgxYWI2YzJjZjJkMDQ1MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAlZl8cTVs2dOXqnn49gcSuFe6LJvg9taU4SGAqx0xqjXgaycj
7G8wH4KBMcq3D2kzUxA8mIZYFtHEypGf26E0viyM1Vt9tYIF1GNrT8pANZURr3qy
LjD9lFFF6jWX2rE28qHx/9ZCSIU6D8vVB4mNa8cKqMV9ETsuUN7+z7+lQwH5Mz4i
KF5lw2N6XxG3gs49osZcNl9tXPUUyLlDukDDS7Fv3FiDqTTyZe2HhgBG9MQoM1+Z
fnJagNOi10ABNGqYkQIkq3rteD/sILLmhjRdUWYRXGTD5YP1Q0N8L6+eUlb33sOw
su1j7oeos+GpByaOh9Z6hdasd/WjE+q32x9ttwIDAQABo4ICajCCAmYwHQYDVR0O
BBYEFBh++9XQKYmzI9DXyG1x9nGyN70XMB8GA1UdIwQYMBaAFMEq+YnM4d2uwtSr
rXc0dIwcz2L2MA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvMTYyMTIw
YTkwN2I5Mjc4NTNmYTA3NTliODljYjU1MjNiMzNlOTc2Yy5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNDA1YzNlZGQtZDU4MC00ZDViLWI4YmQtYTZiNDU1
YmI1MWNlL2E1ZmJhOTM5ZTBiMTAzOTkyY2U2NDkyYWI5ODFhYjZjMmNmMmQwNDUu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy80MDVjM2VkZC1kNTgwLTRkNWItYjhiZC1hNmI0
NTViYjUxY2UvMTYyMTIwYTkwN2I5Mjc4NTNmYTA3NTliODljYjU1MjNiMzNlOTc2
Yy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQf
MB0wDAQCAAEwBgMEAi2yJDANBAIAAjAHAwUAKAOmYDANBgkqhkiG9w0BAQsFAAOC
AQEAGCyZZPEJ8nLwmmgqAqR0GCQ5NzioQgbWVFy62v1/jnmQlwMH4HKE9LIid/42
2k3vjVS78uM8tKeNbUBhgVkyXmB56YcGdkVgkjJUkS3y0GP3ReL5lMhbP8/7FH8H
mlVkJS70EK4C7XuoxaXhhRXbQjYq5z+ZKFmzRAVQ3PGruCp9xI/fGv9wFfrQZwY/
AAUp6Nu400RltrfUnHFR2+jt6XsmzMuChRYM7JqW65k2QMH/kztLbhIBd15KFn5M
O7kR/Mc81meqzpZ6xgkTSzucBAC8luQhnk6qqQcIyXxaJwomWATZlIpqydfKqsyO
HCGFDb2GbYnLlFe2lnYNfbdu1A==
-----END CERTIFICATE-----
Generated at Thu Mar 28 23:47:50 2024 by rpki-client on console-ams.rpki-client.org