Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/40ffbe0b-779c-4015-8ba7-12a85f779e86/7846da06d1e65078662f2d710e884b59f1678b6a.roa
File:                     7846da06d1e65078662f2d710e884b59f1678b6a.roa (raw, json)
Hash identifier:          rNr7WciecqYC+LYNPCqBpIsctVRjZrIp5lRK2KH12P0=
Subject key identifier:   97:00:E1:2A:24:32:C3:A4:A8:A4:71:47:C7:C2:26:50:70:2D:EC:4A
Certificate issuer:       /CN=9fe5b490e01916025ea9800035a06ad620448a40
Certificate serial:       0B7641
Authority key identifier: 26:87:E1:88:0A:7B:5F:53:A0:05:E3:90:14:F7:4B:40:18:74:16:78
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/9fe5b490e01916025ea9800035a06ad620448a40.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/40ffbe0b-779c-4015-8ba7-12a85f779e86/7846da06d1e65078662f2d710e884b59f1678b6a.roa
Signing time:             Wed 24 Mar 2021 14:39:25 +0000
ROA not before:           Wed 24 Mar 2021 14:39:25 +0000
ROA not after:            Tue 24 Mar 2026 14:39:25 +0000
asID:                     264744
IP address blocks:        45.188.232.0/22 maxlen: 24
                          2803:3f60::/32 maxlen: 48

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/40ffbe0b-779c-4015-8ba7-12a85f779e86/9fe5b490e01916025ea9800035a06ad620448a40.crl
                          rsync://repository.lacnic.net/rpki/lacnic/40ffbe0b-779c-4015-8ba7-12a85f779e86/9fe5b490e01916025ea9800035a06ad620448a40.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/9fe5b490e01916025ea9800035a06ad620448a40.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 01 Apr 2024 05:58:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 751169 (0xb7641)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9fe5b490e01916025ea9800035a06ad620448a40
        Validity
            Not Before: Mar 24 14:39:25 2021 GMT
            Not After : Mar 24 14:39:25 2026 GMT
        Subject: CN=7846da06d1e65078662f2d710e884b59f1678b6a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:5b:4e:ea:60:e2:67:d8:20:56:6b:83:b4:06:
                    0b:e8:c9:ff:17:1d:de:20:8a:3d:bb:18:d2:82:e2:
                    2a:e6:b9:9c:96:0b:43:fe:c4:23:79:59:89:66:f0:
                    37:9c:29:48:65:9a:70:6b:87:4d:8b:c5:62:e1:4e:
                    c4:01:e9:1b:d8:5c:9b:03:9f:45:27:39:79:10:a4:
                    14:5c:1e:14:00:ad:d5:ec:61:cc:cd:26:2e:f2:a4:
                    ae:82:d3:96:60:55:d3:26:ef:cb:92:56:f4:b7:16:
                    52:12:33:2a:bb:75:69:4a:b8:58:f9:34:c9:c4:47:
                    1f:6b:e4:08:ff:05:8a:1c:4f:88:83:29:67:f0:08:
                    2c:a7:3d:55:42:c6:d9:96:6a:ae:a8:7e:05:b2:23:
                    d4:e9:0b:2e:f0:aa:df:dd:66:85:fb:cd:92:ac:56:
                    53:5d:17:ad:f9:aa:a1:5f:55:9e:22:8f:ff:d8:8a:
                    de:e4:c6:e8:a1:95:a8:b0:5e:3b:09:57:32:53:4e:
                    c4:1e:a3:65:b5:36:9b:6c:92:da:7c:d3:45:3e:ea:
                    b8:1b:9e:9b:ad:09:fb:04:3a:e0:d8:e5:53:a1:2e:
                    f4:ac:88:2d:01:c4:85:81:0f:0f:94:f2:a8:55:f6:
                    3e:00:fc:a6:62:4b:f6:16:96:c8:4f:9f:69:bc:ca:
                    b5:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                97:00:E1:2A:24:32:C3:A4:A8:A4:71:47:C7:C2:26:50:70:2D:EC:4A
            X509v3 Authority Key Identifier:
                keyid:26:87:E1:88:0A:7B:5F:53:A0:05:E3:90:14:F7:4B:40:18:74:16:78

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/9fe5b490e01916025ea9800035a06ad620448a40.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/40ffbe0b-779c-4015-8ba7-12a85f779e86/7846da06d1e65078662f2d710e884b59f1678b6a.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/40ffbe0b-779c-4015-8ba7-12a85f779e86/9fe5b490e01916025ea9800035a06ad620448a40.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.188.232.0/22
                IPv6:
                  2803:3f60::/32

    Signature Algorithm: sha256WithRSAEncryption
         24:b1:c0:1d:45:fa:cf:ea:d8:81:0b:bd:b9:65:c2:80:b5:8d:
         de:4d:8b:44:a5:b5:9e:20:d9:53:83:f1:1e:d0:c1:fc:11:c7:
         48:1f:7b:43:89:10:ec:8e:98:35:6f:25:dd:31:9a:a6:91:27:
         29:aa:e1:9f:0c:fe:d1:eb:c1:76:9a:55:5c:dd:18:85:3c:36:
         2c:5f:2a:f4:be:52:a8:28:33:98:4d:85:5c:23:71:67:17:37:
         d6:f4:b2:9e:d8:20:28:3f:d3:8d:b4:4a:27:7d:a6:6b:24:84:
         6b:ef:ad:51:82:f5:a8:f7:29:e4:39:9a:de:d2:6c:3b:70:67:
         3b:de:44:cc:0a:f7:25:15:60:54:6c:11:bf:49:d0:03:c7:e4:
         16:59:52:49:6b:19:be:86:28:05:3d:cb:da:f7:de:d5:6f:f3:
         46:9c:84:de:57:3d:4d:62:76:8a:5d:a9:e7:9d:b5:c6:71:29:
         b9:ec:eb:5c:a9:81:3c:f8:e8:60:48:31:33:25:ff:e0:40:80:
         5b:fe:09:dd:0c:86:53:1e:49:81:6c:7c:b2:ba:b5:f2:ac:4b:
         d7:70:21:03:b6:ef:ec:33:b1:4e:e8:c1:5d:17:5a:a9:5f:7a:
         39:07:3c:79:2b:63:d4:41:dc:17:43:07:2f:06:46:91:b9:46:
         83:50:30:14
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgIDC3ZBMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDlm
ZTViNDkwZTAxOTE2MDI1ZWE5ODAwMDM1YTA2YWQ2MjA0NDhhNDAwHhcNMjEwMzI0
MTQzOTI1WhcNMjYwMzI0MTQzOTI1WjAzMTEwLwYDVQQDEyg3ODQ2ZGEwNmQxZTY1
MDc4NjYyZjJkNzEwZTg4NGI1OWYxNjc4YjZhMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAhFtO6mDiZ9ggVmuDtAYL6Mn/Fx3eIIo9uxjSguIq5rmclgtD
/sQjeVmJZvA3nClIZZpwa4dNi8Vi4U7EAekb2FybA59FJzl5EKQUXB4UAK3V7GHM
zSYu8qSugtOWYFXTJu/Lklb0txZSEjMqu3VpSrhY+TTJxEcfa+QI/wWKHE+Igyln
8Agspz1VQsbZlmquqH4FsiPU6Qsu8Krf3WaF+82SrFZTXRet+aqhX1WeIo//2Ire
5MbooZWosF47CVcyU07EHqNltTabbJLafNNFPuq4G56brQn7BDrg2OVToS70rIgt
AcSFgQ8PlPKoVfY+APymYkv2FpbIT59pvMq1UwIDAQABo4ICajCCAmYwHQYDVR0O
BBYEFJcA4SokMsOkqKRxR8fCJlBwLexKMB8GA1UdIwQYMBaAFCaH4YgKe19ToAXj
kBT3S0AYdBZ4MA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvOWZlNWI0
OTBlMDE5MTYwMjVlYTk4MDAwMzVhMDZhZDYyMDQ0OGE0MC5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNDBmZmJlMGItNzc5Yy00MDE1LThiYTctMTJhODVm
Nzc5ZTg2Lzc4NDZkYTA2ZDFlNjUwNzg2NjJmMmQ3MTBlODg0YjU5ZjE2NzhiNmEu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy80MGZmYmUwYi03NzljLTQwMTUtOGJhNy0xMmE4
NWY3NzllODYvOWZlNWI0OTBlMDE5MTYwMjVlYTk4MDAwMzVhMDZhZDYyMDQ0OGE0
MC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQf
MB0wDAQCAAEwBgMEAi286DANBAIAAjAHAwUAKAM/YDANBgkqhkiG9w0BAQsFAAOC
AQEAJLHAHUX6z+rYgQu9uWXCgLWN3k2LRKW1niDZU4PxHtDB/BHHSB97Q4kQ7I6Y
NW8l3TGappEnKarhnwz+0evBdppVXN0YhTw2LF8q9L5SqCgzmE2FXCNxZxc31vSy
ntggKD/TjbRKJ32maySEa++tUYL1qPcp5Dma3tJsO3BnO95EzAr3JRVgVGwRv0nQ
A8fkFllSSWsZvoYoBT3L2vfe1W/zRpyE3lc9TWJ2il2p5521xnEpuezrXKmBPPjo
YEgxMyX/4ECAW/4J3QyGUx5JgWx8srq18qxL13AhA7bv7DOxTujBXRdaqV96OQc8
eStj1EHcF0MHLwZGkblGg1AwFA==
-----END CERTIFICATE-----
Generated at Fri Mar 29 08:39:18 2024 by rpki-client on console-ams.rpki-client.org