Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/443ac76c-8eac-4e9c-8921-9aab23b81d30/1bf3a6faab9b85b75116af35b7880c162c2284d6.roa
File:                     1bf3a6faab9b85b75116af35b7880c162c2284d6.roa (raw, json)
Hash identifier:          sPQBRdcL0Nl0MdM3XambbLgjsd+4ovfLqXCYaD0ObDo=
Subject key identifier:   C5:5D:DC:30:B3:36:2D:BD:56:DC:B2:72:B6:B3:70:93:0A:B5:E6:6F
Certificate issuer:       /CN=7a0d3eafbdae2e52636e11aa20b9d745fdef44e7
Certificate serial:       0BCB1A
Authority key identifier: EF:AD:68:3D:4A:EA:AB:8A:C7:E2:70:5D:50:FD:72:AD:1B:CD:F2:88
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/7a0d3eafbdae2e52636e11aa20b9d745fdef44e7.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/443ac76c-8eac-4e9c-8921-9aab23b81d30/1bf3a6faab9b85b75116af35b7880c162c2284d6.roa
Signing time:             Sun 02 Jul 2023 04:53:25 +0000
ROA not before:           Sat 01 Jul 2023 04:53:25 +0000
ROA not after:            Wed 02 Jul 2025 04:53:25 +0000
asID:                     270081
IP address blocks:        179.49.157.0/24 maxlen: 24
                          179.49.158.0/24 maxlen: 24
                          179.49.159.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/443ac76c-8eac-4e9c-8921-9aab23b81d30/7a0d3eafbdae2e52636e11aa20b9d745fdef44e7.crl
                          rsync://repository.lacnic.net/rpki/lacnic/443ac76c-8eac-4e9c-8921-9aab23b81d30/7a0d3eafbdae2e52636e11aa20b9d745fdef44e7.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/7a0d3eafbdae2e52636e11aa20b9d745fdef44e7.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 03 Mar 2024 21:34:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 772890 (0xbcb1a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7a0d3eafbdae2e52636e11aa20b9d745fdef44e7
        Validity
            Not Before: Jul  1 04:53:25 2023 GMT
            Not After : Jul  2 04:53:25 2025 GMT
        Subject: CN=1bf3a6faab9b85b75116af35b7880c162c2284d6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:25:d9:1e:61:d8:88:18:7a:fc:ae:fe:10:d4:
                    e5:8d:b2:ed:36:74:21:ac:5f:80:1a:e3:17:e8:56:
                    35:08:76:b7:1e:61:cf:08:ab:58:6f:df:ca:ec:1f:
                    ca:67:75:df:54:31:c9:54:d8:08:76:29:dd:ba:0c:
                    f8:25:ee:4a:da:cb:67:6c:40:59:f6:9a:78:68:25:
                    0e:d9:f9:7e:1a:78:25:71:0d:e1:84:d5:2e:f8:cb:
                    ba:3b:d1:2a:bf:a2:6c:ab:18:14:93:34:2b:a0:da:
                    2d:2b:4a:9a:8c:dc:29:d7:c0:9f:60:ae:cb:97:29:
                    38:29:1b:8e:5c:ff:99:5c:f7:c3:3b:11:9d:26:cc:
                    e7:a0:54:bb:1c:e3:0a:87:28:c9:ee:be:4b:e8:d9:
                    ce:c4:d1:15:87:94:b6:fc:29:46:ac:1c:77:23:8e:
                    55:bc:82:9f:66:5c:bf:30:24:67:3b:15:83:dd:78:
                    12:33:f9:83:19:f6:58:f3:eb:b6:69:60:31:2e:69:
                    23:d3:48:0e:f5:a5:6b:45:d5:58:4a:fd:05:20:8f:
                    ba:8d:e5:5c:63:50:80:68:75:47:f5:7c:1c:05:af:
                    32:e7:48:01:aa:64:5a:a4:d6:40:dd:51:a6:a6:62:
                    36:21:ca:f8:45:f9:a0:b7:4b:0a:77:c3:68:2f:29:
                    7b:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C5:5D:DC:30:B3:36:2D:BD:56:DC:B2:72:B6:B3:70:93:0A:B5:E6:6F
            X509v3 Authority Key Identifier:
                keyid:EF:AD:68:3D:4A:EA:AB:8A:C7:E2:70:5D:50:FD:72:AD:1B:CD:F2:88

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/7a0d3eafbdae2e52636e11aa20b9d745fdef44e7.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/443ac76c-8eac-4e9c-8921-9aab23b81d30/1bf3a6faab9b85b75116af35b7880c162c2284d6.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/443ac76c-8eac-4e9c-8921-9aab23b81d30/7a0d3eafbdae2e52636e11aa20b9d745fdef44e7.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  179.49.157.0-179.49.159.255

    Signature Algorithm: sha256WithRSAEncryption
         2c:75:02:f6:43:a5:31:0f:83:55:72:4c:29:4f:32:ca:8b:df:
         85:15:37:db:12:e8:06:df:e1:7e:2d:28:8a:a8:3d:92:d4:0c:
         b9:91:9c:a4:ea:93:44:01:3e:c0:7c:e9:4c:d4:e3:91:b3:61:
         37:3e:c9:f6:65:71:5b:b8:94:c3:c9:32:4d:cf:8a:41:69:2b:
         35:24:e4:4c:e2:7e:14:e6:3a:fb:44:e0:e3:be:39:61:83:18:
         1e:85:82:dd:d5:88:88:ff:db:9e:67:16:8e:10:35:4b:7e:b7:
         11:28:bd:4c:24:ab:dd:d3:0e:f2:c1:a1:53:f6:91:67:4d:9b:
         81:99:44:72:1a:62:0c:ce:84:2d:c7:7c:4c:6d:01:3f:26:48:
         d2:5d:ba:84:ce:f4:a1:9f:83:4b:d0:c6:0f:cf:07:47:4d:83:
         cb:3c:23:4d:ef:d1:8e:a7:11:3f:f3:fc:11:5d:ca:1a:59:13:
         95:11:55:cf:9f:be:95:00:46:80:14:90:70:33:ed:92:97:23:
         eb:74:94:a1:91:39:50:9f:8a:f7:1d:ae:c1:d1:d6:bd:7b:eb:
         c0:b6:62:2b:e8:5c:89:63:4e:b2:80:c9:b3:b5:59:63:1c:1d:
         c7:c6:7f:ae:60:56:97:24:2e:d0:9b:9f:83:a3:6b:52:68:ff:
         03:44:4d:c1
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgIDC8saMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDdh
MGQzZWFmYmRhZTJlNTI2MzZlMTFhYTIwYjlkNzQ1ZmRlZjQ0ZTcwHhcNMjMwNzAx
MDQ1MzI1WhcNMjUwNzAyMDQ1MzI1WjAzMTEwLwYDVQQDEygxYmYzYTZmYWFiOWI4
NWI3NTExNmFmMzViNzg4MGMxNjJjMjI4NGQ2MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAlSXZHmHYiBh6/K7+ENTljbLtNnQhrF+AGuMX6FY1CHa3HmHP
CKtYb9/K7B/KZ3XfVDHJVNgIdindugz4Je5K2stnbEBZ9pp4aCUO2fl+GnglcQ3h
hNUu+Mu6O9Eqv6JsqxgUkzQroNotK0qajNwp18CfYK7Llyk4KRuOXP+ZXPfDOxGd
JsznoFS7HOMKhyjJ7r5L6NnOxNEVh5S2/ClGrBx3I45VvIKfZly/MCRnOxWD3XgS
M/mDGfZY8+u2aWAxLmkj00gO9aVrRdVYSv0FII+6jeVcY1CAaHVH9XwcBa8y50gB
qmRapNZA3VGmpmI2Icr4Rfmgt0sKd8NoLyl7WwIDAQABo4ICYzCCAl8wHQYDVR0O
BBYEFMVd3DCzNi29VtyycrazcJMKteZvMB8GA1UdIwQYMBaAFO+taD1K6quKx+Jw
XVD9cq0bzfKIMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvN2EwZDNl
YWZiZGFlMmU1MjYzNmUxMWFhMjBiOWQ3NDVmZGVmNDRlNy5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNDQzYWM3NmMtOGVhYy00ZTljLTg5MjEtOWFhYjIz
YjgxZDMwLzFiZjNhNmZhYWI5Yjg1Yjc1MTE2YWYzNWI3ODgwYzE2MmMyMjg0ZDYu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy80NDNhYzc2Yy04ZWFjLTRlOWMtODkyMS05YWFi
MjNiODFkMzAvN2EwZDNlYWZiZGFlMmU1MjYzNmUxMWFhMjBiOWQ3NDVmZGVmNDRl
Ny5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAnBggrBgEFBQcBBwEB/wQY
MBYwFAQCAAEwDjAMAwQAszGdAwQFszGAMA0GCSqGSIb3DQEBCwUAA4IBAQAsdQL2
Q6UxD4NVckwpTzLKi9+FFTfbEugG3+F+LSiKqD2S1Ay5kZyk6pNEAT7AfOlM1OOR
s2E3Psn2ZXFbuJTDyTJNz4pBaSs1JORM4n4U5jr7RODjvjlhgxgehYLd1YiI/9ue
ZxaOEDVLfrcRKL1MJKvd0w7ywaFT9pFnTZuBmURyGmIMzoQtx3xMbQE/JkjSXbqE
zvShn4NL0MYPzwdHTYPLPCNN79GOpxE/8/wRXcoaWROVEVXPn76VAEaAFJBwM+2S
lyPrdJShkTlQn4r3Ha7B0da9e+vAtmIr6FyJY06ygMmztVljHB3Hxn+uYFaXJC7Q
m5+Do2tSaP8DRE3B
-----END CERTIFICATE-----
Generated at Thu Feb 29 22:21:54 2024 by rpki-client on console-ams.rpki-client.org