Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/4642638e-5ad1-4be3-aa7e-4237c60bf808/1feb5a5351caf97844d3605ffe4fcc91442e380a.roa
File:                     1feb5a5351caf97844d3605ffe4fcc91442e380a.roa (raw, json)
Hash identifier:          EKn7vwzxbIqbumLIKS4+49r1LswpBifZ/+tJdVBBLvw=
Subject key identifier:   F0:7A:73:2C:9B:BE:20:4C:3C:24:98:EB:2F:EE:F8:AC:AB:81:33:F6
Certificate issuer:       /CN=d67a2511cddb03773fd7ab77a77fce811a97e2f5
Certificate serial:       0CE366
Authority key identifier: 51:02:5E:78:BE:A6:CA:C5:FC:23:16:42:9F:68:67:60:C4:94:98:68
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/d67a2511cddb03773fd7ab77a77fce811a97e2f5.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/4642638e-5ad1-4be3-aa7e-4237c60bf808/1feb5a5351caf97844d3605ffe4fcc91442e380a.roa
Signing time:             Wed 24 Mar 2021 14:29:39 +0000
ROA not before:           Wed 24 Mar 2021 14:29:38 +0000
ROA not after:            Tue 24 Mar 2026 14:29:38 +0000
asID:                     267683
IP address blocks:        45.163.31.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/4642638e-5ad1-4be3-aa7e-4237c60bf808/d67a2511cddb03773fd7ab77a77fce811a97e2f5.crl
                          rsync://repository.lacnic.net/rpki/lacnic/4642638e-5ad1-4be3-aa7e-4237c60bf808/d67a2511cddb03773fd7ab77a77fce811a97e2f5.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/d67a2511cddb03773fd7ab77a77fce811a97e2f5.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 01 Apr 2024 05:58:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 844646 (0xce366)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d67a2511cddb03773fd7ab77a77fce811a97e2f5
        Validity
            Not Before: Mar 24 14:29:38 2021 GMT
            Not After : Mar 24 14:29:38 2026 GMT
        Subject: CN=1feb5a5351caf97844d3605ffe4fcc91442e380a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:98:3d:0c:6d:b9:38:3d:83:af:bf:53:b0:cf:
                    85:86:85:09:84:ef:13:c9:16:47:8f:2c:70:c7:02:
                    ef:16:8b:8e:2a:e0:63:80:a6:08:7c:9c:ea:43:ae:
                    94:04:c1:76:84:37:43:59:38:6f:ac:27:28:9a:41:
                    4f:94:8b:25:f7:ef:27:bf:c6:7b:aa:d3:46:58:9c:
                    48:ff:6e:13:09:3f:0c:30:01:19:5a:2e:61:4a:ae:
                    b8:16:42:10:8d:4f:f7:e5:1d:95:a2:fd:24:c4:78:
                    8e:9e:a8:07:ea:fc:94:9a:6a:70:75:ca:df:f9:00:
                    7d:b3:81:5d:8d:41:b1:f7:ce:aa:fd:97:ef:27:d7:
                    8e:dc:44:fa:f3:db:fa:1d:87:bf:5a:24:8e:87:94:
                    41:c7:54:ae:cb:3a:40:97:7b:be:98:16:de:15:7e:
                    00:ae:f3:b9:3e:3b:95:6d:95:85:ae:85:7e:0e:df:
                    0b:d0:db:01:39:b3:61:24:3b:05:59:48:c5:de:5b:
                    3a:e1:c2:28:6f:02:c3:b5:89:ec:76:c2:38:d9:84:
                    83:e9:a1:2e:23:b0:88:25:37:e4:71:f8:48:bf:02:
                    89:8a:d8:25:1e:a9:bf:3c:18:ae:6f:17:76:4a:4d:
                    d7:b9:08:2c:44:2a:4a:c9:87:98:6c:c5:00:2c:8f:
                    fd:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F0:7A:73:2C:9B:BE:20:4C:3C:24:98:EB:2F:EE:F8:AC:AB:81:33:F6
            X509v3 Authority Key Identifier:
                keyid:51:02:5E:78:BE:A6:CA:C5:FC:23:16:42:9F:68:67:60:C4:94:98:68

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/d67a2511cddb03773fd7ab77a77fce811a97e2f5.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/4642638e-5ad1-4be3-aa7e-4237c60bf808/1feb5a5351caf97844d3605ffe4fcc91442e380a.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/4642638e-5ad1-4be3-aa7e-4237c60bf808/d67a2511cddb03773fd7ab77a77fce811a97e2f5.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.163.31.0/24

    Signature Algorithm: sha256WithRSAEncryption
         62:7d:a3:7c:f5:df:ab:ff:87:77:37:04:c1:37:b1:3a:5f:08:
         60:35:26:58:7b:b5:86:85:d9:00:d9:c9:0b:06:9a:61:b4:27:
         ff:df:ff:9a:07:90:77:3d:1c:61:0c:17:22:49:e2:cd:e4:86:
         58:80:2f:ce:08:6e:93:a8:38:7b:a1:b1:75:c8:38:6f:33:34:
         3b:ba:25:43:4c:4f:14:52:19:02:c7:bc:5c:8b:f0:34:18:f2:
         5a:64:d6:cf:67:5b:21:9d:2a:4a:d3:d9:64:c5:fe:fd:b8:91:
         53:f3:f7:e8:77:58:1e:38:cf:c5:a0:de:c1:48:08:e8:78:9f:
         f4:a3:fa:11:b5:fa:6d:ac:0e:ca:3c:a8:ce:07:41:54:7e:18:
         5b:14:11:38:8a:b0:7c:bb:f1:b9:e8:6c:b6:5a:6d:97:92:d6:
         d6:aa:be:88:6f:32:a3:79:7c:69:63:be:8e:ef:0c:9c:88:f0:
         47:38:37:cf:38:41:0f:82:29:8f:fb:ad:a0:b8:92:c0:8a:6c:
         d2:04:b4:eb:95:54:21:55:cf:6c:93:7e:53:5c:12:a6:16:3e:
         fd:11:65:ca:58:25:c1:dc:a2:85:cb:f1:9d:cb:9d:e6:e8:ef:
         46:cc:6a:ab:2b:a2:da:76:99:88:f9:6d:0c:fd:79:e4:4f:e3:
         67:47:21:be
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDDONmMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGQ2
N2EyNTExY2RkYjAzNzczZmQ3YWI3N2E3N2ZjZTgxMWE5N2UyZjUwHhcNMjEwMzI0
MTQyOTM4WhcNMjYwMzI0MTQyOTM4WjAzMTEwLwYDVQQDEygxZmViNWE1MzUxY2Fm
OTc4NDRkMzYwNWZmZTRmY2M5MTQ0MmUzODBhMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAk5g9DG25OD2Dr79TsM+FhoUJhO8TyRZHjyxwxwLvFouOKuBj
gKYIfJzqQ66UBMF2hDdDWThvrCcomkFPlIsl9+8nv8Z7qtNGWJxI/24TCT8MMAEZ
Wi5hSq64FkIQjU/35R2Vov0kxHiOnqgH6vyUmmpwdcrf+QB9s4FdjUGx986q/Zfv
J9eO3ET689v6HYe/WiSOh5RBx1SuyzpAl3u+mBbeFX4ArvO5PjuVbZWFroV+Dt8L
0NsBObNhJDsFWUjF3ls64cIobwLDtYnsdsI42YSD6aEuI7CIJTfkcfhIvwKJitgl
Hqm/PBiubxd2Sk3XuQgsRCpKyYeYbMUALI/9BwIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFPB6cyybviBMPCSY6y/u+KyrgTP2MB8GA1UdIwQYMBaAFFECXni+psrF/CMW
Qp9oZ2DElJhoMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvZDY3YTI1
MTFjZGRiMDM3NzNmZDdhYjc3YTc3ZmNlODExYTk3ZTJmNS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNDY0MjYzOGUtNWFkMS00YmUzLWFhN2UtNDIzN2M2
MGJmODA4LzFmZWI1YTUzNTFjYWY5Nzg0NGQzNjA1ZmZlNGZjYzkxNDQyZTM4MGEu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy80NjQyNjM4ZS01YWQxLTRiZTMtYWE3ZS00MjM3
YzYwYmY4MDgvZDY3YTI1MTFjZGRiMDM3NzNmZDdhYjc3YTc3ZmNlODExYTk3ZTJm
NS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAC2jHzANBgkqhkiG9w0BAQsFAAOCAQEAYn2jfPXfq/+HdzcE
wTexOl8IYDUmWHu1hoXZANnJCwaaYbQn/9//mgeQdz0cYQwXIknizeSGWIAvzghu
k6g4e6Gxdcg4bzM0O7olQ0xPFFIZAse8XIvwNBjyWmTWz2dbIZ0qStPZZMX+/biR
U/P36HdYHjjPxaDewUgI6Hif9KP6EbX6bawOyjyozgdBVH4YWxQROIqwfLvxuehs
tlptl5LW1qq+iG8yo3l8aWO+ju8MnIjwRzg3zzhBD4Ipj/utoLiSwIps0gS065VU
IVXPbJN+U1wSphY+/RFlylglwdyihcvxncud5ujvRsxqqyui2naZiPltDP155E/j
Z0chvg==
-----END CERTIFICATE-----
Generated at Fri Mar 29 07:06:34 2024 by rpki-client on console-ams.rpki-client.org