Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/471cfff9-e927-4cde-9a40-0b974219d425/32d701803510897377bbac33daf9ede22b96eebe.roa
File:                     32d701803510897377bbac33daf9ede22b96eebe.roa (raw, json)
Hash identifier:          9Ppww4QTEHAOmRm/xZ6fdDtJoyJf0z35HB3f/yqwojY=
Subject key identifier:   9D:4A:51:34:E0:10:B8:41:0F:5C:AB:DA:45:08:17:FB:C8:96:A9:BE
Certificate issuer:       /CN=141d26efc804cf968706456af6b6adc1a1fe5f14
Certificate serial:       1DFD8F
Authority key identifier: 02:02:98:9A:1D:C6:78:38:1E:3A:D0:19:69:3B:B6:BF:46:D8:A9:B9
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/141d26efc804cf968706456af6b6adc1a1fe5f14.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/471cfff9-e927-4cde-9a40-0b974219d425/32d701803510897377bbac33daf9ede22b96eebe.roa
Signing time:             Fri 24 Mar 2023 08:31:44 +0000
ROA not before:           Thu 23 Mar 2023 08:31:44 +0000
ROA not after:            Sat 22 Mar 2025 08:31:44 +0000
asID:                     266878
IP address blocks:        45.160.72.0/22 maxlen: 23

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/471cfff9-e927-4cde-9a40-0b974219d425/141d26efc804cf968706456af6b6adc1a1fe5f14.crl
                          rsync://repository.lacnic.net/rpki/lacnic/471cfff9-e927-4cde-9a40-0b974219d425/141d26efc804cf968706456af6b6adc1a1fe5f14.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/141d26efc804cf968706456af6b6adc1a1fe5f14.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 01 Apr 2024 05:58:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1965455 (0x1dfd8f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=141d26efc804cf968706456af6b6adc1a1fe5f14
        Validity
            Not Before: Mar 23 08:31:44 2023 GMT
            Not After : Mar 22 08:31:44 2025 GMT
        Subject: CN=32d701803510897377bbac33daf9ede22b96eebe
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:cb:a0:e3:26:82:02:7a:0d:74:c7:fa:b1:0e:
                    41:37:f2:6c:3c:28:1e:65:47:68:34:5c:04:60:4d:
                    f8:ec:8d:b0:eb:57:5a:ac:62:54:58:53:f0:8c:ad:
                    e3:9b:d6:23:4c:65:25:83:38:b8:52:f7:fc:49:a0:
                    b5:c3:f7:a4:2b:29:6b:8c:b2:e6:79:60:74:d0:78:
                    b3:2b:6d:52:ff:86:99:41:aa:f4:3e:09:81:15:f1:
                    8c:28:df:06:7c:9e:fa:6c:07:13:37:a6:7b:9d:11:
                    6b:ec:2d:ac:75:4f:95:7b:2d:0b:59:e0:e9:f6:b2:
                    82:af:8c:0c:d6:22:be:5a:29:02:b8:d8:0c:60:58:
                    04:00:d6:54:47:7c:f3:c6:22:53:2f:33:75:c3:4d:
                    d2:9d:69:11:d5:1d:4a:95:7d:f2:81:d4:84:39:25:
                    f9:b4:53:32:da:64:06:ef:ce:07:c0:eb:d3:48:31:
                    56:a3:18:04:94:d6:e7:22:4d:3f:e9:cd:e2:cb:72:
                    de:bc:1f:18:1a:a3:ed:77:d3:65:05:9b:a7:63:89:
                    9a:dc:82:47:68:34:db:a8:50:ed:e8:89:57:96:39:
                    3e:11:e9:65:a7:22:45:80:7a:a4:6d:68:5c:c0:7e:
                    c6:da:21:68:dc:d8:91:b6:98:10:41:9b:28:71:d1:
                    87:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9D:4A:51:34:E0:10:B8:41:0F:5C:AB:DA:45:08:17:FB:C8:96:A9:BE
            X509v3 Authority Key Identifier:
                keyid:02:02:98:9A:1D:C6:78:38:1E:3A:D0:19:69:3B:B6:BF:46:D8:A9:B9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/141d26efc804cf968706456af6b6adc1a1fe5f14.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/471cfff9-e927-4cde-9a40-0b974219d425/32d701803510897377bbac33daf9ede22b96eebe.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/471cfff9-e927-4cde-9a40-0b974219d425/141d26efc804cf968706456af6b6adc1a1fe5f14.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.160.72.0/22

    Signature Algorithm: sha256WithRSAEncryption
         8b:75:11:94:d4:32:df:51:a0:53:f9:08:64:3a:5c:4d:80:a9:
         e5:8f:08:df:ca:d9:f0:99:90:f1:2a:2c:db:13:a1:bc:63:0e:
         7c:91:1f:34:08:4a:ca:61:c9:bc:9f:4c:d6:45:23:ae:00:79:
         49:32:92:23:bc:22:5a:d3:46:6a:5c:a1:f8:9d:8d:f9:e8:7b:
         59:1b:ea:02:09:bb:43:0f:40:aa:ca:54:17:66:30:1a:80:2a:
         bb:ca:70:0a:77:f5:fc:e1:ac:93:f7:5e:75:7b:3f:72:4a:ec:
         5a:9e:dd:de:ff:31:08:f7:1e:4b:aa:dc:e8:e9:04:84:af:8e:
         f1:58:5f:7b:65:57:fb:b9:0f:d5:01:03:21:1e:f3:e3:2a:a9:
         35:e1:39:aa:e9:2e:ce:d9:c1:11:6a:d6:8e:51:93:54:6b:49:
         40:e3:da:b4:3d:cd:57:7b:40:b7:3a:72:cb:11:59:cb:2e:fc:
         dc:b5:e8:3b:17:6a:08:e7:b4:f3:25:65:06:e9:bc:f7:7f:24:
         e4:3a:de:c7:18:af:34:1b:92:c4:a9:73:49:36:7e:d3:ad:f3:
         05:e0:85:4c:40:f0:c3:af:7a:22:31:4c:c4:22:3d:26:90:7f:
         af:20:19:c5:3a:38:0b:11:7d:38:6f:61:e6:c9:0b:75:0d:3b:
         d3:69:14:ac
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDHf2PMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDE0
MWQyNmVmYzgwNGNmOTY4NzA2NDU2YWY2YjZhZGMxYTFmZTVmMTQwHhcNMjMwMzIz
MDgzMTQ0WhcNMjUwMzIyMDgzMTQ0WjAzMTEwLwYDVQQDEygzMmQ3MDE4MDM1MTA4
OTczNzdiYmFjMzNkYWY5ZWRlMjJiOTZlZWJlMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAvsug4yaCAnoNdMf6sQ5BN/JsPCgeZUdoNFwEYE347I2w61da
rGJUWFPwjK3jm9YjTGUlgzi4Uvf8SaC1w/ekKylrjLLmeWB00HizK21S/4aZQar0
PgmBFfGMKN8GfJ76bAcTN6Z7nRFr7C2sdU+Vey0LWeDp9rKCr4wM1iK+WikCuNgM
YFgEANZUR3zzxiJTLzN1w03SnWkR1R1KlX3ygdSEOSX5tFMy2mQG784HwOvTSDFW
oxgElNbnIk0/6c3iy3LevB8YGqPtd9NlBZunY4ma3IJHaDTbqFDt6IlXljk+Eell
pyJFgHqkbWhcwH7G2iFo3NiRtpgQQZsocdGHhQIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFJ1KUTTgELhBD1yr2kUIF/vIlqm+MB8GA1UdIwQYMBaAFAICmJodxng4HjrQ
GWk7tr9G2Km5MA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvMTQxZDI2
ZWZjODA0Y2Y5Njg3MDY0NTZhZjZiNmFkYzFhMWZlNWYxNC5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNDcxY2ZmZjktZTkyNy00Y2RlLTlhNDAtMGI5NzQy
MTlkNDI1LzMyZDcwMTgwMzUxMDg5NzM3N2JiYWMzM2RhZjllZGUyMmI5NmVlYmUu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy80NzFjZmZmOS1lOTI3LTRjZGUtOWE0MC0wYjk3
NDIxOWQ0MjUvMTQxZDI2ZWZjODA0Y2Y5Njg3MDY0NTZhZjZiNmFkYzFhMWZlNWYx
NC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAi2gSDANBgkqhkiG9w0BAQsFAAOCAQEAi3URlNQy31GgU/kI
ZDpcTYCp5Y8I38rZ8JmQ8Sos2xOhvGMOfJEfNAhKymHJvJ9M1kUjrgB5STKSI7wi
WtNGalyh+J2N+eh7WRvqAgm7Qw9AqspUF2YwGoAqu8pwCnf1/OGsk/dedXs/ckrs
Wp7d3v8xCPceS6rc6OkEhK+O8Vhfe2VX+7kP1QEDIR7z4yqpNeE5qukuztnBEWrW
jlGTVGtJQOPatD3NV3tAtzpyyxFZyy783LXoOxdqCOe08yVlBum8938k5Drexxiv
NBuSxKlzSTZ+063zBeCFTEDww696IjFMxCI9JpB/ryAZxTo4CxF9OG9h5skLdQ07
02kUrA==
-----END CERTIFICATE-----
Generated at Fri Mar 29 11:05:03 2024 by rpki-client on console-ams.rpki-client.org