Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/4759e9ac-b2e4-43cb-a441-c537deb13c1d/569be082a9112798fbc65e31025d77bbe79514c0.roa
File:                     569be082a9112798fbc65e31025d77bbe79514c0.roa (raw, json)
Hash identifier:          1Rx+02+BrBZ//UjzgwaVgqs/NmNfHXfoSS3+wm7LrOs=
Subject key identifier:   4E:51:25:D4:F9:3D:69:DA:CE:4C:28:CD:4B:41:57:13:1C:0D:3E:FB
Certificate issuer:       /CN=a73c2640b87c02edde7ff9424425bd136edffe32
Certificate serial:       0D024B
Authority key identifier: 65:6D:DE:B4:82:27:25:10:6D:0E:D3:ED:EE:78:9C:AE:19:D3:CF:BB
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/a73c2640b87c02edde7ff9424425bd136edffe32.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/4759e9ac-b2e4-43cb-a441-c537deb13c1d/569be082a9112798fbc65e31025d77bbe79514c0.roa
Signing time:             Wed 24 Mar 2021 14:37:20 +0000
ROA not before:           Wed 24 Mar 2021 14:37:20 +0000
ROA not after:            Tue 24 Mar 2026 14:37:20 +0000
asID:                     262241
IP address blocks:        168.195.124.0/22 maxlen: 22

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/4759e9ac-b2e4-43cb-a441-c537deb13c1d/a73c2640b87c02edde7ff9424425bd136edffe32.crl
                          rsync://repository.lacnic.net/rpki/lacnic/4759e9ac-b2e4-43cb-a441-c537deb13c1d/a73c2640b87c02edde7ff9424425bd136edffe32.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/a73c2640b87c02edde7ff9424425bd136edffe32.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 01 Apr 2024 05:58:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 852555 (0xd024b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a73c2640b87c02edde7ff9424425bd136edffe32
        Validity
            Not Before: Mar 24 14:37:20 2021 GMT
            Not After : Mar 24 14:37:20 2026 GMT
        Subject: CN=569be082a9112798fbc65e31025d77bbe79514c0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:07:c0:94:24:9c:17:e0:99:0a:76:6c:d1:f2:
                    e2:7e:0a:ea:f2:41:77:4c:a1:3e:07:ee:d7:b7:cf:
                    0c:53:84:c2:f8:9b:08:15:68:17:e9:7f:5f:56:69:
                    4d:3b:21:76:b2:43:5e:99:58:32:48:b8:29:a4:12:
                    2d:3f:ff:99:74:f2:17:de:40:e3:34:5e:de:dd:54:
                    c3:d6:75:07:7a:d3:3f:69:48:1d:a8:25:ef:4f:17:
                    02:5d:87:9e:26:c7:f1:79:5c:31:95:37:0e:f3:6e:
                    fb:37:65:86:d9:50:83:9f:6b:c8:b9:bf:5e:1c:5c:
                    f9:4e:64:bc:4c:11:21:fe:2a:70:80:b2:c0:da:f7:
                    35:ff:41:45:32:ab:82:55:20:34:3a:34:bd:6f:88:
                    c3:a2:65:c7:67:17:d1:f4:6c:b5:3d:e7:4c:0a:fe:
                    d9:33:b6:20:3f:68:51:0b:f1:d2:de:38:e3:7f:46:
                    6a:8d:d7:9d:ca:12:87:0a:f0:29:61:e8:5f:ff:5f:
                    95:2a:8f:5f:b6:16:7a:23:f0:be:09:ba:90:71:8b:
                    08:00:69:39:90:01:18:cb:5e:99:2c:f8:9d:0d:5c:
                    5d:f3:59:b7:8c:58:de:3e:8f:98:8f:b2:e8:a3:e4:
                    8d:6b:e3:b0:8d:84:93:83:73:20:df:6d:49:a3:b9:
                    27:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4E:51:25:D4:F9:3D:69:DA:CE:4C:28:CD:4B:41:57:13:1C:0D:3E:FB
            X509v3 Authority Key Identifier:
                keyid:65:6D:DE:B4:82:27:25:10:6D:0E:D3:ED:EE:78:9C:AE:19:D3:CF:BB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/a73c2640b87c02edde7ff9424425bd136edffe32.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/4759e9ac-b2e4-43cb-a441-c537deb13c1d/569be082a9112798fbc65e31025d77bbe79514c0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/4759e9ac-b2e4-43cb-a441-c537deb13c1d/a73c2640b87c02edde7ff9424425bd136edffe32.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  168.195.124.0/22

    Signature Algorithm: sha256WithRSAEncryption
         83:bf:00:49:33:83:ab:2a:87:a3:bd:8d:d2:40:da:b3:17:26:
         6d:95:7f:c4:6b:b8:00:2b:95:7e:97:e7:08:4e:e7:6d:a6:d8:
         c7:fa:82:b1:b7:38:73:7a:df:8d:bd:df:26:2e:96:a6:27:68:
         2b:27:0b:b3:23:97:31:d9:35:36:78:bc:bc:60:1c:96:1e:88:
         67:75:99:4c:a1:ad:77:97:be:e2:a4:a8:79:fd:61:f0:7b:ec:
         5b:6c:18:ab:ef:c0:ce:5e:52:dd:91:76:7b:54:39:4c:47:9c:
         34:05:56:ea:a8:56:c3:37:44:ae:38:77:d7:ef:12:8e:79:fc:
         7e:68:95:50:79:91:52:aa:a0:bd:72:d7:46:aa:f3:13:33:ab:
         61:ba:5b:e8:4c:86:ec:75:1d:00:b5:34:e5:c9:e2:b2:b8:9e:
         12:99:41:67:ec:66:16:ff:09:18:02:a9:fe:c9:5a:a5:1e:77:
         7b:9d:50:19:d1:58:f2:86:7f:73:10:db:c6:6f:d2:5e:1a:fe:
         f8:18:7a:70:be:e1:7a:c5:98:af:df:55:69:57:75:f9:42:22:
         6e:eb:53:8f:1b:29:4c:05:28:c7:5e:d6:36:aa:17:39:0b:56:
         5f:e5:c1:08:4f:47:1f:3c:4f:75:31:07:cb:a6:4c:26:31:7e:
         60:50:96:3a
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDDQJLMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGE3
M2MyNjQwYjg3YzAyZWRkZTdmZjk0MjQ0MjViZDEzNmVkZmZlMzIwHhcNMjEwMzI0
MTQzNzIwWhcNMjYwMzI0MTQzNzIwWjAzMTEwLwYDVQQDEyg1NjliZTA4MmE5MTEy
Nzk4ZmJjNjVlMzEwMjVkNzdiYmU3OTUxNGMwMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAmAfAlCScF+CZCnZs0fLifgrq8kF3TKE+B+7Xt88MU4TC+JsI
FWgX6X9fVmlNOyF2skNemVgySLgppBItP/+ZdPIX3kDjNF7e3VTD1nUHetM/aUgd
qCXvTxcCXYeeJsfxeVwxlTcO8277N2WG2VCDn2vIub9eHFz5TmS8TBEh/ipwgLLA
2vc1/0FFMquCVSA0OjS9b4jDomXHZxfR9Gy1PedMCv7ZM7YgP2hRC/HS3jjjf0Zq
jdedyhKHCvApYehf/1+VKo9fthZ6I/C+CbqQcYsIAGk5kAEYy16ZLPidDVxd81m3
jFjePo+Yj7Loo+SNa+OwjYSTg3Mg321Jo7knFQIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFE5RJdT5PWnazkwozUtBVxMcDT77MB8GA1UdIwQYMBaAFGVt3rSCJyUQbQ7T
7e54nK4Z08+7MA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYTczYzI2
NDBiODdjMDJlZGRlN2ZmOTQyNDQyNWJkMTM2ZWRmZmUzMi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNDc1OWU5YWMtYjJlNC00M2NiLWE0NDEtYzUzN2Rl
YjEzYzFkLzU2OWJlMDgyYTkxMTI3OThmYmM2NWUzMTAyNWQ3N2JiZTc5NTE0YzAu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy80NzU5ZTlhYy1iMmU0LTQzY2ItYTQ0MS1jNTM3
ZGViMTNjMWQvYTczYzI2NDBiODdjMDJlZGRlN2ZmOTQyNDQyNWJkMTM2ZWRmZmUz
Mi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAqjDfDANBgkqhkiG9w0BAQsFAAOCAQEAg78ASTODqyqHo72N
0kDasxcmbZV/xGu4ACuVfpfnCE7nbabYx/qCsbc4c3rfjb3fJi6WpidoKycLsyOX
Mdk1Nni8vGAclh6IZ3WZTKGtd5e+4qSoef1h8HvsW2wYq+/Azl5S3ZF2e1Q5TEec
NAVW6qhWwzdErjh31+8Sjnn8fmiVUHmRUqqgvXLXRqrzEzOrYbpb6EyG7HUdALU0
5cnisrieEplBZ+xmFv8JGAKp/slapR53e51QGdFY8oZ/cxDbxm/SXhr++Bh6cL7h
esWYr99VaVd1+UIibutTjxspTAUox17WNqoXOQtWX+XBCE9HHzxPdTEHy6ZMJjF+
YFCWOg==
-----END CERTIFICATE-----
Generated at Fri Mar 29 07:06:34 2024 by rpki-client on console-ams.rpki-client.org