Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/49c18d82-9a62-46a6-8470-be909cac4304/3dc47f15b56845e732378713e98388fe46637589.roa
File:                     3dc47f15b56845e732378713e98388fe46637589.roa (raw, json)
Hash identifier:          OKgw4gtO227ipegsqPGbWkHOMFAwCW/zLPL0TvabMK4=
Subject key identifier:   12:AC:63:26:A1:5F:62:9E:4A:E3:2D:38:F1:58:40:44:E5:84:07:63
Certificate issuer:       /CN=dffb95a77b596556dc922d7d59d7e123c2fec9b7
Certificate serial:       1B6F73
Authority key identifier: D4:7C:4D:55:EF:31:B5:B6:73:BE:CF:CE:F3:1F:AF:BE:A3:18:37:F0
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/dffb95a77b596556dc922d7d59d7e123c2fec9b7.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/49c18d82-9a62-46a6-8470-be909cac4304/3dc47f15b56845e732378713e98388fe46637589.roa
Signing time:             Wed 04 Oct 2023 01:42:13 +0000
ROA not before:           Tue 03 Oct 2023 01:42:13 +0000
ROA not after:            Sat 04 Oct 2025 02:42:13 +0000
asID:                     270158
IP address blocks:        170.78.208.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/49c18d82-9a62-46a6-8470-be909cac4304/dffb95a77b596556dc922d7d59d7e123c2fec9b7.crl
                          rsync://repository.lacnic.net/rpki/lacnic/49c18d82-9a62-46a6-8470-be909cac4304/dffb95a77b596556dc922d7d59d7e123c2fec9b7.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/dffb95a77b596556dc922d7d59d7e123c2fec9b7.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Tue 27 Feb 2024 21:42:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1798003 (0x1b6f73)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dffb95a77b596556dc922d7d59d7e123c2fec9b7
        Validity
            Not Before: Oct  3 01:42:13 2023 GMT
            Not After : Oct  4 02:42:13 2025 GMT
        Subject: CN=3dc47f15b56845e732378713e98388fe46637589
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:81:a2:52:3b:0c:ed:66:47:d4:37:0e:fc:a7:84:
                    0d:b7:db:78:03:1b:40:db:54:d4:a3:73:d9:b8:aa:
                    ae:64:10:74:7b:ef:96:4e:cb:ca:17:ed:c7:f7:3e:
                    4f:9f:7c:fe:7b:2e:a3:13:6f:0a:16:c0:a3:9a:bb:
                    5d:fe:39:f7:67:db:75:ee:09:c3:f1:56:c3:e5:31:
                    d8:85:aa:27:59:71:4f:a8:65:25:c2:00:6f:91:40:
                    74:db:ce:fa:73:80:95:7b:e2:09:25:bc:c4:3a:4a:
                    55:da:06:07:00:59:01:53:79:29:0a:cb:5a:f2:d2:
                    97:61:08:a5:07:a0:19:af:38:5d:72:36:fb:c7:5c:
                    55:b0:57:46:39:cb:53:8b:25:17:a2:e0:35:20:aa:
                    f3:61:bc:c1:4f:3f:de:88:3a:be:b9:03:b2:9b:63:
                    fc:05:b5:d9:e2:98:06:f1:88:ad:91:79:24:86:e0:
                    0b:a7:60:33:3f:f7:d2:ca:06:6e:60:e7:c0:be:74:
                    4f:69:6a:6f:bd:19:9e:c7:89:b9:ca:97:10:11:27:
                    e8:ff:6e:ab:dc:fa:28:b7:ae:b5:d2:a9:ab:5a:2d:
                    84:60:d2:07:a3:22:98:26:6d:bb:b7:0a:91:cd:32:
                    15:05:51:18:f2:0d:25:ea:50:49:76:df:5c:e1:4e:
                    94:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                12:AC:63:26:A1:5F:62:9E:4A:E3:2D:38:F1:58:40:44:E5:84:07:63
            X509v3 Authority Key Identifier:
                keyid:D4:7C:4D:55:EF:31:B5:B6:73:BE:CF:CE:F3:1F:AF:BE:A3:18:37:F0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/dffb95a77b596556dc922d7d59d7e123c2fec9b7.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/49c18d82-9a62-46a6-8470-be909cac4304/3dc47f15b56845e732378713e98388fe46637589.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/49c18d82-9a62-46a6-8470-be909cac4304/dffb95a77b596556dc922d7d59d7e123c2fec9b7.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  170.78.208.0/22

    Signature Algorithm: sha256WithRSAEncryption
         18:5d:6c:cb:94:0e:52:c5:6d:04:ab:3d:bc:f4:c3:73:c2:5c:
         66:7d:d5:c3:6f:35:66:97:4b:47:6e:e8:b0:fe:c4:0d:b1:5e:
         ca:6d:c0:f8:c8:c5:49:c0:58:8a:e5:63:88:72:58:35:74:a4:
         c8:66:1a:82:28:02:c6:31:f5:c4:47:26:a9:4b:fd:84:2a:f1:
         56:05:ec:e5:02:f5:e5:a6:3a:14:1b:fb:11:49:fb:e0:37:9d:
         1e:29:88:73:98:ea:f0:ef:c6:a7:32:ef:d0:9f:b3:8d:a6:a3:
         14:43:01:67:11:a0:91:80:6f:56:be:41:5f:b6:46:8b:c9:aa:
         f1:57:84:0e:dd:ac:4e:33:fe:a8:64:19:70:e8:75:e7:df:7b:
         28:13:34:2b:9e:20:6b:0c:b0:80:fc:e9:3e:b6:6a:56:a4:17:
         47:4d:b2:5c:9c:3c:4e:fb:db:32:98:fe:78:78:8c:ad:4c:7a:
         da:75:fb:08:e0:99:af:a3:4d:cc:db:76:88:95:5e:6b:ab:ea:
         b0:03:2c:3e:0d:2d:40:41:1b:d7:8a:bb:67:5c:66:6a:2a:aa:
         15:7e:9a:63:20:d7:d0:90:9b:79:86:20:db:e2:4d:c9:66:2c:
         a7:77:93:c5:75:46:23:43:86:8e:a0:e9:78:58:bd:94:22:32:
         5a:73:6f:2c
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDG29zMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGRm
ZmI5NWE3N2I1OTY1NTZkYzkyMmQ3ZDU5ZDdlMTIzYzJmZWM5YjcwHhcNMjMxMDAz
MDE0MjEzWhcNMjUxMDA0MDI0MjEzWjAzMTEwLwYDVQQDEygzZGM0N2YxNWI1Njg0
NWU3MzIzNzg3MTNlOTgzODhmZTQ2NjM3NTg5MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAgaJSOwztZkfUNw78p4QNt9t4AxtA21TUo3PZuKquZBB0e++W
TsvKF+3H9z5Pn3z+ey6jE28KFsCjmrtd/jn3Z9t17gnD8VbD5THYhaonWXFPqGUl
wgBvkUB02876c4CVe+IJJbzEOkpV2gYHAFkBU3kpCsta8tKXYQilB6AZrzhdcjb7
x1xVsFdGOctTiyUXouA1IKrzYbzBTz/eiDq+uQOym2P8BbXZ4pgG8YitkXkkhuAL
p2AzP/fSygZuYOfAvnRPaWpvvRmex4m5ypcQESfo/26r3Poot6610qmrWi2EYNIH
oyKYJm27twqRzTIVBVEY8g0l6lBJdt9c4U6UXQIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFBKsYyahX2KeSuMtOPFYQETlhAdjMB8GA1UdIwQYMBaAFNR8TVXvMbW2c77P
zvMfr76jGDfwMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvZGZmYjk1
YTc3YjU5NjU1NmRjOTIyZDdkNTlkN2UxMjNjMmZlYzliNy5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNDljMThkODItOWE2Mi00NmE2LTg0NzAtYmU5MDlj
YWM0MzA0LzNkYzQ3ZjE1YjU2ODQ1ZTczMjM3ODcxM2U5ODM4OGZlNDY2Mzc1ODku
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy80OWMxOGQ4Mi05YTYyLTQ2YTYtODQ3MC1iZTkw
OWNhYzQzMDQvZGZmYjk1YTc3YjU5NjU1NmRjOTIyZDdkNTlkN2UxMjNjMmZlYzli
Ny5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAqpO0DANBgkqhkiG9w0BAQsFAAOCAQEAGF1sy5QOUsVtBKs9
vPTDc8JcZn3Vw281ZpdLR27osP7EDbFeym3A+MjFScBYiuVjiHJYNXSkyGYagigC
xjH1xEcmqUv9hCrxVgXs5QL15aY6FBv7EUn74DedHimIc5jq8O/GpzLv0J+zjaaj
FEMBZxGgkYBvVr5BX7ZGi8mq8VeEDt2sTjP+qGQZcOh15997KBM0K54gawywgPzp
PrZqVqQXR02yXJw8TvvbMpj+eHiMrUx62nX7COCZr6NNzNt2iJVea6vqsAMsPg0t
QEEb14q7Z1xmaiqqFX6aYyDX0JCbeYYg2+JNyWYsp3eTxXVGI0OGjqDpeFi9lCIy
WnNvLA==
-----END CERTIFICATE-----
Generated at Sun Feb 25 02:18:59 2024 by rpki-client on console-fra.rpki-client.org