Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/4d8df0f0-41c4-401d-ac15-de0db40ac9cb/bfc605886127219ac173bc4be2813343cfa2b1ad.roa
File:                     bfc605886127219ac173bc4be2813343cfa2b1ad.roa (raw, json)
Hash identifier:          lg6MabRr76/0wPWoyY9j/5f+ctKbD+n0j6aMb+BPzzQ=
Subject key identifier:   D7:6B:D7:32:9D:15:5C:DC:9A:C8:6F:BD:36:9E:21:DE:A3:B6:EB:A9
Certificate issuer:       /CN=297e119ebe51a00d6560ab73fd79c51ada403f19
Certificate serial:       E655
Authority key identifier: 07:09:37:88:ED:4A:80:C2:0C:DE:CE:10:A7:FF:BB:31:21:A2:72:9E
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/297e119ebe51a00d6560ab73fd79c51ada403f19.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/4d8df0f0-41c4-401d-ac15-de0db40ac9cb/bfc605886127219ac173bc4be2813343cfa2b1ad.roa
Signing time:             Wed 14 Sep 2022 14:04:05 +0000
ROA not before:           Tue 13 Sep 2022 19:16:01 +0000
ROA not after:            Fri 13 Sep 2024 19:16:01 +0000
asID:                     27823
IP address blocks:        138.219.42.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/4d8df0f0-41c4-401d-ac15-de0db40ac9cb/297e119ebe51a00d6560ab73fd79c51ada403f19.crl
                          rsync://repository.lacnic.net/rpki/lacnic/4d8df0f0-41c4-401d-ac15-de0db40ac9cb/297e119ebe51a00d6560ab73fd79c51ada403f19.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/297e119ebe51a00d6560ab73fd79c51ada403f19.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 01 Apr 2024 05:58:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 58965 (0xe655)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=297e119ebe51a00d6560ab73fd79c51ada403f19
        Validity
            Not Before: Sep 13 19:16:01 2022 GMT
            Not After : Sep 13 19:16:01 2024 GMT
        Subject: CN=bfc605886127219ac173bc4be2813343cfa2b1ad
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:f9:23:27:20:74:d7:39:6f:9e:6f:0a:25:1b:
                    64:67:55:16:95:ab:83:1c:b8:56:70:0a:0f:51:20:
                    24:90:a9:97:d9:0c:51:35:e1:2b:bb:46:7c:13:b2:
                    4a:d6:8a:d6:f1:f1:78:23:52:ac:02:cd:01:97:c8:
                    5b:a6:6b:2f:f7:86:d1:2f:50:63:16:1f:e6:3a:0e:
                    d1:82:e9:a8:6e:a0:84:25:fb:10:99:a1:41:10:64:
                    be:31:4a:87:f8:bb:cf:8a:89:1c:bc:5b:3e:b3:2e:
                    dc:0f:fa:f1:b1:10:12:ea:91:8e:72:8b:d0:aa:b0:
                    25:c0:e0:12:f6:0a:81:77:a5:a9:6e:11:d5:a1:e8:
                    f1:00:b8:a7:df:98:68:c1:af:8d:fd:f9:37:3e:4d:
                    60:3c:9f:74:cc:c3:ae:88:7a:80:53:71:d4:d2:c0:
                    50:f6:bc:1d:84:16:eb:b4:6b:33:e5:c7:30:2a:ca:
                    45:8d:76:9e:00:ee:c2:b6:41:5c:44:5e:4f:75:f8:
                    67:42:34:5d:0c:38:56:21:61:ab:e3:05:5e:15:76:
                    7e:51:7b:52:56:d4:97:69:20:23:3a:40:95:3d:a9:
                    c8:15:90:28:a9:5e:8d:87:fb:3f:5c:dc:ad:c5:bd:
                    85:fe:b4:41:c7:62:a7:28:dc:a2:38:35:9f:36:9e:
                    10:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D7:6B:D7:32:9D:15:5C:DC:9A:C8:6F:BD:36:9E:21:DE:A3:B6:EB:A9
            X509v3 Authority Key Identifier:
                keyid:07:09:37:88:ED:4A:80:C2:0C:DE:CE:10:A7:FF:BB:31:21:A2:72:9E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/297e119ebe51a00d6560ab73fd79c51ada403f19.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/4d8df0f0-41c4-401d-ac15-de0db40ac9cb/bfc605886127219ac173bc4be2813343cfa2b1ad.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/4d8df0f0-41c4-401d-ac15-de0db40ac9cb/297e119ebe51a00d6560ab73fd79c51ada403f19.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  138.219.42.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7d:b8:14:cc:e0:35:c6:a8:82:f8:40:45:f6:c9:82:ff:ff:18:
         72:12:b4:a0:35:3a:a1:1b:a7:61:54:c4:09:76:c0:83:a5:d1:
         45:5f:e3:95:aa:75:81:02:08:99:eb:0f:be:d6:3f:ae:7f:6c:
         b6:6e:15:96:66:15:13:f8:d7:7c:95:c2:c0:e5:ee:c4:88:59:
         39:3a:9b:90:ab:6f:13:ac:1e:3b:7a:9b:da:7d:36:2a:40:9b:
         03:09:6a:44:9e:7e:75:be:da:da:23:e0:a1:70:8c:72:72:b9:
         a3:e3:57:76:f6:d6:04:ac:8c:0d:bf:a6:9d:ea:c2:ec:f2:a6:
         25:76:9c:dc:96:0e:99:82:07:fd:1d:83:91:72:7b:d9:ac:97:
         68:59:76:b7:03:0a:93:98:d0:16:48:bb:1c:1d:c5:43:ee:2d:
         55:60:34:67:d8:e1:99:84:55:11:08:14:c5:b0:2c:f6:9f:fd:
         0d:0a:58:53:94:a4:84:f9:26:6a:f2:fe:5a:8b:fa:4d:86:29:
         fb:57:f6:06:57:65:e6:8c:0f:e3:90:2e:c0:60:27:aa:c7:3f:
         8a:5a:c5:78:be:fe:6e:5f:d7:7b:90:12:fb:24:09:36:01:8f:
         24:71:92:62:4e:f6:0c:64:e6:bb:1b:3e:03:01:ed:c0:c8:f0:
         28:17:02:ed
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDAOZVMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDI5
N2UxMTllYmU1MWEwMGQ2NTYwYWI3M2ZkNzljNTFhZGE0MDNmMTkwHhcNMjIwOTEz
MTkxNjAxWhcNMjQwOTEzMTkxNjAxWjAzMTEwLwYDVQQDEyhiZmM2MDU4ODYxMjcy
MTlhYzE3M2JjNGJlMjgxMzM0M2NmYTJiMWFkMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEArPkjJyB01zlvnm8KJRtkZ1UWlauDHLhWcAoPUSAkkKmX2QxR
NeEru0Z8E7JK1orW8fF4I1KsAs0Bl8hbpmsv94bRL1BjFh/mOg7RgumobqCEJfsQ
maFBEGS+MUqH+LvPiokcvFs+sy7cD/rxsRAS6pGOcovQqrAlwOAS9gqBd6WpbhHV
oejxALin35howa+N/fk3Pk1gPJ90zMOuiHqAU3HU0sBQ9rwdhBbrtGsz5ccwKspF
jXaeAO7CtkFcRF5PdfhnQjRdDDhWIWGr4wVeFXZ+UXtSVtSXaSAjOkCVPanIFZAo
qV6Nh/s/XNytxb2F/rRBx2KnKNyiODWfNp4QpwIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFNdr1zKdFVzcmshvvTaeId6jtuupMB8GA1UdIwQYMBaAFAcJN4jtSoDCDN7O
EKf/uzEhonKeMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvMjk3ZTEx
OWViZTUxYTAwZDY1NjBhYjczZmQ3OWM1MWFkYTQwM2YxOS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNGQ4ZGYwZjAtNDFjNC00MDFkLWFjMTUtZGUwZGI0
MGFjOWNiL2JmYzYwNTg4NjEyNzIxOWFjMTczYmM0YmUyODEzMzQzY2ZhMmIxYWQu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy80ZDhkZjBmMC00MWM0LTQwMWQtYWMxNS1kZTBk
YjQwYWM5Y2IvMjk3ZTExOWViZTUxYTAwZDY1NjBhYjczZmQ3OWM1MWFkYTQwM2Yx
OS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAIrbKjANBgkqhkiG9w0BAQsFAAOCAQEAfbgUzOA1xqiC+EBF
9smC//8YchK0oDU6oRunYVTECXbAg6XRRV/jlap1gQIImesPvtY/rn9stm4VlmYV
E/jXfJXCwOXuxIhZOTqbkKtvE6weO3qb2n02KkCbAwlqRJ5+db7a2iPgoXCMcnK5
o+NXdvbWBKyMDb+mnerC7PKmJXac3JYOmYIH/R2DkXJ72ayXaFl2twMKk5jQFki7
HB3FQ+4tVWA0Z9jhmYRVEQgUxbAs9p/9DQpYU5SkhPkmavL+Wov6TYYp+1f2Bldl
5owP45AuwGAnqsc/ilrFeL7+bl/Xe5AS+yQJNgGPJHGSYk72DGTmuxs+AwHtwMjw
KBcC7Q==
-----END CERTIFICATE-----
Generated at Fri Mar 29 06:25:30 2024 by rpki-client on console-ams.rpki-client.org