Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/4d8df0f0-41c4-401d-ac15-de0db40ac9cb/dad2062698d976e78b120de611d551ad1a46270e.roa
File:                     dad2062698d976e78b120de611d551ad1a46270e.roa (raw, json)
Hash identifier:          j6MoMOmxzmp5e4Hb1QZeBb5zFF2sKHylms3a8IVXqMk=
Subject key identifier:   F7:0E:3A:2E:C0:6A:54:BB:CF:DC:68:74:B7:57:62:30:B8:2C:78:BC
Certificate issuer:       /CN=297e119ebe51a00d6560ab73fd79c51ada403f19
Certificate serial:       D42F
Authority key identifier: 07:09:37:88:ED:4A:80:C2:0C:DE:CE:10:A7:FF:BB:31:21:A2:72:9E
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/297e119ebe51a00d6560ab73fd79c51ada403f19.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/4d8df0f0-41c4-401d-ac15-de0db40ac9cb/dad2062698d976e78b120de611d551ad1a46270e.roa
Signing time:             Tue 13 Sep 2022 19:50:40 +0000
ROA not before:           Tue 13 Sep 2022 19:49:23 +0000
ROA not after:            Fri 13 Sep 2024 19:49:23 +0000
asID:                     27823
IP address blocks:        168.181.185.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/4d8df0f0-41c4-401d-ac15-de0db40ac9cb/297e119ebe51a00d6560ab73fd79c51ada403f19.crl
                          rsync://repository.lacnic.net/rpki/lacnic/4d8df0f0-41c4-401d-ac15-de0db40ac9cb/297e119ebe51a00d6560ab73fd79c51ada403f19.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/297e119ebe51a00d6560ab73fd79c51ada403f19.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 12:22:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 54319 (0xd42f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=297e119ebe51a00d6560ab73fd79c51ada403f19
        Validity
            Not Before: Sep 13 19:49:23 2022 GMT
            Not After : Sep 13 19:49:23 2024 GMT
        Subject: CN=dad2062698d976e78b120de611d551ad1a46270e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:82:64:42:92:f9:0f:98:30:a2:fa:17:5f:b6:
                    87:78:a5:f2:dd:7f:53:6b:21:6f:7e:f1:0b:91:0b:
                    06:b1:c7:2c:02:8c:54:a8:24:e7:b5:e9:a0:83:d6:
                    6d:76:2f:08:76:00:87:2b:ce:4b:85:50:b2:f3:62:
                    18:bf:dd:8a:70:b8:54:5c:a2:8b:1f:25:4b:87:d5:
                    91:29:e1:3d:53:dd:bf:e5:54:76:10:62:7f:a7:71:
                    af:f4:c0:1c:89:d9:29:d9:94:1e:49:90:81:f1:79:
                    82:cb:c9:2f:9a:34:29:3c:f0:54:71:b9:46:0e:27:
                    b8:f8:c5:da:94:f1:74:d3:b9:85:78:ea:88:8a:22:
                    08:53:35:2e:38:53:85:4e:aa:41:9a:6e:4e:cc:4a:
                    0f:0f:ae:89:a1:63:08:13:f9:c9:04:03:06:50:1b:
                    8b:71:c5:0c:ca:a1:19:f2:47:64:f4:18:95:08:f1:
                    bb:e7:62:ca:8d:01:04:40:4f:48:2f:b8:60:de:ae:
                    08:74:ac:3f:33:81:86:0c:70:cf:07:f2:cd:ca:3f:
                    69:f4:8f:14:fc:b8:64:ba:3c:b3:f8:ab:36:b5:87:
                    1a:3c:0f:e8:97:c5:ae:95:56:e9:26:c9:b4:f6:e6:
                    fa:09:c7:6a:fc:13:f3:92:5c:71:6e:99:8c:3d:a4:
                    28:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F7:0E:3A:2E:C0:6A:54:BB:CF:DC:68:74:B7:57:62:30:B8:2C:78:BC
            X509v3 Authority Key Identifier:
                keyid:07:09:37:88:ED:4A:80:C2:0C:DE:CE:10:A7:FF:BB:31:21:A2:72:9E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/297e119ebe51a00d6560ab73fd79c51ada403f19.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/4d8df0f0-41c4-401d-ac15-de0db40ac9cb/dad2062698d976e78b120de611d551ad1a46270e.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/4d8df0f0-41c4-401d-ac15-de0db40ac9cb/297e119ebe51a00d6560ab73fd79c51ada403f19.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  168.181.185.0/24

    Signature Algorithm: sha256WithRSAEncryption
         62:33:a6:fb:7b:98:82:79:68:c6:da:3d:4e:a3:83:20:b2:e4:
         7c:c4:bb:65:e3:8e:ae:ca:1e:5d:61:ab:49:1d:f7:bf:5f:19:
         bb:3e:c3:58:35:92:8d:e4:83:6f:0a:38:6b:20:5d:c3:5b:c9:
         ee:8d:bc:c9:7c:a7:47:e8:aa:9a:46:df:fb:1e:7b:f2:ef:7d:
         62:da:28:58:67:2e:40:12:59:b5:e2:76:5a:19:fb:04:00:ee:
         21:fe:8e:85:56:b1:1c:53:13:a8:24:e8:ee:80:37:b9:87:17:
         67:2d:c5:d9:d1:5c:2a:9a:5f:aa:38:ea:41:f4:5c:3d:d4:db:
         57:6f:ef:44:da:14:12:01:31:62:49:a5:1f:96:86:d6:75:80:
         36:ef:74:d1:8b:71:c9:76:40:f7:3b:75:ba:3c:af:6c:30:64:
         84:d5:1f:e1:f9:e6:3c:98:c0:ec:d9:58:7c:ea:3d:fc:47:2d:
         56:5b:74:3d:06:13:61:52:60:d6:56:65:c8:c2:f4:8a:87:a1:
         a5:1a:b1:8c:1e:dc:9b:95:fd:57:4e:e8:8a:e1:d1:cb:87:92:
         a6:1c:ba:6d:66:43:f3:af:d7:27:8b:fb:2b:3c:61:4b:d5:2f:
         c6:df:3d:66:10:c6:31:e2:c7:31:b5:3f:92:46:44:d8:10:d7:
         9d:0a:7c:74
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDANQvMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDI5
N2UxMTllYmU1MWEwMGQ2NTYwYWI3M2ZkNzljNTFhZGE0MDNmMTkwHhcNMjIwOTEz
MTk0OTIzWhcNMjQwOTEzMTk0OTIzWjAzMTEwLwYDVQQDEyhkYWQyMDYyNjk4ZDk3
NmU3OGIxMjBkZTYxMWQ1NTFhZDFhNDYyNzBlMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAvIJkQpL5D5gwovoXX7aHeKXy3X9TayFvfvELkQsGsccsAoxU
qCTntemgg9Ztdi8IdgCHK85LhVCy82IYv92KcLhUXKKLHyVLh9WRKeE9U92/5VR2
EGJ/p3Gv9MAcidkp2ZQeSZCB8XmCy8kvmjQpPPBUcblGDie4+MXalPF007mFeOqI
iiIIUzUuOFOFTqpBmm5OzEoPD66JoWMIE/nJBAMGUBuLccUMyqEZ8kdk9BiVCPG7
52LKjQEEQE9IL7hg3q4IdKw/M4GGDHDPB/LNyj9p9I8U/Lhkujyz+Ks2tYcaPA/o
l8WulVbpJsm09ub6Ccdq/BPzklxxbpmMPaQohQIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFPcOOi7AalS7z9xodLdXYjC4LHi8MB8GA1UdIwQYMBaAFAcJN4jtSoDCDN7O
EKf/uzEhonKeMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvMjk3ZTEx
OWViZTUxYTAwZDY1NjBhYjczZmQ3OWM1MWFkYTQwM2YxOS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNGQ4ZGYwZjAtNDFjNC00MDFkLWFjMTUtZGUwZGI0
MGFjOWNiL2RhZDIwNjI2OThkOTc2ZTc4YjEyMGRlNjExZDU1MWFkMWE0NjI3MGUu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy80ZDhkZjBmMC00MWM0LTQwMWQtYWMxNS1kZTBk
YjQwYWM5Y2IvMjk3ZTExOWViZTUxYTAwZDY1NjBhYjczZmQ3OWM1MWFkYTQwM2Yx
OS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAKi1uTANBgkqhkiG9w0BAQsFAAOCAQEAYjOm+3uYgnloxto9
TqODILLkfMS7ZeOOrsoeXWGrSR33v18Zuz7DWDWSjeSDbwo4ayBdw1vJ7o28yXyn
R+iqmkbf+x578u99YtooWGcuQBJZteJ2Whn7BADuIf6OhVaxHFMTqCTo7oA3uYcX
Zy3F2dFcKppfqjjqQfRcPdTbV2/vRNoUEgExYkmlH5aG1nWANu900YtxyXZA9zt1
ujyvbDBkhNUf4fnmPJjA7NlYfOo9/EctVlt0PQYTYVJg1lZlyML0ioehpRqxjB7c
m5X9V07oiuHRy4eSphy6bWZD86/XJ4v7KzxhS9Uvxt89ZhDGMeLHMbU/kkZE2BDX
nQp8dA==
-----END CERTIFICATE-----
Generated at Thu Mar 28 19:40:25 2024 by rpki-client on console-fra.rpki-client.org