Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/4d8df0f0-41c4-401d-ac15-de0db40ac9cb/dafe8c4dd0848ca97c164355d55b849395a8fafe.roa
File:                     dafe8c4dd0848ca97c164355d55b849395a8fafe.roa (raw, json)
Hash identifier:          krRUMkbNaSApbpK3n7FkdiOT3c5bmOACdNj2oAkI1iQ=
Subject key identifier:   89:34:8E:F2:76:C7:F6:FC:37:2C:DF:E6:89:EA:A7:66:B6:D5:0B:EF
Certificate issuer:       /CN=297e119ebe51a00d6560ab73fd79c51ada403f19
Certificate serial:       DAA5
Authority key identifier: 07:09:37:88:ED:4A:80:C2:0C:DE:CE:10:A7:FF:BB:31:21:A2:72:9E
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/297e119ebe51a00d6560ab73fd79c51ada403f19.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/4d8df0f0-41c4-401d-ac15-de0db40ac9cb/dafe8c4dd0848ca97c164355d55b849395a8fafe.roa
Signing time:             Tue 13 Sep 2022 20:02:06 +0000
ROA not before:           Tue 13 Sep 2022 19:51:33 +0000
ROA not after:            Fri 13 Sep 2024 19:51:33 +0000
asID:                     27823
IP address blocks:        168.197.49.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/4d8df0f0-41c4-401d-ac15-de0db40ac9cb/297e119ebe51a00d6560ab73fd79c51ada403f19.crl
                          rsync://repository.lacnic.net/rpki/lacnic/4d8df0f0-41c4-401d-ac15-de0db40ac9cb/297e119ebe51a00d6560ab73fd79c51ada403f19.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/297e119ebe51a00d6560ab73fd79c51ada403f19.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 12:22:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 55973 (0xdaa5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=297e119ebe51a00d6560ab73fd79c51ada403f19
        Validity
            Not Before: Sep 13 19:51:33 2022 GMT
            Not After : Sep 13 19:51:33 2024 GMT
        Subject: CN=dafe8c4dd0848ca97c164355d55b849395a8fafe
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:0c:c2:09:61:14:e3:ed:8e:5b:36:88:d5:67:
                    c4:cd:08:aa:91:35:c9:4d:35:1e:bd:08:9e:84:38:
                    19:56:78:66:3e:45:d8:a2:8c:5f:ba:a6:14:4a:3f:
                    10:2d:c4:78:28:c5:dd:a7:83:6f:9f:93:49:cb:2e:
                    21:20:d5:a8:fc:bb:80:a9:81:ea:69:f1:70:80:29:
                    e5:53:38:7d:30:3e:9f:ea:c6:57:99:15:69:c5:61:
                    fa:2c:83:7b:41:69:c7:d4:15:e9:30:49:c7:94:29:
                    ec:ef:d8:1e:7b:34:6b:5b:4b:ef:62:f6:2d:a1:0d:
                    26:40:b4:6c:48:ef:7d:cb:fd:d0:78:66:90:d5:d2:
                    91:4e:41:73:2b:a3:e8:3d:04:1d:a5:45:31:8f:dc:
                    03:d3:ad:00:5f:76:4e:f4:2a:34:d6:69:ee:0c:dc:
                    d2:88:c4:c1:e5:ec:90:b4:74:64:22:14:e7:86:fa:
                    35:81:5f:c5:76:ce:0d:9e:fe:0f:7c:67:e7:c3:4a:
                    ea:be:9c:5e:60:56:73:93:0d:73:93:c9:44:be:d2:
                    99:8a:62:8d:a0:77:69:5b:cd:4b:2e:66:b2:74:07:
                    98:9c:fd:39:c9:e8:15:28:54:58:c2:6e:6d:96:b1:
                    7b:91:98:f8:b6:40:84:2a:94:86:66:54:20:41:4e:
                    6e:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                89:34:8E:F2:76:C7:F6:FC:37:2C:DF:E6:89:EA:A7:66:B6:D5:0B:EF
            X509v3 Authority Key Identifier:
                keyid:07:09:37:88:ED:4A:80:C2:0C:DE:CE:10:A7:FF:BB:31:21:A2:72:9E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/297e119ebe51a00d6560ab73fd79c51ada403f19.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/4d8df0f0-41c4-401d-ac15-de0db40ac9cb/dafe8c4dd0848ca97c164355d55b849395a8fafe.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/4d8df0f0-41c4-401d-ac15-de0db40ac9cb/297e119ebe51a00d6560ab73fd79c51ada403f19.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  168.197.49.0/24

    Signature Algorithm: sha256WithRSAEncryption
         14:5f:59:f4:6b:f1:ef:89:dd:17:ad:f2:7d:49:db:c7:c7:91:
         dd:06:db:3f:f3:74:f4:d8:ac:bc:fa:a8:b0:c0:7a:04:99:ad:
         2d:4a:db:78:f6:19:30:ad:de:cc:91:5a:09:4b:7c:95:83:28:
         b4:5d:66:b2:01:37:60:f8:c6:0f:13:f7:82:48:87:c4:00:5f:
         79:e9:39:ae:ae:ee:34:d8:e1:17:1c:0d:6b:bb:f9:d1:99:b7:
         13:1c:8a:5e:6e:30:56:0b:c0:23:2d:dd:ba:4b:55:5f:d5:27:
         bd:57:70:81:41:d2:f8:87:6c:ea:26:87:4f:2f:3d:2b:b2:37:
         79:4f:84:e3:8a:31:75:0b:4a:72:5c:87:f8:ed:2e:b3:f6:17:
         13:2b:a5:38:b0:2a:42:24:87:c6:a6:5a:fe:5c:4e:86:e3:7e:
         40:2d:f2:9a:5a:09:05:e2:1f:ea:67:d9:ff:07:7c:9c:87:d0:
         01:96:3b:b1:51:5a:02:2f:5b:f3:1b:e6:15:8b:1d:f4:26:11:
         e5:9a:e7:2a:56:41:b1:ce:c8:b3:fc:cd:fe:68:ad:9b:21:b1:
         7f:5d:a9:6b:4b:70:45:64:ce:3e:70:16:e5:d6:54:d0:9c:bb:
         e4:38:db:2c:7b:32:6c:64:46:02:a8:06:98:a6:ad:44:b7:fe:
         34:74:80:09
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDANqlMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDI5
N2UxMTllYmU1MWEwMGQ2NTYwYWI3M2ZkNzljNTFhZGE0MDNmMTkwHhcNMjIwOTEz
MTk1MTMzWhcNMjQwOTEzMTk1MTMzWjAzMTEwLwYDVQQDEyhkYWZlOGM0ZGQwODQ4
Y2E5N2MxNjQzNTVkNTViODQ5Mzk1YThmYWZlMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAnwzCCWEU4+2OWzaI1WfEzQiqkTXJTTUevQiehDgZVnhmPkXY
ooxfuqYUSj8QLcR4KMXdp4Nvn5NJyy4hINWo/LuAqYHqafFwgCnlUzh9MD6f6sZX
mRVpxWH6LIN7QWnH1BXpMEnHlCns79geezRrW0vvYvYtoQ0mQLRsSO99y/3QeGaQ
1dKRTkFzK6PoPQQdpUUxj9wD060AX3ZO9Co01mnuDNzSiMTB5eyQtHRkIhTnhvo1
gV/Fds4Nnv4PfGfnw0rqvpxeYFZzkw1zk8lEvtKZimKNoHdpW81LLmaydAeYnP05
yegVKFRYwm5tlrF7kZj4tkCEKpSGZlQgQU5uMwIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFIk0jvJ2x/b8Nyzf5onqp2a21QvvMB8GA1UdIwQYMBaAFAcJN4jtSoDCDN7O
EKf/uzEhonKeMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvMjk3ZTEx
OWViZTUxYTAwZDY1NjBhYjczZmQ3OWM1MWFkYTQwM2YxOS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNGQ4ZGYwZjAtNDFjNC00MDFkLWFjMTUtZGUwZGI0
MGFjOWNiL2RhZmU4YzRkZDA4NDhjYTk3YzE2NDM1NWQ1NWI4NDkzOTVhOGZhZmUu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy80ZDhkZjBmMC00MWM0LTQwMWQtYWMxNS1kZTBk
YjQwYWM5Y2IvMjk3ZTExOWViZTUxYTAwZDY1NjBhYjczZmQ3OWM1MWFkYTQwM2Yx
OS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAKjFMTANBgkqhkiG9w0BAQsFAAOCAQEAFF9Z9Gvx74ndF63y
fUnbx8eR3QbbP/N09NisvPqosMB6BJmtLUrbePYZMK3ezJFaCUt8lYMotF1msgE3
YPjGDxP3gkiHxABfeek5rq7uNNjhFxwNa7v50Zm3ExyKXm4wVgvAIy3duktVX9Un
vVdwgUHS+Ids6iaHTy89K7I3eU+E44oxdQtKclyH+O0us/YXEyulOLAqQiSHxqZa
/lxOhuN+QC3ymloJBeIf6mfZ/wd8nIfQAZY7sVFaAi9b8xvmFYsd9CYR5ZrnKlZB
sc7Is/zN/mitmyGxf12pa0twRWTOPnAW5dZU0Jy75DjbLHsybGRGAqgGmKatRLf+
NHSACQ==
-----END CERTIFICATE-----
Generated at Thu Mar 28 19:40:25 2024 by rpki-client on console-fra.rpki-client.org