Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/4dd887bd-0ea8-459b-b945-daea7ada6183/0ca3d7a4e8627caf7fafa8d6d189a6b5da9a7d24.roa
File:                     0ca3d7a4e8627caf7fafa8d6d189a6b5da9a7d24.roa (raw, json)
Hash identifier:          jw6gx6vDMVwbWsQHYF/ANgkDhZyWYn+5vSQiX3R7nRI=
Subject key identifier:   4F:9B:CD:89:A4:D2:10:5F:86:0C:93:55:49:67:EF:07:E3:07:03:BF
Certificate issuer:       /CN=f48a793247cd1f645923603f197e3d287d051040
Certificate serial:       0C3712
Authority key identifier: 79:3A:BC:6F:D4:8E:32:89:36:F7:E8:BA:DB:7E:2A:91:8E:39:B9:8A
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/f48a793247cd1f645923603f197e3d287d051040.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/4dd887bd-0ea8-459b-b945-daea7ada6183/0ca3d7a4e8627caf7fafa8d6d189a6b5da9a7d24.roa
Signing time:             Wed 24 Mar 2021 14:46:10 +0000
ROA not before:           Wed 24 Mar 2021 14:46:10 +0000
ROA not after:            Tue 24 Mar 2026 14:46:10 +0000
asID:                     265554
IP address blocks:        45.172.9.0/24 maxlen: 26

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/4dd887bd-0ea8-459b-b945-daea7ada6183/f48a793247cd1f645923603f197e3d287d051040.crl
                          rsync://repository.lacnic.net/rpki/lacnic/4dd887bd-0ea8-459b-b945-daea7ada6183/f48a793247cd1f645923603f197e3d287d051040.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/f48a793247cd1f645923603f197e3d287d051040.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 19:38:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 800530 (0xc3712)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f48a793247cd1f645923603f197e3d287d051040
        Validity
            Not Before: Mar 24 14:46:10 2021 GMT
            Not After : Mar 24 14:46:10 2026 GMT
        Subject: CN=0ca3d7a4e8627caf7fafa8d6d189a6b5da9a7d24
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:ac:5b:74:30:43:f5:ac:60:b1:4a:93:b6:a7:
                    5e:86:d5:8f:7f:ac:d6:1f:82:1b:9d:f5:2e:0f:0e:
                    b3:b7:03:f3:0a:7b:26:45:c4:87:1c:f2:73:bb:c2:
                    8d:03:ad:64:0e:48:11:4a:90:f2:41:38:33:12:f9:
                    84:c2:aa:62:d1:76:5f:cb:c6:c6:de:23:72:16:c4:
                    18:a8:6f:4e:ba:96:ff:b8:90:3c:a7:95:b5:3c:0b:
                    da:ba:21:38:24:40:3e:b4:ec:bb:b5:12:5d:c4:49:
                    03:22:9c:84:33:42:86:d6:98:81:e4:e0:3c:83:d2:
                    74:4c:1f:04:3e:5a:5a:f6:b7:5d:19:0a:bd:28:c1:
                    af:7c:5c:ad:3a:70:80:3d:23:b4:9e:b5:11:96:93:
                    25:b0:97:94:e2:48:33:1e:3c:44:78:e9:b3:8b:45:
                    7f:0c:ba:22:a4:46:cc:de:34:7b:ca:87:8a:6d:5d:
                    b6:30:1d:a4:be:4b:06:56:2f:fb:dc:b5:f9:d0:c4:
                    2c:dc:99:a8:a0:fd:5f:05:60:3f:65:30:8a:52:11:
                    0e:30:ec:f0:5a:63:a0:97:a1:0b:9f:09:31:c2:f4:
                    16:47:e6:0b:25:82:db:d6:f1:62:5b:36:ab:de:7d:
                    1e:f0:49:60:63:a0:aa:63:68:14:42:93:db:9a:a4:
                    eb:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4F:9B:CD:89:A4:D2:10:5F:86:0C:93:55:49:67:EF:07:E3:07:03:BF
            X509v3 Authority Key Identifier:
                keyid:79:3A:BC:6F:D4:8E:32:89:36:F7:E8:BA:DB:7E:2A:91:8E:39:B9:8A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/f48a793247cd1f645923603f197e3d287d051040.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/4dd887bd-0ea8-459b-b945-daea7ada6183/0ca3d7a4e8627caf7fafa8d6d189a6b5da9a7d24.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/4dd887bd-0ea8-459b-b945-daea7ada6183/f48a793247cd1f645923603f197e3d287d051040.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.172.9.0/24

    Signature Algorithm: sha256WithRSAEncryption
         88:7d:c3:5b:73:ae:a6:6e:d7:25:93:8e:36:10:fa:55:d7:81:
         72:27:3a:27:f4:d4:ef:27:34:28:e6:cf:c2:5d:84:25:85:23:
         7d:69:e1:4a:a3:39:9f:df:b2:7f:d0:11:33:b7:03:ea:b6:c3:
         8f:db:85:4c:78:04:e9:df:7b:3f:8b:5c:62:df:0d:6e:61:d7:
         3a:45:b7:b1:f7:ac:6f:5d:c3:9f:c0:35:7c:fb:1d:34:1a:d0:
         aa:d9:51:08:da:ae:0c:fa:1b:95:3c:73:19:ac:4c:96:57:08:
         b8:10:3b:a9:8a:e8:12:fb:1c:2c:d7:a1:e4:9a:b1:6a:c4:5f:
         f3:fe:1a:1d:7c:f4:bd:c6:6e:bb:02:e4:ed:0a:5a:57:6c:bc:
         05:1d:95:48:de:80:69:56:c2:52:31:d0:db:09:27:93:b3:9c:
         1c:ee:96:50:b7:05:99:7e:d9:e8:67:88:41:5d:5c:37:e5:9d:
         9c:62:c9:ce:4a:f2:ad:ab:23:a1:0a:7f:11:3f:81:2a:e3:3e:
         76:8b:b6:56:d0:33:bd:8a:d3:27:17:9d:dc:0e:b5:a8:d9:c0:
         f0:a2:22:79:2d:f1:98:81:29:4e:78:ba:d9:44:f3:61:4b:c6:
         ab:cc:cf:4d:15:02:92:cf:ee:0e:08:83:40:c9:51:a7:23:e7:
         79:00:5a:ec
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDDDcSMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGY0
OGE3OTMyNDdjZDFmNjQ1OTIzNjAzZjE5N2UzZDI4N2QwNTEwNDAwHhcNMjEwMzI0
MTQ0NjEwWhcNMjYwMzI0MTQ0NjEwWjAzMTEwLwYDVQQDEygwY2EzZDdhNGU4NjI3
Y2FmN2ZhZmE4ZDZkMTg5YTZiNWRhOWE3ZDI0MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAo6xbdDBD9axgsUqTtqdehtWPf6zWH4IbnfUuDw6ztwPzCnsm
RcSHHPJzu8KNA61kDkgRSpDyQTgzEvmEwqpi0XZfy8bG3iNyFsQYqG9Oupb/uJA8
p5W1PAvauiE4JEA+tOy7tRJdxEkDIpyEM0KG1piB5OA8g9J0TB8EPlpa9rddGQq9
KMGvfFytOnCAPSO0nrURlpMlsJeU4kgzHjxEeOmzi0V/DLoipEbM3jR7yoeKbV22
MB2kvksGVi/73LX50MQs3JmooP1fBWA/ZTCKUhEOMOzwWmOgl6ELnwkxwvQWR+YL
JYLb1vFiWzar3n0e8ElgY6CqY2gUQpPbmqTrxQIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFE+bzYmk0hBfhgyTVUln7wfjBwO/MB8GA1UdIwQYMBaAFHk6vG/UjjKJNvfo
utt+KpGOObmKMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvZjQ4YTc5
MzI0N2NkMWY2NDU5MjM2MDNmMTk3ZTNkMjg3ZDA1MTA0MC5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNGRkODg3YmQtMGVhOC00NTliLWI5NDUtZGFlYTdh
ZGE2MTgzLzBjYTNkN2E0ZTg2MjdjYWY3ZmFmYThkNmQxODlhNmI1ZGE5YTdkMjQu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy80ZGQ4ODdiZC0wZWE4LTQ1OWItYjk0NS1kYWVh
N2FkYTYxODMvZjQ4YTc5MzI0N2NkMWY2NDU5MjM2MDNmMTk3ZTNkMjg3ZDA1MTA0
MC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAC2sCTANBgkqhkiG9w0BAQsFAAOCAQEAiH3DW3Oupm7XJZOO
NhD6VdeBcic6J/TU7yc0KObPwl2EJYUjfWnhSqM5n9+yf9ARM7cD6rbDj9uFTHgE
6d97P4tcYt8NbmHXOkW3sfesb13Dn8A1fPsdNBrQqtlRCNquDPoblTxzGaxMllcI
uBA7qYroEvscLNeh5JqxasRf8/4aHXz0vcZuuwLk7QpaV2y8BR2VSN6AaVbCUjHQ
2wknk7OcHO6WULcFmX7Z6GeIQV1cN+WdnGLJzkryrasjoQp/ET+BKuM+dou2VtAz
vYrTJxed3A61qNnA8KIieS3xmIEpTni62UTzYUvGq8zPTRUCks/uDgiDQMlRpyPn
eQBa7A==
-----END CERTIFICATE-----
Generated at Fri Mar 29 04:03:25 2024 by rpki-client on console-ams.rpki-client.org