Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/4f2f36f6-36b9-4cca-8422-d63c900457fe/a25e29d11a6c22c71272e7c9ccf6092d0f5ef313.roa
File:                     a25e29d11a6c22c71272e7c9ccf6092d0f5ef313.roa (raw, json)
Hash identifier:          GXDOIxppV7Q35aoDG5UjwineXY4yyx/ugkm4g3cM3Xs=
Subject key identifier:   A7:23:FC:E3:1B:BD:0E:7F:1C:B9:5E:1F:92:0F:BC:E3:E1:7A:E1:65
Certificate issuer:       /CN=bee92c51e9c67fe64edca7f74df96052de7a6d98
Certificate serial:       0D85D5
Authority key identifier: B7:A2:D8:12:B4:F3:C7:E9:D8:94:C9:59:BE:EB:B3:50:E3:39:90:96
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/bee92c51e9c67fe64edca7f74df96052de7a6d98.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/4f2f36f6-36b9-4cca-8422-d63c900457fe/a25e29d11a6c22c71272e7c9ccf6092d0f5ef313.roa
Signing time:             Wed 24 Mar 2021 14:36:16 +0000
ROA not before:           Wed 24 Mar 2021 14:36:16 +0000
ROA not after:            Tue 24 Mar 2026 14:36:16 +0000
asID:                     266816
IP address blocks:        45.233.169.0/24 maxlen: 24
                          45.233.168.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/4f2f36f6-36b9-4cca-8422-d63c900457fe/bee92c51e9c67fe64edca7f74df96052de7a6d98.crl
                          rsync://repository.lacnic.net/rpki/lacnic/4f2f36f6-36b9-4cca-8422-d63c900457fe/bee92c51e9c67fe64edca7f74df96052de7a6d98.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/bee92c51e9c67fe64edca7f74df96052de7a6d98.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Tue 05 Mar 2024 04:16:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 886229 (0xd85d5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bee92c51e9c67fe64edca7f74df96052de7a6d98
        Validity
            Not Before: Mar 24 14:36:16 2021 GMT
            Not After : Mar 24 14:36:16 2026 GMT
        Subject: CN=a25e29d11a6c22c71272e7c9ccf6092d0f5ef313
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:f0:0a:6f:e8:71:13:a9:27:cf:51:6f:23:b7:
                    c4:03:d1:5e:b7:45:1d:e8:d1:58:43:38:27:ac:ea:
                    2a:31:f6:2e:4d:93:91:b6:5a:bb:96:1f:17:fc:32:
                    dd:87:29:f2:ff:2c:51:82:68:c7:2d:cd:bf:9c:41:
                    49:24:ce:f0:4e:90:9f:f8:fe:21:7a:b3:12:28:d7:
                    ee:10:2b:06:e6:9e:57:f1:dc:e6:81:25:85:3f:5b:
                    1f:3f:84:e0:00:d9:a8:6b:48:51:ba:a4:2c:4c:9e:
                    0f:63:65:f4:c1:b7:d0:67:12:ac:33:b0:e3:e1:58:
                    e9:97:93:4b:89:e2:3c:55:15:0d:4e:21:36:30:6c:
                    c4:7b:5d:77:6d:05:43:99:72:87:45:7a:e8:22:2a:
                    a0:34:bc:37:9b:66:72:aa:cb:27:7f:45:d9:78:95:
                    d0:ca:a8:aa:db:8a:8b:d8:81:b6:f2:6e:bb:09:9d:
                    20:f0:bf:e3:10:5f:9c:93:2d:f1:1d:1f:cc:55:8e:
                    24:fc:f8:86:07:9a:c2:14:6e:45:eb:e9:73:5d:0e:
                    20:5b:b0:20:e4:9b:38:0c:7c:34:92:1a:2b:4f:fc:
                    c9:c3:97:d1:fb:2e:26:3d:1c:f7:43:75:22:17:e3:
                    6e:3e:3c:f5:03:60:b0:dd:f2:d7:99:e4:c3:ae:3b:
                    58:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A7:23:FC:E3:1B:BD:0E:7F:1C:B9:5E:1F:92:0F:BC:E3:E1:7A:E1:65
            X509v3 Authority Key Identifier:
                keyid:B7:A2:D8:12:B4:F3:C7:E9:D8:94:C9:59:BE:EB:B3:50:E3:39:90:96

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/bee92c51e9c67fe64edca7f74df96052de7a6d98.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/4f2f36f6-36b9-4cca-8422-d63c900457fe/a25e29d11a6c22c71272e7c9ccf6092d0f5ef313.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/4f2f36f6-36b9-4cca-8422-d63c900457fe/bee92c51e9c67fe64edca7f74df96052de7a6d98.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.233.168.0/23

    Signature Algorithm: sha256WithRSAEncryption
         86:d9:49:63:22:e4:b1:12:d2:87:f2:c5:b7:0f:1b:92:6a:ef:
         92:95:98:91:11:fb:8d:ae:03:68:c8:55:49:28:3b:b4:60:3b:
         91:24:40:de:f0:2f:0e:02:34:99:54:35:a4:e6:da:93:00:89:
         93:f1:81:14:34:f3:6c:ee:0d:87:11:e1:30:15:cb:cc:ea:e3:
         2f:12:17:a2:7c:82:8f:86:d7:90:76:bc:15:9e:5c:59:eb:15:
         74:8a:ad:6c:c0:e2:bc:1b:e1:29:01:b9:49:13:8e:58:bb:91:
         19:75:d6:9c:5b:66:c4:17:8d:9c:15:0d:73:fd:5a:10:5f:8c:
         43:60:c4:2c:8a:53:b1:fe:c4:d2:4f:a4:81:e5:f9:a2:ae:89:
         fa:f2:e3:b9:bf:30:83:41:8f:31:03:77:ec:f5:ba:9b:58:45:
         a4:9e:80:01:b3:7d:65:f4:26:88:48:54:05:d3:e1:4f:08:12:
         a9:af:18:c3:bc:e7:b9:b4:8c:df:3f:3e:3d:e2:71:75:b9:a1:
         b3:51:cc:ea:f9:0f:22:45:68:70:c9:06:38:6a:61:48:ee:f9:
         31:96:4d:43:5f:7e:2f:4a:51:ce:f8:cc:bb:37:01:1c:86:dc:
         20:29:cd:26:64:46:f5:f7:17:b4:30:86:5b:7c:69:00:08:b7:
         18:cb:11:88
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDDYXVMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGJl
ZTkyYzUxZTljNjdmZTY0ZWRjYTdmNzRkZjk2MDUyZGU3YTZkOTgwHhcNMjEwMzI0
MTQzNjE2WhcNMjYwMzI0MTQzNjE2WjAzMTEwLwYDVQQDEyhhMjVlMjlkMTFhNmMy
MmM3MTI3MmU3YzljY2Y2MDkyZDBmNWVmMzEzMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAhfAKb+hxE6knz1FvI7fEA9Fet0Ud6NFYQzgnrOoqMfYuTZOR
tlq7lh8X/DLdhyny/yxRgmjHLc2/nEFJJM7wTpCf+P4herMSKNfuECsG5p5X8dzm
gSWFP1sfP4TgANmoa0hRuqQsTJ4PY2X0wbfQZxKsM7Dj4Vjpl5NLieI8VRUNTiE2
MGzEe113bQVDmXKHRXroIiqgNLw3m2Zyqssnf0XZeJXQyqiq24qL2IG28m67CZ0g
8L/jEF+cky3xHR/MVY4k/PiGB5rCFG5F6+lzXQ4gW7Ag5Js4DHw0khorT/zJw5fR
+y4mPRz3Q3UiF+NuPjz1A2Cw3fLXmeTDrjtYmwIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFKcj/OMbvQ5/HLleH5IPvOPheuFlMB8GA1UdIwQYMBaAFLei2BK088fp2JTJ
Wb7rs1DjOZCWMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYmVlOTJj
NTFlOWM2N2ZlNjRlZGNhN2Y3NGRmOTYwNTJkZTdhNmQ5OC5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNGYyZjM2ZjYtMzZiOS00Y2NhLTg0MjItZDYzYzkw
MDQ1N2ZlL2EyNWUyOWQxMWE2YzIyYzcxMjcyZTdjOWNjZjYwOTJkMGY1ZWYzMTMu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy80ZjJmMzZmNi0zNmI5LTRjY2EtODQyMi1kNjNj
OTAwNDU3ZmUvYmVlOTJjNTFlOWM2N2ZlNjRlZGNhN2Y3NGRmOTYwNTJkZTdhNmQ5
OC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAS3pqDANBgkqhkiG9w0BAQsFAAOCAQEAhtlJYyLksRLSh/LF
tw8bkmrvkpWYkRH7ja4DaMhVSSg7tGA7kSRA3vAvDgI0mVQ1pObakwCJk/GBFDTz
bO4NhxHhMBXLzOrjLxIXonyCj4bXkHa8FZ5cWesVdIqtbMDivBvhKQG5SROOWLuR
GXXWnFtmxBeNnBUNc/1aEF+MQ2DELIpTsf7E0k+kgeX5oq6J+vLjub8wg0GPMQN3
7PW6m1hFpJ6AAbN9ZfQmiEhUBdPhTwgSqa8Yw7znubSM3z8+PeJxdbmhs1HM6vkP
IkVocMkGOGphSO75MZZNQ19+L0pRzvjMuzcBHIbcICnNJmRG9fcXtDCGW3xpAAi3
GMsRiA==
-----END CERTIFICATE-----
Generated at Sat Mar 2 12:40:23 2024 by rpki-client on console-fra.rpki-client.org