Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/4f2f36f6-36b9-4cca-8422-d63c900457fe/f5dea8a9f2589df430ffaa6887b3d579abd6ff2e.roa
File:                     f5dea8a9f2589df430ffaa6887b3d579abd6ff2e.roa (raw, json)
Hash identifier:          jCInBHPftwqM3cFnE1iK+xoLGdRGx1d1n00C4i1UzVc=
Subject key identifier:   A8:8B:E6:16:31:89:87:8F:F3:3E:BE:6F:2C:7C:1A:F5:EE:8F:32:B8
Certificate issuer:       /CN=bee92c51e9c67fe64edca7f74df96052de7a6d98
Certificate serial:       0D83B8
Authority key identifier: B7:A2:D8:12:B4:F3:C7:E9:D8:94:C9:59:BE:EB:B3:50:E3:39:90:96
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/bee92c51e9c67fe64edca7f74df96052de7a6d98.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/4f2f36f6-36b9-4cca-8422-d63c900457fe/f5dea8a9f2589df430ffaa6887b3d579abd6ff2e.roa
Signing time:             Wed 24 Mar 2021 14:36:16 +0000
ROA not before:           Wed 24 Mar 2021 14:36:16 +0000
ROA not after:            Tue 24 Mar 2026 14:36:16 +0000
asID:                     266816
IP address blocks:        45.233.168.0/22 maxlen: 22

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/4f2f36f6-36b9-4cca-8422-d63c900457fe/bee92c51e9c67fe64edca7f74df96052de7a6d98.crl
                          rsync://repository.lacnic.net/rpki/lacnic/4f2f36f6-36b9-4cca-8422-d63c900457fe/bee92c51e9c67fe64edca7f74df96052de7a6d98.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/bee92c51e9c67fe64edca7f74df96052de7a6d98.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 01 Apr 2024 05:58:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 885688 (0xd83b8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bee92c51e9c67fe64edca7f74df96052de7a6d98
        Validity
            Not Before: Mar 24 14:36:16 2021 GMT
            Not After : Mar 24 14:36:16 2026 GMT
        Subject: CN=f5dea8a9f2589df430ffaa6887b3d579abd6ff2e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:59:72:43:37:b3:76:c6:9c:11:e2:c0:2d:32:
                    d0:ac:fe:72:41:c3:41:32:9f:94:d5:13:e5:34:47:
                    cc:f9:d3:84:a7:7b:47:09:ed:1b:83:37:33:c1:a2:
                    3f:a6:9c:7f:c9:cf:7e:7e:65:27:7a:fe:d9:08:5d:
                    f4:fc:ae:54:cd:19:23:05:17:10:80:5b:71:5a:08:
                    28:0a:88:4c:e6:7c:73:6b:19:ee:1c:13:5e:6f:b8:
                    82:fb:53:5a:a3:a0:50:2e:d1:7b:59:22:1b:77:5f:
                    de:2d:b0:bb:fb:04:8c:92:af:1c:39:ee:b6:7a:fc:
                    e0:9a:fb:9b:67:1d:8d:37:66:4c:bc:b3:e2:79:79:
                    dd:0b:83:87:73:75:8a:69:54:ea:e0:5b:37:4a:c8:
                    5e:f1:5d:8e:84:af:f8:1a:50:99:a5:91:cb:4d:dd:
                    1a:04:e8:15:ba:11:ff:3c:9f:16:c6:b9:52:ed:ff:
                    9e:cd:57:70:50:78:cd:2c:39:6a:12:89:c5:75:b9:
                    22:13:00:4f:a7:e4:fe:b4:f3:5c:2f:3f:10:8f:ad:
                    ba:a1:0e:61:bc:4a:59:bf:d3:44:7c:31:c0:0d:55:
                    e8:40:69:d2:1c:d2:11:90:61:f8:85:de:f4:2b:79:
                    c4:ab:36:d1:d5:c2:f0:eb:28:dc:68:25:ca:be:fa:
                    ba:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A8:8B:E6:16:31:89:87:8F:F3:3E:BE:6F:2C:7C:1A:F5:EE:8F:32:B8
            X509v3 Authority Key Identifier:
                keyid:B7:A2:D8:12:B4:F3:C7:E9:D8:94:C9:59:BE:EB:B3:50:E3:39:90:96

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/bee92c51e9c67fe64edca7f74df96052de7a6d98.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/4f2f36f6-36b9-4cca-8422-d63c900457fe/f5dea8a9f2589df430ffaa6887b3d579abd6ff2e.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/4f2f36f6-36b9-4cca-8422-d63c900457fe/bee92c51e9c67fe64edca7f74df96052de7a6d98.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.233.168.0/22

    Signature Algorithm: sha256WithRSAEncryption
         02:6f:bb:0d:8e:54:17:f6:2d:d3:87:2c:ef:c1:a9:a2:7e:a0:
         20:d1:17:81:5d:d8:51:1b:9b:95:23:aa:00:18:2f:55:2a:e3:
         d6:cf:73:60:a0:14:da:c4:da:34:83:d0:f3:5c:d7:6a:a9:07:
         e6:17:25:57:ac:12:a3:dc:f0:66:bb:90:9f:44:dc:af:d0:ef:
         eb:eb:ab:1a:c6:b8:3d:e5:c0:ab:da:d0:dd:e0:56:81:7a:ba:
         08:87:51:39:03:33:cc:17:f6:a7:7c:da:2e:88:ef:30:a2:93:
         c9:36:c2:88:59:b0:ee:90:f5:0d:83:9a:2f:36:42:bc:9a:9a:
         3a:17:46:5d:85:4e:dc:f1:26:aa:3c:fe:ac:2c:68:0d:a4:e0:
         65:d1:ca:80:cd:16:3c:61:ad:2b:ff:2c:87:69:41:a2:0b:22:
         68:e9:25:43:6b:4f:9c:01:b6:05:bd:0a:a7:3a:e1:ca:e7:3d:
         eb:52:db:14:8d:c5:78:42:36:ba:0f:05:33:2c:c4:0f:f8:a1:
         97:f4:3e:d7:ae:d8:84:d1:13:79:06:51:d7:20:81:4c:ca:49:
         7b:07:54:72:76:ea:01:ed:5f:d0:17:50:bd:62:fb:fa:55:67:
         91:68:63:9d:ad:19:bd:f6:16:a7:4e:f4:40:88:98:e3:58:3c:
         6e:3f:9d:71
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDDYO4MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGJl
ZTkyYzUxZTljNjdmZTY0ZWRjYTdmNzRkZjk2MDUyZGU3YTZkOTgwHhcNMjEwMzI0
MTQzNjE2WhcNMjYwMzI0MTQzNjE2WjAzMTEwLwYDVQQDEyhmNWRlYThhOWYyNTg5
ZGY0MzBmZmFhNjg4N2IzZDU3OWFiZDZmZjJlMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAlllyQzezdsacEeLALTLQrP5yQcNBMp+U1RPlNEfM+dOEp3tH
Ce0bgzczwaI/ppx/yc9+fmUnev7ZCF30/K5UzRkjBRcQgFtxWggoCohM5nxzaxnu
HBNeb7iC+1Nao6BQLtF7WSIbd1/eLbC7+wSMkq8cOe62evzgmvubZx2NN2ZMvLPi
eXndC4OHc3WKaVTq4Fs3Sshe8V2OhK/4GlCZpZHLTd0aBOgVuhH/PJ8WxrlS7f+e
zVdwUHjNLDlqEonFdbkiEwBPp+T+tPNcLz8Qj626oQ5hvEpZv9NEfDHADVXoQGnS
HNIRkGH4hd70K3nEqzbR1cLw6yjcaCXKvvq6rwIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFKiL5hYxiYeP8z6+byx8GvXujzK4MB8GA1UdIwQYMBaAFLei2BK088fp2JTJ
Wb7rs1DjOZCWMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYmVlOTJj
NTFlOWM2N2ZlNjRlZGNhN2Y3NGRmOTYwNTJkZTdhNmQ5OC5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNGYyZjM2ZjYtMzZiOS00Y2NhLTg0MjItZDYzYzkw
MDQ1N2ZlL2Y1ZGVhOGE5ZjI1ODlkZjQzMGZmYWE2ODg3YjNkNTc5YWJkNmZmMmUu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy80ZjJmMzZmNi0zNmI5LTRjY2EtODQyMi1kNjNj
OTAwNDU3ZmUvYmVlOTJjNTFlOWM2N2ZlNjRlZGNhN2Y3NGRmOTYwNTJkZTdhNmQ5
OC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAi3pqDANBgkqhkiG9w0BAQsFAAOCAQEAAm+7DY5UF/Yt04cs
78Gpon6gINEXgV3YURublSOqABgvVSrj1s9zYKAU2sTaNIPQ81zXaqkH5hclV6wS
o9zwZruQn0Tcr9Dv6+urGsa4PeXAq9rQ3eBWgXq6CIdROQMzzBf2p3zaLojvMKKT
yTbCiFmw7pD1DYOaLzZCvJqaOhdGXYVO3PEmqjz+rCxoDaTgZdHKgM0WPGGtK/8s
h2lBogsiaOklQ2tPnAG2Bb0Kpzrhyuc961LbFI3FeEI2ug8FMyzED/ihl/Q+167Y
hNETeQZR1yCBTMpJewdUcnbqAe1f0BdQvWL7+lVnkWhjna0ZvfYWp070QIiY41g8
bj+dcQ==
-----END CERTIFICATE-----
Generated at Fri Mar 29 04:59:25 2024 by rpki-client on console-fra.rpki-client.org