Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/500e6364-fa49-4f1c-a9df-0de990487523/1c6f104eec8c8951ec43b5701c6a384ad211602b.roa
File:                     1c6f104eec8c8951ec43b5701c6a384ad211602b.roa (raw, json)
Hash identifier:          75mOPqLRUKKD4Rdbods5L6Sc6y2IeQCKnSgPFfXFgVU=
Subject key identifier:   C2:20:18:37:B0:5D:E9:86:B3:60:35:80:B0:4F:96:CD:53:F5:C0:C6
Certificate issuer:       /CN=f141eb6e9ac20adf6f655eada96814f65d5beedd
Certificate serial:       05F6C1
Authority key identifier: C9:17:37:79:CF:2F:5F:0B:67:61:D5:D6:30:66:F7:B8:31:7D:A3:DE
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/f141eb6e9ac20adf6f655eada96814f65d5beedd.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/500e6364-fa49-4f1c-a9df-0de990487523/1c6f104eec8c8951ec43b5701c6a384ad211602b.roa
Signing time:             Fri 01 Apr 2022 21:38:31 +0000
ROA not before:           Wed 04 Aug 2021 03:00:00 +0000
ROA not after:            Wed 31 Dec 2025 03:00:00 +0000
asID:                     27750
IP address blocks:        138.59.12.0/22 maxlen: 22
                          200.0.204.0/22 maxlen: 22
                          2001:1348::/32 maxlen: 32

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/500e6364-fa49-4f1c-a9df-0de990487523/f141eb6e9ac20adf6f655eada96814f65d5beedd.crl
                          rsync://repository.lacnic.net/rpki/lacnic/500e6364-fa49-4f1c-a9df-0de990487523/f141eb6e9ac20adf6f655eada96814f65d5beedd.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/f141eb6e9ac20adf6f655eada96814f65d5beedd.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 03:49:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 390849 (0x5f6c1)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f141eb6e9ac20adf6f655eada96814f65d5beedd
        Validity
            Not Before: Aug  4 03:00:00 2021 GMT
            Not After : Dec 31 03:00:00 2025 GMT
        Subject: CN=1c6f104eec8c8951ec43b5701c6a384ad211602b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:34:5c:be:a1:39:2d:2a:f2:56:e0:00:22:c6:
                    f8:7b:4a:6f:f5:3a:77:ac:84:15:e6:7c:19:01:8a:
                    43:7f:28:21:9e:20:c4:91:3f:94:46:fe:ca:3c:f7:
                    7b:5b:49:22:fc:a3:b9:19:a2:1d:cc:ba:06:e8:44:
                    9b:44:b2:bc:e7:b5:5c:77:dd:f5:9a:b8:1e:de:e5:
                    fb:d7:6d:1a:be:4b:7f:06:a0:fd:5c:68:4d:92:89:
                    4a:a6:5e:3e:c1:2f:9f:84:04:5d:5a:05:f4:89:4c:
                    a8:b4:94:6a:44:ed:3a:03:60:6e:7d:41:c0:95:09:
                    b9:e8:fa:83:14:0c:b1:86:6c:e7:c3:df:06:55:d5:
                    87:1f:82:2b:eb:da:9d:d3:46:3a:34:65:58:2d:94:
                    66:95:e2:f7:2a:74:dc:94:01:f0:2e:fa:af:5e:8a:
                    8b:34:13:36:63:29:4e:c7:4f:3e:76:84:a6:89:8a:
                    44:20:b3:a3:e8:e2:c8:ff:f1:11:10:c6:27:a3:79:
                    51:9e:93:df:03:d6:1e:99:a4:25:9b:6c:c1:47:78:
                    b0:2c:b9:22:fb:4f:b0:73:f0:ab:1b:c3:75:ff:18:
                    65:98:5c:23:a6:84:46:98:ed:07:19:a1:25:da:41:
                    8e:d1:b0:2f:cf:7e:24:1d:3e:f4:ad:ed:37:3b:eb:
                    28:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C2:20:18:37:B0:5D:E9:86:B3:60:35:80:B0:4F:96:CD:53:F5:C0:C6
            X509v3 Authority Key Identifier:
                keyid:C9:17:37:79:CF:2F:5F:0B:67:61:D5:D6:30:66:F7:B8:31:7D:A3:DE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/f141eb6e9ac20adf6f655eada96814f65d5beedd.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/500e6364-fa49-4f1c-a9df-0de990487523/1c6f104eec8c8951ec43b5701c6a384ad211602b.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/500e6364-fa49-4f1c-a9df-0de990487523/f141eb6e9ac20adf6f655eada96814f65d5beedd.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  138.59.12.0/22
                  200.0.204.0/22
                IPv6:
                  2001:1348::/32

    Signature Algorithm: sha256WithRSAEncryption
         06:b4:de:9c:97:ba:83:f1:33:7f:5b:58:22:59:05:38:dc:08:
         f7:6e:d1:02:1c:93:a0:ab:c0:53:87:e8:62:56:79:ca:8e:9e:
         ec:e0:57:f3:02:da:87:bf:fd:1c:47:0a:0d:fe:c1:72:e5:f3:
         a3:b8:b7:04:d0:9b:7f:3e:07:86:51:d6:59:6b:10:d2:8c:2b:
         df:49:b8:76:9c:fb:e7:81:02:cf:f3:fa:31:44:f0:30:89:47:
         f2:ed:9c:fb:8b:4d:3b:5a:fd:80:c6:09:a1:a8:30:ec:b4:cc:
         cb:42:8b:77:25:3d:b5:ec:f9:78:ca:88:16:61:5c:90:7e:70:
         cd:f8:cc:b8:af:fe:73:4a:fc:c2:03:98:cb:cf:a3:ef:67:e5:
         dd:e2:0d:9a:91:a9:dc:ef:81:8a:8a:86:4b:2f:3a:ab:41:8e:
         59:da:c7:b4:ee:28:8d:a7:0d:e7:3f:45:61:04:76:be:47:b3:
         53:be:ac:0e:26:a4:f1:de:82:f9:4b:1a:c9:10:6b:64:29:8c:
         94:62:0b:88:39:38:dd:e0:a9:f5:2c:37:36:54:5c:b8:f4:2f:
         ea:15:96:b7:c5:c2:65:87:e2:f0:7e:f9:9f:1e:74:ab:c5:6e:
         1e:4c:55:68:6e:1c:73:90:a8:88:cb:fd:08:3d:bd:96:1a:07:
         48:28:94:e1
-----BEGIN CERTIFICATE-----
MIIFVTCCBD2gAwIBAgIDBfbBMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGYx
NDFlYjZlOWFjMjBhZGY2ZjY1NWVhZGE5NjgxNGY2NWQ1YmVlZGQwHhcNMjEwODA0
MDMwMDAwWhcNMjUxMjMxMDMwMDAwWjAzMTEwLwYDVQQDEygxYzZmMTA0ZWVjOGM4
OTUxZWM0M2I1NzAxYzZhMzg0YWQyMTE2MDJiMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAnTRcvqE5LSryVuAAIsb4e0pv9Tp3rIQV5nwZAYpDfyghniDE
kT+URv7KPPd7W0ki/KO5GaIdzLoG6ESbRLK857Vcd931mrge3uX7120avkt/BqD9
XGhNkolKpl4+wS+fhARdWgX0iUyotJRqRO06A2BufUHAlQm56PqDFAyxhmznw98G
VdWHH4Ir69qd00Y6NGVYLZRmleL3KnTclAHwLvqvXoqLNBM2YylOx08+doSmiYpE
ILOj6OLI//EREMYno3lRnpPfA9YemaQlm2zBR3iwLLki+0+wc/CrG8N1/xhlmFwj
poRGmO0HGaEl2kGO0bAvz34kHT70re03O+soHQIDAQABo4ICcDCCAmwwHQYDVR0O
BBYEFMIgGDewXemGs2A1gLBPls1T9cDGMB8GA1UdIwQYMBaAFMkXN3nPL18LZ2HV
1jBm97gxfaPeMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvZjE0MWVi
NmU5YWMyMGFkZjZmNjU1ZWFkYTk2ODE0ZjY1ZDViZWVkZC5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNTAwZTYzNjQtZmE0OS00ZjFjLWE5ZGYtMGRlOTkw
NDg3NTIzLzFjNmYxMDRlZWM4Yzg5NTFlYzQzYjU3MDFjNmEzODRhZDIxMTYwMmIu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy81MDBlNjM2NC1mYTQ5LTRmMWMtYTlkZi0wZGU5
OTA0ODc1MjMvZjE0MWViNmU5YWMyMGFkZjZmNjU1ZWFkYTk2ODE0ZjY1ZDViZWVk
ZC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0BggrBgEFBQcBBwEB/wQl
MCMwEgQCAAEwDAMEAoo7DAMEAsgAzDANBAIAAjAHAwUAIAETSDANBgkqhkiG9w0B
AQsFAAOCAQEABrTenJe6g/Ezf1tYIlkFONwI927RAhyToKvAU4foYlZ5yo6e7OBX
8wLah7/9HEcKDf7BcuXzo7i3BNCbfz4HhlHWWWsQ0owr30m4dpz754ECz/P6MUTw
MIlH8u2c+4tNO1r9gMYJoagw7LTMy0KLdyU9tez5eMqIFmFckH5wzfjMuK/+c0r8
wgOYy8+j72fl3eINmpGp3O+BioqGSy86q0GOWdrHtO4ojacN5z9FYQR2vkezU76s
Diak8d6C+UsayRBrZCmMlGILiDk43eCp9Sw3NlRcuPQv6hWWt8XCZYfi8H75nx50
q8VuHkxVaG4cc5CoiMv9CD29lhoHSCiU4Q==
-----END CERTIFICATE-----
Generated at Thu Mar 28 03:11:30 2024 by rpki-client on console-fra.rpki-client.org