Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/512c2cc7-2c7e-4579-9d78-69582babcd4a/69b50cd066585cd9419ae674751b5e58f59b5036.roa
File:                     69b50cd066585cd9419ae674751b5e58f59b5036.roa (raw, json)
Hash identifier:          feF7lUxymODQeC9vWdraNS0gK6O5Xy5pWLoRp7FvFAA=
Subject key identifier:   11:87:67:54:46:25:AE:3D:F3:DF:DE:61:5F:C3:BE:B5:9B:82:9E:A3
Certificate issuer:       /CN=58d4d9b526509407bcd0b39b8d13b0c940d11a2e
Certificate serial:       18E430
Authority key identifier: 4E:61:CF:E0:E4:F7:03:42:5B:39:DD:7C:1C:1A:D6:75:06:29:8C:04
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/58d4d9b526509407bcd0b39b8d13b0c940d11a2e.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/512c2cc7-2c7e-4579-9d78-69582babcd4a/69b50cd066585cd9419ae674751b5e58f59b5036.roa
Signing time:             Tue 10 Jan 2023 15:56:09 +0000
ROA not before:           Tue 23 Mar 2021 03:00:00 +0000
ROA not after:            Tue 24 Mar 2026 03:00:00 +0000
asID:                     269853
IP address blocks:        45.189.56.0/22 maxlen: 28
                          45.171.120.0/23 maxlen: 28

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/512c2cc7-2c7e-4579-9d78-69582babcd4a/58d4d9b526509407bcd0b39b8d13b0c940d11a2e.crl
                          rsync://repository.lacnic.net/rpki/lacnic/512c2cc7-2c7e-4579-9d78-69582babcd4a/58d4d9b526509407bcd0b39b8d13b0c940d11a2e.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/58d4d9b526509407bcd0b39b8d13b0c940d11a2e.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Tue 27 Feb 2024 02:19:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1631280 (0x18e430)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=58d4d9b526509407bcd0b39b8d13b0c940d11a2e
        Validity
            Not Before: Mar 23 03:00:00 2021 GMT
            Not After : Mar 24 03:00:00 2026 GMT
        Subject: CN=69b50cd066585cd9419ae674751b5e58f59b5036
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:c2:db:ec:9e:c6:08:ab:6b:0d:7f:d5:5a:09:
                    c8:5d:94:ce:42:a0:b7:fd:8c:e1:46:1b:87:b5:74:
                    6b:1a:ba:de:e1:0c:d1:1c:8a:64:72:96:3c:9b:65:
                    d7:3c:3a:2b:8e:12:ee:57:c8:26:ad:6c:c7:97:8c:
                    be:8c:1b:4f:2a:a9:fe:24:85:7c:70:ac:b6:c8:5d:
                    eb:e8:82:fc:2a:c4:e6:d2:2b:7f:3f:41:7d:50:92:
                    55:27:5c:e9:41:bf:3b:c2:72:c2:b0:c5:a9:12:89:
                    d3:f9:2e:36:c6:15:d2:0f:ff:f3:b5:53:fe:e5:1c:
                    f7:ff:be:c4:74:d4:66:cf:b9:7b:5e:9d:d7:92:38:
                    9a:e5:66:01:ea:c5:c6:e7:32:6a:b8:29:66:a6:fc:
                    30:36:ae:8e:45:87:ee:6c:07:7b:17:46:9e:d3:96:
                    dd:32:0a:09:93:4e:11:26:49:1b:4a:cc:b3:8f:39:
                    0d:1c:3b:7a:87:2b:0d:2a:df:a9:08:32:0a:21:12:
                    0b:49:3a:c5:7e:78:30:88:96:74:c6:e3:d4:1a:6d:
                    d5:b3:47:17:69:61:e1:48:19:1b:59:95:d3:6c:a4:
                    a0:78:22:8d:3e:94:00:ca:0e:0a:23:b7:f7:99:c8:
                    6c:74:2e:3a:d7:32:f2:75:84:29:6a:51:88:63:0c:
                    38:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                11:87:67:54:46:25:AE:3D:F3:DF:DE:61:5F:C3:BE:B5:9B:82:9E:A3
            X509v3 Authority Key Identifier:
                keyid:4E:61:CF:E0:E4:F7:03:42:5B:39:DD:7C:1C:1A:D6:75:06:29:8C:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/58d4d9b526509407bcd0b39b8d13b0c940d11a2e.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/512c2cc7-2c7e-4579-9d78-69582babcd4a/69b50cd066585cd9419ae674751b5e58f59b5036.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/512c2cc7-2c7e-4579-9d78-69582babcd4a/58d4d9b526509407bcd0b39b8d13b0c940d11a2e.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.171.120.0/23
                  45.189.56.0/22

    Signature Algorithm: sha256WithRSAEncryption
         29:b0:d9:25:d8:cd:f8:90:a4:dc:b5:5e:f8:a0:9c:8c:b9:24:
         f8:3f:a7:db:52:04:fd:c1:21:6a:c8:65:5a:65:17:77:a6:e3:
         ba:62:b4:25:15:f7:36:fd:d6:5a:3c:11:6f:96:2f:be:68:31:
         b1:cd:00:6e:e5:19:3b:88:51:39:be:2d:f9:90:17:ea:3e:22:
         49:ff:47:ec:99:de:92:d7:78:38:f3:f8:b1:b2:3d:dc:cf:11:
         ef:f1:2b:45:fb:19:c1:17:56:c4:67:ad:83:a7:51:59:92:4d:
         ed:8e:43:56:01:cf:74:5f:96:d6:df:21:4b:8e:2c:34:a5:67:
         db:d7:78:45:42:0c:3f:bd:87:42:f6:ef:84:80:32:be:6d:6f:
         c2:6d:80:cf:76:30:ec:f9:47:de:e1:a8:cc:80:58:82:56:6d:
         22:87:6e:89:7a:28:c5:ba:ee:8e:d7:fa:b3:eb:28:4c:f2:31:
         4f:90:fd:3b:3e:8f:35:e6:2b:7e:91:d4:1d:3e:06:30:c0:c8:
         21:dc:b1:ad:a9:36:27:f6:ea:40:b3:4c:ad:6f:05:d3:dd:e9:
         ea:53:f6:dd:92:97:02:f1:ff:fa:68:37:ba:0e:0f:b1:fa:64:
         19:14:93:30:6e:4e:79:d3:5d:17:24:b8:32:23:e2:59:30:73:
         77:56:0b:ea
-----BEGIN CERTIFICATE-----
MIIFRjCCBC6gAwIBAgIDGOQwMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDU4
ZDRkOWI1MjY1MDk0MDdiY2QwYjM5YjhkMTNiMGM5NDBkMTFhMmUwHhcNMjEwMzIz
MDMwMDAwWhcNMjYwMzI0MDMwMDAwWjAzMTEwLwYDVQQDEyg2OWI1MGNkMDY2NTg1
Y2Q5NDE5YWU2NzQ3NTFiNWU1OGY1OWI1MDM2MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAlcLb7J7GCKtrDX/VWgnIXZTOQqC3/YzhRhuHtXRrGrre4QzR
HIpkcpY8m2XXPDorjhLuV8gmrWzHl4y+jBtPKqn+JIV8cKy2yF3r6IL8KsTm0it/
P0F9UJJVJ1zpQb87wnLCsMWpEonT+S42xhXSD//ztVP+5Rz3/77EdNRmz7l7Xp3X
kjia5WYB6sXG5zJquClmpvwwNq6ORYfubAd7F0ae05bdMgoJk04RJkkbSsyzjzkN
HDt6hysNKt+pCDIKIRILSTrFfngwiJZ0xuPUGm3Vs0cXaWHhSBkbWZXTbKSgeCKN
PpQAyg4KI7f3mchsdC461zLydYQpalGIYww4kQIDAQABo4ICYTCCAl0wHQYDVR0O
BBYEFBGHZ1RGJa4989/eYV/DvrWbgp6jMB8GA1UdIwQYMBaAFE5hz+Dk9wNCWznd
fBwa1nUGKYwEMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvNThkNGQ5
YjUyNjUwOTQwN2JjZDBiMzliOGQxM2IwYzk0MGQxMWEyZS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNTEyYzJjYzctMmM3ZS00NTc5LTlkNzgtNjk1ODJi
YWJjZDRhLzY5YjUwY2QwNjY1ODVjZDk0MTlhZTY3NDc1MWI1ZTU4ZjU5YjUwMzYu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy81MTJjMmNjNy0yYzdlLTQ1NzktOWQ3OC02OTU4
MmJhYmNkNGEvNThkNGQ5YjUyNjUwOTQwN2JjZDBiMzliOGQxM2IwYzk0MGQxMWEy
ZS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQW
MBQwEgQCAAEwDAMEAS2reAMEAi29ODANBgkqhkiG9w0BAQsFAAOCAQEAKbDZJdjN
+JCk3LVe+KCcjLkk+D+n21IE/cEhashlWmUXd6bjumK0JRX3Nv3WWjwRb5Yvvmgx
sc0AbuUZO4hROb4t+ZAX6j4iSf9H7Jnektd4OPP4sbI93M8R7/ErRfsZwRdWxGet
g6dRWZJN7Y5DVgHPdF+W1t8hS44sNKVn29d4RUIMP72HQvbvhIAyvm1vwm2Az3Yw
7PlH3uGozIBYglZtIoduiXooxbrujtf6s+soTPIxT5D9Oz6PNeYrfpHUHT4GMMDI
Idyxrak2J/bqQLNMrW8F093p6lP23ZKXAvH/+mg3ug4PsfpkGRSTMG5OedNdFyS4
MiPiWTBzd1YL6g==
-----END CERTIFICATE-----
Generated at Sat Feb 24 06:30:02 2024 by rpki-client on console-fra.rpki-client.org