Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/514e1b74-b78e-4425-be27-a3cc2e13660b/09ddc5fc0e868957199dac61b6cdd9ceed64a205.roa
File:                     09ddc5fc0e868957199dac61b6cdd9ceed64a205.roa (raw, json)
Hash identifier:          bi1HzXQNurQCvubfTj8gWLk2MBeYblWH9gLV7DDUuzU=
Subject key identifier:   7C:01:5B:E8:45:9F:08:14:B1:3F:4E:C5:5D:AC:10:31:82:0A:FC:34
Certificate issuer:       /CN=2a2f398f08732dba8b24bf45f6d48d5cac0c8f99
Certificate serial:       0FA2BF
Authority key identifier: A9:12:A8:EF:9D:3C:43:D0:99:9E:23:97:75:38:E5:8E:F9:61:BC:8D
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/2a2f398f08732dba8b24bf45f6d48d5cac0c8f99.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/514e1b74-b78e-4425-be27-a3cc2e13660b/09ddc5fc0e868957199dac61b6cdd9ceed64a205.roa
Signing time:             Tue 28 Nov 2023 13:39:03 +0000
ROA not before:           Tue 28 Nov 2023 13:39:03 +0000
ROA not after:            Fri 28 Nov 2025 13:39:03 +0000
asID:                     265633
IP address blocks:        181.189.58.0/23 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/514e1b74-b78e-4425-be27-a3cc2e13660b/2a2f398f08732dba8b24bf45f6d48d5cac0c8f99.crl
                          rsync://repository.lacnic.net/rpki/lacnic/514e1b74-b78e-4425-be27-a3cc2e13660b/2a2f398f08732dba8b24bf45f6d48d5cac0c8f99.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/2a2f398f08732dba8b24bf45f6d48d5cac0c8f99.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Tue 27 Feb 2024 12:23:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1024703 (0xfa2bf)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a2f398f08732dba8b24bf45f6d48d5cac0c8f99
        Validity
            Not Before: Nov 28 13:39:03 2023 GMT
            Not After : Nov 28 13:39:03 2025 GMT
        Subject: CN=09ddc5fc0e868957199dac61b6cdd9ceed64a205
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:30:29:96:35:4b:7d:37:03:23:75:74:96:21:
                    17:cb:ca:ec:b2:14:94:bc:ee:d4:a5:91:6c:71:45:
                    87:54:d6:3c:4d:28:bf:ff:22:0b:da:52:61:0b:f1:
                    02:84:f9:b8:c4:23:3f:82:a5:03:d1:7c:6c:c3:e8:
                    4d:a0:7a:96:a1:1f:e4:2b:31:7e:d3:e8:78:2b:b0:
                    f5:c9:6e:df:8e:35:2d:4e:73:37:81:ab:8b:9b:df:
                    8e:bd:cb:fe:68:50:8c:c4:a9:7f:a3:12:49:52:b9:
                    27:83:8d:bf:de:8a:6f:ad:d4:c1:ce:e2:f7:61:ad:
                    27:66:13:e6:74:b4:58:81:46:c0:12:58:ab:1d:36:
                    17:3a:34:f3:e6:0e:1d:88:a8:99:c8:3a:6e:9c:17:
                    51:ae:20:d1:45:7e:a6:7b:7a:3f:b7:25:41:c3:29:
                    7e:b6:38:28:4a:7c:6f:1a:d9:2c:05:6b:b1:ec:38:
                    a2:ea:69:66:24:17:b9:b1:a6:8b:98:d6:9e:06:77:
                    d3:f8:c8:6f:41:2d:c5:c0:fa:bb:fd:01:12:67:aa:
                    50:b7:6a:7a:39:b6:2d:4b:2b:8d:96:82:53:04:0b:
                    6b:cb:70:44:ac:37:50:44:46:1d:46:90:1b:ee:18:
                    e5:77:11:92:9b:61:97:38:9b:c8:46:9c:c8:aa:2a:
                    21:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7C:01:5B:E8:45:9F:08:14:B1:3F:4E:C5:5D:AC:10:31:82:0A:FC:34
            X509v3 Authority Key Identifier:
                keyid:A9:12:A8:EF:9D:3C:43:D0:99:9E:23:97:75:38:E5:8E:F9:61:BC:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/2a2f398f08732dba8b24bf45f6d48d5cac0c8f99.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/514e1b74-b78e-4425-be27-a3cc2e13660b/09ddc5fc0e868957199dac61b6cdd9ceed64a205.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/514e1b74-b78e-4425-be27-a3cc2e13660b/2a2f398f08732dba8b24bf45f6d48d5cac0c8f99.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  181.189.58.0/23

    Signature Algorithm: sha256WithRSAEncryption
         61:95:67:a7:38:6f:0a:43:05:c8:1a:ff:6b:7b:d5:49:b2:1f:
         22:53:9b:bf:55:ea:fc:7c:a9:d5:b4:5d:32:53:37:5f:e9:00:
         92:d5:6a:8b:23:53:f7:bd:d9:f1:98:ce:b9:51:99:4a:fe:80:
         94:87:05:58:62:4d:e3:ba:1f:f0:27:ea:01:82:09:85:e0:0b:
         10:b8:07:e7:36:f7:28:29:5c:54:20:59:fc:ff:2b:44:4a:61:
         c6:fe:03:73:7e:e3:d9:eb:91:83:23:e7:2b:48:19:03:2a:c3:
         03:51:72:0b:d3:a6:e5:69:30:d5:e5:1e:ec:08:28:27:46:5c:
         c5:5e:74:74:67:56:fa:72:a3:d5:e7:8a:1c:1c:fa:d8:1b:c1:
         7b:42:49:0d:30:b0:57:59:0e:db:79:23:77:49:f6:18:1a:97:
         95:71:f5:c4:b2:9e:df:7c:d9:d6:c1:ee:64:bf:88:c5:aa:67:
         d8:fc:ce:4b:b2:c6:5b:50:73:8f:47:c8:15:1c:2a:74:57:89:
         43:57:a1:77:d8:3e:69:8f:d1:2b:11:c0:db:79:27:14:e6:1f:
         7a:c5:65:9a:ea:0f:19:73:ca:37:f1:5c:c8:21:62:06:8e:5b:
         39:f5:15:cd:8f:1c:e7:39:9c:a0:ae:d1:32:e2:72:2c:d2:5f:
         a5:73:8a:0d
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDD6K/MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDJh
MmYzOThmMDg3MzJkYmE4YjI0YmY0NWY2ZDQ4ZDVjYWMwYzhmOTkwHhcNMjMxMTI4
MTMzOTAzWhcNMjUxMTI4MTMzOTAzWjAzMTEwLwYDVQQDEygwOWRkYzVmYzBlODY4
OTU3MTk5ZGFjNjFiNmNkZDljZWVkNjRhMjA1MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAkjApljVLfTcDI3V0liEXy8rsshSUvO7UpZFscUWHVNY8TSi/
/yIL2lJhC/EChPm4xCM/gqUD0Xxsw+hNoHqWoR/kKzF+0+h4K7D1yW7fjjUtTnM3
gauLm9+Ovcv+aFCMxKl/oxJJUrkng42/3opvrdTBzuL3Ya0nZhPmdLRYgUbAElir
HTYXOjTz5g4diKiZyDpunBdRriDRRX6me3o/tyVBwyl+tjgoSnxvGtksBWux7Dii
6mlmJBe5saaLmNaeBnfT+MhvQS3FwPq7/QESZ6pQt2p6ObYtSyuNloJTBAtry3BE
rDdQREYdRpAb7hjldxGSm2GXOJvIRpzIqiohHQIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFHwBW+hFnwgUsT9OxV2sEDGCCvw0MB8GA1UdIwQYMBaAFKkSqO+dPEPQmZ4j
l3U45Y75YbyNMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvMmEyZjM5
OGYwODczMmRiYThiMjRiZjQ1ZjZkNDhkNWNhYzBjOGY5OS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNTE0ZTFiNzQtYjc4ZS00NDI1LWJlMjctYTNjYzJl
MTM2NjBiLzA5ZGRjNWZjMGU4Njg5NTcxOTlkYWM2MWI2Y2RkOWNlZWQ2NGEyMDUu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy81MTRlMWI3NC1iNzhlLTQ0MjUtYmUyNy1hM2Nj
MmUxMzY2MGIvMmEyZjM5OGYwODczMmRiYThiMjRiZjQ1ZjZkNDhkNWNhYzBjOGY5
OS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAbW9OjANBgkqhkiG9w0BAQsFAAOCAQEAYZVnpzhvCkMFyBr/
a3vVSbIfIlObv1Xq/Hyp1bRdMlM3X+kAktVqiyNT973Z8ZjOuVGZSv6AlIcFWGJN
47of8CfqAYIJheALELgH5zb3KClcVCBZ/P8rREphxv4Dc37j2euRgyPnK0gZAyrD
A1FyC9Om5Wkw1eUe7AgoJ0ZcxV50dGdW+nKj1eeKHBz62BvBe0JJDTCwV1kO23kj
d0n2GBqXlXH1xLKe33zZ1sHuZL+Ixapn2PzOS7LGW1Bzj0fIFRwqdFeJQ1ehd9g+
aY/RKxHA23knFOYfesVlmuoPGXPKN/FcyCFiBo5bOfUVzY8c5zmcoK7RMuJyLNJf
pXOKDQ==
-----END CERTIFICATE-----
Generated at Sat Feb 24 12:30:20 2024 by rpki-client on console-fra.rpki-client.org