Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/514e1b74-b78e-4425-be27-a3cc2e13660b/71b8dff529c83eb10ac13f94a7cd9c33c41257c4.roa
File:                     71b8dff529c83eb10ac13f94a7cd9c33c41257c4.roa (raw, json)
Hash identifier:          jk5Noqg5sp0csOGwEw8CQ2GS2wGWSR+QQvcm1YuDzLw=
Subject key identifier:   9D:1F:76:9F:9E:41:9E:8D:74:8B:35:5E:6E:DB:46:1C:13:6C:F5:C1
Certificate issuer:       /CN=2a2f398f08732dba8b24bf45f6d48d5cac0c8f99
Certificate serial:       0FA4F7
Authority key identifier: A9:12:A8:EF:9D:3C:43:D0:99:9E:23:97:75:38:E5:8E:F9:61:BC:8D
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/2a2f398f08732dba8b24bf45f6d48d5cac0c8f99.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/514e1b74-b78e-4425-be27-a3cc2e13660b/71b8dff529c83eb10ac13f94a7cd9c33c41257c4.roa
Signing time:             Tue 28 Nov 2023 13:40:36 +0000
ROA not before:           Tue 28 Nov 2023 13:40:36 +0000
ROA not after:            Fri 28 Nov 2025 13:40:36 +0000
asID:                     272081
IP address blocks:        181.189.56.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/514e1b74-b78e-4425-be27-a3cc2e13660b/2a2f398f08732dba8b24bf45f6d48d5cac0c8f99.crl
                          rsync://repository.lacnic.net/rpki/lacnic/514e1b74-b78e-4425-be27-a3cc2e13660b/2a2f398f08732dba8b24bf45f6d48d5cac0c8f99.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/2a2f398f08732dba8b24bf45f6d48d5cac0c8f99.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Tue 27 Feb 2024 12:23:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1025271 (0xfa4f7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a2f398f08732dba8b24bf45f6d48d5cac0c8f99
        Validity
            Not Before: Nov 28 13:40:36 2023 GMT
            Not After : Nov 28 13:40:36 2025 GMT
        Subject: CN=71b8dff529c83eb10ac13f94a7cd9c33c41257c4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:50:dc:79:f4:31:ae:69:21:0d:2d:ac:57:33:
                    2c:f1:89:d3:a8:4c:96:b1:5a:d9:8e:d3:33:2d:97:
                    1b:4e:27:8a:c3:2b:b4:6c:da:39:56:e4:2d:5d:a1:
                    e7:1e:e8:fe:cd:97:6b:71:28:5c:10:4e:53:18:9c:
                    b8:ca:67:17:b6:8a:75:6e:81:37:ee:64:71:43:6b:
                    ab:2c:0e:1a:f0:9a:71:b7:46:e4:1c:06:6b:02:8f:
                    c4:6d:35:bb:6d:a2:1e:4b:17:1d:24:ed:00:25:1a:
                    3c:ef:b6:8b:e4:6b:87:a3:32:4a:85:7a:cb:64:42:
                    9d:88:c9:13:a3:77:ba:46:01:e1:5d:64:67:c2:a3:
                    65:14:8e:4e:b8:08:1f:31:13:e7:75:68:83:e7:89:
                    31:23:a8:3b:78:80:89:9c:64:2a:fa:b9:59:0b:44:
                    91:69:0c:7f:a4:1c:66:ab:41:7a:6f:5a:d8:d9:1f:
                    44:62:b5:63:4c:d3:45:76:2b:e7:4b:17:15:47:70:
                    9c:f3:9d:d8:56:c0:04:ea:f0:26:1b:30:b0:18:74:
                    3a:90:2c:e3:29:dd:e8:64:0e:e0:a6:d9:66:61:b1:
                    8c:9f:35:ed:c4:6f:98:03:fb:2d:25:9d:95:99:4d:
                    65:a8:d7:07:1b:f7:18:00:03:7a:33:91:d2:0d:d9:
                    c4:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9D:1F:76:9F:9E:41:9E:8D:74:8B:35:5E:6E:DB:46:1C:13:6C:F5:C1
            X509v3 Authority Key Identifier:
                keyid:A9:12:A8:EF:9D:3C:43:D0:99:9E:23:97:75:38:E5:8E:F9:61:BC:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/2a2f398f08732dba8b24bf45f6d48d5cac0c8f99.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/514e1b74-b78e-4425-be27-a3cc2e13660b/71b8dff529c83eb10ac13f94a7cd9c33c41257c4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/514e1b74-b78e-4425-be27-a3cc2e13660b/2a2f398f08732dba8b24bf45f6d48d5cac0c8f99.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  181.189.56.0/24

    Signature Algorithm: sha256WithRSAEncryption
         62:91:43:5d:65:f5:20:74:31:5c:a4:6d:31:4a:70:1c:e7:19:
         d7:2b:e7:f4:d8:a1:b4:e4:35:0d:b4:78:f9:b4:e6:44:53:fc:
         56:20:ff:a9:49:06:ca:56:ff:54:95:c7:85:bd:47:4f:55:a0:
         6f:96:78:2f:9f:43:87:4e:7e:a2:c5:3c:c1:cb:37:e3:0e:1d:
         98:b7:a0:46:c1:01:57:93:ea:fc:59:8c:df:95:35:21:5b:a9:
         7d:f4:a4:ea:ec:83:99:14:ec:08:60:b1:70:9e:2b:2e:bf:e9:
         f6:1c:af:8e:58:6c:67:e7:4c:67:3b:84:f2:36:19:da:7d:0d:
         65:33:67:17:7d:ad:4e:14:85:b4:ca:1c:b9:d5:ff:6d:3f:b4:
         d4:7b:9f:62:75:4d:54:9b:fe:4f:97:0b:13:3c:95:df:5e:79:
         67:e7:cb:8e:be:17:bf:a2:e9:db:17:c1:06:3b:11:45:f2:51:
         f8:b6:41:e1:2f:31:af:08:9e:41:8d:22:a7:d0:2e:22:09:db:
         7f:78:73:fd:95:e9:ba:51:43:b6:0a:44:52:61:77:75:59:a4:
         09:99:7c:49:e0:39:e3:de:09:4f:34:f0:47:75:63:2c:8d:59:
         18:07:09:9b:78:50:c4:96:14:87:6a:5b:f2:92:d5:65:8a:03:
         18:57:e1:0c
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDD6T3MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDJh
MmYzOThmMDg3MzJkYmE4YjI0YmY0NWY2ZDQ4ZDVjYWMwYzhmOTkwHhcNMjMxMTI4
MTM0MDM2WhcNMjUxMTI4MTM0MDM2WjAzMTEwLwYDVQQDEyg3MWI4ZGZmNTI5Yzgz
ZWIxMGFjMTNmOTRhN2NkOWMzM2M0MTI1N2M0MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAm1DcefQxrmkhDS2sVzMs8YnTqEyWsVrZjtMzLZcbTieKwyu0
bNo5VuQtXaHnHuj+zZdrcShcEE5TGJy4ymcXtop1boE37mRxQ2urLA4a8Jpxt0bk
HAZrAo/EbTW7baIeSxcdJO0AJRo877aL5GuHozJKhXrLZEKdiMkTo3e6RgHhXWRn
wqNlFI5OuAgfMRPndWiD54kxI6g7eICJnGQq+rlZC0SRaQx/pBxmq0F6b1rY2R9E
YrVjTNNFdivnSxcVR3Cc853YVsAE6vAmGzCwGHQ6kCzjKd3oZA7gptlmYbGMnzXt
xG+YA/stJZ2VmU1lqNcHG/cYAAN6M5HSDdnE6wIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFJ0fdp+eQZ6NdIs1Xm7bRhwTbPXBMB8GA1UdIwQYMBaAFKkSqO+dPEPQmZ4j
l3U45Y75YbyNMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvMmEyZjM5
OGYwODczMmRiYThiMjRiZjQ1ZjZkNDhkNWNhYzBjOGY5OS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNTE0ZTFiNzQtYjc4ZS00NDI1LWJlMjctYTNjYzJl
MTM2NjBiLzcxYjhkZmY1MjljODNlYjEwYWMxM2Y5NGE3Y2Q5YzMzYzQxMjU3YzQu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy81MTRlMWI3NC1iNzhlLTQ0MjUtYmUyNy1hM2Nj
MmUxMzY2MGIvMmEyZjM5OGYwODczMmRiYThiMjRiZjQ1ZjZkNDhkNWNhYzBjOGY5
OS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEALW9ODANBgkqhkiG9w0BAQsFAAOCAQEAYpFDXWX1IHQxXKRt
MUpwHOcZ1yvn9NihtOQ1DbR4+bTmRFP8ViD/qUkGylb/VJXHhb1HT1Wgb5Z4L59D
h05+osU8wcs34w4dmLegRsEBV5Pq/FmM35U1IVupffSk6uyDmRTsCGCxcJ4rLr/p
9hyvjlhsZ+dMZzuE8jYZ2n0NZTNnF32tThSFtMocudX/bT+01HufYnVNVJv+T5cL
EzyV3155Z+fLjr4Xv6Lp2xfBBjsRRfJR+LZB4S8xrwieQY0ip9AuIgnbf3hz/ZXp
ulFDtgpEUmF3dVmkCZl8SeA5494JTzTwR3VjLI1ZGAcJm3hQxJYUh2pb8pLVZYoD
GFfhDA==
-----END CERTIFICATE-----
Generated at Sat Feb 24 12:30:20 2024 by rpki-client on console-fra.rpki-client.org