Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/52cc5428-2f92-488f-bced-d60fa88ea2e2/c4b285286e319f6484a57d2e56b314c25d46267c.roa
File:                     c4b285286e319f6484a57d2e56b314c25d46267c.roa (raw, json)
Hash identifier:          NDY9ik3N0/AqGi1DtRT0FvEdevszj4frNqwZs9JFuo4=
Subject key identifier:   0D:27:2C:4E:F5:FD:82:18:83:EC:88:74:15:0B:10:28:9C:36:99:C4
Certificate issuer:       /CN=fa838a953551009c19f610b9c5f2d235fe909d9f
Certificate serial:       0800B7
Authority key identifier: A8:AD:8A:2E:54:33:BB:B4:DA:91:3B:AD:7E:38:D2:59:A9:56:4D:F9
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/fa838a953551009c19f610b9c5f2d235fe909d9f.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/52cc5428-2f92-488f-bced-d60fa88ea2e2/c4b285286e319f6484a57d2e56b314c25d46267c.roa
Signing time:             Wed 24 Mar 2021 14:30:05 +0000
ROA not before:           Wed 24 Mar 2021 14:30:05 +0000
ROA not after:            Tue 24 Mar 2026 14:30:05 +0000
asID:                     265744
IP address blocks:        128.201.132.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/52cc5428-2f92-488f-bced-d60fa88ea2e2/fa838a953551009c19f610b9c5f2d235fe909d9f.crl
                          rsync://repository.lacnic.net/rpki/lacnic/52cc5428-2f92-488f-bced-d60fa88ea2e2/fa838a953551009c19f610b9c5f2d235fe909d9f.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/fa838a953551009c19f610b9c5f2d235fe909d9f.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 19:38:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 524471 (0x800b7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fa838a953551009c19f610b9c5f2d235fe909d9f
        Validity
            Not Before: Mar 24 14:30:05 2021 GMT
            Not After : Mar 24 14:30:05 2026 GMT
        Subject: CN=c4b285286e319f6484a57d2e56b314c25d46267c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:e5:c8:2f:b8:01:1d:c9:6e:81:3b:fd:0a:df:
                    86:17:86:37:b3:6b:d4:88:33:25:81:3d:58:d7:5c:
                    ac:b1:cb:25:7f:b2:d6:b7:fc:c4:c5:1b:62:bc:75:
                    80:44:65:f1:9c:5a:48:ec:8a:40:5c:d2:40:e9:c5:
                    28:c3:61:6f:fb:1a:13:5d:b7:00:39:79:ca:57:21:
                    58:df:27:02:13:80:c2:0f:69:b8:ac:4f:e3:42:09:
                    0b:2e:90:73:a0:92:ca:dc:a2:7c:69:ca:87:50:ab:
                    12:5a:1a:05:dc:19:bf:d2:3d:db:94:68:55:07:96:
                    ea:ae:01:4a:99:f9:7c:56:6c:ff:e4:c2:39:ff:b1:
                    2c:65:c6:6a:4d:96:5b:ad:ac:d8:63:37:da:04:0a:
                    a8:f2:36:05:79:88:25:d0:cd:6e:fd:27:e3:bd:8e:
                    17:29:fa:21:9e:ef:51:26:11:0a:f1:e5:04:dc:65:
                    e3:86:28:b3:b8:59:f7:48:6e:f0:a0:e8:40:76:af:
                    d7:74:af:20:df:88:49:2b:77:d6:d5:11:f2:95:4d:
                    46:11:68:07:0b:85:6a:99:b3:4b:dc:37:b3:01:bd:
                    fc:95:47:1b:2d:0d:d6:07:09:2d:56:4a:c3:96:47:
                    04:95:95:77:0c:05:b2:fe:dc:dc:b9:27:21:bc:54:
                    1a:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:27:2C:4E:F5:FD:82:18:83:EC:88:74:15:0B:10:28:9C:36:99:C4
            X509v3 Authority Key Identifier:
                keyid:A8:AD:8A:2E:54:33:BB:B4:DA:91:3B:AD:7E:38:D2:59:A9:56:4D:F9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/fa838a953551009c19f610b9c5f2d235fe909d9f.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/52cc5428-2f92-488f-bced-d60fa88ea2e2/c4b285286e319f6484a57d2e56b314c25d46267c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/52cc5428-2f92-488f-bced-d60fa88ea2e2/fa838a953551009c19f610b9c5f2d235fe909d9f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  128.201.132.0/22

    Signature Algorithm: sha256WithRSAEncryption
         20:65:19:cd:5a:1a:9a:18:0b:53:74:6f:e9:21:c3:8b:c4:e6:
         62:6d:e6:ab:f4:11:ed:9a:a3:d9:41:2a:4c:c1:78:d1:91:9a:
         54:93:0e:1c:d0:6e:4c:a0:8d:25:5a:cb:4f:0a:7d:31:92:f4:
         c7:c3:f3:14:45:ee:fa:db:97:3a:13:5b:1e:78:2a:05:80:80:
         71:ed:95:d3:d5:6e:b1:98:b3:d9:f5:88:9d:11:64:ed:c2:e0:
         31:cf:fd:2b:54:25:e8:ae:b7:de:3d:6c:4c:a0:45:45:af:78:
         e5:4c:9b:dd:41:0e:62:73:53:8f:3f:42:c5:64:b7:c5:46:26:
         92:e2:6a:dc:88:ab:e5:81:f3:2b:cf:a6:a8:8e:5e:9d:d2:d2:
         bb:71:68:cb:59:b6:c3:7b:78:9b:b4:46:c8:24:b6:42:12:cb:
         0b:1d:ee:91:0d:fe:ff:f1:cd:73:9f:c9:01:87:16:27:0f:63:
         e8:69:86:97:69:bb:ff:11:ee:60:22:06:7e:a0:9d:61:43:8e:
         c8:9a:b5:7d:62:45:91:f4:2d:8c:bf:42:e9:00:e4:bd:b4:9c:
         3a:c4:30:68:75:3e:d9:f2:f7:2e:96:24:b8:8d:76:d9:8e:55:
         60:52:03:5f:32:9a:7c:37:6a:ff:35:26:12:a9:84:bd:fd:18:
         17:19:96:ea
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDCAC3MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGZh
ODM4YTk1MzU1MTAwOWMxOWY2MTBiOWM1ZjJkMjM1ZmU5MDlkOWYwHhcNMjEwMzI0
MTQzMDA1WhcNMjYwMzI0MTQzMDA1WjAzMTEwLwYDVQQDEyhjNGIyODUyODZlMzE5
ZjY0ODRhNTdkMmU1NmIzMTRjMjVkNDYyNjdjMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAheXIL7gBHclugTv9Ct+GF4Y3s2vUiDMlgT1Y11ysscslf7LW
t/zExRtivHWARGXxnFpI7IpAXNJA6cUow2Fv+xoTXbcAOXnKVyFY3ycCE4DCD2m4
rE/jQgkLLpBzoJLK3KJ8acqHUKsSWhoF3Bm/0j3blGhVB5bqrgFKmfl8Vmz/5MI5
/7EsZcZqTZZbrazYYzfaBAqo8jYFeYgl0M1u/SfjvY4XKfohnu9RJhEK8eUE3GXj
hiizuFn3SG7woOhAdq/XdK8g34hJK3fW1RHylU1GEWgHC4VqmbNL3DezAb38lUcb
LQ3WBwktVkrDlkcElZV3DAWy/tzcuSchvFQa7QIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFA0nLE71/YIYg+yIdBULECicNpnEMB8GA1UdIwQYMBaAFKitii5UM7u02pE7
rX440lmpVk35MA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvZmE4Mzhh
OTUzNTUxMDA5YzE5ZjYxMGI5YzVmMmQyMzVmZTkwOWQ5Zi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNTJjYzU0MjgtMmY5Mi00ODhmLWJjZWQtZDYwZmE4
OGVhMmUyL2M0YjI4NTI4NmUzMTlmNjQ4NGE1N2QyZTU2YjMxNGMyNWQ0NjI2N2Mu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy81MmNjNTQyOC0yZjkyLTQ4OGYtYmNlZC1kNjBm
YTg4ZWEyZTIvZmE4MzhhOTUzNTUxMDA5YzE5ZjYxMGI5YzVmMmQyMzVmZTkwOWQ5
Zi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAoDJhDANBgkqhkiG9w0BAQsFAAOCAQEAIGUZzVoamhgLU3Rv
6SHDi8TmYm3mq/QR7Zqj2UEqTMF40ZGaVJMOHNBuTKCNJVrLTwp9MZL0x8PzFEXu
+tuXOhNbHngqBYCAce2V09VusZiz2fWInRFk7cLgMc/9K1Ql6K633j1sTKBFRa94
5Uyb3UEOYnNTjz9CxWS3xUYmkuJq3Iir5YHzK8+mqI5endLSu3Foy1m2w3t4m7RG
yCS2QhLLCx3ukQ3+//HNc5/JAYcWJw9j6GmGl2m7/xHuYCIGfqCdYUOOyJq1fWJF
kfQtjL9C6QDkvbScOsQwaHU+2fL3LpYkuI122Y5VYFIDXzKafDdq/zUmEqmEvf0Y
FxmW6g==
-----END CERTIFICATE-----
Generated at Fri Mar 29 02:14:12 2024 by rpki-client on console-ams.rpki-client.org