Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/532b2097-ea08-4780-b94f-03c338b5aa57/440787e653c247b10db0b377867452e44392cf94.roa
File:                     440787e653c247b10db0b377867452e44392cf94.roa (raw, json)
Hash identifier:          iEQbEoHSW43VSYzGGjtSnUdFEqNGTUc1pGm/ZwSmU4U=
Subject key identifier:   FA:F9:AC:49:A2:61:F1:CA:E0:B3:31:B2:56:43:A8:83:46:0B:1A:60
Certificate issuer:       /CN=c974409d0c2a70c921dd685e863e9f00cb1e262a
Certificate serial:       2E2A2A
Authority key identifier: FB:8E:FC:68:56:00:AB:63:EA:02:4F:A3:0D:1F:15:D5:B5:B0:C1:B1
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/c974409d0c2a70c921dd685e863e9f00cb1e262a.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/532b2097-ea08-4780-b94f-03c338b5aa57/440787e653c247b10db0b377867452e44392cf94.roa
Signing time:             Thu 07 Dec 2023 13:00:52 +0000
ROA not before:           Thu 07 Dec 2023 13:00:46 +0000
ROA not after:            Thu 07 Dec 2028 13:00:46 +0000
asID:                     264791
IP address blocks:        181.80.9.0/24 maxlen: 24
                          181.80.10.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/532b2097-ea08-4780-b94f-03c338b5aa57/c974409d0c2a70c921dd685e863e9f00cb1e262a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/532b2097-ea08-4780-b94f-03c338b5aa57/c974409d0c2a70c921dd685e863e9f00cb1e262a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/c974409d0c2a70c921dd685e863e9f00cb1e262a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Tue 16 Apr 2024 13:47:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3025450 (0x2e2a2a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c974409d0c2a70c921dd685e863e9f00cb1e262a
        Validity
            Not Before: Dec  7 13:00:46 2023 GMT
            Not After : Dec  7 13:00:46 2028 GMT
        Subject: CN=440787e653c247b10db0b377867452e44392cf94
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:10:bd:26:38:fc:99:c3:ec:08:87:e4:8e:10:
                    b8:f1:1b:b4:7f:6a:04:0d:fa:b1:3a:ab:c1:ed:7c:
                    2e:41:e3:b0:8e:1a:26:92:db:26:d1:66:b6:59:57:
                    f5:c8:ce:0f:58:57:7a:70:58:19:3f:d6:32:58:10:
                    d2:c6:99:47:a5:57:99:dd:69:d6:08:60:59:9a:a3:
                    01:05:f3:46:2c:0e:5b:0c:b5:15:fb:4c:06:fe:be:
                    ba:6e:af:28:85:c1:36:6b:70:aa:5c:76:73:48:bd:
                    e5:d5:68:ea:b2:4b:0a:99:9b:67:36:1c:d3:89:a5:
                    7f:c7:11:1f:a4:68:bd:71:bf:6d:a2:fa:aa:ce:f2:
                    34:55:11:4b:e9:e7:a8:b9:4e:16:0a:69:94:59:e9:
                    ec:6e:ed:09:a2:16:f6:dd:5d:c0:01:9f:67:d2:d9:
                    ea:a5:b6:1a:67:95:e5:7a:19:1c:22:9d:9a:fd:3c:
                    37:11:3c:78:17:9b:04:17:88:46:50:6b:14:22:72:
                    eb:35:8d:9d:b5:05:bf:a3:80:8a:f6:6d:cd:47:0b:
                    f2:40:ae:57:c2:1f:3f:d4:09:22:4e:20:27:62:4e:
                    71:9b:90:e5:4e:e7:04:1e:2d:a6:6e:72:c0:19:d1:
                    06:a6:be:19:3e:de:48:2e:9b:43:ab:54:c8:f7:dc:
                    52:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FA:F9:AC:49:A2:61:F1:CA:E0:B3:31:B2:56:43:A8:83:46:0B:1A:60
            X509v3 Authority Key Identifier:
                keyid:FB:8E:FC:68:56:00:AB:63:EA:02:4F:A3:0D:1F:15:D5:B5:B0:C1:B1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/c974409d0c2a70c921dd685e863e9f00cb1e262a.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/532b2097-ea08-4780-b94f-03c338b5aa57/440787e653c247b10db0b377867452e44392cf94.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/532b2097-ea08-4780-b94f-03c338b5aa57/c974409d0c2a70c921dd685e863e9f00cb1e262a.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  181.80.9.0-181.80.10.255

    Signature Algorithm: sha256WithRSAEncryption
         ca:ee:27:92:81:b9:4d:f1:56:d6:30:0d:68:10:77:22:17:04:
         6c:51:68:43:b3:03:06:ce:52:f4:cc:a0:a6:40:ad:3f:25:41:
         68:53:ee:d2:0a:53:a2:ad:67:2e:12:c1:4c:c3:12:6c:a1:15:
         6d:4a:7b:32:47:88:1d:dd:d6:d8:72:02:d4:21:a0:28:a4:bb:
         46:3a:24:94:51:10:8d:5a:0c:da:5d:dd:e0:23:15:ff:78:10:
         ef:74:77:e4:aa:25:45:57:b5:44:d6:1d:53:ef:3f:b9:2c:b3:
         9c:80:45:33:19:98:24:ae:fb:44:b5:c3:24:f4:3f:ea:68:f9:
         dd:10:bb:73:83:f4:f1:a7:50:60:38:e4:d0:fe:5a:74:16:61:
         2c:60:87:07:98:52:4f:41:d7:90:7a:2f:13:c4:34:c7:a5:7a:
         c2:45:c7:ca:1a:f1:10:72:f8:20:dd:68:5a:c7:dd:09:93:fc:
         c4:9d:48:b8:cd:27:82:ae:1b:99:b5:d1:2b:a2:6a:01:f8:b1:
         14:82:97:a1:2c:0d:31:17:2b:32:4a:46:f4:0f:8b:94:3c:f6:
         fe:bb:63:c0:ec:21:74:e9:2d:12:85:c5:fa:af:02:80:f4:18:
         e7:df:6c:ab:c9:c7:e2:11:c2:e8:83:61:0a:93:6d:b9:c7:0f:
         22:df:0c:36
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgIDLioqMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGM5
NzQ0MDlkMGMyYTcwYzkyMWRkNjg1ZTg2M2U5ZjAwY2IxZTI2MmEwHhcNMjMxMjA3
MTMwMDQ2WhcNMjgxMjA3MTMwMDQ2WjAzMTEwLwYDVQQDEyg0NDA3ODdlNjUzYzI0
N2IxMGRiMGIzNzc4Njc0NTJlNDQzOTJjZjk0MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAoBC9Jjj8mcPsCIfkjhC48Ru0f2oEDfqxOqvB7XwuQeOwjhom
ktsm0Wa2WVf1yM4PWFd6cFgZP9YyWBDSxplHpVeZ3WnWCGBZmqMBBfNGLA5bDLUV
+0wG/r66bq8ohcE2a3CqXHZzSL3l1WjqsksKmZtnNhzTiaV/xxEfpGi9cb9tovqq
zvI0VRFL6eeouU4WCmmUWensbu0Johb23V3AAZ9n0tnqpbYaZ5XlehkcIp2a/Tw3
ETx4F5sEF4hGUGsUInLrNY2dtQW/o4CK9m3NRwvyQK5Xwh8/1AkiTiAnYk5xm5Dl
TucEHi2mbnLAGdEGpr4ZPt5ILptDq1TI99xS8wIDAQABo4ICYzCCAl8wHQYDVR0O
BBYEFPr5rEmiYfHK4LMxslZDqINGCxpgMB8GA1UdIwQYMBaAFPuO/GhWAKtj6gJP
ow0fFdW1sMGxMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYzk3NDQw
OWQwYzJhNzBjOTIxZGQ2ODVlODYzZTlmMDBjYjFlMjYyYS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNTMyYjIwOTctZWEwOC00NzgwLWI5NGYtMDNjMzM4
YjVhYTU3LzQ0MDc4N2U2NTNjMjQ3YjEwZGIwYjM3Nzg2NzQ1MmU0NDM5MmNmOTQu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy81MzJiMjA5Ny1lYTA4LTQ3ODAtYjk0Zi0wM2Mz
MzhiNWFhNTcvYzk3NDQwOWQwYzJhNzBjOTIxZGQ2ODVlODYzZTlmMDBjYjFlMjYy
YS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAnBggrBgEFBQcBBwEB/wQY
MBYwFAQCAAEwDjAMAwQAtVAJAwQAtVAKMA0GCSqGSIb3DQEBCwUAA4IBAQDK7ieS
gblN8VbWMA1oEHciFwRsUWhDswMGzlL0zKCmQK0/JUFoU+7SClOirWcuEsFMwxJs
oRVtSnsyR4gd3dbYcgLUIaAopLtGOiSUURCNWgzaXd3gIxX/eBDvdHfkqiVFV7VE
1h1T7z+5LLOcgEUzGZgkrvtEtcMk9D/qaPndELtzg/Txp1BgOOTQ/lp0FmEsYIcH
mFJPQdeQei8TxDTHpXrCRcfKGvEQcvgg3Whax90Jk/zEnUi4zSeCrhuZtdEromoB
+LEUgpehLA0xFysySkb0D4uUPPb+u2PA7CF06S0ShcX6rwKA9Bjn32yrycfiEcLo
g2EKk225xw8i3ww2
-----END CERTIFICATE-----
Generated at Sat Apr 13 16:42:21 2024 by rpki-client on console-ams.rpki-client.org