Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/532b2097-ea08-4780-b94f-03c338b5aa57/e88ebbcbddd8603eeb8ce52763c796009136004d.roa
File:                     e88ebbcbddd8603eeb8ce52763c796009136004d.roa (raw, json)
Hash identifier:          LYcR5IvbsS/bNta4zs4bIBhB34c55RT4F/R9kM1Q85Q=
Subject key identifier:   BD:81:B1:15:13:49:B2:E2:AE:BA:B1:48:4F:A6:56:C7:4E:61:85:31
Certificate issuer:       /CN=c974409d0c2a70c921dd685e863e9f00cb1e262a
Certificate serial:       2E611A
Authority key identifier: FB:8E:FC:68:56:00:AB:63:EA:02:4F:A3:0D:1F:15:D5:B5:B0:C1:B1
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/c974409d0c2a70c921dd685e863e9f00cb1e262a.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/532b2097-ea08-4780-b94f-03c338b5aa57/e88ebbcbddd8603eeb8ce52763c796009136004d.roa
Signing time:             Thu 07 Dec 2023 13:01:20 +0000
ROA not before:           Thu 07 Dec 2023 13:00:46 +0000
ROA not after:            Thu 07 Dec 2028 13:00:46 +0000
asID:                     265630
IP address blocks:        181.81.246.0/23 maxlen: 24
                          181.94.192.0/22 maxlen: 24
                          181.93.244.0/24 maxlen: 24
                          181.93.248.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/532b2097-ea08-4780-b94f-03c338b5aa57/c974409d0c2a70c921dd685e863e9f00cb1e262a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/532b2097-ea08-4780-b94f-03c338b5aa57/c974409d0c2a70c921dd685e863e9f00cb1e262a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/c974409d0c2a70c921dd685e863e9f00cb1e262a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Tue 16 Apr 2024 13:47:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3039514 (0x2e611a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c974409d0c2a70c921dd685e863e9f00cb1e262a
        Validity
            Not Before: Dec  7 13:00:46 2023 GMT
            Not After : Dec  7 13:00:46 2028 GMT
        Subject: CN=e88ebbcbddd8603eeb8ce52763c796009136004d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:24:94:04:40:bc:2a:d0:00:a3:cf:2b:fa:b1:
                    33:4f:c0:8f:23:25:ad:cf:33:93:d2:90:7e:86:20:
                    56:0a:a8:e4:36:b1:7a:95:11:59:7a:34:c2:dd:da:
                    01:b5:26:07:50:64:a6:16:f2:93:c1:bc:f3:6b:9b:
                    a8:60:a1:99:f4:89:bb:bd:5e:b8:29:90:d8:42:61:
                    30:01:d7:e8:35:a7:89:04:58:1b:1f:4f:d7:89:a2:
                    9b:7d:a6:03:d4:65:ec:7f:5e:5f:4f:6b:53:e7:5b:
                    1a:65:27:ec:da:df:7f:0a:64:da:bb:9a:61:8f:18:
                    00:19:bb:64:7b:e4:81:08:2f:65:58:c6:39:c9:24:
                    79:d8:8b:06:09:b5:62:5a:9a:b5:af:9a:5d:55:a1:
                    7d:af:01:ef:90:e0:4f:04:28:0f:a2:93:fb:2b:cb:
                    d4:44:fb:54:91:a5:65:eb:ec:3c:7e:de:b1:55:4c:
                    a0:1d:10:bf:28:b2:53:c3:f0:cc:83:34:d0:7e:60:
                    bb:70:2d:83:d3:71:f0:bd:48:29:de:26:7c:46:eb:
                    24:bc:56:bf:6c:e9:62:58:a3:c6:76:2c:f2:4a:5e:
                    ef:7d:dc:6e:1b:e5:47:ff:d2:60:f0:da:00:a4:a8:
                    36:dc:eb:c1:da:94:29:02:10:83:1a:98:36:01:b2:
                    a0:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BD:81:B1:15:13:49:B2:E2:AE:BA:B1:48:4F:A6:56:C7:4E:61:85:31
            X509v3 Authority Key Identifier:
                keyid:FB:8E:FC:68:56:00:AB:63:EA:02:4F:A3:0D:1F:15:D5:B5:B0:C1:B1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/c974409d0c2a70c921dd685e863e9f00cb1e262a.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/532b2097-ea08-4780-b94f-03c338b5aa57/e88ebbcbddd8603eeb8ce52763c796009136004d.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/532b2097-ea08-4780-b94f-03c338b5aa57/c974409d0c2a70c921dd685e863e9f00cb1e262a.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  181.81.246.0/23
                  181.93.244.0/24
                  181.93.248.0/24
                  181.94.192.0/22

    Signature Algorithm: sha256WithRSAEncryption
         99:b6:55:ca:b7:e3:b4:d1:67:95:22:3b:fa:db:71:44:c1:da:
         96:f0:cf:b3:2a:cd:09:8f:fb:bd:77:cb:ea:9e:90:38:75:e1:
         8e:33:c2:72:e6:59:3a:1f:90:b6:7b:aa:df:54:ed:78:14:bc:
         56:13:dc:6a:c2:b6:ca:45:32:48:26:47:3e:81:ad:04:68:e9:
         bf:fa:77:37:2c:4d:c4:58:a0:79:50:fe:10:b8:7f:d9:75:21:
         31:ad:81:6e:8f:8c:10:b7:d8:12:2c:25:6c:86:46:b3:14:b5:
         ea:12:13:54:de:23:7e:75:e8:3a:23:c0:1e:2d:ba:68:3e:8e:
         91:39:24:d4:9b:37:87:cc:d8:fe:82:36:dc:bd:c4:57:8f:dc:
         ff:a9:97:b2:f8:a9:00:61:d3:ea:44:d1:0f:b4:a1:27:3e:45:
         96:a7:09:63:62:5c:23:6c:0d:c7:d1:16:ca:ca:f6:96:c0:f8:
         4c:25:7a:5f:a3:76:1b:42:aa:2d:94:5e:21:58:17:9c:f9:64:
         ea:5a:c9:92:b7:9f:55:88:e4:d7:bc:63:4a:7f:15:d6:b8:6b:
         5b:a6:19:33:f9:ef:0b:e5:54:86:ca:e0:2e:bf:c9:7d:69:0c:
         29:65:5d:1f:d3:3e:41:42:2d:1d:f2:43:89:d6:dc:02:f8:49:
         69:48:a0:03
-----BEGIN CERTIFICATE-----
MIIFUjCCBDqgAwIBAgIDLmEaMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGM5
NzQ0MDlkMGMyYTcwYzkyMWRkNjg1ZTg2M2U5ZjAwY2IxZTI2MmEwHhcNMjMxMjA3
MTMwMDQ2WhcNMjgxMjA3MTMwMDQ2WjAzMTEwLwYDVQQDEyhlODhlYmJjYmRkZDg2
MDNlZWI4Y2U1Mjc2M2M3OTYwMDkxMzYwMDRkMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAoCSUBEC8KtAAo88r+rEzT8CPIyWtzzOT0pB+hiBWCqjkNrF6
lRFZejTC3doBtSYHUGSmFvKTwbzza5uoYKGZ9Im7vV64KZDYQmEwAdfoNaeJBFgb
H0/XiaKbfaYD1GXsf15fT2tT51saZSfs2t9/CmTau5phjxgAGbtke+SBCC9lWMY5
ySR52IsGCbViWpq1r5pdVaF9rwHvkOBPBCgPopP7K8vURPtUkaVl6+w8ft6xVUyg
HRC/KLJTw/DMgzTQfmC7cC2D03HwvUgp3iZ8RuskvFa/bOliWKPGdizySl7vfdxu
G+VH/9Jg8NoApKg23OvB2pQpAhCDGpg2AbKgSQIDAQABo4ICbTCCAmkwHQYDVR0O
BBYEFL2BsRUTSbLirrqxSE+mVsdOYYUxMB8GA1UdIwQYMBaAFPuO/GhWAKtj6gJP
ow0fFdW1sMGxMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYzk3NDQw
OWQwYzJhNzBjOTIxZGQ2ODVlODYzZTlmMDBjYjFlMjYyYS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNTMyYjIwOTctZWEwOC00NzgwLWI5NGYtMDNjMzM4
YjVhYTU3L2U4OGViYmNiZGRkODYwM2VlYjhjZTUyNzYzYzc5NjAwOTEzNjAwNGQu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy81MzJiMjA5Ny1lYTA4LTQ3ODAtYjk0Zi0wM2Mz
MzhiNWFhNTcvYzk3NDQwOWQwYzJhNzBjOTIxZGQ2ODVlODYzZTlmMDBjYjFlMjYy
YS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAxBggrBgEFBQcBBwEB/wQi
MCAwHgQCAAEwGAMEAbVR9gMEALVd9AMEALVd+AMEArVewDANBgkqhkiG9w0BAQsF
AAOCAQEAmbZVyrfjtNFnlSI7+ttxRMHalvDPsyrNCY/7vXfL6p6QOHXhjjPCcuZZ
Oh+Qtnuq31TteBS8VhPcasK2ykUySCZHPoGtBGjpv/p3NyxNxFigeVD+ELh/2XUh
Ma2Bbo+MELfYEiwlbIZGsxS16hITVN4jfnXoOiPAHi26aD6OkTkk1Js3h8zY/oI2
3L3EV4/c/6mXsvipAGHT6kTRD7ShJz5FlqcJY2JcI2wNx9EWysr2lsD4TCV6X6N2
G0KqLZReIVgXnPlk6lrJkrefVYjk17xjSn8V1rhrW6YZM/nvC+VUhsrgLr/JfWkM
KWVdH9M+QUItHfJDidbcAvhJaUigAw==
-----END CERTIFICATE-----
Generated at Sat Apr 13 16:50:56 2024 by rpki-client on console-fra.rpki-client.org