Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/03021392e56ac19c9eb2f3a5867393c7e94a91ce.roa
File:                     03021392e56ac19c9eb2f3a5867393c7e94a91ce.roa (raw, json)
Hash identifier:          dAoopKlN8L6Mq2xSzaTXEWhV0U5KootLCoZbnuL/y/4=
Subject key identifier:   5D:CD:38:D0:20:75:78:20:C7:92:9D:FC:DD:20:57:DB:F2:8F:AF:92
Certificate issuer:       /CN=bfbb4d3a6dd5e649a6554c4817ce0ed277429136
Certificate serial:       11D4FD
Authority key identifier: 76:7F:42:4D:48:34:06:C4:20:E5:DF:19:BE:BE:99:3F:72:5A:F7:B6
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/03021392e56ac19c9eb2f3a5867393c7e94a91ce.roa
Signing time:             Wed 29 Nov 2023 12:35:29 +0000
ROA not before:           Wed 29 Nov 2023 12:35:28 +0000
ROA not after:            Sat 29 Nov 2025 12:35:28 +0000
asID:                     11311
IP address blocks:        168.226.64.0/20 maxlen: 20

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.crl
                          rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Thu 18 Apr 2024 06:11:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1168637 (0x11d4fd)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bfbb4d3a6dd5e649a6554c4817ce0ed277429136
        Validity
            Not Before: Nov 29 12:35:28 2023 GMT
            Not After : Nov 29 12:35:28 2025 GMT
        Subject: CN=03021392e56ac19c9eb2f3a5867393c7e94a91ce
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:11:38:16:99:43:51:8e:c0:60:af:bd:76:05:
                    83:75:ff:8e:9c:93:f0:03:fc:bc:fa:0a:0c:05:e2:
                    d1:26:bf:12:97:56:e2:6c:c1:13:30:7e:a9:c7:63:
                    13:7a:f7:30:f7:5e:15:c2:06:82:1e:b9:cd:8a:b0:
                    27:74:cf:8f:44:db:81:61:9b:f1:88:53:7f:99:3f:
                    60:d9:af:3b:41:56:f9:c4:24:3b:0a:1d:fb:dd:b3:
                    5d:3c:b5:cc:aa:b5:a4:12:ba:5f:36:76:89:76:66:
                    25:84:b2:61:16:7b:c1:a2:de:85:a7:58:a5:a5:ce:
                    7a:77:43:8a:50:b5:2c:fe:97:8e:3d:15:b9:d1:e8:
                    24:52:7e:62:ac:ac:da:96:79:54:e9:66:cc:fe:0d:
                    a9:4c:e6:ba:ce:63:97:47:17:a8:d3:31:d2:5c:4f:
                    21:99:74:8e:aa:6f:9e:9b:f3:23:15:16:55:9a:76:
                    31:e2:54:c0:8c:27:00:45:3d:12:e5:11:46:2a:3c:
                    e3:96:29:4f:82:66:7e:db:91:7e:ff:cc:0d:99:a1:
                    b5:d1:01:e7:44:3a:e1:32:ae:bd:52:9e:e6:fb:f5:
                    17:be:85:15:0f:a7:3c:07:24:53:84:09:8a:fd:a6:
                    ef:f0:40:f2:80:9f:7a:bb:a8:a0:d7:84:70:fe:69:
                    1d:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5D:CD:38:D0:20:75:78:20:C7:92:9D:FC:DD:20:57:DB:F2:8F:AF:92
            X509v3 Authority Key Identifier:
                keyid:76:7F:42:4D:48:34:06:C4:20:E5:DF:19:BE:BE:99:3F:72:5A:F7:B6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/03021392e56ac19c9eb2f3a5867393c7e94a91ce.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  168.226.64.0/20

    Signature Algorithm: sha256WithRSAEncryption
         34:4f:f4:42:f0:07:9c:e2:e8:48:0d:4d:64:34:15:21:4f:87:
         3b:f9:43:f4:87:2f:5a:9b:0d:87:87:e3:3a:03:0a:f2:c4:3c:
         22:f7:d0:ec:03:d1:fe:b0:97:80:55:dc:f4:c1:d2:a9:af:42:
         1a:18:52:e7:37:d1:63:17:f4:1e:51:03:61:d5:c8:64:3a:92:
         ab:39:5c:cc:d0:44:c2:2e:aa:cb:54:88:45:b3:d9:ed:3b:5d:
         9e:28:4b:b0:f6:48:d1:49:21:6f:2b:63:03:11:7d:94:c8:cb:
         23:5f:32:c9:4d:22:1f:4b:51:4a:1f:eb:97:e4:95:7a:d0:3a:
         09:62:8f:79:a4:74:2e:16:a8:3b:3b:84:8b:b4:cd:bc:6d:be:
         8d:89:c0:e0:2e:74:c9:30:23:8b:24:30:7f:da:f4:23:c2:74:
         88:00:93:04:dc:6e:5b:9b:6a:aa:a4:bb:55:5d:76:6d:a3:38:
         52:c0:21:50:08:fe:b9:de:46:da:43:04:54:c9:7d:c0:98:b6:
         99:47:65:da:56:37:ba:d1:1e:08:e2:04:c8:a5:db:65:de:cd:
         5b:26:2e:78:0f:0d:64:07:85:25:10:70:a3:76:87:5a:32:57:
         30:8c:ae:07:34:de:34:1f:68:35:af:5d:be:4a:4d:d8:20:9e:
         fa:04:a4:c2
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDEdT9MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGJm
YmI0ZDNhNmRkNWU2NDlhNjU1NGM0ODE3Y2UwZWQyNzc0MjkxMzYwHhcNMjMxMTI5
MTIzNTI4WhcNMjUxMTI5MTIzNTI4WjAzMTEwLwYDVQQDEygwMzAyMTM5MmU1NmFj
MTljOWViMmYzYTU4NjczOTNjN2U5NGE5MWNlMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAnRE4FplDUY7AYK+9dgWDdf+OnJPwA/y8+goMBeLRJr8Sl1bi
bMETMH6px2MTevcw914VwgaCHrnNirAndM+PRNuBYZvxiFN/mT9g2a87QVb5xCQ7
Ch373bNdPLXMqrWkErpfNnaJdmYlhLJhFnvBot6Fp1ilpc56d0OKULUs/peOPRW5
0egkUn5irKzalnlU6WbM/g2pTOa6zmOXRxeo0zHSXE8hmXSOqm+em/MjFRZVmnYx
4lTAjCcART0S5RFGKjzjlilPgmZ+25F+/8wNmaG10QHnRDrhMq69Up7m+/UXvoUV
D6c8ByRThAmK/abv8EDygJ96u6ig14Rw/mkdQwIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFF3NONAgdXggx5Kd/N0gV9vyj6+SMB8GA1UdIwQYMBaAFHZ/Qk1INAbEIOXf
Gb6+mT9yWve2MA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYmZiYjRk
M2E2ZGQ1ZTY0OWE2NTU0YzQ4MTdjZTBlZDI3NzQyOTEzNi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNTM3NWJjZmMtOGI4Ni00NTJlLTg1MGQtODNjZmUz
YjUwZjA2LzAzMDIxMzkyZTU2YWMxOWM5ZWIyZjNhNTg2NzM5M2M3ZTk0YTkxY2Uu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy81Mzc1YmNmYy04Yjg2LTQ1MmUtODUwZC04M2Nm
ZTNiNTBmMDYvYmZiYjRkM2E2ZGQ1ZTY0OWE2NTU0YzQ4MTdjZTBlZDI3NzQyOTEz
Ni5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEBKjiQDANBgkqhkiG9w0BAQsFAAOCAQEANE/0QvAHnOLoSA1N
ZDQVIU+HO/lD9IcvWpsNh4fjOgMK8sQ8IvfQ7APR/rCXgFXc9MHSqa9CGhhS5zfR
Yxf0HlEDYdXIZDqSqzlczNBEwi6qy1SIRbPZ7TtdnihLsPZI0UkhbytjAxF9lMjL
I18yyU0iH0tRSh/rl+SVetA6CWKPeaR0LhaoOzuEi7TNvG2+jYnA4C50yTAjiyQw
f9r0I8J0iACTBNxuW5tqqqS7VV12baM4UsAhUAj+ud5G2kMEVMl9wJi2mUdl2lY3
utEeCOIEyKXbZd7NWyYueA8NZAeFJRBwo3aHWjJXMIyuBzTeNB9oNa9dvkpN2CCe
+gSkwg==
-----END CERTIFICATE-----
Generated at Mon Apr 15 09:53:54 2024 by rpki-client on console-ams.rpki-client.org