Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/559e30f3-7cad-413e-a98e-84b34bb91913/85be7c81b151d1e94e4fefce6adf5958e96843df.roa
File:                     85be7c81b151d1e94e4fefce6adf5958e96843df.roa (raw, json)
Hash identifier:          JWLM710oRcTrMqMuE3Y49+FFy178J+ZZkTm/pNq3RgM=
Subject key identifier:   1C:06:1F:AB:78:C1:ED:F6:31:9C:E5:4F:8B:33:25:32:9E:C9:19:0E
Certificate issuer:       /CN=d675b3fed87f89fa91e060e500482b6ec9837fa3
Certificate serial:       0D988A
Authority key identifier: DE:A2:D1:09:34:E2:C0:C8:4A:88:59:24:3D:DE:82:68:8C:CC:B9:A6
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/d675b3fed87f89fa91e060e500482b6ec9837fa3.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/559e30f3-7cad-413e-a98e-84b34bb91913/85be7c81b151d1e94e4fefce6adf5958e96843df.roa
Signing time:             Wed 24 Mar 2021 14:30:06 +0000
ROA not before:           Wed 24 Mar 2021 14:30:05 +0000
ROA not after:            Tue 24 Mar 2026 14:30:05 +0000
asID:                     27955
IP address blocks:        179.49.96.0/20 maxlen: 24
                          190.6.240.0/20 maxlen: 24
                          190.13.224.0/20 maxlen: 24
                          190.13.240.0/20 maxlen: 24
                          2803:f700::/32 maxlen: 32

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/559e30f3-7cad-413e-a98e-84b34bb91913/d675b3fed87f89fa91e060e500482b6ec9837fa3.crl
                          rsync://repository.lacnic.net/rpki/lacnic/559e30f3-7cad-413e-a98e-84b34bb91913/d675b3fed87f89fa91e060e500482b6ec9837fa3.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/d675b3fed87f89fa91e060e500482b6ec9837fa3.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 12:22:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 891018 (0xd988a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d675b3fed87f89fa91e060e500482b6ec9837fa3
        Validity
            Not Before: Mar 24 14:30:05 2021 GMT
            Not After : Mar 24 14:30:05 2026 GMT
        Subject: CN=85be7c81b151d1e94e4fefce6adf5958e96843df
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:81:eb:6e:96:f2:2c:b0:ad:3e:95:66:f3:f2:
                    81:48:4a:e0:42:4f:45:35:1f:1c:5c:d3:ee:0a:66:
                    b9:de:92:ac:2a:f0:42:1a:a2:d7:95:a1:77:9c:89:
                    c0:93:3b:4a:96:a2:7e:f5:37:88:0e:2d:be:8e:fe:
                    05:2c:25:a8:93:38:27:c9:48:d9:37:d1:90:be:64:
                    05:a3:c4:5f:2b:12:ab:6f:01:52:2b:61:0c:74:bc:
                    3b:66:d5:6f:dc:43:86:b5:99:34:7a:85:09:c5:ce:
                    18:37:86:71:d8:a0:bd:1b:29:bf:77:59:d4:0f:3c:
                    70:6d:30:c3:27:bd:b6:6e:38:c5:8d:f6:1f:89:76:
                    66:40:af:34:9a:cc:f7:d8:eb:68:be:47:4a:5a:a0:
                    70:3e:46:56:12:7f:a8:ba:75:7c:b5:d0:36:03:9b:
                    3f:c5:3f:cb:63:70:b3:22:89:8a:99:31:07:b9:9e:
                    42:31:fc:2d:bf:aa:37:b4:48:29:35:b0:29:29:85:
                    f9:ec:df:23:8f:4b:fa:be:de:25:59:ae:9c:c2:c2:
                    a3:2e:cf:55:ee:bf:72:fb:95:d8:84:cb:ae:55:3a:
                    9f:8c:06:3d:1a:cd:6e:28:75:44:55:1d:1a:3e:da:
                    9f:81:a9:33:2a:50:5e:e1:db:29:89:4a:0a:24:55:
                    f9:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1C:06:1F:AB:78:C1:ED:F6:31:9C:E5:4F:8B:33:25:32:9E:C9:19:0E
            X509v3 Authority Key Identifier:
                keyid:DE:A2:D1:09:34:E2:C0:C8:4A:88:59:24:3D:DE:82:68:8C:CC:B9:A6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/d675b3fed87f89fa91e060e500482b6ec9837fa3.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/559e30f3-7cad-413e-a98e-84b34bb91913/85be7c81b151d1e94e4fefce6adf5958e96843df.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/559e30f3-7cad-413e-a98e-84b34bb91913/d675b3fed87f89fa91e060e500482b6ec9837fa3.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  179.49.96.0/20
                  190.6.240.0/20
                  190.13.224.0/19
                IPv6:
                  2803:f700::/32

    Signature Algorithm: sha256WithRSAEncryption
         21:91:b1:40:8b:77:b4:b8:53:66:ba:c3:0c:44:ad:28:82:ab:
         91:1e:76:cd:55:9b:e4:cb:f3:7b:10:58:64:b8:59:ed:ff:3e:
         9a:7b:d8:5d:a2:fc:d9:01:22:5f:85:1b:91:99:f1:b6:06:f8:
         ff:34:4d:69:42:a1:80:3e:b1:a8:b7:b3:6d:a5:d6:a8:7f:c0:
         f3:d1:56:9a:c9:7b:ee:c6:90:d0:0f:9e:d2:5c:de:bc:f1:dd:
         16:a5:02:1d:13:92:7a:2b:a4:65:b4:f9:37:ce:4f:dc:b4:af:
         0e:a4:6e:79:5f:75:43:4f:a3:29:5e:56:6f:84:99:02:c3:56:
         02:41:e3:ba:9b:57:93:75:5c:2c:5d:10:9a:15:06:0e:f5:e2:
         cc:b5:ca:63:91:5c:b5:98:38:a3:b5:31:53:4e:fa:f0:a5:a2:
         d9:9c:eb:af:67:7d:77:9d:41:9e:a0:af:fd:90:97:64:78:c1:
         50:ce:e5:4c:d6:f7:c6:73:3f:ca:91:c8:5b:e7:85:2e:d6:fe:
         2f:a0:16:74:4b:f3:60:09:4c:73:c8:c4:9c:a1:11:09:da:52:
         35:18:7e:0a:0f:eb:bf:fb:7f:72:31:ff:a1:a7:33:99:0d:b2:
         ca:e3:98:d5:a8:f3:94:eb:d7:b7:52:d7:8c:80:dc:4d:56:ac:
         e1:b6:77:fa
-----BEGIN CERTIFICATE-----
MIIFWzCCBEOgAwIBAgIDDZiKMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGQ2
NzViM2ZlZDg3Zjg5ZmE5MWUwNjBlNTAwNDgyYjZlYzk4MzdmYTMwHhcNMjEwMzI0
MTQzMDA1WhcNMjYwMzI0MTQzMDA1WjAzMTEwLwYDVQQDEyg4NWJlN2M4MWIxNTFk
MWU5NGU0ZmVmY2U2YWRmNTk1OGU5Njg0M2RmMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAu4HrbpbyLLCtPpVm8/KBSErgQk9FNR8cXNPuCma53pKsKvBC
GqLXlaF3nInAkztKlqJ+9TeIDi2+jv4FLCWokzgnyUjZN9GQvmQFo8RfKxKrbwFS
K2EMdLw7ZtVv3EOGtZk0eoUJxc4YN4Zx2KC9Gym/d1nUDzxwbTDDJ722bjjFjfYf
iXZmQK80msz32OtovkdKWqBwPkZWEn+ounV8tdA2A5s/xT/LY3CzIomKmTEHuZ5C
Mfwtv6o3tEgpNbApKYX57N8jj0v6vt4lWa6cwsKjLs9V7r9y+5XYhMuuVTqfjAY9
Gs1uKHVEVR0aPtqfgakzKlBe4dspiUoKJFX5GwIDAQABo4ICdjCCAnIwHQYDVR0O
BBYEFBwGH6t4we32MZzlT4szJTKeyRkOMB8GA1UdIwQYMBaAFN6i0Qk04sDISohZ
JD3egmiMzLmmMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvZDY3NWIz
ZmVkODdmODlmYTkxZTA2MGU1MDA0ODJiNmVjOTgzN2ZhMy5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNTU5ZTMwZjMtN2NhZC00MTNlLWE5OGUtODRiMzRi
YjkxOTEzLzg1YmU3YzgxYjE1MWQxZTk0ZTRmZWZjZTZhZGY1OTU4ZTk2ODQzZGYu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy81NTllMzBmMy03Y2FkLTQxM2UtYTk4ZS04NGIz
NGJiOTE5MTMvZDY3NWIzZmVkODdmODlmYTkxZTA2MGU1MDA0ODJiNmVjOTgzN2Zh
My5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6BggrBgEFBQcBBwEB/wQr
MCkwGAQCAAEwEgMEBLMxYAMEBL4G8AMEBb4N4DANBAIAAjAHAwUAKAP3ADANBgkq
hkiG9w0BAQsFAAOCAQEAIZGxQIt3tLhTZrrDDEStKIKrkR52zVWb5MvzexBYZLhZ
7f8+mnvYXaL82QEiX4UbkZnxtgb4/zRNaUKhgD6xqLezbaXWqH/A89FWmsl77saQ
0A+e0lzevPHdFqUCHROSeiukZbT5N85P3LSvDqRueV91Q0+jKV5Wb4SZAsNWAkHj
uptXk3VcLF0QmhUGDvXizLXKY5FctZg4o7UxU0768KWi2Zzrr2d9d51BnqCv/ZCX
ZHjBUM7lTNb3xnM/ypHIW+eFLtb+L6AWdEvzYAlMc8jEnKERCdpSNRh+Cg/rv/t/
cjH/oaczmQ2yyuOY1ajzlOvXt1LXjIDcTVas4bZ3+g==
-----END CERTIFICATE-----
Generated at Thu Mar 28 18:50:52 2024 by rpki-client on console-ams.rpki-client.org