Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/57a70ebe-bcff-4332-8f4b-d759239e6363/3b0b878de7b9f6afd9f422f2f38eb6b91510e7af.roa
File:                     3b0b878de7b9f6afd9f422f2f38eb6b91510e7af.roa (raw, json)
Hash identifier:          gL+d1PzzG7i4/paFXW2uUat0olZk2YbsAU2gfZlvr2g=
Subject key identifier:   CA:AC:D3:9C:EC:A4:C9:7B:76:CD:32:9F:44:FE:D8:22:FC:C8:B9:6E
Certificate issuer:       /CN=0816cc4564093e810369f1e2f8346d40a4e1a064
Certificate serial:       035DDC
Authority key identifier: 26:81:09:00:3F:6B:2E:D6:29:5D:64:DD:45:AA:A0:67:D5:10:B1:3A
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/0816cc4564093e810369f1e2f8346d40a4e1a064.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/57a70ebe-bcff-4332-8f4b-d759239e6363/3b0b878de7b9f6afd9f422f2f38eb6b91510e7af.roa
Signing time:             Wed 24 Mar 2021 14:42:22 +0000
ROA not before:           Wed 24 Mar 2021 14:42:22 +0000
ROA not after:            Tue 24 Mar 2026 14:42:22 +0000
asID:                     27884
IP address blocks:        201.220.128.0/20 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/57a70ebe-bcff-4332-8f4b-d759239e6363/0816cc4564093e810369f1e2f8346d40a4e1a064.crl
                          rsync://repository.lacnic.net/rpki/lacnic/57a70ebe-bcff-4332-8f4b-d759239e6363/0816cc4564093e810369f1e2f8346d40a4e1a064.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/0816cc4564093e810369f1e2f8346d40a4e1a064.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 26 Feb 2024 07:43:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 220636 (0x35ddc)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0816cc4564093e810369f1e2f8346d40a4e1a064
        Validity
            Not Before: Mar 24 14:42:22 2021 GMT
            Not After : Mar 24 14:42:22 2026 GMT
        Subject: CN=3b0b878de7b9f6afd9f422f2f38eb6b91510e7af
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:82:11:2c:a9:da:93:fc:66:d8:f8:d3:61:fe:45:
                    4b:52:fd:fa:b0:e5:9e:ca:22:eb:35:fe:09:cc:48:
                    cd:28:2c:2e:97:33:59:72:b8:55:40:bc:30:ff:ad:
                    c7:e6:4e:e2:bb:fb:7c:92:a5:43:7a:ff:9b:f2:17:
                    f7:51:17:5f:12:3a:0d:e1:3d:ef:c4:53:6b:6e:5d:
                    a5:da:bf:6a:d9:19:69:ba:70:2a:7e:f3:6d:4a:92:
                    a1:c3:85:21:c5:92:0e:40:bd:0b:ab:f6:7c:9f:46:
                    b9:03:7e:f8:b0:fc:f7:6a:26:83:16:e6:a4:df:26:
                    46:d6:b6:35:f0:51:27:64:83:7d:70:bd:5e:e9:b8:
                    93:ca:69:b2:47:1c:3e:77:33:d4:8e:e2:2f:c1:13:
                    42:10:32:86:f5:ab:c5:df:6f:d5:45:87:81:4a:6c:
                    e1:eb:c8:bd:36:96:82:49:65:c4:e0:d5:a6:1d:21:
                    f4:01:92:b5:5c:81:ed:98:44:b0:66:87:ac:c8:0e:
                    a9:84:50:91:03:46:a5:69:ed:ab:43:b3:76:a9:40:
                    9d:ba:30:38:32:8e:11:b8:2e:5c:5a:89:96:7a:f7:
                    f1:dc:4a:10:29:20:1a:73:18:0c:04:6b:cf:ba:9e:
                    2a:34:e5:0f:1e:11:ef:e0:3e:77:bf:2d:12:69:b9:
                    18:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CA:AC:D3:9C:EC:A4:C9:7B:76:CD:32:9F:44:FE:D8:22:FC:C8:B9:6E
            X509v3 Authority Key Identifier:
                keyid:26:81:09:00:3F:6B:2E:D6:29:5D:64:DD:45:AA:A0:67:D5:10:B1:3A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/0816cc4564093e810369f1e2f8346d40a4e1a064.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/57a70ebe-bcff-4332-8f4b-d759239e6363/3b0b878de7b9f6afd9f422f2f38eb6b91510e7af.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/57a70ebe-bcff-4332-8f4b-d759239e6363/0816cc4564093e810369f1e2f8346d40a4e1a064.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  201.220.128.0/20

    Signature Algorithm: sha256WithRSAEncryption
         4d:15:a3:21:88:2d:c1:16:69:1c:a9:a6:ad:5a:80:39:56:98:
         ab:0d:7b:ab:6f:7f:d0:b0:4a:b2:68:03:b6:28:2a:20:81:62:
         ab:8e:92:54:62:da:c2:2a:6b:cf:91:bc:b4:f4:c3:95:cb:52:
         83:34:d5:12:ee:7a:0b:fa:61:03:30:4e:03:25:95:4c:0c:b5:
         24:61:f6:f5:75:f4:3d:4b:b2:f1:f0:8f:06:e4:52:85:08:7d:
         2d:32:98:f4:66:22:03:77:31:47:10:61:95:4b:c5:fe:f3:e7:
         70:74:89:23:83:2b:6b:32:ef:4f:e6:ed:15:e4:7d:0f:bb:02:
         e3:40:b7:b8:0e:a6:52:75:7d:d8:5d:f2:09:59:95:1a:9e:17:
         d1:ee:3f:f1:71:53:c5:d4:40:e8:b7:71:36:4e:2e:1c:d5:6f:
         8f:e7:7b:b4:a5:81:75:c7:50:6a:ba:90:63:fe:3e:5c:cf:ec:
         cf:2e:de:36:ed:b1:35:8b:ec:cb:08:b5:ae:3c:86:8c:5b:ee:
         40:fb:9c:b1:5a:c9:dd:ec:86:32:f6:ca:c0:fe:96:8b:09:e4:
         3c:a0:4b:dd:d0:76:6f:52:4c:9f:17:78:a6:18:7c:d6:83:d5:
         e6:eb:f9:90:89:98:f1:66:7e:ef:d7:64:19:73:17:81:02:e1:
         35:a8:c7:d8
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDA13cMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDA4
MTZjYzQ1NjQwOTNlODEwMzY5ZjFlMmY4MzQ2ZDQwYTRlMWEwNjQwHhcNMjEwMzI0
MTQ0MjIyWhcNMjYwMzI0MTQ0MjIyWjAzMTEwLwYDVQQDEygzYjBiODc4ZGU3Yjlm
NmFmZDlmNDIyZjJmMzhlYjZiOTE1MTBlN2FmMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAghEsqdqT/GbY+NNh/kVLUv36sOWeyiLrNf4JzEjNKCwulzNZ
crhVQLww/63H5k7iu/t8kqVDev+b8hf3URdfEjoN4T3vxFNrbl2l2r9q2RlpunAq
fvNtSpKhw4UhxZIOQL0Lq/Z8n0a5A374sPz3aiaDFuak3yZG1rY18FEnZIN9cL1e
6biTymmyRxw+dzPUjuIvwRNCEDKG9avF32/VRYeBSmzh68i9NpaCSWXE4NWmHSH0
AZK1XIHtmESwZoesyA6phFCRA0alae2rQ7N2qUCdujA4Mo4RuC5cWomWevfx3EoQ
KSAacxgMBGvPup4qNOUPHhHv4D53vy0SabkYVQIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFMqs05zspMl7ds0yn0T+2CL8yLluMB8GA1UdIwQYMBaAFCaBCQA/ay7WKV1k
3UWqoGfVELE6MA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvMDgxNmNj
NDU2NDA5M2U4MTAzNjlmMWUyZjgzNDZkNDBhNGUxYTA2NC5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNTdhNzBlYmUtYmNmZi00MzMyLThmNGItZDc1OTIz
OWU2MzYzLzNiMGI4NzhkZTdiOWY2YWZkOWY0MjJmMmYzOGViNmI5MTUxMGU3YWYu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy81N2E3MGViZS1iY2ZmLTQzMzItOGY0Yi1kNzU5
MjM5ZTYzNjMvMDgxNmNjNDU2NDA5M2U4MTAzNjlmMWUyZjgzNDZkNDBhNGUxYTA2
NC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEBMncgDANBgkqhkiG9w0BAQsFAAOCAQEATRWjIYgtwRZpHKmm
rVqAOVaYqw17q29/0LBKsmgDtigqIIFiq46SVGLawiprz5G8tPTDlctSgzTVEu56
C/phAzBOAyWVTAy1JGH29XX0PUuy8fCPBuRShQh9LTKY9GYiA3cxRxBhlUvF/vPn
cHSJI4MrazLvT+btFeR9D7sC40C3uA6mUnV92F3yCVmVGp4X0e4/8XFTxdRA6Ldx
Nk4uHNVvj+d7tKWBdcdQarqQY/4+XM/szy7eNu2xNYvsywi1rjyGjFvuQPucsVrJ
3eyGMvbKwP6WiwnkPKBL3dB2b1JMnxd4phh81oPV5uv5kImY8WZ+79dkGXMXgQLh
NajH2A==
-----END CERTIFICATE-----
Generated at Fri Feb 23 11:24:30 2024 by rpki-client on console-fra.rpki-client.org