Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/57d23f6d-7119-4d18-913d-86a3dd72a114/74e3b99849fa180f32c5c58428a699f968512af3.roa
File:                     74e3b99849fa180f32c5c58428a699f968512af3.roa (raw, json)
Hash identifier:          Ry0TSdMg4gJWjPYnyiNg8TUwA27EQfailw0es1TdVMM=
Subject key identifier:   B6:65:A2:E0:BA:01:C7:26:63:7D:43:B5:22:F5:22:04:F7:0C:22:93
Certificate issuer:       /CN=388ebecd4ed72810f208c7c2d9865371b01c71ff
Certificate serial:       1E175F
Authority key identifier: C3:CA:30:08:2D:82:CF:1D:1A:4B:B0:88:DB:D0:39:0E:E4:36:08:12
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/388ebecd4ed72810f208c7c2d9865371b01c71ff.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/57d23f6d-7119-4d18-913d-86a3dd72a114/74e3b99849fa180f32c5c58428a699f968512af3.roa
Signing time:             Fri 16 Jun 2023 20:18:01 +0000
ROA not before:           Thu 15 Jun 2023 20:18:01 +0000
ROA not after:            Mon 16 Jun 2025 20:18:01 +0000
asID:                     269898
IP address blocks:        45.191.196.0/22 maxlen: 25
                          2803:34e0::/32 maxlen: 64

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/57d23f6d-7119-4d18-913d-86a3dd72a114/388ebecd4ed72810f208c7c2d9865371b01c71ff.crl
                          rsync://repository.lacnic.net/rpki/lacnic/57d23f6d-7119-4d18-913d-86a3dd72a114/388ebecd4ed72810f208c7c2d9865371b01c71ff.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/388ebecd4ed72810f208c7c2d9865371b01c71ff.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 03 Mar 2024 01:34:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1972063 (0x1e175f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=388ebecd4ed72810f208c7c2d9865371b01c71ff
        Validity
            Not Before: Jun 15 20:18:01 2023 GMT
            Not After : Jun 16 20:18:01 2025 GMT
        Subject: CN=74e3b99849fa180f32c5c58428a699f968512af3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:f7:b9:a0:a9:8c:a1:4d:d4:92:13:ce:dd:8e:
                    aa:b1:b7:96:d1:e7:15:e2:05:bb:22:28:7c:95:17:
                    a9:e8:c3:3c:40:42:ae:b0:fc:16:f5:e5:47:a6:9a:
                    5e:40:bb:ce:52:0d:14:c7:00:44:b4:9c:75:99:fb:
                    34:35:b9:f1:61:c0:2d:97:81:fb:9c:40:3d:7f:54:
                    a8:7e:b8:a6:00:2c:ac:39:1c:7d:1c:e4:55:f2:cb:
                    80:ba:a8:a6:d5:21:bd:53:2f:17:42:71:b6:86:97:
                    8c:14:b5:e9:24:4d:54:1f:cd:e8:0e:bf:b1:16:9c:
                    17:e9:1a:5b:27:27:90:89:cc:30:55:2e:f4:d8:66:
                    fe:e9:e3:f3:db:86:28:e8:ac:17:22:54:cf:4c:b7:
                    46:d0:1b:28:06:e6:8b:68:4b:81:38:80:2b:c5:89:
                    88:cc:62:09:4e:12:9b:d7:3a:df:5a:fd:08:82:21:
                    66:10:3f:66:85:6a:cf:e0:64:fb:18:c6:02:7f:e7:
                    6a:2d:51:12:e2:ca:9f:d8:84:c0:e7:32:df:30:1d:
                    f4:de:9d:6a:64:13:b5:17:b2:7b:2c:d0:d8:38:5d:
                    c4:ec:bd:b2:a2:93:e3:c1:fb:42:b8:89:fc:36:6d:
                    c4:22:1a:1f:65:c0:06:b7:c8:52:ea:ca:bd:b8:04:
                    1a:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B6:65:A2:E0:BA:01:C7:26:63:7D:43:B5:22:F5:22:04:F7:0C:22:93
            X509v3 Authority Key Identifier:
                keyid:C3:CA:30:08:2D:82:CF:1D:1A:4B:B0:88:DB:D0:39:0E:E4:36:08:12

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/388ebecd4ed72810f208c7c2d9865371b01c71ff.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/57d23f6d-7119-4d18-913d-86a3dd72a114/74e3b99849fa180f32c5c58428a699f968512af3.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/57d23f6d-7119-4d18-913d-86a3dd72a114/388ebecd4ed72810f208c7c2d9865371b01c71ff.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.191.196.0/22
                IPv6:
                  2803:34e0::/32

    Signature Algorithm: sha256WithRSAEncryption
         3b:e3:0c:a6:f5:13:27:a3:a4:6c:92:7b:38:c1:34:45:56:45:
         d9:38:e9:9e:a9:c1:db:fb:55:7d:45:c3:27:ab:2a:b4:15:5e:
         a9:59:25:0d:95:bc:87:3f:ec:18:ce:4c:f8:21:38:98:ab:02:
         d9:2a:e0:a2:c1:9b:56:25:0f:6d:0c:1e:4f:bb:d8:a4:5e:58:
         76:5e:87:18:98:c4:69:f7:ac:4a:78:7b:8c:9f:cb:99:07:bd:
         d9:87:54:bb:79:31:5e:47:95:d9:e2:3c:be:7a:6d:1d:b7:84:
         bd:81:a7:fe:de:15:3d:64:15:31:67:23:d5:f7:61:f8:e6:e6:
         b7:81:21:7f:31:80:88:d5:e7:4b:dd:ad:37:36:c9:ca:37:79:
         a9:5e:68:0e:87:6e:11:cf:20:c6:80:74:ce:87:e9:b6:86:9c:
         69:b1:95:59:02:5d:f6:55:65:a7:a5:e8:ae:4a:ba:48:63:d3:
         78:76:e1:34:7c:42:76:11:38:92:77:f4:19:60:bc:d8:37:24:
         14:49:c8:07:1f:2e:27:91:3e:32:a9:56:65:d4:43:2f:d7:6b:
         9a:6c:15:b9:9b:08:d9:09:b5:50:80:d2:d1:99:c7:75:8a:15:
         b9:cd:2c:f0:1f:43:76:cc:73:a3:cf:8a:a0:8d:47:f0:37:d4:
         a8:c7:62:fd
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgIDHhdfMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDM4
OGViZWNkNGVkNzI4MTBmMjA4YzdjMmQ5ODY1MzcxYjAxYzcxZmYwHhcNMjMwNjE1
MjAxODAxWhcNMjUwNjE2MjAxODAxWjAzMTEwLwYDVQQDEyg3NGUzYjk5ODQ5ZmEx
ODBmMzJjNWM1ODQyOGE2OTlmOTY4NTEyYWYzMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA2fe5oKmMoU3UkhPO3Y6qsbeW0ecV4gW7Iih8lRep6MM8QEKu
sPwW9eVHpppeQLvOUg0UxwBEtJx1mfs0NbnxYcAtl4H7nEA9f1SofrimACysORx9
HORV8suAuqim1SG9Uy8XQnG2hpeMFLXpJE1UH83oDr+xFpwX6RpbJyeQicwwVS70
2Gb+6ePz24Yo6KwXIlTPTLdG0BsoBuaLaEuBOIArxYmIzGIJThKb1zrfWv0IgiFm
ED9mhWrP4GT7GMYCf+dqLVES4sqf2ITA5zLfMB303p1qZBO1F7J7LNDYOF3E7L2y
opPjwftCuIn8Nm3EIhofZcAGt8hS6sq9uAQaewIDAQABo4ICajCCAmYwHQYDVR0O
BBYEFLZlouC6AccmY31DtSL1IgT3DCKTMB8GA1UdIwQYMBaAFMPKMAgtgs8dGkuw
iNvQOQ7kNggSMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvMzg4ZWJl
Y2Q0ZWQ3MjgxMGYyMDhjN2MyZDk4NjUzNzFiMDFjNzFmZi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNTdkMjNmNmQtNzExOS00ZDE4LTkxM2QtODZhM2Rk
NzJhMTE0Lzc0ZTNiOTk4NDlmYTE4MGYzMmM1YzU4NDI4YTY5OWY5Njg1MTJhZjMu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy81N2QyM2Y2ZC03MTE5LTRkMTgtOTEzZC04NmEz
ZGQ3MmExMTQvMzg4ZWJlY2Q0ZWQ3MjgxMGYyMDhjN2MyZDk4NjUzNzFiMDFjNzFm
Zi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQf
MB0wDAQCAAEwBgMEAi2/xDANBAIAAjAHAwUAKAM04DANBgkqhkiG9w0BAQsFAAOC
AQEAO+MMpvUTJ6OkbJJ7OME0RVZF2TjpnqnB2/tVfUXDJ6sqtBVeqVklDZW8hz/s
GM5M+CE4mKsC2SrgosGbViUPbQweT7vYpF5Ydl6HGJjEafesSnh7jJ/LmQe92YdU
u3kxXkeV2eI8vnptHbeEvYGn/t4VPWQVMWcj1fdh+Obmt4EhfzGAiNXnS92tNzbJ
yjd5qV5oDoduEc8gxoB0zofptoacabGVWQJd9lVlp6Xorkq6SGPTeHbhNHxCdhE4
knf0GWC82DckFEnIBx8uJ5E+MqlWZdRDL9drmmwVuZsI2Qm1UIDS0ZnHdYoVuc0s
8B9Ddsxzo8+KoI1H8DfUqMdi/Q==
-----END CERTIFICATE-----
Generated at Thu Feb 29 03:35:58 2024 by rpki-client on console-fra.rpki-client.org