Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/5ac173dd-4722-4f7f-a9eb-eeb4bb98afe1/40ee2cac2faceefc738f7b7ac00d2af7889457bd.roa
File:                     40ee2cac2faceefc738f7b7ac00d2af7889457bd.roa (raw, json)
Hash identifier:          LRBijQ5wCuex0LDgWiV2bhKz7bRiOMk/Ui94BEuLmM0=
Subject key identifier:   08:8A:7B:1E:30:0C:B3:41:7E:59:40:4A:AF:F0:47:F3:B3:F9:B6:CE
Certificate issuer:       /CN=8aec635f7c32dec3e47f35d9bf70a3f73064cc1d
Certificate serial:       13C357
Authority key identifier: 5B:98:D0:F7:54:24:AD:81:25:81:F6:98:38:FD:CB:43:3F:B2:9D:89
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/8aec635f7c32dec3e47f35d9bf70a3f73064cc1d.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/5ac173dd-4722-4f7f-a9eb-eeb4bb98afe1/40ee2cac2faceefc738f7b7ac00d2af7889457bd.roa
Signing time:             Fri 07 Jul 2023 15:07:20 +0000
ROA not before:           Thu 06 Jul 2023 15:07:20 +0000
ROA not after:            Mon 07 Jul 2025 15:07:20 +0000
asID:                     271816
IP address blocks:        45.7.141.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/5ac173dd-4722-4f7f-a9eb-eeb4bb98afe1/8aec635f7c32dec3e47f35d9bf70a3f73064cc1d.crl
                          rsync://repository.lacnic.net/rpki/lacnic/5ac173dd-4722-4f7f-a9eb-eeb4bb98afe1/8aec635f7c32dec3e47f35d9bf70a3f73064cc1d.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/8aec635f7c32dec3e47f35d9bf70a3f73064cc1d.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Tue 27 Feb 2024 02:19:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1295191 (0x13c357)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8aec635f7c32dec3e47f35d9bf70a3f73064cc1d
        Validity
            Not Before: Jul  6 15:07:20 2023 GMT
            Not After : Jul  7 15:07:20 2025 GMT
        Subject: CN=40ee2cac2faceefc738f7b7ac00d2af7889457bd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:81:11:5d:50:42:b7:47:84:c2:f6:3f:ca:80:
                    da:08:0b:23:4b:df:89:a8:06:42:31:fe:9a:7c:6e:
                    42:67:e5:c1:b4:cb:cc:e8:08:f0:13:b8:80:4c:68:
                    ca:9d:e5:2b:4b:fa:8d:f1:66:0c:c5:c7:c4:7a:80:
                    2b:62:33:62:f9:91:dd:44:39:d5:28:ed:c6:44:f8:
                    6c:50:ad:7e:78:23:28:5f:94:e7:57:48:a1:0e:28:
                    e0:9b:67:4d:da:2b:0c:74:55:de:4c:74:4d:2d:a2:
                    bd:b8:c4:48:b5:90:84:c4:0c:c3:ec:ef:17:fa:77:
                    70:c9:6d:f1:69:aa:09:9e:30:3b:58:5b:e7:17:6f:
                    a7:6b:ed:db:0b:fc:45:eb:13:f0:33:10:b9:6e:2a:
                    3c:cd:86:2c:49:01:2f:02:03:a2:98:4c:fa:b5:32:
                    b9:9e:0d:29:c9:e2:44:2c:74:53:ee:8d:67:ac:28:
                    90:e5:57:75:19:73:bc:62:03:6d:be:0d:f3:66:cc:
                    7c:62:54:f9:30:15:28:b0:80:9f:56:da:c1:7e:77:
                    c7:d5:96:9c:03:b8:38:d4:df:5d:0c:11:3f:be:fa:
                    f1:6b:32:88:33:fb:ad:85:1a:57:b0:9b:0d:05:b5:
                    56:b6:30:a8:c8:1b:1a:67:1d:1f:b5:38:cf:b6:e3:
                    71:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                08:8A:7B:1E:30:0C:B3:41:7E:59:40:4A:AF:F0:47:F3:B3:F9:B6:CE
            X509v3 Authority Key Identifier:
                keyid:5B:98:D0:F7:54:24:AD:81:25:81:F6:98:38:FD:CB:43:3F:B2:9D:89

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/8aec635f7c32dec3e47f35d9bf70a3f73064cc1d.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/5ac173dd-4722-4f7f-a9eb-eeb4bb98afe1/40ee2cac2faceefc738f7b7ac00d2af7889457bd.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/5ac173dd-4722-4f7f-a9eb-eeb4bb98afe1/8aec635f7c32dec3e47f35d9bf70a3f73064cc1d.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.7.141.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0c:e0:f5:26:fb:0a:7a:8c:fd:f4:4c:7b:5f:7a:fc:74:b1:97:
         38:88:e0:7f:ce:7f:3a:3e:4e:00:38:58:57:4a:49:85:67:32:
         30:2d:20:a1:cc:f1:ce:eb:3f:27:94:8a:95:47:f5:17:e1:2a:
         eb:7d:a7:55:00:08:ff:04:88:72:5d:a5:ce:2e:9b:b4:92:72:
         e0:81:92:f5:54:d6:44:04:58:56:22:5b:5d:fa:57:0b:f2:92:
         32:3f:d3:d9:5a:a0:91:80:8a:37:a4:21:d4:93:9a:66:24:77:
         36:02:c9:fd:c2:ff:7a:85:ec:15:3a:ad:31:e6:bf:01:0f:62:
         7c:8f:3e:12:96:de:8b:0c:2b:9a:2f:a4:b9:85:f1:c8:11:ff:
         86:2e:95:17:bb:bc:4f:03:6d:08:74:74:20:09:2d:95:9e:c8:
         78:ab:c8:b8:b7:5c:f9:58:b6:5c:b2:38:91:f2:ad:19:ac:b4:
         2b:cb:08:66:2d:01:73:af:36:f6:3f:70:1c:40:2f:c3:14:e2:
         d0:fc:92:f0:3a:83:39:86:2a:2a:e7:e4:49:0c:f1:b7:bd:03:
         13:16:67:7a:22:47:9e:17:fe:2c:c6:0c:fd:df:72:e9:5d:f2:
         fe:53:70:e8:41:54:e1:a2:fb:60:95:97:13:fd:8d:ef:32:d7:
         32:5a:e6:e8
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDE8NXMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDhh
ZWM2MzVmN2MzMmRlYzNlNDdmMzVkOWJmNzBhM2Y3MzA2NGNjMWQwHhcNMjMwNzA2
MTUwNzIwWhcNMjUwNzA3MTUwNzIwWjAzMTEwLwYDVQQDEyg0MGVlMmNhYzJmYWNl
ZWZjNzM4ZjdiN2FjMDBkMmFmNzg4OTQ1N2JkMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAooERXVBCt0eEwvY/yoDaCAsjS9+JqAZCMf6afG5CZ+XBtMvM
6AjwE7iATGjKneUrS/qN8WYMxcfEeoArYjNi+ZHdRDnVKO3GRPhsUK1+eCMoX5Tn
V0ihDijgm2dN2isMdFXeTHRNLaK9uMRItZCExAzD7O8X+ndwyW3xaaoJnjA7WFvn
F2+na+3bC/xF6xPwMxC5bio8zYYsSQEvAgOimEz6tTK5ng0pyeJELHRT7o1nrCiQ
5Vd1GXO8YgNtvg3zZsx8YlT5MBUosICfVtrBfnfH1ZacA7g41N9dDBE/vvrxazKI
M/uthRpXsJsNBbVWtjCoyBsaZx0ftTjPtuNx/QIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFAiKex4wDLNBfllASq/wR/Oz+bbOMB8GA1UdIwQYMBaAFFuY0PdUJK2BJYH2
mDj9y0M/sp2JMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvOGFlYzYz
NWY3YzMyZGVjM2U0N2YzNWQ5YmY3MGEzZjczMDY0Y2MxZC5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNWFjMTczZGQtNDcyMi00ZjdmLWE5ZWItZWViNGJi
OThhZmUxLzQwZWUyY2FjMmZhY2VlZmM3MzhmN2I3YWMwMGQyYWY3ODg5NDU3YmQu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy81YWMxNzNkZC00NzIyLTRmN2YtYTllYi1lZWI0
YmI5OGFmZTEvOGFlYzYzNWY3YzMyZGVjM2U0N2YzNWQ5YmY3MGEzZjczMDY0Y2Mx
ZC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAC0HjTANBgkqhkiG9w0BAQsFAAOCAQEADOD1JvsKeoz99Ex7
X3r8dLGXOIjgf85/Oj5OADhYV0pJhWcyMC0goczxzus/J5SKlUf1F+Eq632nVQAI
/wSIcl2lzi6btJJy4IGS9VTWRARYViJbXfpXC/KSMj/T2VqgkYCKN6Qh1JOaZiR3
NgLJ/cL/eoXsFTqtMea/AQ9ifI8+Epbeiwwrmi+kuYXxyBH/hi6VF7u8TwNtCHR0
IAktlZ7IeKvIuLdc+Vi2XLI4kfKtGay0K8sIZi0Bc6829j9wHEAvwxTi0PyS8DqD
OYYqKufkSQzxt70DExZneiJHnhf+LMYM/d9y6V3y/lNw6EFU4aL7YJWXE/2N7zLX
Mlrm6A==
-----END CERTIFICATE-----
Generated at Sat Feb 24 09:52:45 2024 by rpki-client on console-fra.rpki-client.org