Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/5b0d14f0-e0de-452d-890e-08ca85793858/d2cf10286fa96d9ed0d92f1f07805929796d033b.roa
File:                     d2cf10286fa96d9ed0d92f1f07805929796d033b.roa (raw, json)
Hash identifier:          VFy8HGAtETjR210Lhv/cYeGPqjm7h9zJd/XWULW98XQ=
Subject key identifier:   19:77:5C:95:96:C8:1C:75:99:26:B3:54:E4:25:29:57:37:EF:49:72
Certificate issuer:       /CN=d278db2f8a08c0668cc12826e3616e165022b152
Certificate serial:       043DD8
Authority key identifier: 1B:91:56:5A:01:39:F6:18:43:78:BB:50:30:E7:36:E7:E9:35:D1:A2
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/d278db2f8a08c0668cc12826e3616e165022b152.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/5b0d14f0-e0de-452d-890e-08ca85793858/d2cf10286fa96d9ed0d92f1f07805929796d033b.roa
Signing time:             Wed 24 Mar 2021 14:32:28 +0000
ROA not before:           Wed 24 Mar 2021 14:32:28 +0000
ROA not after:            Tue 24 Mar 2026 14:32:28 +0000
asID:                     264752
IP address blocks:        168.195.36.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/5b0d14f0-e0de-452d-890e-08ca85793858/d278db2f8a08c0668cc12826e3616e165022b152.crl
                          rsync://repository.lacnic.net/rpki/lacnic/5b0d14f0-e0de-452d-890e-08ca85793858/d278db2f8a08c0668cc12826e3616e165022b152.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/d278db2f8a08c0668cc12826e3616e165022b152.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 19:38:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 277976 (0x43dd8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d278db2f8a08c0668cc12826e3616e165022b152
        Validity
            Not Before: Mar 24 14:32:28 2021 GMT
            Not After : Mar 24 14:32:28 2026 GMT
        Subject: CN=d2cf10286fa96d9ed0d92f1f07805929796d033b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:65:e4:03:a4:9d:ac:46:c4:6b:aa:37:fa:a6:
                    4e:aa:e0:18:7d:00:94:0c:85:f3:e4:94:f1:69:02:
                    89:8d:b3:63:8e:06:4b:15:ec:ef:a9:ff:d9:fa:e4:
                    7a:70:a4:76:d8:31:9d:71:96:ce:e4:37:43:47:2d:
                    16:df:ef:47:22:41:c8:c0:99:15:78:17:df:c0:a5:
                    d6:55:61:8d:2d:c3:1d:dc:cd:23:ed:b5:97:25:2d:
                    e0:4d:aa:93:82:9a:41:c5:4f:9b:db:4d:f5:d3:1a:
                    a3:46:dd:ec:ea:eb:a8:66:51:5c:be:3d:df:18:64:
                    3b:26:4d:92:52:e7:fe:49:bf:f4:ee:9c:d0:8c:c0:
                    a2:c9:7d:a3:27:ce:55:63:a5:80:90:a7:13:ef:62:
                    02:91:9d:5a:79:57:60:c6:26:eb:93:9f:81:68:83:
                    eb:df:6e:b5:c6:a0:74:15:87:61:7f:fd:21:c8:55:
                    f9:ff:21:9b:c9:58:a2:53:5d:45:6f:be:0a:58:2a:
                    10:f5:4a:2e:a0:33:a8:bb:9e:a7:97:4e:49:0f:1e:
                    96:8f:38:32:a1:4e:27:93:a5:24:93:45:b5:c7:58:
                    66:d2:46:17:dc:02:72:37:a9:e2:17:bb:50:c4:7c:
                    44:f9:a1:a3:ab:a8:3b:ac:6e:e2:c7:11:6e:e8:cd:
                    a6:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                19:77:5C:95:96:C8:1C:75:99:26:B3:54:E4:25:29:57:37:EF:49:72
            X509v3 Authority Key Identifier:
                keyid:1B:91:56:5A:01:39:F6:18:43:78:BB:50:30:E7:36:E7:E9:35:D1:A2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/d278db2f8a08c0668cc12826e3616e165022b152.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/5b0d14f0-e0de-452d-890e-08ca85793858/d2cf10286fa96d9ed0d92f1f07805929796d033b.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/5b0d14f0-e0de-452d-890e-08ca85793858/d278db2f8a08c0668cc12826e3616e165022b152.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  168.195.36.0/22

    Signature Algorithm: sha256WithRSAEncryption
         69:a7:19:13:a2:0f:f4:13:ab:60:c7:55:01:0c:18:d0:ba:6a:
         3a:fc:7a:a5:a3:21:b9:86:19:ae:54:82:7f:ec:19:5b:a7:1d:
         d7:98:1d:1e:73:0f:66:b4:eb:77:79:12:15:3f:1e:e6:fe:45:
         cf:72:6e:82:33:a0:f4:7c:8c:74:42:19:9f:82:9b:9d:9a:af:
         05:7a:67:71:8e:4b:f4:ec:0e:83:0e:79:38:31:8e:95:33:3e:
         44:8a:77:27:bd:76:a2:00:01:7f:43:65:46:d3:c5:e5:46:87:
         12:5c:a8:cc:f3:e6:da:f4:15:b1:a8:8b:0c:a9:b2:ae:13:5f:
         6d:6b:59:2b:7a:06:b4:c9:29:49:11:1e:96:a7:e3:b1:f1:c3:
         33:ac:88:a7:b1:ac:0c:ec:3e:e1:7f:aa:54:8a:c5:c6:46:c4:
         d6:fc:0e:b0:2d:7d:f7:44:85:18:4c:65:6e:19:f7:40:64:06:
         5c:e3:72:e4:3f:41:0c:53:d7:7a:4b:34:f5:b3:b7:93:ab:b0:
         aa:10:27:48:a3:79:83:4c:e2:8b:22:7a:ec:8c:92:7f:07:d9:
         35:ed:69:d1:c2:73:25:5f:64:a7:e0:98:07:34:4d:92:3f:33:
         9f:b1:f9:ec:0b:89:8e:e4:f0:aa:1a:55:43:17:c0:a7:2c:69:
         c5:ca:af:78
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDBD3YMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGQy
NzhkYjJmOGEwOGMwNjY4Y2MxMjgyNmUzNjE2ZTE2NTAyMmIxNTIwHhcNMjEwMzI0
MTQzMjI4WhcNMjYwMzI0MTQzMjI4WjAzMTEwLwYDVQQDEyhkMmNmMTAyODZmYTk2
ZDllZDBkOTJmMWYwNzgwNTkyOTc5NmQwMzNiMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAkGXkA6SdrEbEa6o3+qZOquAYfQCUDIXz5JTxaQKJjbNjjgZL
Fezvqf/Z+uR6cKR22DGdcZbO5DdDRy0W3+9HIkHIwJkVeBffwKXWVWGNLcMd3M0j
7bWXJS3gTaqTgppBxU+b20310xqjRt3s6uuoZlFcvj3fGGQ7Jk2SUuf+Sb/07pzQ
jMCiyX2jJ85VY6WAkKcT72ICkZ1aeVdgxibrk5+BaIPr3261xqB0FYdhf/0hyFX5
/yGbyViiU11Fb74KWCoQ9UouoDOou56nl05JDx6WjzgyoU4nk6Ukk0W1x1hm0kYX
3AJyN6niF7tQxHxE+aGjq6g7rG7ixxFu6M2mWwIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFBl3XJWWyBx1mSazVOQlKVc370lyMB8GA1UdIwQYMBaAFBuRVloBOfYYQ3i7
UDDnNufpNdGiMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvZDI3OGRi
MmY4YTA4YzA2NjhjYzEyODI2ZTM2MTZlMTY1MDIyYjE1Mi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNWIwZDE0ZjAtZTBkZS00NTJkLTg5MGUtMDhjYTg1
NzkzODU4L2QyY2YxMDI4NmZhOTZkOWVkMGQ5MmYxZjA3ODA1OTI5Nzk2ZDAzM2Iu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy81YjBkMTRmMC1lMGRlLTQ1MmQtODkwZS0wOGNh
ODU3OTM4NTgvZDI3OGRiMmY4YTA4YzA2NjhjYzEyODI2ZTM2MTZlMTY1MDIyYjE1
Mi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAqjDJDANBgkqhkiG9w0BAQsFAAOCAQEAaacZE6IP9BOrYMdV
AQwY0LpqOvx6paMhuYYZrlSCf+wZW6cd15gdHnMPZrTrd3kSFT8e5v5Fz3JugjOg
9HyMdEIZn4KbnZqvBXpncY5L9OwOgw55ODGOlTM+RIp3J712ogABf0NlRtPF5UaH
ElyozPPm2vQVsaiLDKmyrhNfbWtZK3oGtMkpSREelqfjsfHDM6yIp7GsDOw+4X+q
VIrFxkbE1vwOsC1990SFGExlbhn3QGQGXONy5D9BDFPXeks09bO3k6uwqhAnSKN5
g0ziiyJ67IySfwfZNe1p0cJzJV9kp+CYBzRNkj8zn7H57AuJjuTwqhpVQxfApyxp
xcqveA==
-----END CERTIFICATE-----
Generated at Thu Mar 28 22:53:03 2024 by rpki-client on console-ams.rpki-client.org