Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/5b778156-ecd0-45d3-ac0d-b47a12486ca8/763dc2a73f79d7d19d5aa38d35ffd9c231f98f7d.roa
File:                     763dc2a73f79d7d19d5aa38d35ffd9c231f98f7d.roa (raw, json)
Hash identifier:          95/Zd/3Bfl9pD2Vi+v2ZydQWis/MPVtYEACgxrUiLWw=
Subject key identifier:   F4:74:26:FC:0E:3C:C4:CF:9C:86:BA:53:07:FA:F0:31:CC:CD:6B:AB
Certificate issuer:       /CN=28b1aab520617bedc94ecd957978770d7e4589a1
Certificate serial:       26A51A
Authority key identifier: A1:93:EC:0A:78:F4:6E:25:E7:42:4C:A2:65:9E:60:A3:77:39:D2:89
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/28b1aab520617bedc94ecd957978770d7e4589a1.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/5b778156-ecd0-45d3-ac0d-b47a12486ca8/763dc2a73f79d7d19d5aa38d35ffd9c231f98f7d.roa
Signing time:             Tue 13 Feb 2024 04:29:43 +0000
ROA not before:           Tue 13 Feb 2024 04:29:42 +0000
ROA not after:            Fri 13 Feb 2026 04:29:42 +0000
asID:                     262199
IP address blocks:        138.99.180.0/22 maxlen: 24
                          181.225.128.0/21 maxlen: 24
                          201.150.84.0/22 maxlen: 24
                          2803:df00::/32 maxlen: 32

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/5b778156-ecd0-45d3-ac0d-b47a12486ca8/28b1aab520617bedc94ecd957978770d7e4589a1.crl
                          rsync://repository.lacnic.net/rpki/lacnic/5b778156-ecd0-45d3-ac0d-b47a12486ca8/28b1aab520617bedc94ecd957978770d7e4589a1.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/28b1aab520617bedc94ecd957978770d7e4589a1.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 14 Apr 2024 19:18:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2532634 (0x26a51a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=28b1aab520617bedc94ecd957978770d7e4589a1
        Validity
            Not Before: Feb 13 04:29:42 2024 GMT
            Not After : Feb 13 04:29:42 2026 GMT
        Subject: CN=763dc2a73f79d7d19d5aa38d35ffd9c231f98f7d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:6f:8d:e7:ae:0f:96:a1:66:8f:f7:1c:3e:ff:
                    17:79:e8:4b:c9:2e:52:aa:90:60:96:07:9f:c7:8c:
                    1f:23:9b:40:6f:ff:3f:dc:ae:ff:30:ce:bd:ef:7c:
                    00:05:11:93:d8:60:95:7f:42:f2:a6:3d:ac:40:0a:
                    8d:b7:61:69:b4:46:62:27:0a:35:20:52:7b:5a:27:
                    66:17:ba:44:8e:a5:7d:eb:85:73:96:9e:1d:1d:7c:
                    12:68:fc:1d:83:bf:69:75:3d:19:70:73:3f:2e:be:
                    d9:20:54:7b:cf:4b:c9:57:04:64:10:48:28:ae:40:
                    f0:f0:7e:ae:58:36:1a:e4:a3:b2:cd:df:47:84:a3:
                    78:93:ef:29:fe:9a:57:69:6f:ee:3c:6a:3e:da:79:
                    61:af:d0:44:d0:e8:c5:aa:1c:65:24:c8:c6:cd:5d:
                    50:a3:e2:21:3f:f8:97:cc:e4:25:8a:81:13:ba:55:
                    2c:2c:5b:e3:88:2f:01:98:e5:99:0d:82:35:0c:38:
                    4f:ee:f9:5b:13:9d:4c:38:b1:13:19:51:21:13:82:
                    d8:c4:5c:32:c5:57:96:d4:1f:d8:19:65:9f:0b:c5:
                    5e:0e:60:c4:f3:d9:2b:2f:db:b7:13:66:ad:3e:f6:
                    94:57:66:46:9c:5c:93:ba:96:78:46:12:18:c2:cb:
                    12:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F4:74:26:FC:0E:3C:C4:CF:9C:86:BA:53:07:FA:F0:31:CC:CD:6B:AB
            X509v3 Authority Key Identifier:
                keyid:A1:93:EC:0A:78:F4:6E:25:E7:42:4C:A2:65:9E:60:A3:77:39:D2:89

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/28b1aab520617bedc94ecd957978770d7e4589a1.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/5b778156-ecd0-45d3-ac0d-b47a12486ca8/763dc2a73f79d7d19d5aa38d35ffd9c231f98f7d.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/5b778156-ecd0-45d3-ac0d-b47a12486ca8/28b1aab520617bedc94ecd957978770d7e4589a1.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  138.99.180.0/22
                  181.225.128.0/21
                  201.150.84.0/22
                IPv6:
                  2803:df00::/32

    Signature Algorithm: sha256WithRSAEncryption
         0c:3e:f0:50:05:17:77:b6:0f:5e:b9:41:9e:67:0a:ee:87:01:
         cf:3b:c8:30:0c:d8:9e:88:a2:0e:d9:7e:b9:a5:5e:2e:f1:69:
         ae:49:bf:de:29:df:3a:f7:c6:e5:0a:b2:6e:c0:c8:5d:3f:f6:
         9a:b6:cc:2d:b3:fb:9b:24:0e:32:85:5d:63:9c:79:08:d1:0b:
         e9:36:59:12:58:de:3e:23:92:4b:ef:16:aa:d8:06:2c:1f:14:
         21:60:e1:3b:a7:8d:29:59:b7:45:fc:58:b3:c1:97:56:fc:51:
         64:31:10:ff:93:bb:d4:f9:b6:cf:fb:ad:7b:ca:ac:b0:77:9d:
         df:25:80:8d:5f:a8:cb:f5:13:e5:83:1e:58:fc:2f:18:8a:9b:
         9b:d1:b3:da:cf:15:36:9c:fa:0e:65:54:fe:da:df:db:92:ba:
         87:09:de:57:cd:82:24:08:09:26:9c:5a:1e:93:57:59:e0:21:
         7a:dc:1b:44:4e:d3:36:ff:2a:76:06:76:89:10:cf:eb:b5:d1:
         4a:02:fa:59:1d:95:05:b7:79:d5:97:ef:a6:5a:2d:1f:0a:e9:
         cc:ff:69:81:62:33:81:77:68:4a:ca:b3:2b:f8:88:80:73:b9:
         99:13:32:73:66:7d:55:c0:ae:9f:fd:39:8a:e2:ca:02:ce:cc:
         71:26:d8:47
-----BEGIN CERTIFICATE-----
MIIFWzCCBEOgAwIBAgIDJqUaMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDI4
YjFhYWI1MjA2MTdiZWRjOTRlY2Q5NTc5Nzg3NzBkN2U0NTg5YTEwHhcNMjQwMjEz
MDQyOTQyWhcNMjYwMjEzMDQyOTQyWjAzMTEwLwYDVQQDEyg3NjNkYzJhNzNmNzlk
N2QxOWQ1YWEzOGQzNWZmZDljMjMxZjk4ZjdkMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAmm+N564PlqFmj/ccPv8XeehLyS5SqpBglgefx4wfI5tAb/8/
3K7/MM6973wABRGT2GCVf0Lypj2sQAqNt2FptEZiJwo1IFJ7WidmF7pEjqV964Vz
lp4dHXwSaPwdg79pdT0ZcHM/Lr7ZIFR7z0vJVwRkEEgorkDw8H6uWDYa5KOyzd9H
hKN4k+8p/ppXaW/uPGo+2nlhr9BE0OjFqhxlJMjGzV1Qo+IhP/iXzOQlioETulUs
LFvjiC8BmOWZDYI1DDhP7vlbE51MOLETGVEhE4LYxFwyxVeW1B/YGWWfC8VeDmDE
89krL9u3E2atPvaUV2ZGnFyTupZ4RhIYwssS+wIDAQABo4ICdjCCAnIwHQYDVR0O
BBYEFPR0JvwOPMTPnIa6Uwf68DHMzWurMB8GA1UdIwQYMBaAFKGT7Ap49G4l50JM
omWeYKN3OdKJMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvMjhiMWFh
YjUyMDYxN2JlZGM5NGVjZDk1Nzk3ODc3MGQ3ZTQ1ODlhMS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNWI3NzgxNTYtZWNkMC00NWQzLWFjMGQtYjQ3YTEy
NDg2Y2E4Lzc2M2RjMmE3M2Y3OWQ3ZDE5ZDVhYTM4ZDM1ZmZkOWMyMzFmOThmN2Qu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy81Yjc3ODE1Ni1lY2QwLTQ1ZDMtYWMwZC1iNDdh
MTI0ODZjYTgvMjhiMWFhYjUyMDYxN2JlZGM5NGVjZDk1Nzk3ODc3MGQ3ZTQ1ODlh
MS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6BggrBgEFBQcBBwEB/wQr
MCkwGAQCAAEwEgMEAopjtAMEA7XhgAMEAsmWVDANBAIAAjAHAwUAKAPfADANBgkq
hkiG9w0BAQsFAAOCAQEADD7wUAUXd7YPXrlBnmcK7ocBzzvIMAzYnoiiDtl+uaVe
LvFprkm/3infOvfG5QqybsDIXT/2mrbMLbP7myQOMoVdY5x5CNEL6TZZEljePiOS
S+8WqtgGLB8UIWDhO6eNKVm3RfxYs8GXVvxRZDEQ/5O71Pm2z/ute8qssHed3yWA
jV+oy/UT5YMeWPwvGIqbm9Gz2s8VNpz6DmVU/trf25K6hwneV82CJAgJJpxaHpNX
WeAhetwbRE7TNv8qdgZ2iRDP67XRSgL6WR2VBbd51ZfvplotHwrpzP9pgWIzgXdo
SsqzK/iIgHO5mRMyc2Z9VcCun/05iuLKAs7McSbYRw==
-----END CERTIFICATE-----
Generated at Fri Apr 12 01:59:51 2024 by rpki-client on console-fra.rpki-client.org