Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/5cc3563b-99c7-4e1c-8592-e98ada139327/8c81e0354232642f9ab63d905dc0d51d54971180.roa
File:                     8c81e0354232642f9ab63d905dc0d51d54971180.roa (raw, json)
Hash identifier:          Y6nYEXqUolmzmZAnhbpT3Rm8Qfnfyqc+UtWUaxQ8Lvo=
Subject key identifier:   B7:2E:D9:F7:29:D0:82:CF:B9:BC:92:F0:C2:D3:F1:55:FE:F3:A3:14
Certificate issuer:       /CN=e193a049ad930ca3b3be2155ddabd7f461b9abe6
Certificate serial:       0CB456
Authority key identifier: 31:ED:71:33:34:08:E4:D3:F6:53:19:38:6F:81:24:CB:0F:E6:A5:63
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/e193a049ad930ca3b3be2155ddabd7f461b9abe6.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/5cc3563b-99c7-4e1c-8592-e98ada139327/8c81e0354232642f9ab63d905dc0d51d54971180.roa
Signing time:             Wed 24 Mar 2021 14:38:18 +0000
ROA not before:           Wed 24 Mar 2021 14:38:18 +0000
ROA not after:            Tue 24 Mar 2026 14:38:18 +0000
asID:                     267705
IP address blocks:        45.164.172.0/22 maxlen: 24
                          2803:f1a0::/32 maxlen: 48

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/5cc3563b-99c7-4e1c-8592-e98ada139327/e193a049ad930ca3b3be2155ddabd7f461b9abe6.crl
                          rsync://repository.lacnic.net/rpki/lacnic/5cc3563b-99c7-4e1c-8592-e98ada139327/e193a049ad930ca3b3be2155ddabd7f461b9abe6.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/e193a049ad930ca3b3be2155ddabd7f461b9abe6.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 12:22:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 832598 (0xcb456)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e193a049ad930ca3b3be2155ddabd7f461b9abe6
        Validity
            Not Before: Mar 24 14:38:18 2021 GMT
            Not After : Mar 24 14:38:18 2026 GMT
        Subject: CN=8c81e0354232642f9ab63d905dc0d51d54971180
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:b1:c7:b4:9e:d4:bc:35:0e:d5:32:79:d6:35:
                    6a:f4:05:85:f1:fb:54:9e:11:c0:51:5e:77:40:3d:
                    e0:7c:10:2e:e7:b4:81:af:54:40:12:4e:de:fe:86:
                    cf:64:e9:e7:e0:17:52:d8:ec:73:ce:22:a9:6d:d8:
                    71:d1:96:7d:55:cb:db:ef:87:61:25:2c:32:71:c2:
                    b4:d5:ad:6d:6c:3c:94:d6:e9:90:e1:56:ba:af:38:
                    e6:48:03:c6:41:b0:3a:25:6c:00:57:ec:0d:6c:76:
                    9e:fe:ba:92:87:53:69:a3:93:4b:cc:d8:c7:0f:66:
                    79:a6:17:2b:32:15:4f:c4:43:84:1c:8d:5e:fd:2b:
                    97:42:9e:5a:e0:ec:11:f4:2b:49:fa:d8:d4:41:1a:
                    48:3a:20:21:bb:32:17:c5:7e:38:d3:ea:2f:f5:7a:
                    c2:7a:0b:55:f2:c7:ae:2d:83:70:c6:7f:79:38:51:
                    ec:e9:07:2d:96:d4:87:89:95:d3:d7:5e:bc:42:1c:
                    0d:25:e2:15:b3:43:31:36:ab:93:f7:98:26:b1:38:
                    7e:52:fb:99:75:f5:e2:b5:76:0d:32:0a:fe:40:c5:
                    2b:d8:98:d0:be:8f:3f:08:d6:36:e9:26:d8:ed:89:
                    aa:7e:9f:44:e8:33:2d:b5:aa:b6:74:8a:da:02:ab:
                    ec:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B7:2E:D9:F7:29:D0:82:CF:B9:BC:92:F0:C2:D3:F1:55:FE:F3:A3:14
            X509v3 Authority Key Identifier:
                keyid:31:ED:71:33:34:08:E4:D3:F6:53:19:38:6F:81:24:CB:0F:E6:A5:63

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/e193a049ad930ca3b3be2155ddabd7f461b9abe6.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/5cc3563b-99c7-4e1c-8592-e98ada139327/8c81e0354232642f9ab63d905dc0d51d54971180.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/5cc3563b-99c7-4e1c-8592-e98ada139327/e193a049ad930ca3b3be2155ddabd7f461b9abe6.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.164.172.0/22
                IPv6:
                  2803:f1a0::/32

    Signature Algorithm: sha256WithRSAEncryption
         68:25:f4:7e:3e:ef:83:cb:ab:6b:66:0b:ed:da:cc:24:bb:b4:
         ac:df:f8:d9:a6:54:8e:76:d1:07:bc:d1:1d:f6:76:39:06:a9:
         8c:34:53:dc:41:fc:56:f6:a3:d8:78:2d:dd:e7:66:a3:9e:b4:
         f2:e4:f8:8d:e0:23:e7:f8:53:41:69:9f:9d:dc:c1:37:16:5d:
         ba:12:dd:27:34:0a:78:52:40:71:e1:85:35:3f:eb:09:6c:87:
         f7:bc:9f:f4:24:07:01:4f:c7:e3:54:ab:45:23:0c:9c:ca:e8:
         96:e5:29:c8:d1:9d:6e:8f:f4:e2:e8:d8:dd:46:b7:df:c4:d1:
         3f:15:5d:ef:85:e5:e5:cf:67:69:2e:37:d8:6d:bb:03:ae:5a:
         a3:b8:86:d4:69:24:77:22:e2:b1:15:da:23:43:f1:69:4a:87:
         9f:bd:3e:47:cc:5b:b2:7e:42:96:37:48:c0:d7:1e:ad:66:ae:
         fa:98:f1:4a:0d:90:ad:55:1b:16:cb:9c:97:fc:9e:29:0b:05:
         b0:06:e2:ac:0c:e6:91:2b:25:17:2f:da:97:96:3c:fa:58:3a:
         40:3e:ff:09:53:06:be:ef:c8:1e:57:b2:dd:38:8b:ef:d2:35:
         22:8c:da:b3:89:83:59:e8:2f:05:fe:d5:61:de:1e:b8:5d:45:
         c5:63:ed:b8
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgIDDLRWMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGUx
OTNhMDQ5YWQ5MzBjYTNiM2JlMjE1NWRkYWJkN2Y0NjFiOWFiZTYwHhcNMjEwMzI0
MTQzODE4WhcNMjYwMzI0MTQzODE4WjAzMTEwLwYDVQQDEyg4YzgxZTAzNTQyMzI2
NDJmOWFiNjNkOTA1ZGMwZDUxZDU0OTcxMTgwMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAirHHtJ7UvDUO1TJ51jVq9AWF8ftUnhHAUV53QD3gfBAu57SB
r1RAEk7e/obPZOnn4BdS2OxzziKpbdhx0ZZ9Vcvb74dhJSwyccK01a1tbDyU1umQ
4Va6rzjmSAPGQbA6JWwAV+wNbHae/rqSh1Npo5NLzNjHD2Z5phcrMhVPxEOEHI1e
/SuXQp5a4OwR9CtJ+tjUQRpIOiAhuzIXxX440+ov9XrCegtV8seuLYNwxn95OFHs
6QctltSHiZXT1168QhwNJeIVs0MxNquT95gmsTh+UvuZdfXitXYNMgr+QMUr2JjQ
vo8/CNY26SbY7Ymqfp9E6DMttaq2dIraAqvshwIDAQABo4ICajCCAmYwHQYDVR0O
BBYEFLcu2fcp0ILPubyS8MLT8VX+86MUMB8GA1UdIwQYMBaAFDHtcTM0COTT9lMZ
OG+BJMsP5qVjMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvZTE5M2Ew
NDlhZDkzMGNhM2IzYmUyMTU1ZGRhYmQ3ZjQ2MWI5YWJlNi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNWNjMzU2M2ItOTljNy00ZTFjLTg1OTItZTk4YWRh
MTM5MzI3LzhjODFlMDM1NDIzMjY0MmY5YWI2M2Q5MDVkYzBkNTFkNTQ5NzExODAu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy81Y2MzNTYzYi05OWM3LTRlMWMtODU5Mi1lOThh
ZGExMzkzMjcvZTE5M2EwNDlhZDkzMGNhM2IzYmUyMTU1ZGRhYmQ3ZjQ2MWI5YWJl
Ni5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQf
MB0wDAQCAAEwBgMEAi2krDANBAIAAjAHAwUAKAPxoDANBgkqhkiG9w0BAQsFAAOC
AQEAaCX0fj7vg8ura2YL7drMJLu0rN/42aZUjnbRB7zRHfZ2OQapjDRT3EH8Vvaj
2Hgt3edmo5608uT4jeAj5/hTQWmfndzBNxZduhLdJzQKeFJAceGFNT/rCWyH97yf
9CQHAU/H41SrRSMMnMroluUpyNGdbo/04ujY3Ua338TRPxVd74Xl5c9naS432G27
A65ao7iG1GkkdyLisRXaI0PxaUqHn70+R8xbsn5CljdIwNcerWau+pjxSg2QrVUb
Fsucl/yeKQsFsAbirAzmkSslFy/al5Y8+lg6QD7/CVMGvu/IHley3TiL79I1Ioza
s4mDWegvBf7VYd4euF1FxWPtuA==
-----END CERTIFICATE-----
Generated at Thu Mar 28 16:04:10 2024 by rpki-client on console-ams.rpki-client.org