Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/5d6d9256-9394-474c-9312-6fb5cdd14799/f8ed363f0dc34a4a1931642296e6b90c83745bb3.roa
File:                     f8ed363f0dc34a4a1931642296e6b90c83745bb3.roa (raw, json)
Hash identifier:          CHYXk/w0Q7flbyOLcb7HcmkZ4f71R/9cTaXgsgmVGa8=
Subject key identifier:   B5:54:EA:7F:C4:DC:E4:C6:B3:09:E5:84:4D:DE:41:17:4D:10:21:EF
Certificate issuer:       /CN=51f575b954b351bd4876a8f12a413c06dcaa7644
Certificate serial:       0C8C26
Authority key identifier: D4:B8:CB:73:0B:ED:F3:2F:C4:91:8C:8A:7A:52:CE:D1:7C:95:A0:F8
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/51f575b954b351bd4876a8f12a413c06dcaa7644.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/5d6d9256-9394-474c-9312-6fb5cdd14799/f8ed363f0dc34a4a1931642296e6b90c83745bb3.roa
Signing time:             Wed 24 Mar 2021 14:31:53 +0000
ROA not before:           Wed 24 Mar 2021 14:31:53 +0000
ROA not after:            Tue 24 Mar 2026 14:31:53 +0000
asID:                     266905
IP address blocks:        45.162.140.0/22 maxlen: 24
                          2803:b6a0::/32 maxlen: 48

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/5d6d9256-9394-474c-9312-6fb5cdd14799/51f575b954b351bd4876a8f12a413c06dcaa7644.crl
                          rsync://repository.lacnic.net/rpki/lacnic/5d6d9256-9394-474c-9312-6fb5cdd14799/51f575b954b351bd4876a8f12a413c06dcaa7644.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/51f575b954b351bd4876a8f12a413c06dcaa7644.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 25 Feb 2024 03:09:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 822310 (0xc8c26)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=51f575b954b351bd4876a8f12a413c06dcaa7644
        Validity
            Not Before: Mar 24 14:31:53 2021 GMT
            Not After : Mar 24 14:31:53 2026 GMT
        Subject: CN=f8ed363f0dc34a4a1931642296e6b90c83745bb3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:7f:68:7e:5d:1d:c4:78:8b:5e:f4:b5:48:73:
                    f4:34:20:73:c2:18:d9:04:ce:dc:7e:0e:9c:b2:ee:
                    d2:b5:c9:32:e5:90:04:61:06:08:d4:9f:8b:88:8f:
                    59:f7:f7:93:a4:b3:d3:0d:54:b6:cc:24:44:a8:f2:
                    46:ad:32:b5:24:11:c5:25:49:e4:13:45:53:56:6a:
                    00:ae:48:4d:d8:1b:a8:d3:83:f9:df:7b:cd:40:f4:
                    ab:4b:23:62:13:91:1f:96:8b:d6:f7:7f:d6:54:ca:
                    6a:bc:2d:14:b0:9e:3c:43:c4:61:92:74:36:5d:8c:
                    81:15:d4:4f:d5:de:e3:48:54:2b:8b:c8:27:55:aa:
                    3d:30:81:04:da:de:d0:e4:81:44:82:37:21:46:79:
                    9d:ce:e1:5d:26:85:75:7a:2e:18:85:41:80:2a:2f:
                    7c:a9:b9:f6:07:29:c7:cb:93:ff:3e:fd:5b:61:96:
                    e2:8c:b9:bc:39:ae:de:47:f8:3f:be:f0:3c:47:bf:
                    57:ba:7d:e4:19:40:6d:e9:58:08:7f:5d:da:0b:64:
                    32:a1:fc:fc:cc:f6:fb:37:03:8d:c9:bf:d1:44:8e:
                    60:58:91:5c:ab:01:0d:d2:e6:7c:5f:be:f6:e2:c8:
                    05:75:c3:60:31:10:c2:fa:1f:28:6c:b8:98:d1:1b:
                    ac:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B5:54:EA:7F:C4:DC:E4:C6:B3:09:E5:84:4D:DE:41:17:4D:10:21:EF
            X509v3 Authority Key Identifier:
                keyid:D4:B8:CB:73:0B:ED:F3:2F:C4:91:8C:8A:7A:52:CE:D1:7C:95:A0:F8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/51f575b954b351bd4876a8f12a413c06dcaa7644.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/5d6d9256-9394-474c-9312-6fb5cdd14799/f8ed363f0dc34a4a1931642296e6b90c83745bb3.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/5d6d9256-9394-474c-9312-6fb5cdd14799/51f575b954b351bd4876a8f12a413c06dcaa7644.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.162.140.0/22
                IPv6:
                  2803:b6a0::/32

    Signature Algorithm: sha256WithRSAEncryption
         35:c7:9e:40:a6:65:64:03:b6:8a:ab:57:e0:25:9c:eb:96:6e:
         78:1b:63:ec:64:4b:04:d7:ee:20:e5:e0:19:a1:1a:57:ce:47:
         c3:75:ec:de:21:a7:3e:3f:22:0d:07:d6:82:d3:af:4e:52:37:
         e7:a2:b2:2c:10:ef:b1:19:3c:c0:86:d6:62:d7:79:fb:50:9c:
         a7:fe:61:db:01:49:36:52:d6:9f:72:78:92:a3:6a:43:3d:95:
         ea:e9:a5:83:b4:80:05:fe:56:00:ba:e2:d8:ae:51:fa:81:42:
         ea:39:07:c8:c1:ce:d5:ae:4a:05:11:9f:a9:23:f2:ea:02:6f:
         74:ee:f1:da:9c:4b:c9:1e:9b:80:5c:6c:f9:dd:15:75:2c:a2:
         5a:85:cb:d6:90:9e:c6:fc:60:b6:f0:18:9c:6a:58:04:65:83:
         9b:42:24:9a:35:ba:e4:8b:14:32:e3:7d:16:f1:d8:4d:aa:72:
         22:f9:52:c9:a1:98:60:61:f2:7c:ce:98:05:e0:4a:29:16:d7:
         d6:e6:4e:20:13:83:6a:c1:71:81:6a:6c:4a:36:d1:72:78:b4:
         ce:fd:77:62:21:fc:38:49:24:2d:d4:47:42:6d:e7:e7:ed:39:
         53:97:af:f0:fd:3b:d4:3d:d5:0d:67:37:c3:e2:e5:e5:1c:60:
         28:c4:18:7b
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgIDDIwmMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDUx
ZjU3NWI5NTRiMzUxYmQ0ODc2YThmMTJhNDEzYzA2ZGNhYTc2NDQwHhcNMjEwMzI0
MTQzMTUzWhcNMjYwMzI0MTQzMTUzWjAzMTEwLwYDVQQDEyhmOGVkMzYzZjBkYzM0
YTRhMTkzMTY0MjI5NmU2YjkwYzgzNzQ1YmIzMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAwn9ofl0dxHiLXvS1SHP0NCBzwhjZBM7cfg6csu7Stcky5ZAE
YQYI1J+LiI9Z9/eTpLPTDVS2zCREqPJGrTK1JBHFJUnkE0VTVmoArkhN2Buo04P5
33vNQPSrSyNiE5EflovW93/WVMpqvC0UsJ48Q8RhknQ2XYyBFdRP1d7jSFQri8gn
Vao9MIEE2t7Q5IFEgjchRnmdzuFdJoV1ei4YhUGAKi98qbn2BynHy5P/Pv1bYZbi
jLm8Oa7eR/g/vvA8R79Xun3kGUBt6VgIf13aC2Qyofz8zPb7NwONyb/RRI5gWJFc
qwEN0uZ8X7724sgFdcNgMRDC+h8obLiY0RuswQIDAQABo4ICajCCAmYwHQYDVR0O
BBYEFLVU6n/E3OTGswnlhE3eQRdNECHvMB8GA1UdIwQYMBaAFNS4y3ML7fMvxJGM
inpSztF8laD4MA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvNTFmNTc1
Yjk1NGIzNTFiZDQ4NzZhOGYxMmE0MTNjMDZkY2FhNzY0NC5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNWQ2ZDkyNTYtOTM5NC00NzRjLTkzMTItNmZiNWNk
ZDE0Nzk5L2Y4ZWQzNjNmMGRjMzRhNGExOTMxNjQyMjk2ZTZiOTBjODM3NDViYjMu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy81ZDZkOTI1Ni05Mzk0LTQ3NGMtOTMxMi02ZmI1
Y2RkMTQ3OTkvNTFmNTc1Yjk1NGIzNTFiZDQ4NzZhOGYxMmE0MTNjMDZkY2FhNzY0
NC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQf
MB0wDAQCAAEwBgMEAi2ijDANBAIAAjAHAwUAKAO2oDANBgkqhkiG9w0BAQsFAAOC
AQEANceeQKZlZAO2iqtX4CWc65ZueBtj7GRLBNfuIOXgGaEaV85Hw3Xs3iGnPj8i
DQfWgtOvTlI356KyLBDvsRk8wIbWYtd5+1Ccp/5h2wFJNlLWn3J4kqNqQz2V6uml
g7SABf5WALri2K5R+oFC6jkHyMHO1a5KBRGfqSPy6gJvdO7x2pxLyR6bgFxs+d0V
dSyiWoXL1pCexvxgtvAYnGpYBGWDm0IkmjW65IsUMuN9FvHYTapyIvlSyaGYYGHy
fM6YBeBKKRbX1uZOIBODasFxgWpsSjbRcni0zv13YiH8OEkkLdRHQm3n5+05U5ev
8P071D3VDWc3w+Ll5RxgKMQYew==
-----END CERTIFICATE-----
Generated at Thu Feb 22 04:18:45 2024 by rpki-client on console-ams.rpki-client.org