Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/5e4952a4-7e74-42a5-9633-02b48b4b6fe3/e6e016d724024e3eb487389517b07bbb1481fd17.roa
File:                     e6e016d724024e3eb487389517b07bbb1481fd17.roa (raw, json)
Hash identifier:          0rltfMZsWy2DjeCotqSyK6ZU3Y8rXl/aQNLxNgp4hwQ=
Subject key identifier:   CA:C4:C1:68:63:49:0A:59:1F:1E:5C:EE:E8:84:9F:E6:11:12:05:07
Certificate issuer:       /CN=f13554e9fe6b271d74bda29f1da6f16965693a84
Certificate serial:       03A1
Authority key identifier: BF:C8:57:3E:2E:36:FB:BE:C5:E1:B9:8F:28:E1:20:5D:0A:90:80:61
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/f13554e9fe6b271d74bda29f1da6f16965693a84.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/5e4952a4-7e74-42a5-9633-02b48b4b6fe3/e6e016d724024e3eb487389517b07bbb1481fd17.roa
Signing time:             Sat 22 Oct 2022 15:43:56 +0000
ROA not before:           Fri 21 Oct 2022 15:43:03 +0000
ROA not after:            Tue 22 Oct 2024 15:43:03 +0000
asID:                     272844
IP address blocks:        170.84.254.0/24 maxlen: 24
                          2801:19:5800::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/5e4952a4-7e74-42a5-9633-02b48b4b6fe3/f13554e9fe6b271d74bda29f1da6f16965693a84.crl
                          rsync://repository.lacnic.net/rpki/lacnic/5e4952a4-7e74-42a5-9633-02b48b4b6fe3/f13554e9fe6b271d74bda29f1da6f16965693a84.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/f13554e9fe6b271d74bda29f1da6f16965693a84.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 12:22:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 929 (0x3a1)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f13554e9fe6b271d74bda29f1da6f16965693a84
        Validity
            Not Before: Oct 21 15:43:03 2022 GMT
            Not After : Oct 22 15:43:03 2024 GMT
        Subject: CN=e6e016d724024e3eb487389517b07bbb1481fd17
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:2f:37:75:f1:5d:38:c8:c7:65:50:17:3b:e5:
                    06:d4:cc:79:53:39:95:76:8f:a8:34:57:9b:f1:68:
                    f6:60:74:14:c3:6f:3b:98:c8:3d:53:69:47:71:4d:
                    48:c7:e4:59:f5:67:61:df:0f:6d:60:f7:8d:c3:ef:
                    85:40:a4:3c:b3:2a:46:58:69:e3:14:92:42:f6:28:
                    41:f7:ef:0d:91:66:24:e8:4e:36:74:26:f4:59:9e:
                    b4:32:94:ef:8a:74:44:7b:94:81:e2:d0:8a:5a:8d:
                    b6:be:17:15:9c:2c:1e:20:4d:21:3b:95:76:96:10:
                    ce:b2:21:c6:d6:23:b4:3d:b5:0e:21:ed:1c:1f:af:
                    9d:2e:23:c7:b4:42:5b:8f:25:5e:15:57:6b:9f:db:
                    c5:c5:f4:73:dd:02:f4:2d:1a:4e:87:c5:65:16:30:
                    cc:32:6d:a2:66:90:8f:dc:88:6c:79:57:f5:f0:63:
                    d9:dc:49:2b:39:b2:07:d1:32:b3:aa:95:8c:e5:1c:
                    48:88:9c:b7:00:62:70:84:84:cd:7d:62:c9:fe:f4:
                    d8:78:51:8e:b3:84:ff:f3:df:08:cd:9f:fd:81:e1:
                    6c:67:63:aa:2a:79:bf:72:c0:d5:16:ee:15:30:1e:
                    fb:10:03:7e:08:e8:8f:bd:f2:e2:4b:0f:ec:38:32:
                    06:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CA:C4:C1:68:63:49:0A:59:1F:1E:5C:EE:E8:84:9F:E6:11:12:05:07
            X509v3 Authority Key Identifier:
                keyid:BF:C8:57:3E:2E:36:FB:BE:C5:E1:B9:8F:28:E1:20:5D:0A:90:80:61

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/f13554e9fe6b271d74bda29f1da6f16965693a84.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/5e4952a4-7e74-42a5-9633-02b48b4b6fe3/e6e016d724024e3eb487389517b07bbb1481fd17.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/5e4952a4-7e74-42a5-9633-02b48b4b6fe3/f13554e9fe6b271d74bda29f1da6f16965693a84.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  170.84.254.0/24
                IPv6:
                  2801:19:5800::/48

    Signature Algorithm: sha256WithRSAEncryption
         62:d9:8e:58:d5:54:84:f2:7f:67:a1:5f:5a:74:a2:8a:07:9e:
         00:68:8f:b6:64:51:30:69:45:85:1b:d4:24:50:74:00:2c:35:
         ae:e0:0b:dd:0e:74:de:56:82:ed:78:79:fd:68:2d:8f:fe:d3:
         cb:2f:da:e9:47:9b:38:73:ee:06:f4:ff:99:2c:0f:8e:cc:f9:
         07:92:78:5c:76:4a:f4:8b:7f:ee:31:a4:39:ee:d3:50:87:63:
         5f:cd:9a:e0:ee:cd:ec:96:c6:9a:b0:6a:ee:c9:e0:88:ea:ea:
         60:02:8b:fc:13:cd:75:73:61:36:c6:0e:e8:e9:55:55:9b:aa:
         fd:be:93:5c:f1:8c:a1:86:c3:b6:5b:ff:d3:47:03:c3:6b:8d:
         4b:82:0b:ce:ac:39:d6:aa:8f:82:f0:4d:f6:d4:2a:aa:f6:72:
         49:60:53:d7:41:85:96:b9:df:49:e6:9f:39:b0:94:d2:d1:22:
         1b:d4:1d:20:c6:4b:3d:cc:47:7c:1b:c4:78:87:dd:ad:e5:ef:
         6f:1f:95:0c:a2:e3:b5:c8:b4:d4:13:21:7f:4d:77:a6:6d:ce:
         02:1c:6f:50:0d:94:57:e6:19:b3:10:68:25:c1:13:9d:cb:8b:
         21:c8:c3:56:57:39:1b:18:c4:5f:86:43:17:d1:3b:a8:cf:e6:
         e2:12:fd:fc
-----BEGIN CERTIFICATE-----
MIIFUDCCBDigAwIBAgICA6EwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoZjEz
NTU0ZTlmZTZiMjcxZDc0YmRhMjlmMWRhNmYxNjk2NTY5M2E4NDAeFw0yMjEwMjEx
NTQzMDNaFw0yNDEwMjIxNTQzMDNaMDMxMTAvBgNVBAMTKGU2ZTAxNmQ3MjQwMjRl
M2ViNDg3Mzg5NTE3YjA3YmJiMTQ4MWZkMTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCKLzd18V04yMdlUBc75QbUzHlTOZV2j6g0V5vxaPZgdBTDbzuY
yD1TaUdxTUjH5Fn1Z2HfD21g943D74VApDyzKkZYaeMUkkL2KEH37w2RZiToTjZ0
JvRZnrQylO+KdER7lIHi0Ipajba+FxWcLB4gTSE7lXaWEM6yIcbWI7Q9tQ4h7Rwf
r50uI8e0QluPJV4VV2uf28XF9HPdAvQtGk6HxWUWMMwybaJmkI/ciGx5V/XwY9nc
SSs5sgfRMrOqlYzlHEiInLcAYnCEhM19Ysn+9Nh4UY6zhP/z3wjNn/2B4WxnY6oq
eb9ywNUW7hUwHvsQA34I6I+98uJLD+w4MgalAgMBAAGjggJsMIICaDAdBgNVHQ4E
FgQUysTBaGNJClkfHlzu6ISf5hESBQcwHwYDVR0jBBgwFoAUv8hXPi42+77F4bmP
KOEgXQqQgGEwDgYDVR0PAQH/BAQDAgeAMIGaBggrBgEFBQcBAQSBjTCBijCBhwYI
KwYBBQUHMAKGe3JzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jwa2kvbGFj
bmljLzQ4ZjA4M2JiLWY2MDMtNDg5My05OTkwLTAyODRjMDRjZWI4NS9mMTM1NTRl
OWZlNmIyNzFkNzRiZGEyOWYxZGE2ZjE2OTY1NjkzYTg0LmNlcjCBmgYIKwYBBQUH
AQsEgY0wgYowgYcGCCsGAQUFBzALhntyc3luYzovL3JlcG9zaXRvcnkubGFjbmlj
Lm5ldC9ycGtpL2xhY25pYy81ZTQ5NTJhNC03ZTc0LTQyYTUtOTYzMy0wMmI0OGI0
YjZmZTMvZTZlMDE2ZDcyNDAyNGUzZWI0ODczODk1MTdiMDdiYmIxNDgxZmQxNy5y
b2EwgY8GA1UdHwSBhzCBhDCBgaB/oH2Ge3JzeW5jOi8vcmVwb3NpdG9yeS5sYWNu
aWMubmV0L3Jwa2kvbGFjbmljLzVlNDk1MmE0LTdlNzQtNDJhNS05NjMzLTAyYjQ4
YjRiNmZlMy9mMTM1NTRlOWZlNmIyNzFkNzRiZGEyOWYxZGE2ZjE2OTY1NjkzYTg0
LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEw
HzAMBAIAATAGAwQAqlT+MA8EAgACMAkDBwAoAQAZWAAwDQYJKoZIhvcNAQELBQAD
ggEBAGLZjljVVITyf2ehX1p0oooHngBoj7ZkUTBpRYUb1CRQdAAsNa7gC90OdN5W
gu14ef1oLY/+08sv2ulHmzhz7gb0/5ksD47M+QeSeFx2SvSLf+4xpDnu01CHY1/N
muDuzeyWxpqwau7J4Ijq6mACi/wTzXVzYTbGDujpVVWbqv2+k1zxjKGGw7Zb/9NH
A8NrjUuCC86sOdaqj4LwTfbUKqr2cklgU9dBhZa530nmnzmwlNLRIhvUHSDGSz3M
R3wbxHiH3a3l728flQyi47XItNQTIX9Nd6ZtzgIcb1ANlFfmGbMQaCXBE53LiyHI
w1ZXORsYxF+GQxfRO6jP5uIS/fw=
-----END CERTIFICATE-----
Generated at Thu Mar 28 16:04:10 2024 by rpki-client on console-ams.rpki-client.org