Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/5f982222-0ef7-4c29-9587-da04370898b1/43ae567a7ee00cf75111c179bc9c3b0633a64238.roa
File:                     43ae567a7ee00cf75111c179bc9c3b0633a64238.roa (raw, json)
Hash identifier:          ekyme2vpXFQVy7Y2phiN4SWYuZSNPsKTURIdT9qYIQo=
Subject key identifier:   82:8F:B1:49:48:F5:F4:29:4D:6F:F5:A0:77:16:2A:9D:B2:5E:89:3D
Certificate issuer:       /CN=5c657c326adeece70c1e8bb9038ff79bc5e67ae6
Certificate serial:       073EDC
Authority key identifier: BA:88:1C:E9:05:6D:44:63:2F:CE:98:92:2D:F9:F6:30:CF:D9:17:6C
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/5c657c326adeece70c1e8bb9038ff79bc5e67ae6.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/5f982222-0ef7-4c29-9587-da04370898b1/43ae567a7ee00cf75111c179bc9c3b0633a64238.roa
Signing time:             Fri 10 Dec 2021 13:52:31 +0000
ROA not before:           Wed 24 Mar 2021 03:00:00 +0000
ROA not after:            Tue 24 Mar 2026 03:00:00 +0000
asID:                     271822
IP address blocks:        186.209.212.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/5f982222-0ef7-4c29-9587-da04370898b1/5c657c326adeece70c1e8bb9038ff79bc5e67ae6.crl
                          rsync://repository.lacnic.net/rpki/lacnic/5f982222-0ef7-4c29-9587-da04370898b1/5c657c326adeece70c1e8bb9038ff79bc5e67ae6.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/5c657c326adeece70c1e8bb9038ff79bc5e67ae6.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 01 Apr 2024 05:58:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 474844 (0x73edc)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5c657c326adeece70c1e8bb9038ff79bc5e67ae6
        Validity
            Not Before: Mar 24 03:00:00 2021 GMT
            Not After : Mar 24 03:00:00 2026 GMT
        Subject: CN=43ae567a7ee00cf75111c179bc9c3b0633a64238
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:03:5f:04:b4:25:9f:07:24:24:ce:0d:06:f8:
                    5f:08:37:30:f3:5b:41:9f:fe:5c:a6:37:f6:f6:33:
                    65:1d:d7:16:2a:41:b4:4d:ea:f6:8f:7f:c8:29:65:
                    2a:2d:1c:3d:c5:c4:69:98:32:f1:8e:71:63:15:b6:
                    70:4e:61:e9:91:52:c5:80:bb:ed:ae:f9:e7:a5:b8:
                    67:e4:bc:01:2d:99:c6:7e:04:9b:8b:52:3d:96:6f:
                    72:c5:33:d9:0f:b0:50:77:cc:17:13:2d:31:78:83:
                    18:58:1e:85:c1:ea:b9:9b:3f:e8:46:6c:ea:4a:d2:
                    c4:90:8d:50:11:ab:27:fa:f2:25:d7:bc:42:88:c9:
                    98:74:ec:45:ac:23:fd:29:fa:29:75:15:60:6e:bf:
                    74:d2:8f:51:0f:04:60:36:f1:d2:9e:9a:68:02:bd:
                    87:2e:6e:ee:b6:d1:e6:27:33:6a:01:77:db:78:40:
                    a0:a7:03:d2:d0:34:d0:a7:87:d9:63:5c:68:f6:c0:
                    45:dd:b1:32:88:1b:ff:a6:1c:d6:fc:a1:ff:c3:fd:
                    37:8e:09:f1:5e:46:56:4e:02:59:71:1d:81:66:fd:
                    48:0a:f8:8d:11:88:81:95:e0:9e:11:93:72:0f:ec:
                    21:d7:2e:12:e5:b5:74:63:c5:9e:3f:10:ee:00:ab:
                    cc:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                82:8F:B1:49:48:F5:F4:29:4D:6F:F5:A0:77:16:2A:9D:B2:5E:89:3D
            X509v3 Authority Key Identifier:
                keyid:BA:88:1C:E9:05:6D:44:63:2F:CE:98:92:2D:F9:F6:30:CF:D9:17:6C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/5c657c326adeece70c1e8bb9038ff79bc5e67ae6.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/5f982222-0ef7-4c29-9587-da04370898b1/43ae567a7ee00cf75111c179bc9c3b0633a64238.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/5f982222-0ef7-4c29-9587-da04370898b1/5c657c326adeece70c1e8bb9038ff79bc5e67ae6.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  186.209.212.0/22

    Signature Algorithm: sha256WithRSAEncryption
         90:9a:95:15:f9:34:6a:42:80:78:22:c5:a7:d3:89:0d:47:08:
         0e:d3:37:35:4b:e6:02:31:cc:87:7f:cd:40:b5:79:43:69:63:
         c9:e8:b9:35:9e:4b:a8:35:ce:41:a5:da:e3:d4:a1:1a:18:c2:
         1c:14:7f:28:c5:95:d0:4f:8e:00:94:1a:d6:5f:09:85:87:af:
         fb:d4:87:da:f5:cc:85:20:d6:60:7b:9b:77:da:88:d6:bf:c6:
         51:83:1e:b3:6c:41:9f:93:9f:7b:99:98:f7:06:73:30:75:93:
         71:15:85:5f:ca:ac:be:86:cd:75:de:ca:77:93:dd:41:93:c7:
         e8:a4:01:2f:be:18:42:43:8a:40:83:9b:88:69:4e:21:27:bd:
         18:65:2d:27:3b:09:b8:1f:d5:3e:a2:91:b2:c5:c6:f8:b1:e3:
         55:64:f1:4a:ac:fe:01:9c:33:07:93:a0:c2:b9:42:58:2c:1e:
         3f:eb:a7:eb:ea:25:e9:7a:18:ca:f6:c3:4c:7f:60:48:54:33:
         87:dc:7e:51:eb:91:6f:78:90:7d:05:a3:6e:fe:39:4e:c0:96:
         67:2c:51:eb:3b:36:7f:ec:f9:64:8c:2a:b7:ba:63:a8:54:ed:
         fa:2a:fe:17:fd:1b:77:95:86:04:62:df:5a:de:2f:c5:61:96:
         24:bd:11:a2
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDBz7cMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDVj
NjU3YzMyNmFkZWVjZTcwYzFlOGJiOTAzOGZmNzliYzVlNjdhZTYwHhcNMjEwMzI0
MDMwMDAwWhcNMjYwMzI0MDMwMDAwWjAzMTEwLwYDVQQDEyg0M2FlNTY3YTdlZTAw
Y2Y3NTExMWMxNzliYzljM2IwNjMzYTY0MjM4MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAmANfBLQlnwckJM4NBvhfCDcw81tBn/5cpjf29jNlHdcWKkG0
Ter2j3/IKWUqLRw9xcRpmDLxjnFjFbZwTmHpkVLFgLvtrvnnpbhn5LwBLZnGfgSb
i1I9lm9yxTPZD7BQd8wXEy0xeIMYWB6Fweq5mz/oRmzqStLEkI1QEasn+vIl17xC
iMmYdOxFrCP9KfopdRVgbr900o9RDwRgNvHSnppoAr2HLm7uttHmJzNqAXfbeECg
pwPS0DTQp4fZY1xo9sBF3bEyiBv/phzW/KH/w/03jgnxXkZWTgJZcR2BZv1ICviN
EYiBleCeEZNyD+wh1y4S5bV0Y8WePxDuAKvMIwIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFIKPsUlI9fQpTW/1oHcWKp2yXok9MB8GA1UdIwQYMBaAFLqIHOkFbURjL86Y
ki359jDP2RdsMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvNWM2NTdj
MzI2YWRlZWNlNzBjMWU4YmI5MDM4ZmY3OWJjNWU2N2FlNi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNWY5ODIyMjItMGVmNy00YzI5LTk1ODctZGEwNDM3
MDg5OGIxLzQzYWU1NjdhN2VlMDBjZjc1MTExYzE3OWJjOWMzYjA2MzNhNjQyMzgu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy81Zjk4MjIyMi0wZWY3LTRjMjktOTU4Ny1kYTA0
MzcwODk4YjEvNWM2NTdjMzI2YWRlZWNlNzBjMWU4YmI5MDM4ZmY3OWJjNWU2N2Fl
Ni5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEArrR1DANBgkqhkiG9w0BAQsFAAOCAQEAkJqVFfk0akKAeCLF
p9OJDUcIDtM3NUvmAjHMh3/NQLV5Q2ljyei5NZ5LqDXOQaXa49ShGhjCHBR/KMWV
0E+OAJQa1l8JhYev+9SH2vXMhSDWYHubd9qI1r/GUYMes2xBn5Ofe5mY9wZzMHWT
cRWFX8qsvobNdd7Kd5PdQZPH6KQBL74YQkOKQIObiGlOISe9GGUtJzsJuB/VPqKR
ssXG+LHjVWTxSqz+AZwzB5OgwrlCWCweP+un6+ol6XoYyvbDTH9gSFQzh9x+UeuR
b3iQfQWjbv45TsCWZyxR6zs2f+z5ZIwqt7pjqFTt+ir+F/0bd5WGBGLfWt4vxWGW
JL0Rog==
-----END CERTIFICATE-----
Generated at Fri Mar 29 13:01:09 2024 by rpki-client on console-fra.rpki-client.org