Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/608f1497-c989-461d-91bb-de00f3e19f42/3b835f8a3e3ff5343d7745dc1612c3ab3dd3e820.roa
File:                     3b835f8a3e3ff5343d7745dc1612c3ab3dd3e820.roa (raw, json)
Hash identifier:          Tycx93KFRTt5DrN5Qg1ivMAFC+x1s/6SDl3Ir1RAm/4=
Subject key identifier:   10:D6:07:A2:A3:E3:38:A0:C1:0E:43:A5:CD:62:81:A7:29:4E:1C:7C
Certificate issuer:       /CN=97fa08408a8541db6c54279772f066050e91b323
Certificate serial:       052B0E
Authority key identifier: 6C:E5:64:5A:A0:3B:0C:9B:29:07:15:15:53:8E:36:4A:FF:51:72:F4
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/97fa08408a8541db6c54279772f066050e91b323.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/608f1497-c989-461d-91bb-de00f3e19f42/3b835f8a3e3ff5343d7745dc1612c3ab3dd3e820.roa
Signing time:             Wed 24 Mar 2021 14:29:38 +0000
ROA not before:           Wed 24 Mar 2021 14:29:38 +0000
ROA not after:            Tue 24 Mar 2026 14:29:38 +0000
asID:                     28100
IP address blocks:        138.97.236.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/608f1497-c989-461d-91bb-de00f3e19f42/97fa08408a8541db6c54279772f066050e91b323.crl
                          rsync://repository.lacnic.net/rpki/lacnic/608f1497-c989-461d-91bb-de00f3e19f42/97fa08408a8541db6c54279772f066050e91b323.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/97fa08408a8541db6c54279772f066050e91b323.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 26 Feb 2024 14:04:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 338702 (0x52b0e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=97fa08408a8541db6c54279772f066050e91b323
        Validity
            Not Before: Mar 24 14:29:38 2021 GMT
            Not After : Mar 24 14:29:38 2026 GMT
        Subject: CN=3b835f8a3e3ff5343d7745dc1612c3ab3dd3e820
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:a1:f2:a9:d0:b9:40:24:f3:79:05:9a:16:0e:
                    36:9a:0f:d8:11:e0:ba:44:43:d0:56:bc:a4:4f:07:
                    b8:3b:2d:48:f6:5f:c2:35:0a:fb:89:72:d5:7f:cc:
                    da:60:d6:3c:42:29:da:99:18:80:bf:ff:20:3b:5e:
                    bb:1a:db:37:26:3d:9d:f0:15:27:ef:bf:72:3f:0c:
                    07:60:d8:98:58:f2:e2:b7:b4:63:a9:fa:a1:49:d0:
                    00:00:36:cd:df:38:92:ee:7f:5b:65:fa:a1:9a:07:
                    61:c9:ae:fb:9f:d7:9e:ce:45:9b:2c:da:a1:b9:7f:
                    ef:95:53:9e:25:70:4d:83:6d:93:db:fa:2e:31:ff:
                    5b:6c:c3:84:01:d0:2f:c8:fc:51:dc:6f:31:fc:7f:
                    85:e5:b0:58:dc:f8:31:00:79:a0:32:27:27:c1:db:
                    f8:0e:91:3f:c4:27:3c:ee:5b:c7:e6:9a:82:3d:45:
                    a8:f5:22:02:6c:2a:c5:41:74:fa:7a:67:d1:25:c6:
                    59:5c:b1:c6:ce:b1:02:77:36:bd:6e:b2:4b:f4:0c:
                    c3:42:a4:63:a1:dc:4a:32:22:ab:a8:69:ae:ce:d9:
                    c4:74:22:60:ac:5c:c5:b0:ad:b0:58:b6:b0:ad:b9:
                    08:83:d3:de:e0:76:42:37:38:83:7e:e8:ad:c4:72:
                    6d:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                10:D6:07:A2:A3:E3:38:A0:C1:0E:43:A5:CD:62:81:A7:29:4E:1C:7C
            X509v3 Authority Key Identifier:
                keyid:6C:E5:64:5A:A0:3B:0C:9B:29:07:15:15:53:8E:36:4A:FF:51:72:F4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/97fa08408a8541db6c54279772f066050e91b323.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/608f1497-c989-461d-91bb-de00f3e19f42/3b835f8a3e3ff5343d7745dc1612c3ab3dd3e820.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/608f1497-c989-461d-91bb-de00f3e19f42/97fa08408a8541db6c54279772f066050e91b323.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  138.97.236.0/22

    Signature Algorithm: sha256WithRSAEncryption
         38:42:64:02:27:5b:de:fe:4a:67:bc:24:d9:f2:43:2a:fa:ce:
         80:0b:de:c1:66:88:2d:ea:6d:86:e2:eb:21:5e:8f:c5:23:80:
         46:64:74:6c:3a:e6:ce:bc:ad:cb:3c:1b:28:a2:95:bb:71:c9:
         35:93:44:dd:5b:96:49:b1:29:6a:b1:97:d8:7c:d1:b9:df:84:
         f5:6e:d6:23:91:11:c4:11:f7:62:6d:57:af:db:e3:07:4e:e6:
         ae:09:c2:02:43:43:34:cd:09:58:b1:43:9a:6f:96:72:fb:59:
         72:82:0f:84:64:18:e3:04:23:29:b6:61:20:a5:e0:e7:62:be:
         dd:86:8b:fd:d3:0f:29:d9:de:24:b7:29:af:7e:01:bf:af:ed:
         b1:47:c5:cf:ed:3a:d8:9f:02:1b:de:94:98:89:4a:2d:e8:b1:
         f6:61:0c:d6:65:dc:59:13:68:b2:23:ac:90:b9:73:90:a9:91:
         0b:ec:fc:67:41:48:cd:34:96:9d:7c:9d:19:79:f8:f8:cb:95:
         4a:6d:0b:29:58:16:42:54:b6:5a:45:ac:c1:c5:6b:04:a3:87:
         62:ad:bc:00:e1:fa:55:67:79:7d:7e:34:f1:9e:91:62:fa:28:
         64:cf:fd:71:f4:ee:ef:72:24:2b:2a:a8:75:fe:0f:5b:b5:58:
         3a:d7:28:62
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDBSsOMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDk3
ZmEwODQwOGE4NTQxZGI2YzU0Mjc5NzcyZjA2NjA1MGU5MWIzMjMwHhcNMjEwMzI0
MTQyOTM4WhcNMjYwMzI0MTQyOTM4WjAzMTEwLwYDVQQDEygzYjgzNWY4YTNlM2Zm
NTM0M2Q3NzQ1ZGMxNjEyYzNhYjNkZDNlODIwMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAw6HyqdC5QCTzeQWaFg42mg/YEeC6REPQVrykTwe4Oy1I9l/C
NQr7iXLVf8zaYNY8QinamRiAv/8gO167Gts3Jj2d8BUn779yPwwHYNiYWPLit7Rj
qfqhSdAAADbN3ziS7n9bZfqhmgdhya77n9eezkWbLNqhuX/vlVOeJXBNg22T2/ou
Mf9bbMOEAdAvyPxR3G8x/H+F5bBY3PgxAHmgMicnwdv4DpE/xCc87lvH5pqCPUWo
9SICbCrFQXT6emfRJcZZXLHGzrECdza9brJL9AzDQqRjodxKMiKrqGmuztnEdCJg
rFzFsK2wWLawrbkIg9Pe4HZCNziDfuitxHJtbQIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFBDWB6Kj4zigwQ5Dpc1igacpThx8MB8GA1UdIwQYMBaAFGzlZFqgOwybKQcV
FVOONkr/UXL0MA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvOTdmYTA4
NDA4YTg1NDFkYjZjNTQyNzk3NzJmMDY2MDUwZTkxYjMyMy5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNjA4ZjE0OTctYzk4OS00NjFkLTkxYmItZGUwMGYz
ZTE5ZjQyLzNiODM1ZjhhM2UzZmY1MzQzZDc3NDVkYzE2MTJjM2FiM2RkM2U4MjAu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy82MDhmMTQ5Ny1jOTg5LTQ2MWQtOTFiYi1kZTAw
ZjNlMTlmNDIvOTdmYTA4NDA4YTg1NDFkYjZjNTQyNzk3NzJmMDY2MDUwZTkxYjMy
My5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAoph7DANBgkqhkiG9w0BAQsFAAOCAQEAOEJkAidb3v5KZ7wk
2fJDKvrOgAvewWaILepthuLrIV6PxSOARmR0bDrmzrytyzwbKKKVu3HJNZNE3VuW
SbEparGX2HzRud+E9W7WI5ERxBH3Ym1Xr9vjB07mrgnCAkNDNM0JWLFDmm+WcvtZ
coIPhGQY4wQjKbZhIKXg52K+3YaL/dMPKdneJLcpr34Bv6/tsUfFz+062J8CG96U
mIlKLeix9mEM1mXcWRNosiOskLlzkKmRC+z8Z0FIzTSWnXydGXn4+MuVSm0LKVgW
QlS2WkWswcVrBKOHYq28AOH6VWd5fX408Z6RYvooZM/9cfTu73IkKyqodf4PW7VY
OtcoYg==
-----END CERTIFICATE-----
Generated at Fri Feb 23 14:22:16 2024 by rpki-client on console-ams.rpki-client.org