Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/614cebb6-ad51-4b41-965a-4e44991ecb6b/33039a4e851e3927e060758f92909409b38c2373.roa
File:                     33039a4e851e3927e060758f92909409b38c2373.roa (raw, json)
Hash identifier:          uX3wOOCF28TQsxV5cTcs/TcTvp3q4obMxnYPh6/nI0o=
Subject key identifier:   49:B6:F3:67:75:46:48:A3:E5:04:32:A9:75:D9:AF:67:30:6E:E1:F8
Certificate issuer:       /CN=2460a5030018a6a3487849346bc28c8e25cfd3be
Certificate serial:       0B9434
Authority key identifier: 84:50:CB:2D:B2:E5:7B:89:5F:47:F7:16:5C:C4:34:15:53:C9:94:5E
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/2460a5030018a6a3487849346bc28c8e25cfd3be.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/614cebb6-ad51-4b41-965a-4e44991ecb6b/33039a4e851e3927e060758f92909409b38c2373.roa
Signing time:             Wed 24 Mar 2021 14:32:46 +0000
ROA not before:           Wed 24 Mar 2021 14:32:46 +0000
ROA not after:            Tue 24 Mar 2026 14:32:46 +0000
asID:                     27984
IP address blocks:        138.117.20.0/22 maxlen: 24
                          168.90.84.0/22 maxlen: 24
                          168.194.232.0/22 maxlen: 24
                          181.16.0.0/18 maxlen: 24
                          181.16.64.0/18 maxlen: 24
                          181.192.32.0/19 maxlen: 24
                          190.105.0.0/18 maxlen: 24
                          190.105.64.0/18 maxlen: 24
                          2800:af0::/32 maxlen: 48

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/614cebb6-ad51-4b41-965a-4e44991ecb6b/2460a5030018a6a3487849346bc28c8e25cfd3be.crl
                          rsync://repository.lacnic.net/rpki/lacnic/614cebb6-ad51-4b41-965a-4e44991ecb6b/2460a5030018a6a3487849346bc28c8e25cfd3be.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/2460a5030018a6a3487849346bc28c8e25cfd3be.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 01 Apr 2024 05:58:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 758836 (0xb9434)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2460a5030018a6a3487849346bc28c8e25cfd3be
        Validity
            Not Before: Mar 24 14:32:46 2021 GMT
            Not After : Mar 24 14:32:46 2026 GMT
        Subject: CN=33039a4e851e3927e060758f92909409b38c2373
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:7e:1e:fb:b0:54:bc:e5:1e:c0:60:e4:7a:49:
                    b5:05:ef:03:62:01:88:23:26:78:07:b2:5f:59:fa:
                    3c:7e:09:07:de:8a:25:a3:ff:3d:e4:ff:bc:c6:ff:
                    80:dd:d2:42:15:2a:96:d6:22:d3:a2:bf:65:9f:2a:
                    dd:4f:57:f3:3b:2f:b8:38:5f:11:bd:4f:65:2a:0a:
                    9e:14:eb:30:b7:82:45:53:19:c4:f4:3c:9d:e5:a1:
                    db:5d:19:ab:98:17:d6:fe:46:89:6b:7f:cf:16:dc:
                    f0:15:16:68:b3:bc:89:8b:74:cb:71:10:da:11:ae:
                    3d:8f:4e:ae:f8:fc:86:9b:f6:bf:72:2f:63:db:58:
                    64:5a:68:65:e5:21:63:5a:a1:2d:91:1a:f7:1f:53:
                    b7:3b:55:c9:ba:fe:23:8c:b0:e3:24:c7:aa:94:c5:
                    18:11:b7:a0:48:0a:1c:d4:46:14:d2:a7:8f:17:f8:
                    62:09:04:da:e4:0a:9c:6c:6b:89:36:e0:5e:99:84:
                    44:f4:91:91:d8:01:e5:fb:09:46:a8:ee:92:fb:94:
                    83:94:4e:97:af:0f:9b:af:dc:d2:3b:4a:c4:53:28:
                    14:dc:2e:bf:e7:23:5f:f4:6e:4f:e4:e3:f2:a7:88:
                    b4:1d:ba:6e:dc:bb:ec:e5:b8:90:4f:d8:47:4a:d0:
                    18:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                49:B6:F3:67:75:46:48:A3:E5:04:32:A9:75:D9:AF:67:30:6E:E1:F8
            X509v3 Authority Key Identifier:
                keyid:84:50:CB:2D:B2:E5:7B:89:5F:47:F7:16:5C:C4:34:15:53:C9:94:5E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/2460a5030018a6a3487849346bc28c8e25cfd3be.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/614cebb6-ad51-4b41-965a-4e44991ecb6b/33039a4e851e3927e060758f92909409b38c2373.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/614cebb6-ad51-4b41-965a-4e44991ecb6b/2460a5030018a6a3487849346bc28c8e25cfd3be.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  138.117.20.0/22
                  168.90.84.0/22
                  168.194.232.0/22
                  181.16.0.0/17
                  181.192.32.0/19
                  190.105.0.0/17
                IPv6:
                  2800:af0::/32

    Signature Algorithm: sha256WithRSAEncryption
         98:bd:77:eb:c8:f0:64:ce:78:f6:f1:07:50:ed:5d:08:10:47:
         18:89:d5:eb:16:f3:cc:27:dc:2e:c1:e3:8e:cf:9b:03:eb:bf:
         51:1d:5a:66:49:dc:32:ea:fb:e6:76:56:0b:7b:89:33:bf:af:
         52:40:7a:1d:1b:d8:02:0d:8b:02:da:83:3d:55:c3:c7:cf:8f:
         e5:f4:29:ed:46:ac:49:5c:df:32:e1:ff:44:e7:25:e8:48:75:
         23:39:61:f1:ce:3e:32:f1:cc:be:e9:c9:21:ff:fb:2e:46:7b:
         80:ee:39:3b:35:a7:22:29:82:e8:33:09:af:a6:9b:48:52:b4:
         c0:d6:ae:cc:36:ba:82:45:5e:60:bf:79:7e:78:f9:f5:8a:c2:
         0f:f4:7e:10:02:56:bb:b7:ef:22:85:de:ee:6e:8a:d0:66:af:
         32:75:38:b5:cd:ff:50:da:f5:bd:53:3d:88:ab:77:f3:71:84:
         bc:92:5e:3d:49:8c:e1:e8:23:44:8b:5f:ed:64:c1:77:eb:df:
         09:97:4a:d6:f3:26:00:c5:93:df:fc:d8:ac:48:8f:40:2d:c3:
         23:c1:6c:a9:9e:ff:e7:7f:4d:3e:cc:18:17:23:d2:f2:e6:42:
         5c:70:4d:a7:64:4b:23:eb:70:87:e9:c0:b3:82:4b:16:32:37:
         a4:05:04:24
-----BEGIN CERTIFICATE-----
MIIFbTCCBFWgAwIBAgIDC5Q0MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDI0
NjBhNTAzMDAxOGE2YTM0ODc4NDkzNDZiYzI4YzhlMjVjZmQzYmUwHhcNMjEwMzI0
MTQzMjQ2WhcNMjYwMzI0MTQzMjQ2WjAzMTEwLwYDVQQDEygzMzAzOWE0ZTg1MWUz
OTI3ZTA2MDc1OGY5MjkwOTQwOWIzOGMyMzczMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAkH4e+7BUvOUewGDkekm1Be8DYgGIIyZ4B7JfWfo8fgkH3ool
o/895P+8xv+A3dJCFSqW1iLTor9lnyrdT1fzOy+4OF8RvU9lKgqeFOswt4JFUxnE
9Dyd5aHbXRmrmBfW/kaJa3/PFtzwFRZos7yJi3TLcRDaEa49j06u+PyGm/a/ci9j
21hkWmhl5SFjWqEtkRr3H1O3O1XJuv4jjLDjJMeqlMUYEbegSAoc1EYU0qePF/hi
CQTa5AqcbGuJNuBemYRE9JGR2AHl+wlGqO6S+5SDlE6Xrw+br9zSO0rEUygU3C6/
5yNf9G5P5OPyp4i0Hbpu3Lvs5biQT9hHStAY4QIDAQABo4ICiDCCAoQwHQYDVR0O
BBYEFEm282d1Rkij5QQyqXXZr2cwbuH4MB8GA1UdIwQYMBaAFIRQyy2y5XuJX0f3
FlzENBVTyZReMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvMjQ2MGE1
MDMwMDE4YTZhMzQ4Nzg0OTM0NmJjMjhjOGUyNWNmZDNiZS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNjE0Y2ViYjYtYWQ1MS00YjQxLTk2NWEtNGU0NDk5
MWVjYjZiLzMzMDM5YTRlODUxZTM5MjdlMDYwNzU4ZjkyOTA5NDA5YjM4YzIzNzMu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy82MTRjZWJiNi1hZDUxLTRiNDEtOTY1YS00ZTQ0
OTkxZWNiNmIvMjQ2MGE1MDMwMDE4YTZhMzQ4Nzg0OTM0NmJjMjhjOGUyNWNmZDNi
ZS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBMBggrBgEFBQcBBwEB/wQ9
MDswKgQCAAEwJAMEAop1FAMEAqhaVAMEAqjC6AMEB7UQAAMEBbXAIAMEB75pADAN
BAIAAjAHAwUAKAAK8DANBgkqhkiG9w0BAQsFAAOCAQEAmL1368jwZM549vEHUO1d
CBBHGInV6xbzzCfcLsHjjs+bA+u/UR1aZkncMur75nZWC3uJM7+vUkB6HRvYAg2L
AtqDPVXDx8+P5fQp7UasSVzfMuH/ROcl6Eh1Izlh8c4+MvHMvunJIf/7LkZ7gO45
OzWnIimC6DMJr6abSFK0wNauzDa6gkVeYL95fnj59YrCD/R+EAJWu7fvIoXe7m6K
0GavMnU4tc3/UNr1vVM9iKt383GEvJJePUmM4egjRItf7WTBd+vfCZdK1vMmAMWT
3/zYrEiPQC3DI8FsqZ7/539NPswYFyPS8uZCXHBNp2RLI+twh+nAs4JLFjI3pAUE
JA==
-----END CERTIFICATE-----
Generated at Fri Mar 29 11:25:40 2024 by rpki-client on console-fra.rpki-client.org