Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/61e76bb2-982a-41d3-bcd9-5daab3fcdae1/70e180f0e9db3cdf4dcd479d790d2ff2370d9bee.roa
File:                     70e180f0e9db3cdf4dcd479d790d2ff2370d9bee.roa (raw, json)
Hash identifier:          v62UPJfo3MuhtyIKW9iqF3QQa/LulMm+sjihDjnJht8=
Subject key identifier:   76:25:F0:2B:40:B2:C7:52:E3:E1:CC:5C:A1:2B:0B:50:E6:B4:C0:3E
Certificate issuer:       /CN=ebf4a0c8d4c6716e2aaa8b33e14548310aa2216f
Certificate serial:       063BC7
Authority key identifier: 1C:1B:F3:44:B3:FB:ED:42:20:50:0C:69:37:6C:1A:D4:B4:71:FA:20
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ebf4a0c8d4c6716e2aaa8b33e14548310aa2216f.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/61e76bb2-982a-41d3-bcd9-5daab3fcdae1/70e180f0e9db3cdf4dcd479d790d2ff2370d9bee.roa
Signing time:             Wed 29 Sep 2021 16:39:16 +0000
ROA not before:           Wed 24 Mar 2021 03:00:00 +0000
ROA not after:            Tue 24 Mar 2026 03:00:00 +0000
asID:                     61487
IP address blocks:        131.108.0.0/22 maxlen: 24
                          170.244.48.0/22 maxlen: 24
                          2803:3d80::/32 maxlen: 48

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/61e76bb2-982a-41d3-bcd9-5daab3fcdae1/ebf4a0c8d4c6716e2aaa8b33e14548310aa2216f.crl
                          rsync://repository.lacnic.net/rpki/lacnic/61e76bb2-982a-41d3-bcd9-5daab3fcdae1/ebf4a0c8d4c6716e2aaa8b33e14548310aa2216f.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ebf4a0c8d4c6716e2aaa8b33e14548310aa2216f.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 03:49:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 408519 (0x63bc7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ebf4a0c8d4c6716e2aaa8b33e14548310aa2216f
        Validity
            Not Before: Mar 24 03:00:00 2021 GMT
            Not After : Mar 24 03:00:00 2026 GMT
        Subject: CN=70e180f0e9db3cdf4dcd479d790d2ff2370d9bee
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:f1:f5:fc:e2:73:87:73:09:e0:3c:09:42:cc:
                    5c:2a:da:1d:0d:6f:2b:c8:6b:a0:f5:87:32:be:10:
                    40:11:72:73:12:39:8d:a1:a2:d4:62:69:06:27:2c:
                    1b:31:38:a4:7b:76:b7:ff:ad:b3:77:3b:05:bf:88:
                    2f:86:6e:98:02:3b:bc:f0:8f:b2:e9:e0:61:06:c2:
                    cf:7f:1e:ea:da:7b:68:78:fa:07:20:78:40:d9:d8:
                    31:62:03:ce:db:31:1b:cf:5a:e7:d9:ff:b6:d5:be:
                    94:a8:76:f6:08:1f:a8:e7:82:f2:a8:5b:db:b1:00:
                    2e:98:66:1d:69:ef:27:33:9c:9a:72:78:fa:9a:b4:
                    7c:8a:76:fb:70:06:8b:30:94:d7:c1:f7:46:29:7f:
                    a1:5d:25:4c:00:4a:11:51:6d:32:b4:dd:2c:f0:73:
                    d1:f4:6d:ec:f4:b3:d4:49:e0:97:cf:ff:bc:bd:bb:
                    17:18:e0:10:d4:90:78:c1:14:4b:fb:7e:d5:7e:cf:
                    27:cc:87:d0:f7:e1:71:12:01:21:52:97:a6:73:23:
                    01:b1:ba:b1:d5:2e:0b:0b:9b:36:04:73:fa:a1:e3:
                    34:8e:cc:12:3d:31:4d:5c:a0:7f:ae:01:21:1f:2c:
                    45:9a:cb:a9:f9:58:fe:35:e9:5b:26:60:59:36:fa:
                    fd:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                76:25:F0:2B:40:B2:C7:52:E3:E1:CC:5C:A1:2B:0B:50:E6:B4:C0:3E
            X509v3 Authority Key Identifier:
                keyid:1C:1B:F3:44:B3:FB:ED:42:20:50:0C:69:37:6C:1A:D4:B4:71:FA:20

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ebf4a0c8d4c6716e2aaa8b33e14548310aa2216f.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/61e76bb2-982a-41d3-bcd9-5daab3fcdae1/70e180f0e9db3cdf4dcd479d790d2ff2370d9bee.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/61e76bb2-982a-41d3-bcd9-5daab3fcdae1/ebf4a0c8d4c6716e2aaa8b33e14548310aa2216f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  131.108.0.0/22
                  170.244.48.0/22
                IPv6:
                  2803:3d80::/32

    Signature Algorithm: sha256WithRSAEncryption
         79:d4:49:cc:c8:8e:32:c5:6e:a2:00:03:82:a7:d8:28:81:c0:
         42:71:75:51:ac:34:b4:48:6e:7c:74:0c:90:40:18:33:83:06:
         ad:b9:b7:ea:df:37:a8:14:cd:df:51:d6:d1:6d:22:cd:63:19:
         fd:76:e3:0f:66:20:c2:c0:43:b2:c1:ae:5b:8f:01:58:b4:43:
         bf:dc:f8:83:75:60:15:69:32:2e:5e:99:8c:af:2b:a8:d4:34:
         67:d7:bf:48:ee:81:d9:6a:4d:83:22:5a:1c:53:4b:5c:03:7e:
         b1:ab:e0:f6:d4:de:01:a8:6e:7d:64:c2:70:c1:e5:ba:5b:f1:
         26:be:23:58:17:0f:3f:68:e7:b3:78:9d:7c:6a:6e:59:c4:31:
         0e:79:4e:85:2c:bc:e4:59:b6:bb:a5:f1:8a:1f:2c:ef:76:01:
         6c:0e:62:9b:64:85:95:43:53:ae:8f:52:9a:d4:bf:d9:c5:0a:
         71:02:b3:06:df:6b:5e:89:18:d4:dd:61:22:c2:52:3c:82:70:
         a3:82:f2:81:70:ed:80:16:9f:05:62:1c:f3:8a:17:96:69:ac:
         11:c3:35:a7:99:27:f2:e3:e6:a6:e8:c2:71:81:b5:71:aa:63:
         08:0a:11:75:2a:0d:1e:b5:03:24:3f:34:dc:73:6c:da:7c:9f:
         5f:e7:c8:ea
-----BEGIN CERTIFICATE-----
MIIFVTCCBD2gAwIBAgIDBjvHMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGVi
ZjRhMGM4ZDRjNjcxNmUyYWFhOGIzM2UxNDU0ODMxMGFhMjIxNmYwHhcNMjEwMzI0
MDMwMDAwWhcNMjYwMzI0MDMwMDAwWjAzMTEwLwYDVQQDEyg3MGUxODBmMGU5ZGIz
Y2RmNGRjZDQ3OWQ3OTBkMmZmMjM3MGQ5YmVlMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAlfH1/OJzh3MJ4DwJQsxcKtodDW8ryGug9YcyvhBAEXJzEjmN
oaLUYmkGJywbMTike3a3/62zdzsFv4gvhm6YAju88I+y6eBhBsLPfx7q2ntoePoH
IHhA2dgxYgPO2zEbz1rn2f+21b6UqHb2CB+o54LyqFvbsQAumGYdae8nM5yacnj6
mrR8inb7cAaLMJTXwfdGKX+hXSVMAEoRUW0ytN0s8HPR9G3s9LPUSeCXz/+8vbsX
GOAQ1JB4wRRL+37Vfs8nzIfQ9+FxEgEhUpemcyMBsbqx1S4LC5s2BHP6oeM0jswS
PTFNXKB/rgEhHyxFmsup+Vj+NelbJmBZNvr9oQIDAQABo4ICcDCCAmwwHQYDVR0O
BBYEFHYl8CtAssdS4+HMXKErC1DmtMA+MB8GA1UdIwQYMBaAFBwb80Sz++1CIFAM
aTdsGtS0cfogMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvZWJmNGEw
YzhkNGM2NzE2ZTJhYWE4YjMzZTE0NTQ4MzEwYWEyMjE2Zi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNjFlNzZiYjItOTgyYS00MWQzLWJjZDktNWRhYWIz
ZmNkYWUxLzcwZTE4MGYwZTlkYjNjZGY0ZGNkNDc5ZDc5MGQyZmYyMzcwZDliZWUu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy82MWU3NmJiMi05ODJhLTQxZDMtYmNkOS01ZGFh
YjNmY2RhZTEvZWJmNGEwYzhkNGM2NzE2ZTJhYWE4YjMzZTE0NTQ4MzEwYWEyMjE2
Zi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0BggrBgEFBQcBBwEB/wQl
MCMwEgQCAAEwDAMEAoNsAAMEAqr0MDANBAIAAjAHAwUAKAM9gDANBgkqhkiG9w0B
AQsFAAOCAQEAedRJzMiOMsVuogADgqfYKIHAQnF1Uaw0tEhufHQMkEAYM4MGrbm3
6t83qBTN31HW0W0izWMZ/XbjD2YgwsBDssGuW48BWLRDv9z4g3VgFWkyLl6ZjK8r
qNQ0Z9e/SO6B2WpNgyJaHFNLXAN+savg9tTeAahufWTCcMHlulvxJr4jWBcPP2jn
s3idfGpuWcQxDnlOhSy85Fm2u6Xxih8s73YBbA5im2SFlUNTro9SmtS/2cUKcQKz
Bt9rXokY1N1hIsJSPIJwo4LygXDtgBafBWIc84oXlmmsEcM1p5kn8uPmpujCcYG1
capjCAoRdSoNHrUDJD803HNs2nyfX+fI6g==
-----END CERTIFICATE-----
Generated at Thu Mar 28 04:08:03 2024 by rpki-client on console-ams.rpki-client.org