Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/61ed6fb5-758e-421d-86ad-617641df563e/27c9c6f9a65c12ce95b4f9b74914a89464ed0645.roa
File:                     27c9c6f9a65c12ce95b4f9b74914a89464ed0645.roa (raw, json)
Hash identifier:          sjz9xvkGdRcpmbb2R5+Dr6S4R5i3Bmeweizzm3r21uk=
Subject key identifier:   0D:AB:AE:2E:DD:10:C5:3D:D1:4C:28:F9:A1:82:F0:2A:A2:52:FE:A4
Certificate issuer:       /CN=0d1cb9c49815293f5f9842b7199758ddd455e663
Certificate serial:       1FB14E
Authority key identifier: 43:56:E9:F6:88:6A:E3:9E:F1:8C:27:6E:3F:69:D3:78:86:12:DC:98
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/0d1cb9c49815293f5f9842b7199758ddd455e663.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/61ed6fb5-758e-421d-86ad-617641df563e/27c9c6f9a65c12ce95b4f9b74914a89464ed0645.roa
Signing time:             Thu 11 May 2023 01:44:55 +0000
ROA not before:           Wed 10 May 2023 01:44:55 +0000
ROA not after:            Sun 11 May 2025 01:44:55 +0000
asID:                     263750
IP address blocks:        45.170.104.0/22 maxlen: 24
                          2803:9ba0::/32 maxlen: 32

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/61ed6fb5-758e-421d-86ad-617641df563e/0d1cb9c49815293f5f9842b7199758ddd455e663.crl
                          rsync://repository.lacnic.net/rpki/lacnic/61ed6fb5-758e-421d-86ad-617641df563e/0d1cb9c49815293f5f9842b7199758ddd455e663.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/0d1cb9c49815293f5f9842b7199758ddd455e663.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 01 Apr 2024 05:58:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2077006 (0x1fb14e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0d1cb9c49815293f5f9842b7199758ddd455e663
        Validity
            Not Before: May 10 01:44:55 2023 GMT
            Not After : May 11 01:44:55 2025 GMT
        Subject: CN=27c9c6f9a65c12ce95b4f9b74914a89464ed0645
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:64:a2:e9:ab:ff:7c:a1:06:7d:40:da:52:ff:
                    fb:b9:16:bc:5f:72:8b:f6:c2:67:de:e8:e0:d3:3b:
                    7f:2d:ce:10:bf:3d:12:0c:5c:19:a9:45:6e:0d:4d:
                    60:73:c7:41:4b:53:04:6c:c7:d0:34:d1:02:dd:1c:
                    21:87:2c:c6:72:a3:3a:3b:92:0f:84:30:c6:62:d4:
                    5d:8f:33:23:c5:d5:89:ba:e4:da:42:65:65:51:5f:
                    c6:08:c3:aa:9a:16:fb:a4:b5:3b:8f:4a:46:cd:f5:
                    a0:f2:df:41:77:b7:3e:cb:af:ef:de:b0:c6:2f:05:
                    e0:26:f7:01:37:c6:f6:f4:3b:d8:96:09:bb:37:d8:
                    3c:d5:72:f9:d3:de:4d:34:3a:6f:a3:b1:3a:34:66:
                    99:3c:35:fe:d9:05:63:29:ae:6a:cb:4c:9b:33:88:
                    d0:d0:76:24:b6:c6:91:46:f7:aa:88:87:e6:99:b8:
                    45:48:ba:fe:f0:f2:b4:06:48:30:27:9f:12:24:93:
                    fd:fb:5c:ae:b9:6a:0c:b6:3d:fe:bc:a4:ba:cc:23:
                    f1:68:2d:5a:a4:ae:c9:e7:fd:31:e2:6c:85:68:b6:
                    10:63:b9:f1:d9:4b:54:96:11:26:8e:e1:68:51:be:
                    19:36:1a:67:69:2f:7e:b4:a3:8e:f0:6b:8d:8c:7a:
                    ee:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:AB:AE:2E:DD:10:C5:3D:D1:4C:28:F9:A1:82:F0:2A:A2:52:FE:A4
            X509v3 Authority Key Identifier:
                keyid:43:56:E9:F6:88:6A:E3:9E:F1:8C:27:6E:3F:69:D3:78:86:12:DC:98

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/0d1cb9c49815293f5f9842b7199758ddd455e663.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/61ed6fb5-758e-421d-86ad-617641df563e/27c9c6f9a65c12ce95b4f9b74914a89464ed0645.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/61ed6fb5-758e-421d-86ad-617641df563e/0d1cb9c49815293f5f9842b7199758ddd455e663.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.170.104.0/22
                IPv6:
                  2803:9ba0::/32

    Signature Algorithm: sha256WithRSAEncryption
         01:f7:ea:a3:90:fe:39:81:0a:07:de:d7:c3:35:96:09:7c:2e:
         87:f5:d5:0c:b7:44:59:1e:0c:68:90:07:83:53:bb:0b:e3:4f:
         33:9f:82:00:72:18:91:26:e0:eb:fb:e8:82:fb:81:6d:87:07:
         a5:df:77:83:62:b1:7f:0a:6a:95:bb:4a:93:1d:b3:4c:f7:5a:
         88:15:3f:c6:6e:25:b0:f6:d4:ac:f5:72:78:13:e1:60:72:e7:
         fe:30:91:60:2a:15:51:07:52:9b:a1:4d:d4:da:ff:ac:3f:82:
         cd:e9:1f:89:92:6f:5e:31:4e:45:00:5c:00:38:a5:7d:f8:5f:
         27:8c:0d:86:d3:a0:d1:60:a9:77:5b:64:e0:6f:29:00:94:3a:
         94:38:07:27:2f:85:44:9a:b3:06:99:50:9e:f0:7c:2e:f2:d0:
         a5:19:4b:e6:8d:e4:47:d3:28:ff:05:56:8d:49:80:53:2c:80:
         0f:f6:24:94:2d:7f:9b:ee:6c:34:e2:a2:a8:53:bf:72:6e:91:
         f7:e5:bf:a4:cd:9d:bf:6b:6b:e7:70:1f:6d:b3:50:42:95:3c:
         a7:ef:13:48:ea:0d:3b:74:08:21:43:30:4a:39:6a:fd:e4:fe:
         16:96:67:a8:15:56:a0:74:e9:4c:6b:8a:9a:1a:93:86:0c:be:
         b3:35:d1:86
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgIDH7FOMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDBk
MWNiOWM0OTgxNTI5M2Y1Zjk4NDJiNzE5OTc1OGRkZDQ1NWU2NjMwHhcNMjMwNTEw
MDE0NDU1WhcNMjUwNTExMDE0NDU1WjAzMTEwLwYDVQQDEygyN2M5YzZmOWE2NWMx
MmNlOTViNGY5Yjc0OTE0YTg5NDY0ZWQwNjQ1MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAmGSi6av/fKEGfUDaUv/7uRa8X3KL9sJn3ujg0zt/Lc4Qvz0S
DFwZqUVuDU1gc8dBS1MEbMfQNNEC3RwhhyzGcqM6O5IPhDDGYtRdjzMjxdWJuuTa
QmVlUV/GCMOqmhb7pLU7j0pGzfWg8t9Bd7c+y6/v3rDGLwXgJvcBN8b29DvYlgm7
N9g81XL5095NNDpvo7E6NGaZPDX+2QVjKa5qy0ybM4jQ0HYktsaRRveqiIfmmbhF
SLr+8PK0BkgwJ58SJJP9+1yuuWoMtj3+vKS6zCPxaC1apK7J5/0x4myFaLYQY7nx
2UtUlhEmjuFoUb4ZNhpnaS9+tKOO8GuNjHruGwIDAQABo4ICajCCAmYwHQYDVR0O
BBYEFA2rri7dEMU90Uwo+aGC8CqiUv6kMB8GA1UdIwQYMBaAFENW6faIauOe8Ywn
bj9p03iGEtyYMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvMGQxY2I5
YzQ5ODE1MjkzZjVmOTg0MmI3MTk5NzU4ZGRkNDU1ZTY2My5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNjFlZDZmYjUtNzU4ZS00MjFkLTg2YWQtNjE3NjQx
ZGY1NjNlLzI3YzljNmY5YTY1YzEyY2U5NWI0ZjliNzQ5MTRhODk0NjRlZDA2NDUu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy82MWVkNmZiNS03NThlLTQyMWQtODZhZC02MTc2
NDFkZjU2M2UvMGQxY2I5YzQ5ODE1MjkzZjVmOTg0MmI3MTk5NzU4ZGRkNDU1ZTY2
My5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQf
MB0wDAQCAAEwBgMEAi2qaDANBAIAAjAHAwUAKAOboDANBgkqhkiG9w0BAQsFAAOC
AQEAAffqo5D+OYEKB97XwzWWCXwuh/XVDLdEWR4MaJAHg1O7C+NPM5+CAHIYkSbg
6/vogvuBbYcHpd93g2KxfwpqlbtKkx2zTPdaiBU/xm4lsPbUrPVyeBPhYHLn/jCR
YCoVUQdSm6FN1Nr/rD+CzekfiZJvXjFORQBcADilffhfJ4wNhtOg0WCpd1tk4G8p
AJQ6lDgHJy+FRJqzBplQnvB8LvLQpRlL5o3kR9Mo/wVWjUmAUyyAD/YklC1/m+5s
NOKiqFO/cm6R9+W/pM2dv2tr53AfbbNQQpU8p+8TSOoNO3QIIUMwSjlq/eT+FpZn
qBVWoHTpTGuKmhqThgy+szXRhg==
-----END CERTIFICATE-----
Generated at Fri Mar 29 07:06:35 2024 by rpki-client on console-ams.rpki-client.org