Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/651c63b7-e13e-43bf-b010-265cb1f0b182/11d1cd7cf90c0a0bd7f57933a2955653d01c1ccc.roa
File:                     11d1cd7cf90c0a0bd7f57933a2955653d01c1ccc.roa (raw, json)
Hash identifier:          9be2w35WPNT1lnOXJN91QAlEItCIs4qQ9xVh5B35Xi4=
Subject key identifier:   3C:C9:0E:9A:95:CD:39:29:96:89:F7:F4:DF:D1:47:32:6C:70:83:90
Certificate issuer:       /CN=2b7cd4fbbabfe5565e23150fa6f1ec48b4fd3a82
Certificate serial:       0D36C7
Authority key identifier: 92:B6:4A:50:EF:06:00:D0:23:FF:00:07:AC:5F:C0:FD:73:E1:A9:D3
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/2b7cd4fbbabfe5565e23150fa6f1ec48b4fd3a82.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/651c63b7-e13e-43bf-b010-265cb1f0b182/11d1cd7cf90c0a0bd7f57933a2955653d01c1ccc.roa
Signing time:             Wed 11 May 2022 01:54:04 +0000
ROA not before:           Wed 24 Mar 2021 03:00:00 +0000
ROA not after:            Tue 24 Mar 2026 03:00:00 +0000
asID:                     27947
IP address blocks:        179.63.20.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/651c63b7-e13e-43bf-b010-265cb1f0b182/2b7cd4fbbabfe5565e23150fa6f1ec48b4fd3a82.crl
                          rsync://repository.lacnic.net/rpki/lacnic/651c63b7-e13e-43bf-b010-265cb1f0b182/2b7cd4fbbabfe5565e23150fa6f1ec48b4fd3a82.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/2b7cd4fbbabfe5565e23150fa6f1ec48b4fd3a82.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 03:49:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 865991 (0xd36c7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2b7cd4fbbabfe5565e23150fa6f1ec48b4fd3a82
        Validity
            Not Before: Mar 24 03:00:00 2021 GMT
            Not After : Mar 24 03:00:00 2026 GMT
        Subject: CN=11d1cd7cf90c0a0bd7f57933a2955653d01c1ccc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:86:7f:ee:33:e8:67:6d:66:67:7e:bd:87:89:
                    e7:61:72:fa:41:a2:73:47:45:e0:d6:21:c5:94:fb:
                    97:73:60:38:e2:b8:c0:b0:12:46:73:28:f7:a4:8c:
                    c0:18:03:5f:9a:78:aa:f7:78:a5:c8:1c:3c:99:63:
                    04:56:f6:e7:d9:60:03:39:fb:66:7e:b4:17:2d:6d:
                    a8:d7:79:8c:a8:2c:4e:7f:ea:ee:77:8d:14:1b:46:
                    36:52:e0:7b:d9:a1:d3:6e:15:1d:f9:6c:2b:3d:30:
                    e7:1e:e1:3f:49:7a:dc:ee:d4:47:aa:17:76:6a:3b:
                    b4:10:6d:30:9f:ea:4d:02:ed:65:82:56:5f:88:3a:
                    7a:a3:bb:ee:af:04:f6:3a:e2:ab:fd:b1:8e:8d:e2:
                    54:11:a7:d5:34:fa:eb:d0:3c:aa:0a:76:91:db:9d:
                    1e:a4:25:3c:ac:f7:95:fb:0b:3f:27:9d:f1:3f:f3:
                    5f:a2:e0:64:e1:fb:21:42:6d:5b:8d:14:85:bf:cc:
                    cf:4f:29:ff:b0:28:d2:4a:60:e9:f9:8f:b8:8e:6d:
                    e7:6d:64:d5:6a:43:33:b6:7e:bf:2a:79:9b:53:67:
                    5a:82:0a:b2:a3:72:b4:23:4f:f5:8d:c5:1f:a5:0c:
                    59:8a:80:23:37:ed:4a:80:00:89:c5:f6:0f:83:93:
                    7a:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3C:C9:0E:9A:95:CD:39:29:96:89:F7:F4:DF:D1:47:32:6C:70:83:90
            X509v3 Authority Key Identifier:
                keyid:92:B6:4A:50:EF:06:00:D0:23:FF:00:07:AC:5F:C0:FD:73:E1:A9:D3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/2b7cd4fbbabfe5565e23150fa6f1ec48b4fd3a82.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/651c63b7-e13e-43bf-b010-265cb1f0b182/11d1cd7cf90c0a0bd7f57933a2955653d01c1ccc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/651c63b7-e13e-43bf-b010-265cb1f0b182/2b7cd4fbbabfe5565e23150fa6f1ec48b4fd3a82.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  179.63.20.0/22

    Signature Algorithm: sha256WithRSAEncryption
         14:a1:dc:a0:cf:d0:1b:c3:da:8b:c7:e5:b1:70:ee:e0:a6:52:
         4c:d8:d9:25:a9:71:c9:84:f0:87:e7:54:7a:75:93:d9:19:a4:
         31:f2:1d:36:8b:88:78:37:b8:11:4f:ff:b1:36:26:f2:45:ce:
         63:2f:f9:8c:64:15:3a:a8:c6:0b:ae:9c:d0:f1:b8:0b:89:07:
         83:14:66:16:a2:dc:f9:68:3d:7f:b4:01:41:4f:2b:00:f5:c6:
         8b:14:24:57:0c:9c:a7:27:25:64:08:7d:32:7d:12:6a:b1:6c:
         61:9f:28:4a:05:bc:3c:e5:67:8f:7c:72:03:d2:74:8f:0b:04:
         3d:06:6b:87:d2:51:cc:f1:28:35:bc:d2:9a:d9:bc:fa:28:c0:
         71:28:6b:72:68:1a:46:b8:0a:d6:1f:4e:ab:ae:2a:39:3b:09:
         2d:21:cd:dc:6c:81:ed:df:ed:e3:ab:94:1f:aa:d8:ac:a8:47:
         19:9e:4c:1b:61:d4:b0:fb:f8:67:0c:ab:5d:ee:1c:c9:bd:d3:
         20:48:8d:8c:3b:77:0d:e8:72:cb:1e:d7:da:3e:41:4b:e0:ef:
         70:d2:9e:29:90:6b:49:e2:d3:b1:97:4d:f2:91:7c:6f:b0:fb:
         c6:61:50:27:9a:bb:15:41:68:88:20:c6:9d:06:e2:c7:f9:01:
         5b:a3:08:f0
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDDTbHMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDJi
N2NkNGZiYmFiZmU1NTY1ZTIzMTUwZmE2ZjFlYzQ4YjRmZDNhODIwHhcNMjEwMzI0
MDMwMDAwWhcNMjYwMzI0MDMwMDAwWjAzMTEwLwYDVQQDEygxMWQxY2Q3Y2Y5MGMw
YTBiZDdmNTc5MzNhMjk1NTY1M2QwMWMxY2NjMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAkoZ/7jPoZ21mZ369h4nnYXL6QaJzR0Xg1iHFlPuXc2A44rjA
sBJGcyj3pIzAGANfmniq93ilyBw8mWMEVvbn2WADOftmfrQXLW2o13mMqCxOf+ru
d40UG0Y2UuB72aHTbhUd+WwrPTDnHuE/SXrc7tRHqhd2aju0EG0wn+pNAu1lglZf
iDp6o7vurwT2OuKr/bGOjeJUEafVNPrr0DyqCnaR250epCU8rPeV+ws/J53xP/Nf
ouBk4fshQm1bjRSFv8zPTyn/sCjSSmDp+Y+4jm3nbWTVakMztn6/KnmbU2daggqy
o3K0I0/1jcUfpQxZioAjN+1KgACJxfYPg5N6LwIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFDzJDpqVzTkplon39N/RRzJscIOQMB8GA1UdIwQYMBaAFJK2SlDvBgDQI/8A
B6xfwP1z4anTMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvMmI3Y2Q0
ZmJiYWJmZTU1NjVlMjMxNTBmYTZmMWVjNDhiNGZkM2E4Mi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNjUxYzYzYjctZTEzZS00M2JmLWIwMTAtMjY1Y2Ix
ZjBiMTgyLzExZDFjZDdjZjkwYzBhMGJkN2Y1NzkzM2EyOTU1NjUzZDAxYzFjY2Mu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy82NTFjNjNiNy1lMTNlLTQzYmYtYjAxMC0yNjVj
YjFmMGIxODIvMmI3Y2Q0ZmJiYWJmZTU1NjVlMjMxNTBmYTZmMWVjNDhiNGZkM2E4
Mi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEArM/FDANBgkqhkiG9w0BAQsFAAOCAQEAFKHcoM/QG8Pai8fl
sXDu4KZSTNjZJalxyYTwh+dUenWT2RmkMfIdNouIeDe4EU//sTYm8kXOYy/5jGQV
OqjGC66c0PG4C4kHgxRmFqLc+Wg9f7QBQU8rAPXGixQkVwycpyclZAh9Mn0SarFs
YZ8oSgW8POVnj3xyA9J0jwsEPQZrh9JRzPEoNbzSmtm8+ijAcShrcmgaRrgK1h9O
q64qOTsJLSHN3GyB7d/t46uUH6rYrKhHGZ5MG2HUsPv4ZwyrXe4cyb3TIEiNjDt3
Dehyyx7X2j5BS+DvcNKeKZBrSeLTsZdN8pF8b7D7xmFQJ5q7FUFoiCDGnQbix/kB
W6MI8A==
-----END CERTIFICATE-----
Generated at Thu Mar 28 04:08:03 2024 by rpki-client on console-ams.rpki-client.org