Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/651c63b7-e13e-43bf-b010-265cb1f0b182/fc4017592f9eefb85b2f17b7b731f0bb2b88dbd1.roa
File:                     fc4017592f9eefb85b2f17b7b731f0bb2b88dbd1.roa (raw, json)
Hash identifier:          e+rt5ujbn1CRIDPfWDs3NWEbBksb2j875U4n6IaoKwI=
Subject key identifier:   08:35:13:39:B1:C6:02:EB:60:DB:95:99:A4:5C:3D:BB:15:52:2E:FA
Certificate issuer:       /CN=2b7cd4fbbabfe5565e23150fa6f1ec48b4fd3a82
Certificate serial:       0D3EFA
Authority key identifier: 92:B6:4A:50:EF:06:00:D0:23:FF:00:07:AC:5F:C0:FD:73:E1:A9:D3
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/2b7cd4fbbabfe5565e23150fa6f1ec48b4fd3a82.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/651c63b7-e13e-43bf-b010-265cb1f0b182/fc4017592f9eefb85b2f17b7b731f0bb2b88dbd1.roa
Signing time:             Wed 11 May 2022 01:54:29 +0000
ROA not before:           Wed 24 Mar 2021 03:00:00 +0000
ROA not after:            Tue 24 Mar 2026 03:00:00 +0000
asID:                     271837
IP address blocks:        179.63.20.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/651c63b7-e13e-43bf-b010-265cb1f0b182/2b7cd4fbbabfe5565e23150fa6f1ec48b4fd3a82.crl
                          rsync://repository.lacnic.net/rpki/lacnic/651c63b7-e13e-43bf-b010-265cb1f0b182/2b7cd4fbbabfe5565e23150fa6f1ec48b4fd3a82.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/2b7cd4fbbabfe5565e23150fa6f1ec48b4fd3a82.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Wed 06 Mar 2024 06:24:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 868090 (0xd3efa)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2b7cd4fbbabfe5565e23150fa6f1ec48b4fd3a82
        Validity
            Not Before: Mar 24 03:00:00 2021 GMT
            Not After : Mar 24 03:00:00 2026 GMT
        Subject: CN=fc4017592f9eefb85b2f17b7b731f0bb2b88dbd1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:f9:bf:d5:99:20:ce:78:e0:ce:fd:b3:cf:db:
                    e2:98:7a:91:bd:57:62:a7:75:d8:72:42:cc:32:9f:
                    6b:9a:59:69:17:d9:5a:18:0d:3e:10:bf:6e:c0:1b:
                    ef:b9:27:b9:c0:cf:3a:d6:5e:f6:1f:0a:45:55:82:
                    b4:25:9c:54:cb:3d:8b:d7:f4:c6:80:69:a0:84:ae:
                    80:44:13:60:0e:7e:64:54:5e:b8:ad:0a:2a:fb:77:
                    fa:25:8d:45:52:f6:9d:b3:15:61:41:49:d5:37:f0:
                    09:bf:c8:0c:dc:9d:77:3f:bf:91:bb:c8:2b:c5:25:
                    e7:da:e4:69:ba:ad:c8:5d:33:9b:39:14:33:46:df:
                    e6:87:08:59:e9:fb:6b:42:eb:27:a8:21:52:1c:7b:
                    95:6c:a7:31:84:05:c6:b7:68:3a:5e:39:67:ed:00:
                    3e:40:aa:b3:26:44:9f:01:df:ec:75:6b:ce:95:3d:
                    91:03:2e:93:1f:03:f7:52:0a:ab:ea:df:34:eb:45:
                    1a:6f:b9:55:20:4d:20:8e:94:e6:ea:6b:93:38:af:
                    cc:a4:cc:14:45:70:1c:05:79:c3:98:d8:ce:40:cd:
                    3c:63:d8:ed:30:58:4e:9f:74:d0:28:d8:3e:17:7c:
                    1a:97:98:13:fa:c4:84:99:1f:ed:f6:a0:40:b5:71:
                    aa:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                08:35:13:39:B1:C6:02:EB:60:DB:95:99:A4:5C:3D:BB:15:52:2E:FA
            X509v3 Authority Key Identifier:
                keyid:92:B6:4A:50:EF:06:00:D0:23:FF:00:07:AC:5F:C0:FD:73:E1:A9:D3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/2b7cd4fbbabfe5565e23150fa6f1ec48b4fd3a82.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/651c63b7-e13e-43bf-b010-265cb1f0b182/fc4017592f9eefb85b2f17b7b731f0bb2b88dbd1.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/651c63b7-e13e-43bf-b010-265cb1f0b182/2b7cd4fbbabfe5565e23150fa6f1ec48b4fd3a82.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  179.63.20.0/22

    Signature Algorithm: sha256WithRSAEncryption
         48:61:ba:e5:85:21:0a:34:43:6f:9b:40:c5:6e:5b:a1:c0:54:
         cd:52:29:81:be:02:04:f1:a1:a4:3e:55:7e:d2:a7:21:64:55:
         9e:8b:cc:bc:14:1f:b6:e0:15:4f:15:d5:71:fa:e2:c3:cf:05:
         66:9d:c4:54:a7:0d:0b:f9:26:ec:a0:91:b5:07:45:9f:7d:1c:
         e6:14:d1:84:2e:7b:73:5f:80:9c:16:0a:a1:b8:5e:61:7d:24:
         ce:b2:73:30:ce:10:2c:4d:74:fd:9f:7d:40:cc:76:a9:f5:45:
         21:34:28:24:b2:e2:02:b1:e0:21:f7:6c:c7:9c:7f:1a:61:c1:
         4e:31:64:de:73:9d:2a:af:e0:df:95:06:27:61:d7:a8:8b:77:
         64:d3:23:72:42:c6:90:55:77:05:0f:0d:4e:f1:88:05:20:5f:
         7c:63:9a:65:6c:2f:ae:d6:56:79:bc:3e:b8:da:a5:2c:7c:47:
         19:f9:b3:26:e7:94:c4:8f:a5:a9:ce:c0:f2:62:1d:f1:5e:2d:
         e4:19:09:a1:58:23:7f:e5:c7:b4:be:2d:3f:7c:9e:00:6b:41:
         90:67:e2:34:23:1c:94:5a:9f:e1:d2:02:7d:a8:43:82:9f:46:
         56:ee:13:27:a7:9d:47:b6:89:16:e5:39:d5:1f:c4:14:ff:b8:
         16:5b:ac:a7
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDDT76MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDJi
N2NkNGZiYmFiZmU1NTY1ZTIzMTUwZmE2ZjFlYzQ4YjRmZDNhODIwHhcNMjEwMzI0
MDMwMDAwWhcNMjYwMzI0MDMwMDAwWjAzMTEwLwYDVQQDEyhmYzQwMTc1OTJmOWVl
ZmI4NWIyZjE3YjdiNzMxZjBiYjJiODhkYmQxMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAhPm/1Zkgznjgzv2zz9vimHqRvVdip3XYckLMMp9rmllpF9la
GA0+EL9uwBvvuSe5wM861l72HwpFVYK0JZxUyz2L1/TGgGmghK6ARBNgDn5kVF64
rQoq+3f6JY1FUvadsxVhQUnVN/AJv8gM3J13P7+Ru8grxSXn2uRpuq3IXTObORQz
Rt/mhwhZ6ftrQusnqCFSHHuVbKcxhAXGt2g6Xjln7QA+QKqzJkSfAd/sdWvOlT2R
Ay6THwP3Ugqr6t8060Uab7lVIE0gjpTm6muTOK/MpMwURXAcBXnDmNjOQM08Y9jt
MFhOn3TQKNg+F3wal5gT+sSEmR/t9qBAtXGqiQIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFAg1EzmxxgLrYNuVmaRcPbsVUi76MB8GA1UdIwQYMBaAFJK2SlDvBgDQI/8A
B6xfwP1z4anTMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvMmI3Y2Q0
ZmJiYWJmZTU1NjVlMjMxNTBmYTZmMWVjNDhiNGZkM2E4Mi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNjUxYzYzYjctZTEzZS00M2JmLWIwMTAtMjY1Y2Ix
ZjBiMTgyL2ZjNDAxNzU5MmY5ZWVmYjg1YjJmMTdiN2I3MzFmMGJiMmI4OGRiZDEu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy82NTFjNjNiNy1lMTNlLTQzYmYtYjAxMC0yNjVj
YjFmMGIxODIvMmI3Y2Q0ZmJiYWJmZTU1NjVlMjMxNTBmYTZmMWVjNDhiNGZkM2E4
Mi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEArM/FDANBgkqhkiG9w0BAQsFAAOCAQEASGG65YUhCjRDb5tA
xW5bocBUzVIpgb4CBPGhpD5VftKnIWRVnovMvBQftuAVTxXVcfriw88FZp3EVKcN
C/km7KCRtQdFn30c5hTRhC57c1+AnBYKobheYX0kzrJzMM4QLE10/Z99QMx2qfVF
ITQoJLLiArHgIfdsx5x/GmHBTjFk3nOdKq/g35UGJ2HXqIt3ZNMjckLGkFV3BQ8N
TvGIBSBffGOaZWwvrtZWebw+uNqlLHxHGfmzJueUxI+lqc7A8mId8V4t5BkJoVgj
f+XHtL4tP3yeAGtBkGfiNCMclFqf4dICfahDgp9GVu4TJ6edR7aJFuU51R/EFP+4
Fluspw==
-----END CERTIFICATE-----
Generated at Sun Mar 3 13:24:01 2024 by rpki-client on console-fra.rpki-client.org