Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/6689b76f-0b6b-4682-b9d2-1dbb367df16a/c89fd03f00e14434b9fe305cbf5f1ed9f3dcb71c.roa
File:                     c89fd03f00e14434b9fe305cbf5f1ed9f3dcb71c.roa (raw, json)
Hash identifier:          UsMzOaQKTsnZR1AqkD78aYO/n7mld0lDh0lYpS7OS1s=
Subject key identifier:   C6:C2:C3:BF:02:BE:3D:CB:6C:6E:D5:2B:89:74:9F:73:0C:B4:4C:3B
Certificate issuer:       /CN=7a7aeab549c4c7f5093e9034bfb143044e85aee1
Certificate serial:       04F7
Authority key identifier: 6A:72:69:80:83:DB:60:84:9E:D0:DE:A8:92:D7:A8:F2:B0:B0:EA:A7
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/7a7aeab549c4c7f5093e9034bfb143044e85aee1.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/6689b76f-0b6b-4682-b9d2-1dbb367df16a/c89fd03f00e14434b9fe305cbf5f1ed9f3dcb71c.roa
Signing time:             Fri 01 Jul 2022 18:48:09 +0000
ROA not before:           Fri 01 Jul 2022 03:00:00 +0000
ROA not after:            Mon 01 Jul 2024 03:00:00 +0000
asID:                     272815
IP address blocks:        168.205.196.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/6689b76f-0b6b-4682-b9d2-1dbb367df16a/7a7aeab549c4c7f5093e9034bfb143044e85aee1.crl
                          rsync://repository.lacnic.net/rpki/lacnic/6689b76f-0b6b-4682-b9d2-1dbb367df16a/7a7aeab549c4c7f5093e9034bfb143044e85aee1.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/7a7aeab549c4c7f5093e9034bfb143044e85aee1.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 12:22:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1271 (0x4f7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7a7aeab549c4c7f5093e9034bfb143044e85aee1
        Validity
            Not Before: Jul  1 03:00:00 2022 GMT
            Not After : Jul  1 03:00:00 2024 GMT
        Subject: CN=c89fd03f00e14434b9fe305cbf5f1ed9f3dcb71c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:e5:e5:d7:42:b0:dc:a4:e0:e0:06:c4:a4:c1:
                    75:cc:0f:22:96:0c:66:b9:24:dc:40:85:c9:51:50:
                    00:c4:db:66:85:f8:f2:6b:f9:6b:96:35:0c:59:6e:
                    9f:f6:33:ba:45:16:fc:68:35:be:21:7a:a1:a0:85:
                    21:1e:b9:45:07:f1:1e:05:8a:63:fa:1d:59:96:37:
                    0c:53:0a:39:7c:b5:9d:1b:50:f6:de:eb:3d:dc:8b:
                    13:7a:57:37:e5:be:b6:32:ec:9e:38:3d:91:0f:5b:
                    1c:de:1e:9c:81:f3:1d:7b:04:97:31:ee:af:7e:e0:
                    9f:ef:ed:e2:07:02:88:6a:5e:85:4a:ff:aa:d3:c2:
                    ff:45:68:47:cc:27:f7:73:5b:ec:37:c3:ba:8d:d6:
                    b3:78:e8:18:d2:91:d7:d1:6b:6d:05:eb:47:3f:b4:
                    90:a8:f1:fd:19:af:76:63:db:13:38:15:78:0a:2d:
                    11:cb:78:6d:90:9d:26:29:57:8b:5b:94:2b:4b:ad:
                    d3:3a:5c:76:c2:89:d5:a0:53:11:0a:9a:12:73:cf:
                    92:af:97:09:9d:b7:ee:cc:a3:5d:43:df:98:1d:a2:
                    32:d3:af:74:f8:21:c2:8d:16:7a:d3:10:8f:36:0d:
                    ac:47:8c:7e:d4:7e:77:a8:b8:76:91:f4:05:43:37:
                    30:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C6:C2:C3:BF:02:BE:3D:CB:6C:6E:D5:2B:89:74:9F:73:0C:B4:4C:3B
            X509v3 Authority Key Identifier:
                keyid:6A:72:69:80:83:DB:60:84:9E:D0:DE:A8:92:D7:A8:F2:B0:B0:EA:A7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/7a7aeab549c4c7f5093e9034bfb143044e85aee1.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/6689b76f-0b6b-4682-b9d2-1dbb367df16a/c89fd03f00e14434b9fe305cbf5f1ed9f3dcb71c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/6689b76f-0b6b-4682-b9d2-1dbb367df16a/7a7aeab549c4c7f5093e9034bfb143044e85aee1.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  168.205.196.0/22

    Signature Algorithm: sha256WithRSAEncryption
         59:95:fc:3a:30:83:f8:a1:ca:99:f0:00:7f:d7:b3:b4:9f:55:
         71:c8:fb:59:ee:22:30:53:41:a6:25:55:97:25:ef:b4:33:bc:
         b2:97:72:07:3c:fa:ad:32:52:3e:61:6c:1d:61:33:8d:d9:72:
         be:1b:17:72:b7:fb:a7:8d:6c:a7:3c:b0:a3:0a:66:0c:42:8d:
         e7:d0:88:83:f8:be:f4:d6:be:3b:77:5e:6b:4d:f6:d6:3e:8d:
         43:0a:a2:a8:42:3c:af:1c:99:2c:bd:b1:a6:da:4e:ca:ae:a7:
         ee:cf:2f:ab:e8:8e:ea:a3:79:75:cb:cb:cd:79:96:84:42:6f:
         09:22:51:7f:44:a8:88:16:7f:21:90:ff:fc:45:52:64:06:a6:
         46:4c:d3:37:d5:e5:9e:88:7f:13:f1:dc:e7:5b:dc:09:d1:de:
         9a:f5:92:1c:80:9b:19:df:0f:73:b7:a2:19:e1:25:76:45:1d:
         c9:76:93:73:4e:56:93:79:d8:4c:54:3c:f1:d4:b7:31:cc:c9:
         c9:23:69:fb:83:55:f6:1d:0f:2b:91:0d:a2:91:1e:0b:18:cb:
         e2:00:8e:ea:d2:03:90:c8:58:97:75:7d:fc:79:b1:a2:af:91:
         0c:8a:06:8e:6f:37:13:bc:0a:4c:0e:dd:61:29:ad:6f:f9:68:
         74:33:df:bd
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgICBPcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoN2E3
YWVhYjU0OWM0YzdmNTA5M2U5MDM0YmZiMTQzMDQ0ZTg1YWVlMTAeFw0yMjA3MDEw
MzAwMDBaFw0yNDA3MDEwMzAwMDBaMDMxMTAvBgNVBAMTKGM4OWZkMDNmMDBlMTQ0
MzRiOWZlMzA1Y2JmNWYxZWQ5ZjNkY2I3MWMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCg5eXXQrDcpODgBsSkwXXMDyKWDGa5JNxAhclRUADE22aF+PJr
+WuWNQxZbp/2M7pFFvxoNb4heqGghSEeuUUH8R4FimP6HVmWNwxTCjl8tZ0bUPbe
6z3cixN6VzflvrYy7J44PZEPWxzeHpyB8x17BJcx7q9+4J/v7eIHAohqXoVK/6rT
wv9FaEfMJ/dzW+w3w7qN1rN46BjSkdfRa20F60c/tJCo8f0Zr3Zj2xM4FXgKLRHL
eG2QnSYpV4tblCtLrdM6XHbCidWgUxEKmhJzz5Kvlwmdt+7Mo11D35gdojLTr3T4
IcKNFnrTEI82DaxHjH7UfneouHaR9AVDNzC1AgMBAAGjggJbMIICVzAdBgNVHQ4E
FgQUxsLDvwK+PctsbtUriXSfcwy0TDswHwYDVR0jBBgwFoAUanJpgIPbYISe0N6o
kteo8rCw6qcwDgYDVR0PAQH/BAQDAgeAMIGaBggrBgEFBQcBAQSBjTCBijCBhwYI
KwYBBQUHMAKGe3JzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jwa2kvbGFj
bmljLzQ4ZjA4M2JiLWY2MDMtNDg5My05OTkwLTAyODRjMDRjZWI4NS83YTdhZWFi
NTQ5YzRjN2Y1MDkzZTkwMzRiZmIxNDMwNDRlODVhZWUxLmNlcjCBmgYIKwYBBQUH
AQsEgY0wgYowgYcGCCsGAQUFBzALhntyc3luYzovL3JlcG9zaXRvcnkubGFjbmlj
Lm5ldC9ycGtpL2xhY25pYy82Njg5Yjc2Zi0wYjZiLTQ2ODItYjlkMi0xZGJiMzY3
ZGYxNmEvYzg5ZmQwM2YwMGUxNDQzNGI5ZmUzMDVjYmY1ZjFlZDlmM2RjYjcxYy5y
b2EwgY8GA1UdHwSBhzCBhDCBgaB/oH2Ge3JzeW5jOi8vcmVwb3NpdG9yeS5sYWNu
aWMubmV0L3Jwa2kvbGFjbmljLzY2ODliNzZmLTBiNmItNDY4Mi1iOWQyLTFkYmIz
NjdkZjE2YS83YTdhZWFiNTQ5YzRjN2Y1MDkzZTkwMzRiZmIxNDMwNDRlODVhZWUx
LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAw
DjAMBAIAATAGAwQCqM3EMA0GCSqGSIb3DQEBCwUAA4IBAQBZlfw6MIP4ocqZ8AB/
17O0n1VxyPtZ7iIwU0GmJVWXJe+0M7yyl3IHPPqtMlI+YWwdYTON2XK+Gxdyt/un
jWynPLCjCmYMQo3n0IiD+L701r47d15rTfbWPo1DCqKoQjyvHJksvbGm2k7Krqfu
zy+r6I7qo3l1y8vNeZaEQm8JIlF/RKiIFn8hkP/8RVJkBqZGTNM31eWeiH8T8dzn
W9wJ0d6a9ZIcgJsZ3w9zt6IZ4SV2RR3JdpNzTlaTedhMVDzx1LcxzMnJI2n7g1X2
HQ8rkQ2ikR4LGMviAI7q0gOQyFiXdX38ebGir5EMigaObzcTvApMDt1hKa1v+Wh0
M9+9
-----END CERTIFICATE-----
Generated at Thu Mar 28 19:40:29 2024 by rpki-client on console-fra.rpki-client.org