Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/6a51d31c-8088-4924-badb-50b854105e18/18690007e692c18d9db829379bf300b643d2c6aa.roa
File:                     18690007e692c18d9db829379bf300b643d2c6aa.roa (raw, json)
Hash identifier:          qWLa6tw0OUtY/+do5veFNvU3FpFG99y5SVGUmNtUywY=
Subject key identifier:   7F:76:E6:14:6A:E5:ED:0C:00:5C:C4:12:E4:CB:EB:8C:D7:25:13:94
Certificate issuer:       /CN=d04907a356f0a8b7666c3d0b0211071f864896e9
Certificate serial:       0C5283
Authority key identifier: 97:21:06:D3:30:1B:05:99:69:0F:21:9E:9A:A0:46:E2:B5:11:0C:C7
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/d04907a356f0a8b7666c3d0b0211071f864896e9.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/6a51d31c-8088-4924-badb-50b854105e18/18690007e692c18d9db829379bf300b643d2c6aa.roa
Signing time:             Wed 24 Mar 2021 14:46:15 +0000
ROA not before:           Wed 24 Mar 2021 14:46:15 +0000
ROA not after:            Tue 24 Mar 2026 14:46:15 +0000
asID:                     267704
IP address blocks:        45.162.180.0/22 maxlen: 24
                          2803:b1a0::/32 maxlen: 38

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/6a51d31c-8088-4924-badb-50b854105e18/d04907a356f0a8b7666c3d0b0211071f864896e9.crl
                          rsync://repository.lacnic.net/rpki/lacnic/6a51d31c-8088-4924-badb-50b854105e18/d04907a356f0a8b7666c3d0b0211071f864896e9.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/d04907a356f0a8b7666c3d0b0211071f864896e9.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 01 Apr 2024 05:57:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 807555 (0xc5283)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d04907a356f0a8b7666c3d0b0211071f864896e9
        Validity
            Not Before: Mar 24 14:46:15 2021 GMT
            Not After : Mar 24 14:46:15 2026 GMT
        Subject: CN=18690007e692c18d9db829379bf300b643d2c6aa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:ec:8c:24:40:3a:a7:2a:38:52:40:fe:89:7a:
                    6f:8f:fc:a4:f5:6f:0f:23:71:09:45:d5:b0:f2:12:
                    ea:ab:d2:af:bc:0d:d6:a0:63:32:8e:e3:9d:3a:b9:
                    f2:be:cd:7c:c8:c6:65:69:e8:f6:8b:da:76:68:d5:
                    56:00:20:79:73:82:09:e2:53:48:23:92:fb:06:13:
                    f8:72:e2:da:71:fd:c2:9b:15:2d:c7:31:2b:93:1f:
                    28:b3:31:1e:61:af:86:50:68:a8:0e:f3:dd:f3:93:
                    cd:9c:23:93:e2:1a:d1:0b:ab:8f:1d:54:81:65:f3:
                    23:f5:60:a6:55:47:89:44:bd:37:4c:3d:10:5e:b8:
                    a8:17:ec:ff:22:38:c9:f4:47:2c:36:c5:fb:65:e6:
                    b5:f2:10:f0:d7:a9:a0:03:11:42:16:ad:5d:c7:a3:
                    09:4c:6c:cc:c4:fb:f2:55:14:4c:84:ce:99:01:e6:
                    2e:06:aa:a5:2c:df:c8:db:72:fd:54:6d:d5:52:d6:
                    27:65:ae:b0:56:d1:c0:8c:af:f6:6b:ca:64:2b:fb:
                    ef:0a:1b:3f:bf:22:ad:21:8e:5a:21:ee:d0:66:58:
                    d0:5e:8e:f2:45:d6:7f:1f:bd:cc:c8:ff:5d:36:c2:
                    50:34:28:91:36:76:1d:52:0f:b7:42:a3:d2:ac:11:
                    15:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7F:76:E6:14:6A:E5:ED:0C:00:5C:C4:12:E4:CB:EB:8C:D7:25:13:94
            X509v3 Authority Key Identifier:
                keyid:97:21:06:D3:30:1B:05:99:69:0F:21:9E:9A:A0:46:E2:B5:11:0C:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/d04907a356f0a8b7666c3d0b0211071f864896e9.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/6a51d31c-8088-4924-badb-50b854105e18/18690007e692c18d9db829379bf300b643d2c6aa.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/6a51d31c-8088-4924-badb-50b854105e18/d04907a356f0a8b7666c3d0b0211071f864896e9.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.162.180.0/22
                IPv6:
                  2803:b1a0::/32

    Signature Algorithm: sha256WithRSAEncryption
         9b:f5:2b:79:01:48:e5:9f:ca:e1:9a:f6:74:df:8a:ad:cf:21:
         4b:da:a3:5f:74:18:8f:69:a8:b1:7e:0a:66:30:c9:ec:06:8d:
         4f:cd:6e:1b:d5:fa:68:db:9c:55:98:4c:1d:1e:22:67:7b:c6:
         b6:45:83:90:6b:6a:dd:e1:6b:ff:5c:31:0d:61:47:1d:aa:ba:
         2f:a7:05:bd:01:07:5a:f4:b8:92:11:8a:75:25:4c:37:d6:a5:
         e6:1d:f7:49:cb:06:c3:29:e0:de:3d:d6:0d:9f:da:fa:18:c8:
         13:74:3f:ca:28:e2:0f:a2:8c:eb:03:43:a0:f6:1e:d7:80:2d:
         a3:e9:4a:36:af:f8:6b:cc:9e:98:12:2b:a3:63:e8:f3:15:e1:
         a1:47:99:98:71:02:2c:77:a2:d6:51:f8:29:12:e0:fa:c2:c2:
         97:f8:78:42:cf:25:ae:97:de:69:ad:36:0b:96:52:4a:14:15:
         09:4f:5c:0d:b9:d2:4e:b8:a6:5b:1f:6a:81:a1:c4:7d:03:ce:
         69:80:ed:fa:d2:33:cd:50:a7:3a:0f:23:94:e8:de:e3:f9:e7:
         5f:1a:f1:d2:64:5c:7a:7e:1c:56:ec:96:2b:87:2d:1d:6a:73:
         e4:74:d7:0a:83:73:3a:49:53:10:12:1f:d7:90:62:92:14:53:
         eb:92:ed:1a
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgIDDFKDMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGQw
NDkwN2EzNTZmMGE4Yjc2NjZjM2QwYjAyMTEwNzFmODY0ODk2ZTkwHhcNMjEwMzI0
MTQ0NjE1WhcNMjYwMzI0MTQ0NjE1WjAzMTEwLwYDVQQDEygxODY5MDAwN2U2OTJj
MThkOWRiODI5Mzc5YmYzMDBiNjQzZDJjNmFhMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA2uyMJEA6pyo4UkD+iXpvj/yk9W8PI3EJRdWw8hLqq9KvvA3W
oGMyjuOdOrnyvs18yMZlaej2i9p2aNVWACB5c4IJ4lNII5L7BhP4cuLacf3CmxUt
xzErkx8oszEeYa+GUGioDvPd85PNnCOT4hrRC6uPHVSBZfMj9WCmVUeJRL03TD0Q
XrioF+z/IjjJ9EcsNsX7Zea18hDw16mgAxFCFq1dx6MJTGzMxPvyVRRMhM6ZAeYu
BqqlLN/I23L9VG3VUtYnZa6wVtHAjK/2a8pkK/vvChs/vyKtIY5aIe7QZljQXo7y
RdZ/H73MyP9dNsJQNCiRNnYdUg+3QqPSrBEV4QIDAQABo4ICajCCAmYwHQYDVR0O
BBYEFH925hRq5e0MAFzEEuTL64zXJROUMB8GA1UdIwQYMBaAFJchBtMwGwWZaQ8h
npqgRuK1EQzHMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvZDA0OTA3
YTM1NmYwYThiNzY2NmMzZDBiMDIxMTA3MWY4NjQ4OTZlOS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNmE1MWQzMWMtODA4OC00OTI0LWJhZGItNTBiODU0
MTA1ZTE4LzE4NjkwMDA3ZTY5MmMxOGQ5ZGI4MjkzNzliZjMwMGI2NDNkMmM2YWEu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy82YTUxZDMxYy04MDg4LTQ5MjQtYmFkYi01MGI4
NTQxMDVlMTgvZDA0OTA3YTM1NmYwYThiNzY2NmMzZDBiMDIxMTA3MWY4NjQ4OTZl
OS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQf
MB0wDAQCAAEwBgMEAi2itDANBAIAAjAHAwUAKAOxoDANBgkqhkiG9w0BAQsFAAOC
AQEAm/UreQFI5Z/K4Zr2dN+Krc8hS9qjX3QYj2mosX4KZjDJ7AaNT81uG9X6aNuc
VZhMHR4iZ3vGtkWDkGtq3eFr/1wxDWFHHaq6L6cFvQEHWvS4khGKdSVMN9al5h33
ScsGwyng3j3WDZ/a+hjIE3Q/yijiD6KM6wNDoPYe14Ato+lKNq/4a8yemBIro2Po
8xXhoUeZmHECLHei1lH4KRLg+sLCl/h4Qs8lrpfeaa02C5ZSShQVCU9cDbnSTrim
Wx9qgaHEfQPOaYDt+tIzzVCnOg8jlOje4/nnXxrx0mRcen4cVuyWK4ctHWpz5HTX
CoNzOklTEBIf15BikhRT65LtGg==
-----END CERTIFICATE-----
Generated at Fri Mar 29 06:25:31 2024 by rpki-client on console-ams.rpki-client.org