Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/6a5826d1-aaa5-46af-971e-90000e35d6d5/3920d1408802aaaeff52bd75edd8482c2d0b1b96.roa
File:                     3920d1408802aaaeff52bd75edd8482c2d0b1b96.roa (raw, json)
Hash identifier:          2qQPolHFZQYLBtpz3vSJ5g2Xs/UKqE584qtg6tzq180=
Subject key identifier:   6F:E2:4D:03:CA:6A:EC:75:BD:4C:DC:40:86:F5:8E:96:28:E7:5C:17
Certificate issuer:       /CN=1be266579f38b80627841be816f524a29d303a79
Certificate serial:       0DA1B9
Authority key identifier: 93:E9:EE:89:AF:0B:08:9C:FF:91:3D:CE:29:A5:DC:D7:B9:D3:D7:4B
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/1be266579f38b80627841be816f524a29d303a79.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/6a5826d1-aaa5-46af-971e-90000e35d6d5/3920d1408802aaaeff52bd75edd8482c2d0b1b96.roa
Signing time:             Wed 24 Mar 2021 14:32:50 +0000
ROA not before:           Wed 24 Mar 2021 14:32:50 +0000
ROA not after:            Tue 24 Mar 2026 14:32:50 +0000
asID:                     52349
IP address blocks:        138.0.8.0/22 maxlen: 24
                          170.246.244.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/6a5826d1-aaa5-46af-971e-90000e35d6d5/1be266579f38b80627841be816f524a29d303a79.crl
                          rsync://repository.lacnic.net/rpki/lacnic/6a5826d1-aaa5-46af-971e-90000e35d6d5/1be266579f38b80627841be816f524a29d303a79.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/1be266579f38b80627841be816f524a29d303a79.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 19:38:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 893369 (0xda1b9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1be266579f38b80627841be816f524a29d303a79
        Validity
            Not Before: Mar 24 14:32:50 2021 GMT
            Not After : Mar 24 14:32:50 2026 GMT
        Subject: CN=3920d1408802aaaeff52bd75edd8482c2d0b1b96
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:21:4d:df:87:e2:1f:79:45:ad:47:0f:01:f2:
                    c0:42:9d:f1:43:db:95:7e:f0:b6:5f:ea:22:c7:02:
                    3b:36:42:79:de:2e:d4:a0:f3:cb:88:a6:f6:86:20:
                    78:43:60:f6:01:3b:6f:aa:9a:94:8f:ea:91:2a:f7:
                    0b:6c:ff:8a:4a:b4:82:38:2e:f9:f9:dd:cb:68:44:
                    96:1d:ae:e9:84:38:64:f6:0e:6f:84:53:38:8e:12:
                    26:28:46:22:4d:ac:a5:02:2a:7b:26:bd:e7:d1:80:
                    f6:d3:ac:90:82:f8:ca:cf:c9:3f:67:20:78:a6:6b:
                    34:53:7f:54:84:10:8c:3b:c0:ad:fb:8d:cb:2f:72:
                    28:57:6b:61:19:2d:18:e8:2b:59:79:7c:34:02:f0:
                    34:63:ff:66:05:c9:2a:38:60:ee:f9:92:8b:70:03:
                    5f:75:10:ff:f2:24:bc:eb:ba:00:f6:f4:62:e8:39:
                    5f:36:e8:0f:21:97:4c:01:26:fc:c4:1f:96:01:f0:
                    2b:9d:c0:6a:6c:0d:8f:ac:2a:e8:3f:dd:5b:ac:91:
                    f0:27:80:ed:53:e4:69:c7:ec:d2:0d:29:c3:e7:f3:
                    f7:e9:c0:d1:2e:6e:02:b9:94:7c:21:d6:2e:0a:f3:
                    d2:6a:4b:89:d6:f4:87:e0:8d:dc:46:40:94:f9:3d:
                    cd:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6F:E2:4D:03:CA:6A:EC:75:BD:4C:DC:40:86:F5:8E:96:28:E7:5C:17
            X509v3 Authority Key Identifier:
                keyid:93:E9:EE:89:AF:0B:08:9C:FF:91:3D:CE:29:A5:DC:D7:B9:D3:D7:4B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/1be266579f38b80627841be816f524a29d303a79.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/6a5826d1-aaa5-46af-971e-90000e35d6d5/3920d1408802aaaeff52bd75edd8482c2d0b1b96.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/6a5826d1-aaa5-46af-971e-90000e35d6d5/1be266579f38b80627841be816f524a29d303a79.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  138.0.8.0/22
                  170.246.244.0/22

    Signature Algorithm: sha256WithRSAEncryption
         3f:26:c3:2b:30:82:07:6d:0d:37:55:50:82:97:6c:2f:6f:bb:
         c6:2e:3d:ec:00:67:55:e3:9e:91:82:4b:d5:bc:c1:b5:53:39:
         f6:c1:03:80:df:1a:cc:31:6b:d9:a8:32:d3:73:2d:85:8a:3a:
         36:6f:57:73:53:f5:b5:80:d3:11:15:95:27:74:9d:04:54:4f:
         6d:de:65:89:37:42:ab:5c:ca:15:cf:e0:d3:41:87:e6:e7:82:
         47:72:6c:27:94:fa:3e:ca:e5:c6:f6:5d:2f:53:3e:94:db:75:
         91:ac:36:88:20:d7:eb:b8:a8:9b:7d:ce:53:27:85:05:c8:81:
         11:80:bb:f6:4d:98:47:1a:50:41:5a:7d:99:8e:59:a1:d8:50:
         d1:82:30:b0:68:66:df:f0:66:45:07:19:53:49:c7:7f:c9:c3:
         5c:15:48:85:ac:92:da:5a:54:e4:9d:9c:4f:24:27:0b:fd:56:
         cd:04:4d:1f:c3:a2:ab:1c:34:ed:46:4b:30:e8:df:d5:1d:2b:
         f4:54:c6:8b:88:80:e5:e9:4d:c0:09:8f:09:5e:bd:62:52:54:
         3d:ac:ca:ce:30:24:41:d9:55:91:62:14:10:1b:6f:4f:33:02:
         e3:d1:57:f0:0b:11:cb:e5:d8:85:a5:9f:e2:6e:7c:48:62:2d:
         d7:40:93:e6
-----BEGIN CERTIFICATE-----
MIIFRjCCBC6gAwIBAgIDDaG5MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDFi
ZTI2NjU3OWYzOGI4MDYyNzg0MWJlODE2ZjUyNGEyOWQzMDNhNzkwHhcNMjEwMzI0
MTQzMjUwWhcNMjYwMzI0MTQzMjUwWjAzMTEwLwYDVQQDEygzOTIwZDE0MDg4MDJh
YWFlZmY1MmJkNzVlZGQ4NDgyYzJkMGIxYjk2MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAhSFN34fiH3lFrUcPAfLAQp3xQ9uVfvC2X+oixwI7NkJ53i7U
oPPLiKb2hiB4Q2D2ATtvqpqUj+qRKvcLbP+KSrSCOC75+d3LaESWHa7phDhk9g5v
hFM4jhImKEYiTaylAip7Jr3n0YD206yQgvjKz8k/ZyB4pms0U39UhBCMO8Ct+43L
L3IoV2thGS0Y6CtZeXw0AvA0Y/9mBckqOGDu+ZKLcANfdRD/8iS867oA9vRi6Dlf
NugPIZdMASb8xB+WAfArncBqbA2PrCroP91brJHwJ4DtU+Rpx+zSDSnD5/P36cDR
Lm4CuZR8IdYuCvPSakuJ1vSH4I3cRkCU+T3N1QIDAQABo4ICYTCCAl0wHQYDVR0O
BBYEFG/iTQPKaux1vUzcQIb1jpYo51wXMB8GA1UdIwQYMBaAFJPp7omvCwic/5E9
ziml3Ne509dLMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvMWJlMjY2
NTc5ZjM4YjgwNjI3ODQxYmU4MTZmNTI0YTI5ZDMwM2E3OS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNmE1ODI2ZDEtYWFhNS00NmFmLTk3MWUtOTAwMDBl
MzVkNmQ1LzM5MjBkMTQwODgwMmFhYWVmZjUyYmQ3NWVkZDg0ODJjMmQwYjFiOTYu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy82YTU4MjZkMS1hYWE1LTQ2YWYtOTcxZS05MDAw
MGUzNWQ2ZDUvMWJlMjY2NTc5ZjM4YjgwNjI3ODQxYmU4MTZmNTI0YTI5ZDMwM2E3
OS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQW
MBQwEgQCAAEwDAMEAooACAMEAqr29DANBgkqhkiG9w0BAQsFAAOCAQEAPybDKzCC
B20NN1VQgpdsL2+7xi497ABnVeOekYJL1bzBtVM59sEDgN8azDFr2agy03MthYo6
Nm9Xc1P1tYDTERWVJ3SdBFRPbd5liTdCq1zKFc/g00GH5ueCR3JsJ5T6PsrlxvZd
L1M+lNt1kaw2iCDX67iom33OUyeFBciBEYC79k2YRxpQQVp9mY5ZodhQ0YIwsGhm
3/BmRQcZU0nHf8nDXBVIhayS2lpU5J2cTyQnC/1WzQRNH8Oiqxw07UZLMOjf1R0r
9FTGi4iA5elNwAmPCV69YlJUPazKzjAkQdlVkWIUEBtvTzMC49FX8AsRy+XYhaWf
4m58SGIt10CT5g==
-----END CERTIFICATE-----
Generated at Thu Mar 28 22:20:14 2024 by rpki-client on console-fra.rpki-client.org