Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/6a8328fa-7639-42a5-af2b-42bd3b4ef5fa/c36c180a701d47f934c80ca5536b457502fb803f.roa
File:                     c36c180a701d47f934c80ca5536b457502fb803f.roa (raw, json)
Hash identifier:          B4sMjDBniN9WbI3ETwlFuKBev5dM500mRyvNvh8qIYc=
Subject key identifier:   32:2E:2A:EB:AE:53:58:69:A6:C2:DD:4C:C7:32:08:C1:1A:D9:50:8A
Certificate issuer:       /CN=f1e750e661607322fb98ea988d7624f49cbc68cb
Certificate serial:       15B805
Authority key identifier: F8:B0:D5:31:73:34:5B:2F:37:5D:D4:B4:27:59:C7:B4:BD:4E:BC:30
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/f1e750e661607322fb98ea988d7624f49cbc68cb.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/6a8328fa-7639-42a5-af2b-42bd3b4ef5fa/c36c180a701d47f934c80ca5536b457502fb803f.roa
Signing time:             Thu 31 Mar 2022 13:30:33 +0000
ROA not before:           Wed 24 Mar 2021 03:00:00 +0000
ROA not after:            Tue 24 Mar 2026 03:00:00 +0000
asID:                     21351
IP address blocks:        161.22.64.0/18 maxlen: 24
                          2803:1680:3000::/36 maxlen: 48

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/6a8328fa-7639-42a5-af2b-42bd3b4ef5fa/f1e750e661607322fb98ea988d7624f49cbc68cb.crl
                          rsync://repository.lacnic.net/rpki/lacnic/6a8328fa-7639-42a5-af2b-42bd3b4ef5fa/f1e750e661607322fb98ea988d7624f49cbc68cb.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/f1e750e661607322fb98ea988d7624f49cbc68cb.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 18 Mar 2023 03:21:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1423365 (0x15b805)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f1e750e661607322fb98ea988d7624f49cbc68cb
        Validity
            Not Before: Mar 24 03:00:00 2021 GMT
            Not After : Mar 24 03:00:00 2026 GMT
        Subject: CN=c36c180a701d47f934c80ca5536b457502fb803f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:31:dc:34:09:c2:dc:c0:54:59:e1:72:4b:fe:
                    5d:f8:bf:6c:38:dc:9f:e3:84:58:e5:30:18:0a:3c:
                    23:a0:13:ba:6a:4e:b0:72:28:38:ac:d1:9a:86:9b:
                    d5:b8:b4:d3:f5:6e:f9:7f:b4:32:22:d9:c6:60:86:
                    cd:9b:59:a9:9a:e1:51:2c:cb:b1:76:ab:4e:41:c5:
                    3e:4c:9b:0c:38:f2:81:30:d1:c4:bc:4c:fa:80:08:
                    7b:b1:b7:f0:cf:a9:17:99:2e:5f:0f:9e:0a:ad:c9:
                    67:28:a9:6f:d1:d9:f8:bb:03:14:96:9e:48:e8:f7:
                    02:e1:b7:e6:8e:55:41:dd:4f:a4:89:a8:8c:bf:c0:
                    aa:75:1b:ad:a8:81:74:03:f7:c8:99:bf:b5:09:0d:
                    21:34:f6:d9:57:00:b5:ab:96:76:2d:fd:b6:00:7a:
                    c5:7c:3e:8f:9e:3b:e0:60:47:ae:a7:2e:d9:cb:35:
                    7d:39:89:ca:40:6b:03:7e:14:3e:9a:4b:36:65:21:
                    09:1f:21:ab:71:44:56:16:d4:db:0c:5d:a0:d5:2b:
                    e3:a7:c9:06:1a:b7:6e:fa:65:f3:84:e3:b4:69:4e:
                    8a:6e:6e:97:4c:a3:ae:b2:b9:6e:59:d8:cf:f3:22:
                    bf:48:f0:cd:8d:10:c8:46:f1:74:4a:1c:ef:63:52:
                    b1:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                32:2E:2A:EB:AE:53:58:69:A6:C2:DD:4C:C7:32:08:C1:1A:D9:50:8A
            X509v3 Authority Key Identifier: 
                keyid:F8:B0:D5:31:73:34:5B:2F:37:5D:D4:B4:27:59:C7:B4:BD:4E:BC:30

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/f1e750e661607322fb98ea988d7624f49cbc68cb.cer

            Subject Information Access: 
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/6a8328fa-7639-42a5-af2b-42bd3b4ef5fa/c36c180a701d47f934c80ca5536b457502fb803f.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/6a8328fa-7639-42a5-af2b-42bd3b4ef5fa/f1e750e661607322fb98ea988d7624f49cbc68cb.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  161.22.64.0/18
                IPv6:
                  2803:1680:3000::/36

    Signature Algorithm: sha256WithRSAEncryption
         0e:2b:89:94:f1:ae:2a:6d:06:88:1c:c4:07:d5:9b:e7:98:a0:
         bf:ea:8f:25:01:8b:4f:4e:f7:67:ad:ea:a7:07:af:41:5d:f0:
         5d:b2:81:c3:44:8d:39:b1:34:81:3a:df:43:f5:8b:bd:49:f1:
         ea:15:46:28:c5:74:05:c8:d5:01:71:19:08:a8:15:f8:91:a7:
         fa:92:5c:24:d4:2f:67:7a:0e:eb:00:4a:ea:bb:74:6c:8d:09:
         48:02:dc:2b:43:01:28:09:1f:9c:66:9c:4f:7c:66:d0:6c:0d:
         c3:95:3d:ad:94:c6:16:ae:25:07:b8:cd:cf:1c:bf:dd:09:28:
         84:a1:66:de:46:f2:fe:a9:a8:35:eb:00:66:9d:ec:5b:cf:26:
         33:1d:e5:d2:4b:54:42:ca:6f:c9:9a:2f:71:2f:c0:94:cf:e7:
         0b:a3:5d:86:5a:fa:4c:66:6a:58:ec:d6:24:9e:77:ff:0a:c4:
         ea:90:c1:fb:c8:bd:6f:f8:aa:bb:05:59:9d:18:ee:ad:59:a1:
         8e:ac:f6:f7:5f:c7:26:6d:1e:2c:a7:76:f9:96:d6:b5:66:18:
         5e:61:8d:52:0d:92:08:4b:c8:e8:ac:57:86:f6:cf:d3:03:39:
         b9:75:27:2b:83:1d:06:5b:f3:1c:05:78:dc:1a:2f:1f:99:f1:
         e9:e4:ef:41
-----BEGIN CERTIFICATE-----
MIIFUDCCBDigAwIBAgIDFbgFMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGYx
ZTc1MGU2NjE2MDczMjJmYjk4ZWE5ODhkNzYyNGY0OWNiYzY4Y2IwHhcNMjEwMzI0
MDMwMDAwWhcNMjYwMzI0MDMwMDAwWjAzMTEwLwYDVQQDEyhjMzZjMTgwYTcwMWQ0
N2Y5MzRjODBjYTU1MzZiNDU3NTAyZmI4MDNmMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEApzHcNAnC3MBUWeFyS/5d+L9sONyf44RY5TAYCjwjoBO6ak6w
cig4rNGahpvVuLTT9W75f7QyItnGYIbNm1mpmuFRLMuxdqtOQcU+TJsMOPKBMNHE
vEz6gAh7sbfwz6kXmS5fD54KrclnKKlv0dn4uwMUlp5I6PcC4bfmjlVB3U+kiaiM
v8CqdRutqIF0A/fImb+1CQ0hNPbZVwC1q5Z2Lf22AHrFfD6PnjvgYEeupy7ZyzV9
OYnKQGsDfhQ+mks2ZSEJHyGrcURWFtTbDF2g1Svjp8kGGrdu+mXzhOO0aU6Kbm6X
TKOusrluWdjP8yK/SPDNjRDIRvF0ShzvY1Kx1wIDAQABo4ICazCCAmcwHQYDVR0O
BBYEFDIuKuuuU1hppsLdTMcyCMEa2VCKMB8GA1UdIwQYMBaAFPiw1TFzNFsvN13U
tCdZx7S9TrwwMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvZjFlNzUw
ZTY2MTYwNzMyMmZiOThlYTk4OGQ3NjI0ZjQ5Y2JjNjhjYi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNmE4MzI4ZmEtNzYzOS00MmE1LWFmMmItNDJiZDNi
NGVmNWZhL2MzNmMxODBhNzAxZDQ3ZjkzNGM4MGNhNTUzNmI0NTc1MDJmYjgwM2Yu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy82YTgzMjhmYS03NjM5LTQyYTUtYWYyYi00MmJk
M2I0ZWY1ZmEvZjFlNzUwZTY2MTYwNzMyMmZiOThlYTk4OGQ3NjI0ZjQ5Y2JjNjhj
Yi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAvBggrBgEFBQcBBwEB/wQg
MB4wDAQCAAEwBgMEBqEWQDAOBAIAAjAIAwYEKAMWgDAwDQYJKoZIhvcNAQELBQAD
ggEBAA4riZTxriptBogcxAfVm+eYoL/qjyUBi09O92et6qcHr0Fd8F2ygcNEjTmx
NIE630P1i71J8eoVRijFdAXI1QFxGQioFfiRp/qSXCTUL2d6DusASuq7dGyNCUgC
3CtDASgJH5xmnE98ZtBsDcOVPa2UxhauJQe4zc8cv90JKIShZt5G8v6pqDXrAGad
7FvPJjMd5dJLVELKb8maL3EvwJTP5wujXYZa+kxmaljs1iSed/8KxOqQwfvIvW/4
qrsFWZ0Y7q1ZoY6s9vdfxyZtHiyndvmW1rVmGF5hjVINkghLyOisV4b2z9MDObl1
JyuDHQZb8xwFeNwaLx+Z8enk70E=
-----END CERTIFICATE-----
Generated at Wed Mar 15 11:46:35 2023 by rpki-client on console-fra.rpki-client.org