Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/6afab6c4-c3e8-4de3-b00d-67133880da01/6b8ea9ca17391fabb31eae9aaa5065fec38a9793.roa
File:                     6b8ea9ca17391fabb31eae9aaa5065fec38a9793.roa (raw, json)
Hash identifier:          WdPUxsOt6ZvHIZ6HyyAJmDOUBMlZXiB2Wa/xf0uCid4=
Subject key identifier:   58:C4:17:84:B6:5F:EF:1C:C5:9A:BA:BC:46:11:DA:60:06:97:F1:83
Certificate issuer:       /CN=54f4436bf11cb0a640955e9fc656465e9f30bea8
Certificate serial:       17B75B
Authority key identifier: 27:68:2E:C7:53:70:EB:29:98:36:A6:B0:2C:F2:D5:22:22:90:94:8E
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/54f4436bf11cb0a640955e9fc656465e9f30bea8.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/6afab6c4-c3e8-4de3-b00d-67133880da01/6b8ea9ca17391fabb31eae9aaa5065fec38a9793.roa
Signing time:             Thu 23 Mar 2023 08:30:15 +0000
ROA not before:           Wed 22 Mar 2023 08:30:15 +0000
ROA not after:            Fri 21 Mar 2025 08:30:15 +0000
asID:                     263244
IP address blocks:        45.162.89.0/24 maxlen: 24
                          45.162.90.0/24 maxlen: 24
                          45.162.91.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/6afab6c4-c3e8-4de3-b00d-67133880da01/54f4436bf11cb0a640955e9fc656465e9f30bea8.crl
                          rsync://repository.lacnic.net/rpki/lacnic/6afab6c4-c3e8-4de3-b00d-67133880da01/54f4436bf11cb0a640955e9fc656465e9f30bea8.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/54f4436bf11cb0a640955e9fc656465e9f30bea8.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 03 Mar 2024 01:34:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1554267 (0x17b75b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=54f4436bf11cb0a640955e9fc656465e9f30bea8
        Validity
            Not Before: Mar 22 08:30:15 2023 GMT
            Not After : Mar 21 08:30:15 2025 GMT
        Subject: CN=6b8ea9ca17391fabb31eae9aaa5065fec38a9793
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:ba:96:7d:d2:0e:03:28:a2:7c:36:09:51:b0:
                    f8:59:5c:ef:d1:ab:28:82:1c:86:cc:67:70:da:3e:
                    d4:46:f2:c0:ac:65:e4:25:e8:93:fd:b4:39:bc:09:
                    d9:71:e5:47:54:fe:d9:86:af:ee:85:a5:bd:b1:75:
                    97:79:9f:da:b4:cc:ab:5c:9c:cf:db:ac:ba:40:c4:
                    51:0d:2a:36:f5:50:c5:98:d1:56:7a:56:1f:01:4d:
                    c2:f9:b7:20:46:75:09:67:d2:ec:78:4f:3d:8a:08:
                    e0:c0:3c:af:05:dc:c3:68:3b:79:a8:be:95:0b:1d:
                    19:b8:ec:79:aa:74:2e:0d:d6:17:f7:67:71:93:43:
                    f1:47:54:b3:07:6e:dd:fc:48:0a:f2:e2:ee:2b:07:
                    12:42:8d:dd:61:b3:b2:12:3d:be:90:c9:92:f5:d5:
                    58:30:78:50:e0:6b:30:28:c7:72:49:c8:70:41:2d:
                    11:e4:a0:19:ee:d2:5d:b4:e3:f5:01:a6:dc:31:04:
                    ca:3b:46:e5:e8:eb:fa:d1:74:a9:9b:72:bf:e2:e2:
                    bb:cd:b7:8f:ef:a0:8e:cc:93:5f:02:f2:1b:24:d4:
                    31:b7:45:83:0a:1d:80:3b:6a:f3:1b:86:64:63:80:
                    36:c2:a8:4a:c1:e2:31:dd:6a:79:fa:09:ac:1c:f8:
                    9c:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                58:C4:17:84:B6:5F:EF:1C:C5:9A:BA:BC:46:11:DA:60:06:97:F1:83
            X509v3 Authority Key Identifier:
                keyid:27:68:2E:C7:53:70:EB:29:98:36:A6:B0:2C:F2:D5:22:22:90:94:8E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/54f4436bf11cb0a640955e9fc656465e9f30bea8.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/6afab6c4-c3e8-4de3-b00d-67133880da01/6b8ea9ca17391fabb31eae9aaa5065fec38a9793.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/6afab6c4-c3e8-4de3-b00d-67133880da01/54f4436bf11cb0a640955e9fc656465e9f30bea8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.162.89.0-45.162.91.255

    Signature Algorithm: sha256WithRSAEncryption
         bf:ad:3a:e2:61:0b:ee:9a:ca:39:3f:d4:4e:9a:c7:0d:4c:84:
         36:33:10:dc:90:0a:83:d3:ba:47:eb:3f:29:9e:b2:7c:9c:36:
         e2:11:fd:c4:02:4c:99:19:a5:bd:9e:12:4d:5c:4e:58:fd:fc:
         a0:d5:23:ee:87:c6:32:61:35:94:67:39:ed:eb:05:4d:ac:d6:
         4c:3c:38:68:c6:16:ad:8b:7b:47:62:4a:16:ac:f7:58:ac:fc:
         17:4f:df:8b:c6:b9:62:5d:49:04:ee:58:ea:f8:b2:16:67:d9:
         8a:b9:13:a2:d5:bf:77:33:d0:5b:d2:96:34:c9:fe:3b:fc:61:
         47:5e:36:c6:0b:16:7a:c4:67:7e:58:5d:b3:55:34:78:82:30:
         e4:0f:df:21:f2:41:e9:c3:cc:ff:f9:7b:db:fa:87:41:1b:8b:
         b5:79:f6:11:d5:3f:ed:a6:5c:2e:58:d5:81:97:c5:aa:1b:88:
         d6:31:75:bb:90:ca:d9:f8:55:e1:3e:9f:3e:4d:e4:23:22:3e:
         5d:ad:9e:8d:c1:2b:5d:bd:00:5a:36:d3:ea:36:00:a8:72:dc:
         b6:65:2b:7b:19:a6:3c:59:75:63:13:f7:12:45:e9:eb:77:d2:
         b1:c5:04:f2:67:01:6c:04:f7:ae:e5:77:cc:eb:9f:10:75:d3:
         66:1b:01:32
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgIDF7dbMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDU0
ZjQ0MzZiZjExY2IwYTY0MDk1NWU5ZmM2NTY0NjVlOWYzMGJlYTgwHhcNMjMwMzIy
MDgzMDE1WhcNMjUwMzIxMDgzMDE1WjAzMTEwLwYDVQQDEyg2YjhlYTljYTE3Mzkx
ZmFiYjMxZWFlOWFhYTUwNjVmZWMzOGE5NzkzMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAubqWfdIOAyiifDYJUbD4WVzv0asoghyGzGdw2j7URvLArGXk
JeiT/bQ5vAnZceVHVP7Zhq/uhaW9sXWXeZ/atMyrXJzP26y6QMRRDSo29VDFmNFW
elYfAU3C+bcgRnUJZ9LseE89igjgwDyvBdzDaDt5qL6VCx0ZuOx5qnQuDdYX92dx
k0PxR1SzB27d/EgK8uLuKwcSQo3dYbOyEj2+kMmS9dVYMHhQ4GswKMdySchwQS0R
5KAZ7tJdtOP1AabcMQTKO0bl6Ov60XSpm3K/4uK7zbeP76COzJNfAvIbJNQxt0WD
Ch2AO2rzG4ZkY4A2wqhKweIx3Wp5+gmsHPicQwIDAQABo4ICYzCCAl8wHQYDVR0O
BBYEFFjEF4S2X+8cxZq6vEYR2mAGl/GDMB8GA1UdIwQYMBaAFCdoLsdTcOspmDam
sCzy1SIikJSOMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvNTRmNDQz
NmJmMTFjYjBhNjQwOTU1ZTlmYzY1NjQ2NWU5ZjMwYmVhOC5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNmFmYWI2YzQtYzNlOC00ZGUzLWIwMGQtNjcxMzM4
ODBkYTAxLzZiOGVhOWNhMTczOTFmYWJiMzFlYWU5YWFhNTA2NWZlYzM4YTk3OTMu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy82YWZhYjZjNC1jM2U4LTRkZTMtYjAwZC02NzEz
Mzg4MGRhMDEvNTRmNDQzNmJmMTFjYjBhNjQwOTU1ZTlmYzY1NjQ2NWU5ZjMwYmVh
OC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAnBggrBgEFBQcBBwEB/wQY
MBYwFAQCAAEwDjAMAwQALaJZAwQCLaJYMA0GCSqGSIb3DQEBCwUAA4IBAQC/rTri
YQvumso5P9ROmscNTIQ2MxDckAqD07pH6z8pnrJ8nDbiEf3EAkyZGaW9nhJNXE5Y
/fyg1SPuh8YyYTWUZznt6wVNrNZMPDhoxhati3tHYkoWrPdYrPwXT9+LxrliXUkE
7ljq+LIWZ9mKuROi1b93M9Bb0pY0yf47/GFHXjbGCxZ6xGd+WF2zVTR4gjDkD98h
8kHpw8z/+Xvb+odBG4u1efYR1T/tplwuWNWBl8WqG4jWMXW7kMrZ+FXhPp8+TeQj
Ij5drZ6NwStdvQBaNtPqNgCocty2ZSt7GaY8WXVjE/cSRenrd9KxxQTyZwFsBPeu
5XfM658QddNmGwEy
-----END CERTIFICATE-----
Generated at Thu Feb 29 07:16:52 2024 by rpki-client on console-ams.rpki-client.org