Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/6e8a60dc-d9f6-4d3e-b2e7-668acfbce3f0/bc0e35564c4b24f62724456f9b8e5624b740f274.roa
File:                     bc0e35564c4b24f62724456f9b8e5624b740f274.roa (raw, json)
Hash identifier:          qmNer1azafj9Vsr3rjy5+txh2MEaTAsNTO8AtcLSqos=
Subject key identifier:   5F:EA:96:5A:75:BA:85:F4:68:03:10:6E:11:1A:F2:2E:4D:C2:7D:7D
Certificate issuer:       /CN=beebb9656e7ce67c9fc3bcd9402edacad981122c
Certificate serial:       0C9F1D
Authority key identifier: 8D:4A:FD:A4:3A:22:38:88:EA:95:2D:E4:2B:38:45:C9:72:11:55:C6
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/beebb9656e7ce67c9fc3bcd9402edacad981122c.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/6e8a60dc-d9f6-4d3e-b2e7-668acfbce3f0/bc0e35564c4b24f62724456f9b8e5624b740f274.roa
Signing time:             Wed 24 Mar 2021 14:31:07 +0000
ROA not before:           Wed 24 Mar 2021 14:31:06 +0000
ROA not after:            Tue 24 Mar 2026 14:31:06 +0000
asID:                     271776
IP address blocks:        45.171.81.0/24 maxlen: 24
                          45.171.82.0/24 maxlen: 24
                          2803:fba0::/32 maxlen: 32

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/6e8a60dc-d9f6-4d3e-b2e7-668acfbce3f0/beebb9656e7ce67c9fc3bcd9402edacad981122c.crl
                          rsync://repository.lacnic.net/rpki/lacnic/6e8a60dc-d9f6-4d3e-b2e7-668acfbce3f0/beebb9656e7ce67c9fc3bcd9402edacad981122c.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/beebb9656e7ce67c9fc3bcd9402edacad981122c.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 19:38:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 827165 (0xc9f1d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=beebb9656e7ce67c9fc3bcd9402edacad981122c
        Validity
            Not Before: Mar 24 14:31:06 2021 GMT
            Not After : Mar 24 14:31:06 2026 GMT
        Subject: CN=bc0e35564c4b24f62724456f9b8e5624b740f274
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:ba:2c:a4:51:ae:62:f2:2f:c6:72:db:36:3d:
                    23:dc:55:23:5b:b0:be:32:73:78:56:50:6b:f1:28:
                    88:bf:62:00:8b:94:e0:96:99:7f:8c:97:b9:7a:7e:
                    21:51:0d:fd:6a:b8:8c:62:82:14:29:11:6b:e7:77:
                    43:c8:62:48:c2:1a:53:ba:2b:be:98:72:d7:ba:60:
                    94:5c:04:02:bf:cb:17:07:47:55:ce:a5:0f:a2:b7:
                    45:ac:e1:84:9e:29:8f:06:22:a0:34:45:71:7c:bb:
                    f6:0f:98:6d:b4:69:86:14:0a:f7:dd:85:32:79:e1:
                    36:90:8e:1e:72:2b:19:86:17:ac:46:b9:d4:4c:34:
                    31:64:e5:6e:3f:44:c9:2d:1f:1e:d0:03:44:f0:4e:
                    44:00:59:ad:c2:99:52:8e:53:7e:50:99:98:80:85:
                    2c:4e:7b:b6:b6:36:c2:d2:c9:c3:bf:07:bc:2a:ba:
                    70:c0:15:17:82:57:a8:3b:19:bb:64:1d:5a:f6:d0:
                    4a:d6:48:d4:44:06:b0:7c:a5:0a:a2:be:f7:f7:fb:
                    77:13:e1:6b:23:16:6a:c8:c7:00:71:08:bb:f2:f5:
                    3a:cb:c5:a4:5a:93:1c:e7:2e:d5:fd:cc:cd:3d:64:
                    1e:60:e8:83:68:6b:76:d4:53:b4:40:9e:40:36:62:
                    42:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5F:EA:96:5A:75:BA:85:F4:68:03:10:6E:11:1A:F2:2E:4D:C2:7D:7D
            X509v3 Authority Key Identifier:
                keyid:8D:4A:FD:A4:3A:22:38:88:EA:95:2D:E4:2B:38:45:C9:72:11:55:C6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/beebb9656e7ce67c9fc3bcd9402edacad981122c.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/6e8a60dc-d9f6-4d3e-b2e7-668acfbce3f0/bc0e35564c4b24f62724456f9b8e5624b740f274.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/6e8a60dc-d9f6-4d3e-b2e7-668acfbce3f0/beebb9656e7ce67c9fc3bcd9402edacad981122c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.171.81.0-45.171.82.255
                IPv6:
                  2803:fba0::/32

    Signature Algorithm: sha256WithRSAEncryption
         64:43:d0:c0:ea:9f:b6:36:b2:66:ce:e7:aa:47:ed:ba:60:ae:
         52:50:08:e6:71:8c:b8:04:2d:36:99:68:ea:78:a2:56:70:5c:
         3f:a0:d2:f5:e7:fa:f2:2f:ea:81:ab:34:47:90:23:be:88:75:
         15:95:da:d6:a0:21:8e:98:c5:04:86:ed:38:3a:36:63:aa:e7:
         17:d1:bb:3d:9f:b5:32:af:cc:57:d0:c6:de:54:cf:27:9b:4a:
         cd:5d:44:e3:21:64:2a:01:e2:dd:d9:d9:a8:4e:17:fa:7a:25:
         00:d5:77:33:eb:d8:e3:19:5f:5a:ee:5e:66:f1:0e:2b:9e:4e:
         0b:b4:78:2c:b0:2a:d3:42:24:3f:fb:ca:ac:3c:e6:16:14:09:
         2f:2a:ca:ef:31:78:a7:d5:63:6b:f1:e2:6e:a2:27:24:68:a5:
         64:b6:7b:9c:35:75:83:eb:a7:e9:e8:5e:4d:4e:a6:80:13:17:
         d8:d6:75:96:dc:7e:4d:f6:15:36:0c:1f:09:7f:58:a0:33:2e:
         81:3f:e7:d8:d6:50:f1:fc:e3:8f:a6:40:4e:ee:ea:a3:4f:09:
         c1:67:b4:c8:11:38:a1:65:8c:88:91:e4:c6:08:42:1a:90:51:
         e1:29:86:93:bd:29:b8:9d:84:56:03:bf:93:67:06:1d:e0:7a:
         13:eb:27:ff
-----BEGIN CERTIFICATE-----
MIIFVzCCBD+gAwIBAgIDDJ8dMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGJl
ZWJiOTY1NmU3Y2U2N2M5ZmMzYmNkOTQwMmVkYWNhZDk4MTEyMmMwHhcNMjEwMzI0
MTQzMTA2WhcNMjYwMzI0MTQzMTA2WjAzMTEwLwYDVQQDEyhiYzBlMzU1NjRjNGIy
NGY2MjcyNDQ1NmY5YjhlNTYyNGI3NDBmMjc0MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAh7ospFGuYvIvxnLbNj0j3FUjW7C+MnN4VlBr8SiIv2IAi5Tg
lpl/jJe5en4hUQ39ariMYoIUKRFr53dDyGJIwhpTuiu+mHLXumCUXAQCv8sXB0dV
zqUPordFrOGEnimPBiKgNEVxfLv2D5httGmGFAr33YUyeeE2kI4ecisZhhesRrnU
TDQxZOVuP0TJLR8e0ANE8E5EAFmtwplSjlN+UJmYgIUsTnu2tjbC0snDvwe8Krpw
wBUXgleoOxm7ZB1a9tBK1kjURAawfKUKor739/t3E+FrIxZqyMcAcQi78vU6y8Wk
WpMc5y7V/czNPWQeYOiDaGt21FO0QJ5ANmJC7wIDAQABo4ICcjCCAm4wHQYDVR0O
BBYEFF/qllp1uoX0aAMQbhEa8i5Nwn19MB8GA1UdIwQYMBaAFI1K/aQ6IjiI6pUt
5Cs4RclyEVXGMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYmVlYmI5
NjU2ZTdjZTY3YzlmYzNiY2Q5NDAyZWRhY2FkOTgxMTIyYy5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNmU4YTYwZGMtZDlmNi00ZDNlLWIyZTctNjY4YWNm
YmNlM2YwL2JjMGUzNTU2NGM0YjI0ZjYyNzI0NDU2ZjliOGU1NjI0Yjc0MGYyNzQu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy82ZThhNjBkYy1kOWY2LTRkM2UtYjJlNy02Njhh
Y2ZiY2UzZjAvYmVlYmI5NjU2ZTdjZTY3YzlmYzNiY2Q5NDAyZWRhY2FkOTgxMTIy
Yy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA2BggrBgEFBQcBBwEB/wQn
MCUwFAQCAAEwDjAMAwQALatRAwQALatSMA0EAgACMAcDBQAoA/ugMA0GCSqGSIb3
DQEBCwUAA4IBAQBkQ9DA6p+2NrJmzueqR+26YK5SUAjmcYy4BC02mWjqeKJWcFw/
oNL15/ryL+qBqzRHkCO+iHUVldrWoCGOmMUEhu04OjZjqucX0bs9n7Uyr8xX0Mbe
VM8nm0rNXUTjIWQqAeLd2dmoThf6eiUA1Xcz69jjGV9a7l5m8Q4rnk4LtHgssCrT
QiQ/+8qsPOYWFAkvKsrvMXin1WNr8eJuoickaKVktnucNXWD66fp6F5NTqaAExfY
1nWW3H5N9hU2DB8Jf1igMy6BP+fY1lDx/OOPpkBO7uqjTwnBZ7TIETihZYyIkeTG
CEIakFHhKYaTvSm4nYRWA7+TZwYd4HoT6yf/
-----END CERTIFICATE-----
Generated at Fri Mar 29 04:03:27 2024 by rpki-client on console-ams.rpki-client.org