Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/6f283e0c-3fec-4011-8b09-1df48afdeec9/3d36c4e540cf363b4fe9a9e032fff0252d4ba3d1.roa
File:                     3d36c4e540cf363b4fe9a9e032fff0252d4ba3d1.roa (raw, json)
Hash identifier:          EDIWAOfROEdByxF86UeQy15n9l4lRGUqNVrO6ciXqOU=
Subject key identifier:   8B:7A:B1:4F:09:6F:A7:5A:A7:D8:55:40:DB:0B:EC:1E:2D:18:60:FA
Certificate issuer:       /CN=8fafcd42979e43384ea333a5d7e481a822fedbfe
Certificate serial:       052A
Authority key identifier: 6C:E2:BA:B1:04:AD:D7:0C:C2:2C:DD:94:81:37:E0:1E:0C:82:F4:D2
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/8fafcd42979e43384ea333a5d7e481a822fedbfe.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/6f283e0c-3fec-4011-8b09-1df48afdeec9/3d36c4e540cf363b4fe9a9e032fff0252d4ba3d1.roa
Signing time:             Mon 14 Feb 2022 16:18:44 +0000
ROA not before:           Mon 14 Feb 2022 03:00:00 +0000
ROA not after:            Wed 14 Feb 2029 03:00:00 +0000
asID:                     272059
IP address blocks:        181.174.224.0/22 maxlen: 24
                          2803:8310::/32 maxlen: 48

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/6f283e0c-3fec-4011-8b09-1df48afdeec9/8fafcd42979e43384ea333a5d7e481a822fedbfe.crl
                          rsync://repository.lacnic.net/rpki/lacnic/6f283e0c-3fec-4011-8b09-1df48afdeec9/8fafcd42979e43384ea333a5d7e481a822fedbfe.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/8fafcd42979e43384ea333a5d7e481a822fedbfe.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 03:49:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1322 (0x52a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8fafcd42979e43384ea333a5d7e481a822fedbfe
        Validity
            Not Before: Feb 14 03:00:00 2022 GMT
            Not After : Feb 14 03:00:00 2029 GMT
        Subject: CN=3d36c4e540cf363b4fe9a9e032fff0252d4ba3d1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:0f:f3:dd:80:fe:ca:65:d2:da:21:81:40:2c:
                    8b:4b:c0:37:ed:f4:4f:8b:6e:17:a0:0d:72:f5:ef:
                    dc:25:b5:0a:09:03:0a:44:cb:df:dd:ea:90:8b:59:
                    b0:9b:00:23:fb:d0:b0:65:f1:05:fa:08:b5:94:88:
                    1c:1d:0e:38:97:85:07:31:d4:f4:4b:09:50:2b:fb:
                    c8:75:84:b0:d4:8e:91:e1:bc:22:84:af:8e:91:2e:
                    10:3d:95:7d:31:9e:6d:c3:30:bc:fe:00:13:29:02:
                    73:39:c8:0d:04:03:2e:96:65:df:63:1f:e1:d9:d9:
                    c8:32:b9:b7:b5:6b:bd:a3:47:19:d0:dd:b0:d1:d6:
                    7b:4f:4c:cf:2e:cc:dc:2e:a7:6a:ab:35:e6:34:e7:
                    14:36:b7:02:e4:29:38:d3:fb:c4:56:18:55:f3:ea:
                    12:92:57:6b:fa:fa:bd:d8:a4:1a:82:06:ec:90:5e:
                    c2:55:19:2b:2e:52:61:64:e0:90:af:5f:c0:1a:ab:
                    83:14:fd:97:73:a5:f4:0e:1e:e0:27:82:fc:52:25:
                    6f:01:a6:18:bb:d4:74:12:23:21:cf:c2:1f:64:1e:
                    7c:e1:74:63:4d:47:b3:81:7e:5f:ad:e4:58:9b:fa:
                    12:77:a6:ff:95:e7:93:7d:c3:86:d6:b4:1c:36:18:
                    3a:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8B:7A:B1:4F:09:6F:A7:5A:A7:D8:55:40:DB:0B:EC:1E:2D:18:60:FA
            X509v3 Authority Key Identifier:
                keyid:6C:E2:BA:B1:04:AD:D7:0C:C2:2C:DD:94:81:37:E0:1E:0C:82:F4:D2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/8fafcd42979e43384ea333a5d7e481a822fedbfe.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/6f283e0c-3fec-4011-8b09-1df48afdeec9/3d36c4e540cf363b4fe9a9e032fff0252d4ba3d1.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/6f283e0c-3fec-4011-8b09-1df48afdeec9/8fafcd42979e43384ea333a5d7e481a822fedbfe.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  181.174.224.0/22
                IPv6:
                  2803:8310::/32

    Signature Algorithm: sha256WithRSAEncryption
         0a:6f:99:e9:14:f6:5c:92:10:45:7d:b8:9f:4f:d8:bf:73:b6:
         72:de:fb:40:9f:35:09:ca:9b:f1:52:02:63:50:24:02:66:5e:
         8e:9a:95:32:f5:57:50:46:25:b8:9e:68:f6:c7:7a:78:98:e5:
         85:78:90:89:2f:65:db:6e:d9:e4:e1:0a:fd:3d:cb:d6:56:ab:
         61:b9:cc:cf:98:33:a3:95:6e:14:fe:b8:c0:5a:53:7d:1c:74:
         9a:79:0b:70:82:a1:a3:85:1c:1e:73:39:32:0a:70:13:cf:4b:
         09:37:eb:2c:89:d4:58:08:8b:71:7f:e0:c5:ff:f5:1a:79:5f:
         c9:13:48:cc:b1:a3:4d:8e:a7:c9:36:af:2c:0c:ed:1e:6f:d8:
         0a:f3:4a:33:f5:63:d3:af:15:74:b6:2b:9b:fd:c3:94:cb:54:
         74:d0:06:47:54:5a:7f:14:90:d5:61:d7:cc:6a:0b:3e:82:fc:
         8d:d7:11:14:d3:fd:9e:32:bf:01:b3:56:4e:ee:50:88:a8:31:
         a0:24:05:52:47:56:7e:42:20:06:7c:e8:9a:78:6a:35:df:c4:
         dd:12:c4:c5:26:30:2b:83:f2:9d:fa:9f:56:75:a1:30:e6:ef:
         68:0e:02:1f:79:97:c8:fc:cf:ba:42:60:bf:5e:0a:b9:1f:2c:
         41:c5:ec:2f
-----BEGIN CERTIFICATE-----
MIIFTjCCBDagAwIBAgICBSowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOGZh
ZmNkNDI5NzllNDMzODRlYTMzM2E1ZDdlNDgxYTgyMmZlZGJmZTAeFw0yMjAyMTQw
MzAwMDBaFw0yOTAyMTQwMzAwMDBaMDMxMTAvBgNVBAMTKDNkMzZjNGU1NDBjZjM2
M2I0ZmU5YTllMDMyZmZmMDI1MmQ0YmEzZDEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCND/PdgP7KZdLaIYFALItLwDft9E+LbhegDXL179wltQoJAwpE
y9/d6pCLWbCbACP70LBl8QX6CLWUiBwdDjiXhQcx1PRLCVAr+8h1hLDUjpHhvCKE
r46RLhA9lX0xnm3DMLz+ABMpAnM5yA0EAy6WZd9jH+HZ2cgyube1a72jRxnQ3bDR
1ntPTM8uzNwup2qrNeY05xQ2twLkKTjT+8RWGFXz6hKSV2v6+r3YpBqCBuyQXsJV
GSsuUmFk4JCvX8Aaq4MU/ZdzpfQOHuAngvxSJW8Bphi71HQSIyHPwh9kHnzhdGNN
R7OBfl+t5Fib+hJ3pv+V55N9w4bWtBw2GDqnAgMBAAGjggJqMIICZjAdBgNVHQ4E
FgQUi3qxTwlvp1qn2FVA2wvsHi0YYPowHwYDVR0jBBgwFoAUbOK6sQSt1wzCLN2U
gTfgHgyC9NIwDgYDVR0PAQH/BAQDAgeAMIGaBggrBgEFBQcBAQSBjTCBijCBhwYI
KwYBBQUHMAKGe3JzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jwa2kvbGFj
bmljLzQ4ZjA4M2JiLWY2MDMtNDg5My05OTkwLTAyODRjMDRjZWI4NS84ZmFmY2Q0
Mjk3OWU0MzM4NGVhMzMzYTVkN2U0ODFhODIyZmVkYmZlLmNlcjCBmgYIKwYBBQUH
AQsEgY0wgYowgYcGCCsGAQUFBzALhntyc3luYzovL3JlcG9zaXRvcnkubGFjbmlj
Lm5ldC9ycGtpL2xhY25pYy82ZjI4M2UwYy0zZmVjLTQwMTEtOGIwOS0xZGY0OGFm
ZGVlYzkvM2QzNmM0ZTU0MGNmMzYzYjRmZTlhOWUwMzJmZmYwMjUyZDRiYTNkMS5y
b2EwgY8GA1UdHwSBhzCBhDCBgaB/oH2Ge3JzeW5jOi8vcmVwb3NpdG9yeS5sYWNu
aWMubmV0L3Jwa2kvbGFjbmljLzZmMjgzZTBjLTNmZWMtNDAxMS04YjA5LTFkZjQ4
YWZkZWVjOS84ZmFmY2Q0Mjk3OWU0MzM4NGVhMzMzYTVkN2U0ODFhODIyZmVkYmZl
LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8w
HTAMBAIAATAGAwQCta7gMA0EAgACMAcDBQAoA4MQMA0GCSqGSIb3DQEBCwUAA4IB
AQAKb5npFPZckhBFfbifT9i/c7Zy3vtAnzUJypvxUgJjUCQCZl6OmpUy9VdQRiW4
nmj2x3p4mOWFeJCJL2Xbbtnk4Qr9PcvWVqthuczPmDOjlW4U/rjAWlN9HHSaeQtw
gqGjhRweczkyCnATz0sJN+ssidRYCItxf+DF//UaeV/JE0jMsaNNjqfJNq8sDO0e
b9gK80oz9WPTrxV0tiub/cOUy1R00AZHVFp/FJDVYdfMags+gvyN1xEU0/2eMr8B
s1ZO7lCIqDGgJAVSR1Z+QiAGfOiaeGo138TdEsTFJjArg/Kd+p9WdaEw5u9oDgIf
eZfI/M+6QmC/Xgq5HyxBxewv
-----END CERTIFICATE-----
Generated at Thu Mar 28 08:12:21 2024 by rpki-client on console-ams.rpki-client.org