Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/6f79674c-0735-446e-b332-22235befb824/35bd9055fe7e9a23e3d679344d6b7455f22dcf5b.roa
File:                     35bd9055fe7e9a23e3d679344d6b7455f22dcf5b.roa (raw, json)
Hash identifier:          nHhNzFx90Nye154GcFUBrVdiZS+sgf8D15kV9nNklfg=
Subject key identifier:   AC:88:8C:0B:77:37:A6:0D:42:62:22:BF:63:67:B9:A2:0E:06:12:5C
Certificate issuer:       /CN=a4f5c6cc455d4e5671af9abbe01fdee26ec6aa79
Certificate serial:       0C8F7A
Authority key identifier: 1E:79:50:6C:D7:F7:11:82:46:33:C5:C3:AC:74:E6:A3:16:36:24:52
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/a4f5c6cc455d4e5671af9abbe01fdee26ec6aa79.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/6f79674c-0735-446e-b332-22235befb824/35bd9055fe7e9a23e3d679344d6b7455f22dcf5b.roa
Signing time:             Wed 24 Mar 2021 14:36:12 +0000
ROA not before:           Wed 24 Mar 2021 14:36:11 +0000
ROA not after:            Tue 24 Mar 2026 14:36:11 +0000
asID:                     13489
IP address blocks:        45.169.253.0/25 maxlen: 25
                          45.169.253.128/26 maxlen: 26
                          45.169.253.192/26 maxlen: 26

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/6f79674c-0735-446e-b332-22235befb824/a4f5c6cc455d4e5671af9abbe01fdee26ec6aa79.crl
                          rsync://repository.lacnic.net/rpki/lacnic/6f79674c-0735-446e-b332-22235befb824/a4f5c6cc455d4e5671af9abbe01fdee26ec6aa79.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/a4f5c6cc455d4e5671af9abbe01fdee26ec6aa79.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 12:22:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 823162 (0xc8f7a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a4f5c6cc455d4e5671af9abbe01fdee26ec6aa79
        Validity
            Not Before: Mar 24 14:36:11 2021 GMT
            Not After : Mar 24 14:36:11 2026 GMT
        Subject: CN=35bd9055fe7e9a23e3d679344d6b7455f22dcf5b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:60:60:62:bd:c0:51:68:a8:3f:f8:ca:56:ab:
                    68:1f:17:69:8a:0f:e0:1c:d5:2a:68:8d:06:0f:1b:
                    fb:f5:ce:1b:40:11:2c:9a:d3:50:ca:3c:0f:90:db:
                    03:4e:23:44:74:39:9d:4f:f3:6a:ce:7d:30:c3:c2:
                    ad:e8:82:6a:b8:e5:e7:de:3a:85:0f:36:87:ae:65:
                    dd:4a:d1:56:1b:bd:87:4d:ac:c7:c3:6b:8b:96:87:
                    f2:6a:8b:86:a0:2c:b9:5c:b6:d6:35:55:11:a5:db:
                    40:e2:b1:38:fb:1d:6f:41:b4:04:11:0e:1e:a7:8c:
                    66:6c:db:da:a0:34:c1:7b:3d:b9:72:ed:9a:6c:cd:
                    c0:60:71:f9:72:7b:b7:26:a3:9d:5f:88:f5:52:a7:
                    65:b0:9d:33:c1:08:09:7b:ad:e8:eb:4a:cc:d6:3d:
                    7c:9b:ca:ff:80:bb:8d:ec:94:ea:72:c3:c2:30:b5:
                    b5:1f:7a:6b:d1:2a:ca:48:49:e1:66:4d:1d:ce:dd:
                    7c:2c:37:c3:7b:5f:c4:68:df:90:94:4a:7f:af:c5:
                    5b:32:e7:fd:6e:17:ec:ba:c6:37:bb:85:f0:72:b4:
                    db:99:28:50:ce:7c:9e:97:14:cd:7a:f8:af:2a:59:
                    4d:06:09:2f:2b:7c:ec:4e:5b:cd:2f:ff:a6:73:09:
                    31:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AC:88:8C:0B:77:37:A6:0D:42:62:22:BF:63:67:B9:A2:0E:06:12:5C
            X509v3 Authority Key Identifier:
                keyid:1E:79:50:6C:D7:F7:11:82:46:33:C5:C3:AC:74:E6:A3:16:36:24:52

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/a4f5c6cc455d4e5671af9abbe01fdee26ec6aa79.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/6f79674c-0735-446e-b332-22235befb824/35bd9055fe7e9a23e3d679344d6b7455f22dcf5b.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/6f79674c-0735-446e-b332-22235befb824/a4f5c6cc455d4e5671af9abbe01fdee26ec6aa79.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.169.253.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3f:a7:cb:8a:8d:f5:1a:90:0b:24:1d:7b:b8:e6:d8:cf:83:d7:
         a7:b2:c1:57:42:14:f0:b0:26:5c:3a:06:d8:e1:e0:8b:40:9e:
         e4:79:7c:a8:d7:4f:72:b5:2d:22:84:1c:bd:41:c3:f2:9b:1f:
         33:97:f7:26:ab:f6:21:74:63:6d:72:b4:fc:b4:f9:b4:28:a6:
         14:03:37:20:87:11:25:d4:b1:e7:60:49:ad:b3:40:79:5d:fc:
         58:9d:6b:cb:98:4d:2b:52:94:14:10:77:4f:09:ea:88:30:b2:
         a2:8c:4f:66:99:29:ad:94:5e:9a:e3:a7:46:70:08:fd:88:2e:
         29:6c:a8:35:11:ca:b6:e2:0e:06:4d:40:ac:6f:ac:06:98:fe:
         7d:f1:27:43:73:6c:1d:02:dc:8d:5b:8b:6d:2f:02:06:d5:b4:
         e9:f3:a8:8c:98:61:a7:b7:4c:3c:9c:f6:08:db:75:ac:f8:12:
         a5:3e:72:ff:d9:6b:8f:4d:d0:d9:83:48:16:bf:63:50:ec:83:
         b4:cb:13:ad:3c:71:05:99:1d:4a:f0:b5:f4:a5:1b:8d:b5:f5:
         bf:f3:4f:e4:50:a6:ee:cd:db:7f:d3:af:15:ac:a3:b7:c4:94:
         be:21:a8:e6:21:19:8d:8a:46:a0:6e:2e:63:a0:7c:98:39:c1:
         4d:7b:96:1a
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDDI96MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGE0
ZjVjNmNjNDU1ZDRlNTY3MWFmOWFiYmUwMWZkZWUyNmVjNmFhNzkwHhcNMjEwMzI0
MTQzNjExWhcNMjYwMzI0MTQzNjExWjAzMTEwLwYDVQQDEygzNWJkOTA1NWZlN2U5
YTIzZTNkNjc5MzQ0ZDZiNzQ1NWYyMmRjZjViMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAiWBgYr3AUWioP/jKVqtoHxdpig/gHNUqaI0GDxv79c4bQBEs
mtNQyjwPkNsDTiNEdDmdT/Nqzn0ww8Kt6IJquOXn3jqFDzaHrmXdStFWG72HTazH
w2uLlofyaouGoCy5XLbWNVURpdtA4rE4+x1vQbQEEQ4ep4xmbNvaoDTBez25cu2a
bM3AYHH5cnu3JqOdX4j1UqdlsJ0zwQgJe63o60rM1j18m8r/gLuN7JTqcsPCMLW1
H3pr0SrKSEnhZk0dzt18LDfDe1/EaN+QlEp/r8VbMuf9bhfsusY3u4XwcrTbmShQ
znyelxTNevivKllNBgkvK3zsTlvNL/+mcwkx/QIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFKyIjAt3N6YNQmIiv2NnuaIOBhJcMB8GA1UdIwQYMBaAFB55UGzX9xGCRjPF
w6x05qMWNiRSMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYTRmNWM2
Y2M0NTVkNGU1NjcxYWY5YWJiZTAxZmRlZTI2ZWM2YWE3OS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNmY3OTY3NGMtMDczNS00NDZlLWIzMzItMjIyMzVi
ZWZiODI0LzM1YmQ5MDU1ZmU3ZTlhMjNlM2Q2NzkzNDRkNmI3NDU1ZjIyZGNmNWIu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy82Zjc5Njc0Yy0wNzM1LTQ0NmUtYjMzMi0yMjIz
NWJlZmI4MjQvYTRmNWM2Y2M0NTVkNGU1NjcxYWY5YWJiZTAxZmRlZTI2ZWM2YWE3
OS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAC2p/TANBgkqhkiG9w0BAQsFAAOCAQEAP6fLio31GpALJB17
uObYz4PXp7LBV0IU8LAmXDoG2OHgi0Ce5Hl8qNdPcrUtIoQcvUHD8psfM5f3Jqv2
IXRjbXK0/LT5tCimFAM3IIcRJdSx52BJrbNAeV38WJ1ry5hNK1KUFBB3TwnqiDCy
ooxPZpkprZRemuOnRnAI/YguKWyoNRHKtuIOBk1ArG+sBpj+ffEnQ3NsHQLcjVuL
bS8CBtW06fOojJhhp7dMPJz2CNt1rPgSpT5y/9lrj03Q2YNIFr9jUOyDtMsTrTxx
BZkdSvC19KUbjbX1v/NP5FCm7s3bf9OvFayjt8SUviGo5iEZjYpGoG4uY6B8mDnB
TXuWGg==
-----END CERTIFICATE-----
Generated at Thu Mar 28 13:29:17 2024 by rpki-client on console-ams.rpki-client.org