Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/6f79674c-0735-446e-b332-22235befb824/967fa07c479b6ea453bb70aa1066efebc3fa2184.roa
File:                     967fa07c479b6ea453bb70aa1066efebc3fa2184.roa (raw, json)
Hash identifier:          EN54YInOnMRpv8w9YMCGJXnuFvkJ2POqiTb4og4FlWM=
Subject key identifier:   1A:EB:24:73:91:1E:34:96:8B:D4:69:DE:B5:8D:F7:4A:61:35:54:65
Certificate issuer:       /CN=a4f5c6cc455d4e5671af9abbe01fdee26ec6aa79
Certificate serial:       0C8E30
Authority key identifier: 1E:79:50:6C:D7:F7:11:82:46:33:C5:C3:AC:74:E6:A3:16:36:24:52
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/a4f5c6cc455d4e5671af9abbe01fdee26ec6aa79.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/6f79674c-0735-446e-b332-22235befb824/967fa07c479b6ea453bb70aa1066efebc3fa2184.roa
Signing time:             Wed 24 Mar 2021 14:36:12 +0000
ROA not before:           Wed 24 Mar 2021 14:36:11 +0000
ROA not after:            Tue 24 Mar 2026 14:36:11 +0000
asID:                     13489
IP address blocks:        45.169.253.0/24 maxlen: 24
                          2803:87a0::/32 maxlen: 32

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/6f79674c-0735-446e-b332-22235befb824/a4f5c6cc455d4e5671af9abbe01fdee26ec6aa79.crl
                          rsync://repository.lacnic.net/rpki/lacnic/6f79674c-0735-446e-b332-22235befb824/a4f5c6cc455d4e5671af9abbe01fdee26ec6aa79.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/a4f5c6cc455d4e5671af9abbe01fdee26ec6aa79.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Wed 28 Feb 2024 07:55:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 822832 (0xc8e30)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a4f5c6cc455d4e5671af9abbe01fdee26ec6aa79
        Validity
            Not Before: Mar 24 14:36:11 2021 GMT
            Not After : Mar 24 14:36:11 2026 GMT
        Subject: CN=967fa07c479b6ea453bb70aa1066efebc3fa2184
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:61:9c:ee:a4:84:26:dd:b8:6c:f5:d2:f5:58:
                    05:d2:31:90:ff:0d:28:c7:72:ed:5d:ff:66:75:eb:
                    f4:20:01:cb:ef:06:df:5a:15:03:79:cb:85:9a:a4:
                    30:c1:21:be:b7:71:9a:2b:27:b3:2b:b2:fa:27:2a:
                    db:fc:55:97:c3:e8:73:4c:de:ef:c3:46:3b:5c:32:
                    d0:82:cc:e9:3a:96:b5:85:55:92:83:6f:96:1d:c2:
                    87:a5:2f:fb:96:bc:09:ab:95:5d:40:5c:18:78:72:
                    31:70:52:66:9f:b0:91:14:75:91:d8:12:5e:c0:1b:
                    5d:b2:12:39:5d:9b:7b:c6:23:eb:c3:b1:ee:bf:57:
                    09:30:33:c0:b3:6e:88:73:ee:9c:c7:de:c5:b8:2d:
                    e7:97:eb:03:36:63:ad:58:cd:3a:68:d1:51:37:07:
                    ac:a2:e6:ad:28:a0:bc:f0:b1:8a:2d:cd:72:a4:0d:
                    f0:66:1c:6b:8b:b3:4e:a9:24:44:11:a5:6f:93:36:
                    c2:2e:f2:09:97:43:dc:5c:3c:cd:e6:74:1c:a6:33:
                    a9:02:77:ec:f6:5a:8e:89:e3:f5:d0:01:05:a8:f4:
                    5a:bf:31:23:c4:b1:c1:fd:61:15:11:78:04:13:f1:
                    3c:bb:c0:42:9e:f6:31:ec:3e:eb:8f:3b:0a:a9:77:
                    b4:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1A:EB:24:73:91:1E:34:96:8B:D4:69:DE:B5:8D:F7:4A:61:35:54:65
            X509v3 Authority Key Identifier:
                keyid:1E:79:50:6C:D7:F7:11:82:46:33:C5:C3:AC:74:E6:A3:16:36:24:52

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/a4f5c6cc455d4e5671af9abbe01fdee26ec6aa79.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/6f79674c-0735-446e-b332-22235befb824/967fa07c479b6ea453bb70aa1066efebc3fa2184.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/6f79674c-0735-446e-b332-22235befb824/a4f5c6cc455d4e5671af9abbe01fdee26ec6aa79.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.169.253.0/24
                IPv6:
                  2803:87a0::/32

    Signature Algorithm: sha256WithRSAEncryption
         64:a4:06:2a:d3:cb:48:5f:4f:4e:fc:c5:51:90:a4:11:6f:21:
         a8:24:11:75:c9:70:4f:15:3a:59:01:94:c7:dc:3b:71:25:f4:
         b4:03:31:6e:45:30:85:49:df:1b:79:60:7d:50:62:df:59:65:
         e9:f0:c4:56:d7:95:10:e5:3a:ef:eb:78:0b:16:6d:5f:44:38:
         64:26:72:db:43:67:32:ed:c6:e5:98:1e:56:73:e3:b6:85:bf:
         26:53:3b:c0:74:60:9e:09:88:1e:f5:79:11:26:6e:a1:7c:7c:
         d5:12:3f:68:50:f2:e0:93:a1:92:4f:25:3b:a3:83:97:5f:4c:
         b5:28:c5:0a:fe:1b:52:39:98:d0:42:d8:91:35:07:b4:e1:c0:
         6e:b9:87:eb:4f:8d:73:e2:56:8c:c9:fc:8b:db:bb:7f:09:b5:
         e0:3c:7b:39:1f:42:58:1b:f2:a7:10:f6:d1:61:28:60:36:b6:
         68:2c:83:80:75:1e:1c:f9:6b:82:5c:89:3e:63:e7:e4:80:b9:
         f6:d5:99:cb:6b:84:8f:bb:9b:ea:c7:7e:c4:32:82:f1:6c:0e:
         81:eb:be:e1:a3:6d:ab:3b:8e:5f:85:f9:7c:15:3c:d3:b4:52:
         66:12:46:b3:b7:8f:b6:d2:bb:b7:f3:d0:2a:ed:33:eb:a2:49:
         c5:95:5b:53
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgIDDI4wMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGE0
ZjVjNmNjNDU1ZDRlNTY3MWFmOWFiYmUwMWZkZWUyNmVjNmFhNzkwHhcNMjEwMzI0
MTQzNjExWhcNMjYwMzI0MTQzNjExWjAzMTEwLwYDVQQDEyg5NjdmYTA3YzQ3OWI2
ZWE0NTNiYjcwYWExMDY2ZWZlYmMzZmEyMTg0MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAxWGc7qSEJt24bPXS9VgF0jGQ/w0ox3LtXf9mdev0IAHL7wbf
WhUDecuFmqQwwSG+t3GaKyezK7L6Jyrb/FWXw+hzTN7vw0Y7XDLQgszpOpa1hVWS
g2+WHcKHpS/7lrwJq5VdQFwYeHIxcFJmn7CRFHWR2BJewBtdshI5XZt7xiPrw7Hu
v1cJMDPAs26Ic+6cx97FuC3nl+sDNmOtWM06aNFRNwesouatKKC88LGKLc1ypA3w
Zhxri7NOqSREEaVvkzbCLvIJl0PcXDzN5nQcpjOpAnfs9lqOieP10AEFqPRavzEj
xLHB/WEVEXgEE/E8u8BCnvYx7D7rjzsKqXe09wIDAQABo4ICajCCAmYwHQYDVR0O
BBYEFBrrJHORHjSWi9Rp3rWN90phNVRlMB8GA1UdIwQYMBaAFB55UGzX9xGCRjPF
w6x05qMWNiRSMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYTRmNWM2
Y2M0NTVkNGU1NjcxYWY5YWJiZTAxZmRlZTI2ZWM2YWE3OS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNmY3OTY3NGMtMDczNS00NDZlLWIzMzItMjIyMzVi
ZWZiODI0Lzk2N2ZhMDdjNDc5YjZlYTQ1M2JiNzBhYTEwNjZlZmViYzNmYTIxODQu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy82Zjc5Njc0Yy0wNzM1LTQ0NmUtYjMzMi0yMjIz
NWJlZmI4MjQvYTRmNWM2Y2M0NTVkNGU1NjcxYWY5YWJiZTAxZmRlZTI2ZWM2YWE3
OS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQf
MB0wDAQCAAEwBgMEAC2p/TANBAIAAjAHAwUAKAOHoDANBgkqhkiG9w0BAQsFAAOC
AQEAZKQGKtPLSF9PTvzFUZCkEW8hqCQRdclwTxU6WQGUx9w7cSX0tAMxbkUwhUnf
G3lgfVBi31ll6fDEVteVEOU67+t4CxZtX0Q4ZCZy20NnMu3G5ZgeVnPjtoW/JlM7
wHRgngmIHvV5ESZuoXx81RI/aFDy4JOhkk8lO6ODl19MtSjFCv4bUjmY0ELYkTUH
tOHAbrmH60+Nc+JWjMn8i9u7fwm14Dx7OR9CWBvypxD20WEoYDa2aCyDgHUeHPlr
glyJPmPn5IC59tWZy2uEj7ub6sd+xDKC8WwOgeu+4aNtqzuOX4X5fBU807RSZhJG
s7ePttK7t/PQKu0z66JJxZVbUw==
-----END CERTIFICATE-----
Generated at Sun Feb 25 09:14:23 2024 by rpki-client on console-ams.rpki-client.org