Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/6f79674c-0735-446e-b332-22235befb824/fed05d3eba5e697b63304cd90d8c79526223e463.roa
File:                     fed05d3eba5e697b63304cd90d8c79526223e463.roa (raw, json)
Hash identifier:          gNGxKuiAkRLIU4LbBIKuhB2zvdD8BnXuKLnzhoNhTdw=
Subject key identifier:   56:69:93:CD:84:6F:4E:76:C9:42:68:81:72:E1:52:C0:78:7B:41:45
Certificate issuer:       /CN=a4f5c6cc455d4e5671af9abbe01fdee26ec6aa79
Certificate serial:       0C8A6C
Authority key identifier: 1E:79:50:6C:D7:F7:11:82:46:33:C5:C3:AC:74:E6:A3:16:36:24:52
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/a4f5c6cc455d4e5671af9abbe01fdee26ec6aa79.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/6f79674c-0735-446e-b332-22235befb824/fed05d3eba5e697b63304cd90d8c79526223e463.roa
Signing time:             Wed 24 Mar 2021 14:36:12 +0000
ROA not before:           Wed 24 Mar 2021 14:36:11 +0000
ROA not after:            Tue 24 Mar 2026 14:36:11 +0000
asID:                     13489
IP address blocks:        45.169.253.0/24 maxlen: 24
                          2803:87a0::/32 maxlen: 32

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/6f79674c-0735-446e-b332-22235befb824/a4f5c6cc455d4e5671af9abbe01fdee26ec6aa79.crl
                          rsync://repository.lacnic.net/rpki/lacnic/6f79674c-0735-446e-b332-22235befb824/a4f5c6cc455d4e5671af9abbe01fdee26ec6aa79.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/a4f5c6cc455d4e5671af9abbe01fdee26ec6aa79.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Tue 27 Feb 2024 12:23:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 821868 (0xc8a6c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a4f5c6cc455d4e5671af9abbe01fdee26ec6aa79
        Validity
            Not Before: Mar 24 14:36:11 2021 GMT
            Not After : Mar 24 14:36:11 2026 GMT
        Subject: CN=fed05d3eba5e697b63304cd90d8c79526223e463
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:c2:19:da:7a:69:4d:77:ef:c0:58:2c:64:4a:
                    b2:b4:64:73:5f:b2:5b:d1:5d:e4:2f:f7:b1:e5:38:
                    58:df:2e:86:43:35:43:73:9f:16:61:3f:d6:35:fd:
                    f2:9a:57:b3:d7:5e:70:c3:70:23:64:46:29:8a:7d:
                    e2:35:b1:15:68:f5:e4:ab:20:a6:be:89:37:a8:0e:
                    5d:80:10:45:7c:2d:6e:c6:8a:f7:19:f6:1b:98:84:
                    b5:49:b2:9d:76:e2:65:08:0c:c0:72:a5:c6:8b:90:
                    c9:18:db:3b:e2:9c:28:63:d9:f5:f4:e5:34:b4:aa:
                    6f:b6:4f:36:16:cf:43:77:57:df:7f:a0:71:e9:f6:
                    01:c7:8e:20:8a:3e:f0:46:e8:f9:77:87:0a:bd:45:
                    cc:b5:43:fe:88:3e:01:91:3f:76:0e:50:f4:04:7c:
                    db:47:24:51:80:ec:31:da:3c:c1:45:84:1c:01:b6:
                    20:b9:17:cc:cf:8a:15:49:3d:cd:de:ae:8d:c9:ec:
                    03:53:30:6c:d5:06:a1:78:73:3f:11:90:95:f9:db:
                    45:69:2a:b3:f4:83:c2:77:10:81:ab:d6:ac:11:9e:
                    14:bc:11:06:7d:77:25:d7:f2:f3:fb:3f:27:85:09:
                    aa:10:52:21:89:b6:d1:9f:67:1c:a9:6c:9a:1c:22:
                    14:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                56:69:93:CD:84:6F:4E:76:C9:42:68:81:72:E1:52:C0:78:7B:41:45
            X509v3 Authority Key Identifier:
                keyid:1E:79:50:6C:D7:F7:11:82:46:33:C5:C3:AC:74:E6:A3:16:36:24:52

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/a4f5c6cc455d4e5671af9abbe01fdee26ec6aa79.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/6f79674c-0735-446e-b332-22235befb824/fed05d3eba5e697b63304cd90d8c79526223e463.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/6f79674c-0735-446e-b332-22235befb824/a4f5c6cc455d4e5671af9abbe01fdee26ec6aa79.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.169.253.0/24
                IPv6:
                  2803:87a0::/32

    Signature Algorithm: sha256WithRSAEncryption
         54:53:d9:8a:45:fa:c1:46:f4:92:1d:5b:ce:87:d6:2b:d2:8a:
         e5:14:6b:9d:29:64:da:6d:e3:4a:09:3e:c9:87:d1:82:10:2f:
         5c:3a:80:3b:3e:33:c1:00:88:88:14:d4:a3:96:b6:ed:ae:0a:
         58:a3:cf:69:1a:a7:90:e8:5b:60:67:79:84:39:e2:2f:a1:cf:
         21:3b:db:48:95:68:62:37:85:e9:56:16:75:a6:a9:4c:f4:96:
         5d:cc:15:4f:52:b8:ca:8e:e7:b7:e4:ae:c8:f3:47:11:f5:92:
         6b:dd:b9:87:7c:46:00:91:65:c0:b2:a3:3b:c6:81:66:79:55:
         ac:eb:4e:f2:6e:3d:b5:a0:15:f6:80:51:66:7a:c4:9f:47:7c:
         37:77:9e:1e:1b:7d:00:d1:81:cf:c4:78:c7:39:d8:01:0d:bd:
         48:3f:16:ec:c3:fb:02:3a:13:bf:f8:d2:8b:6a:c1:df:1c:34:
         75:ec:ee:a2:bc:65:0a:45:f4:c4:23:99:27:5c:22:e9:54:37:
         35:c3:88:fc:ca:0d:72:7e:8e:ac:09:4d:d6:3b:27:ad:00:0a:
         a0:90:e2:ac:2a:71:1f:2f:21:99:ff:4e:a9:2f:d5:74:c4:08:
         d5:55:3f:72:08:d1:f8:44:e1:7f:4f:08:7f:2c:fa:46:44:f8:
         3b:d5:8b:43
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgIDDIpsMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGE0
ZjVjNmNjNDU1ZDRlNTY3MWFmOWFiYmUwMWZkZWUyNmVjNmFhNzkwHhcNMjEwMzI0
MTQzNjExWhcNMjYwMzI0MTQzNjExWjAzMTEwLwYDVQQDEyhmZWQwNWQzZWJhNWU2
OTdiNjMzMDRjZDkwZDhjNzk1MjYyMjNlNDYzMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAncIZ2nppTXfvwFgsZEqytGRzX7Jb0V3kL/ex5ThY3y6GQzVD
c58WYT/WNf3ymlez115ww3AjZEYpin3iNbEVaPXkqyCmvok3qA5dgBBFfC1uxor3
GfYbmIS1SbKdduJlCAzAcqXGi5DJGNs74pwoY9n19OU0tKpvtk82Fs9Dd1fff6Bx
6fYBx44gij7wRuj5d4cKvUXMtUP+iD4BkT92DlD0BHzbRyRRgOwx2jzBRYQcAbYg
uRfMz4oVST3N3q6NyewDUzBs1QaheHM/EZCV+dtFaSqz9IPCdxCBq9asEZ4UvBEG
fXcl1/Lz+z8nhQmqEFIhibbRn2ccqWyaHCIUmQIDAQABo4ICajCCAmYwHQYDVR0O
BBYEFFZpk82Eb052yUJogXLhUsB4e0FFMB8GA1UdIwQYMBaAFB55UGzX9xGCRjPF
w6x05qMWNiRSMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYTRmNWM2
Y2M0NTVkNGU1NjcxYWY5YWJiZTAxZmRlZTI2ZWM2YWE3OS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNmY3OTY3NGMtMDczNS00NDZlLWIzMzItMjIyMzVi
ZWZiODI0L2ZlZDA1ZDNlYmE1ZTY5N2I2MzMwNGNkOTBkOGM3OTUyNjIyM2U0NjMu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy82Zjc5Njc0Yy0wNzM1LTQ0NmUtYjMzMi0yMjIz
NWJlZmI4MjQvYTRmNWM2Y2M0NTVkNGU1NjcxYWY5YWJiZTAxZmRlZTI2ZWM2YWE3
OS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQf
MB0wDAQCAAEwBgMEAC2p/TANBAIAAjAHAwUAKAOHoDANBgkqhkiG9w0BAQsFAAOC
AQEAVFPZikX6wUb0kh1bzofWK9KK5RRrnSlk2m3jSgk+yYfRghAvXDqAOz4zwQCI
iBTUo5a27a4KWKPPaRqnkOhbYGd5hDniL6HPITvbSJVoYjeF6VYWdaapTPSWXcwV
T1K4yo7nt+SuyPNHEfWSa925h3xGAJFlwLKjO8aBZnlVrOtO8m49taAV9oBRZnrE
n0d8N3eeHht9ANGBz8R4xznYAQ29SD8W7MP7AjoTv/jSi2rB3xw0dezuorxlCkX0
xCOZJ1wi6VQ3NcOI/MoNcn6OrAlN1jsnrQAKoJDirCpxHy8hmf9OqS/VdMQI1VU/
cgjR+EThf08Ifyz6RkT4O9WLQw==
-----END CERTIFICATE-----
Generated at Sat Feb 24 14:41:18 2024 by rpki-client on console-fra.rpki-client.org