Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/770e3f4e-dc18-4e55-a62f-844b1ad1c373/f7d7a3699defc668ee83622d8fa823b3f3c0c0d3.roa
File:                     f7d7a3699defc668ee83622d8fa823b3f3c0c0d3.roa (raw, json)
Hash identifier:          D1vp7/cGmrlmbz0vyMBVBXotZogDSSshu84bxc4t6GI=
Subject key identifier:   73:58:5F:C8:62:B3:7D:51:A4:A6:CC:B0:08:A9:7F:B1:62:75:D5:88
Certificate issuer:       /CN=c5f46174684e21f761c74c6949df6952eb61f7e1
Certificate serial:       194DD4
Authority key identifier: 86:D8:D3:B4:17:49:48:2D:BC:2D:01:82:E3:F5:77:85:22:4A:11:12
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/c5f46174684e21f761c74c6949df6952eb61f7e1.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/770e3f4e-dc18-4e55-a62f-844b1ad1c373/f7d7a3699defc668ee83622d8fa823b3f3c0c0d3.roa
Signing time:             Fri 26 Aug 2022 16:22:58 +0000
ROA not before:           Fri 26 Aug 2022 16:21:35 +0000
ROA not after:            Mon 26 Aug 2024 16:21:35 +0000
asID:                     266823
IP address blocks:        45.237.172.0/22 maxlen: 24
                          2803:24a0::/32 maxlen: 48

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/770e3f4e-dc18-4e55-a62f-844b1ad1c373/c5f46174684e21f761c74c6949df6952eb61f7e1.crl
                          rsync://repository.lacnic.net/rpki/lacnic/770e3f4e-dc18-4e55-a62f-844b1ad1c373/c5f46174684e21f761c74c6949df6952eb61f7e1.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/c5f46174684e21f761c74c6949df6952eb61f7e1.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Wed 06 Mar 2024 06:24:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1658324 (0x194dd4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c5f46174684e21f761c74c6949df6952eb61f7e1
        Validity
            Not Before: Aug 26 16:21:35 2022 GMT
            Not After : Aug 26 16:21:35 2024 GMT
        Subject: CN=f7d7a3699defc668ee83622d8fa823b3f3c0c0d3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:02:9a:d9:a5:27:f4:ac:6c:71:71:c5:1d:4e:
                    3b:c8:50:4c:a0:bc:1c:2f:2f:83:d4:6a:0f:e6:e1:
                    43:d6:0e:49:15:64:01:8c:a9:96:83:d8:fd:39:1c:
                    70:82:27:1d:77:45:41:60:6c:29:7d:ef:26:2c:c6:
                    4a:f0:d1:77:f3:43:34:8e:fe:6f:ee:c0:4c:40:f2:
                    db:9c:67:89:9a:21:b0:73:33:a7:de:6e:64:bb:62:
                    0f:61:64:f8:1d:5f:84:8c:cc:1a:ef:64:ba:77:9d:
                    d2:80:79:b4:28:7f:68:26:87:32:1a:54:6a:72:96:
                    0f:ca:47:4b:94:b4:e4:de:1e:f3:9b:44:68:91:8a:
                    55:3b:ad:6a:b4:dc:31:2d:07:47:c3:a0:cb:9f:99:
                    9f:55:41:82:f2:3e:97:d0:b5:2a:f7:95:9d:29:92:
                    d2:4a:7a:68:54:05:28:56:b5:7e:30:12:8a:58:b7:
                    47:d2:d1:dd:64:de:cb:cd:33:c5:5b:a8:94:dd:dc:
                    d7:15:2b:7b:37:82:42:5f:e1:f3:dc:9e:18:1b:e2:
                    4c:c9:24:62:e1:d0:d6:03:f5:62:fb:90:d5:02:83:
                    96:37:57:54:fc:0d:ef:41:06:58:9d:2d:cb:47:ca:
                    35:dc:8d:4c:a6:65:9a:1e:ac:cd:85:2c:a8:24:fb:
                    88:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                73:58:5F:C8:62:B3:7D:51:A4:A6:CC:B0:08:A9:7F:B1:62:75:D5:88
            X509v3 Authority Key Identifier:
                keyid:86:D8:D3:B4:17:49:48:2D:BC:2D:01:82:E3:F5:77:85:22:4A:11:12

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/c5f46174684e21f761c74c6949df6952eb61f7e1.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/770e3f4e-dc18-4e55-a62f-844b1ad1c373/f7d7a3699defc668ee83622d8fa823b3f3c0c0d3.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/770e3f4e-dc18-4e55-a62f-844b1ad1c373/c5f46174684e21f761c74c6949df6952eb61f7e1.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.237.172.0/22
                IPv6:
                  2803:24a0::/32

    Signature Algorithm: sha256WithRSAEncryption
         5a:1c:98:6a:8d:66:11:c2:9a:11:95:e6:10:82:bd:d6:1c:04:
         57:ff:4e:0d:57:df:41:5e:6b:2d:89:c7:f6:85:a9:73:38:52:
         f1:50:3f:d4:9d:e8:f4:46:77:ea:c9:49:18:ea:a2:89:ce:8e:
         69:b0:1a:fe:8d:2a:57:9c:6b:ae:3f:d6:9e:46:b4:f2:a3:97:
         4c:e4:d0:57:10:5e:26:22:76:31:9d:22:12:29:5d:b2:59:79:
         2f:91:65:fe:65:28:ac:12:02:e2:3d:28:85:22:1b:a9:e4:96:
         db:57:17:58:33:97:2a:a4:f8:8c:a7:fe:92:0f:9b:1b:be:b4:
         43:e2:13:6d:cc:4e:16:93:f2:ca:b7:fc:8d:8a:b9:dc:8f:d7:
         1f:19:23:7c:5a:54:2a:05:90:77:31:6f:c2:95:0a:0c:65:9b:
         de:8d:37:9d:63:3c:34:14:4a:bd:4e:9a:71:80:98:5a:2f:72:
         4e:79:57:14:12:89:58:8d:c2:4a:6d:b8:ef:79:09:e4:de:ca:
         5b:76:e0:ea:09:0e:18:de:ad:04:25:c5:6d:45:1e:f7:b7:8f:
         75:33:bd:41:fd:ff:c9:7a:0b:01:ce:ff:10:09:83:ba:f7:c5:
         7e:69:18:71:5e:81:b2:0e:98:59:59:86:7d:10:28:4a:53:f7:
         d6:d4:22:14
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgIDGU3UMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGM1
ZjQ2MTc0Njg0ZTIxZjc2MWM3NGM2OTQ5ZGY2OTUyZWI2MWY3ZTEwHhcNMjIwODI2
MTYyMTM1WhcNMjQwODI2MTYyMTM1WjAzMTEwLwYDVQQDEyhmN2Q3YTM2OTlkZWZj
NjY4ZWU4MzYyMmQ4ZmE4MjNiM2YzYzBjMGQzMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAywKa2aUn9KxscXHFHU47yFBMoLwcLy+D1GoP5uFD1g5JFWQB
jKmWg9j9ORxwgicdd0VBYGwpfe8mLMZK8NF380M0jv5v7sBMQPLbnGeJmiGwczOn
3m5ku2IPYWT4HV+EjMwa72S6d53SgHm0KH9oJocyGlRqcpYPykdLlLTk3h7zm0Ro
kYpVO61qtNwxLQdHw6DLn5mfVUGC8j6X0LUq95WdKZLSSnpoVAUoVrV+MBKKWLdH
0tHdZN7LzTPFW6iU3dzXFSt7N4JCX+Hz3J4YG+JMySRi4dDWA/Vi+5DVAoOWN1dU
/A3vQQZYnS3LR8o13I1MpmWaHqzNhSyoJPuIzwIDAQABo4ICajCCAmYwHQYDVR0O
BBYEFHNYX8his31RpKbMsAipf7FiddWIMB8GA1UdIwQYMBaAFIbY07QXSUgtvC0B
guP1d4UiShESMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYzVmNDYx
NzQ2ODRlMjFmNzYxYzc0YzY5NDlkZjY5NTJlYjYxZjdlMS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNzcwZTNmNGUtZGMxOC00ZTU1LWE2MmYtODQ0YjFh
ZDFjMzczL2Y3ZDdhMzY5OWRlZmM2NjhlZTgzNjIyZDhmYTgyM2IzZjNjMGMwZDMu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy83NzBlM2Y0ZS1kYzE4LTRlNTUtYTYyZi04NDRi
MWFkMWMzNzMvYzVmNDYxNzQ2ODRlMjFmNzYxYzc0YzY5NDlkZjY5NTJlYjYxZjdl
MS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQf
MB0wDAQCAAEwBgMEAi3trDANBAIAAjAHAwUAKAMkoDANBgkqhkiG9w0BAQsFAAOC
AQEAWhyYao1mEcKaEZXmEIK91hwEV/9ODVffQV5rLYnH9oWpczhS8VA/1J3o9EZ3
6slJGOqiic6OabAa/o0qV5xrrj/Wnka08qOXTOTQVxBeJiJ2MZ0iEildsll5L5Fl
/mUorBIC4j0ohSIbqeSW21cXWDOXKqT4jKf+kg+bG760Q+ITbcxOFpPyyrf8jYq5
3I/XHxkjfFpUKgWQdzFvwpUKDGWb3o03nWM8NBRKvU6acYCYWi9yTnlXFBKJWI3C
Sm2473kJ5N7KW3bg6gkOGN6tBCXFbUUe97ePdTO9Qf3/yXoLAc7/EAmDuvfFfmkY
cV6Bsg6YWVmGfRAoSlP31tQiFA==
-----END CERTIFICATE-----
Generated at Sun Mar 3 09:56:50 2024 by rpki-client on console-ams.rpki-client.org