Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/78a2168e-0624-4ed1-90a5-cc40c920412e/132c337ba76e1335af304af0509e91e018e250a7.roa
File:                     132c337ba76e1335af304af0509e91e018e250a7.roa (raw, json)
Hash identifier:          Q4n7wQPi7ao69Px5kjwpQyEGKWU6LD9GcEPbKWMDvGg=
Subject key identifier:   30:29:F5:87:E0:24:E8:85:08:87:B9:09:CF:6D:BB:12:BA:7C:70:E7
Certificate issuer:       /CN=8acfc458285d8bcacad68699f2691b0083ca913f
Certificate serial:       11A839
Authority key identifier: 87:F3:4F:60:22:1B:F7:46:90:6C:4F:08:11:FB:67:79:25:DD:3A:7C
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/8acfc458285d8bcacad68699f2691b0083ca913f.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/78a2168e-0624-4ed1-90a5-cc40c920412e/132c337ba76e1335af304af0509e91e018e250a7.roa
Signing time:             Wed 10 May 2023 08:30:00 +0000
ROA not before:           Tue 09 May 2023 08:30:00 +0000
ROA not after:            Thu 08 May 2025 08:30:00 +0000
asID:                     264673
IP address blocks:        168.181.24.0/22 maxlen: 24
                          2803:4d40::/32 maxlen: 32

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/78a2168e-0624-4ed1-90a5-cc40c920412e/8acfc458285d8bcacad68699f2691b0083ca913f.crl
                          rsync://repository.lacnic.net/rpki/lacnic/78a2168e-0624-4ed1-90a5-cc40c920412e/8acfc458285d8bcacad68699f2691b0083ca913f.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/8acfc458285d8bcacad68699f2691b0083ca913f.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 04 Mar 2024 17:26:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1157177 (0x11a839)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8acfc458285d8bcacad68699f2691b0083ca913f
        Validity
            Not Before: May  9 08:30:00 2023 GMT
            Not After : May  8 08:30:00 2025 GMT
        Subject: CN=132c337ba76e1335af304af0509e91e018e250a7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:d1:b2:a8:b0:65:9d:d9:62:75:db:f6:fd:38:
                    9f:5a:df:35:b0:da:d6:9f:12:d4:0a:2f:52:2a:74:
                    ee:c4:dd:01:e0:85:4c:15:ee:ee:8a:b4:cc:e4:f5:
                    3c:ff:1f:59:6b:e3:09:86:6f:ca:47:e6:b7:0b:16:
                    55:bc:6f:92:c1:07:b2:9f:b8:b6:8d:45:32:ec:ef:
                    82:09:6f:33:cb:16:96:fb:a4:17:5b:74:ab:8b:a5:
                    a3:6f:fa:ab:1f:fa:1e:aa:be:0f:f8:45:2f:80:bf:
                    ae:4a:12:ac:9e:03:ad:1a:ef:67:b7:d2:3e:4f:b2:
                    54:b6:4b:e5:e5:27:4d:43:7a:50:19:64:77:26:25:
                    af:13:96:38:35:9a:9a:fa:23:07:f1:c1:8e:52:fe:
                    1a:2f:f0:da:31:3f:ff:06:dc:a2:68:08:de:d2:7b:
                    6a:e8:53:d4:d2:1a:f4:76:3b:27:3d:6b:d7:dd:a1:
                    9e:6b:0b:82:8b:e8:64:94:3f:a3:4d:4a:32:2f:96:
                    4d:04:b1:68:5f:9d:a8:e1:a9:6f:6b:e9:b0:ea:11:
                    b7:24:a2:6b:49:33:de:ca:7e:7d:de:d3:be:da:b2:
                    c0:6b:2f:aa:05:bc:92:da:1f:ea:bc:6e:af:33:15:
                    08:af:01:de:e0:a0:f3:6f:ff:8f:e0:7f:3d:e9:61:
                    5a:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                30:29:F5:87:E0:24:E8:85:08:87:B9:09:CF:6D:BB:12:BA:7C:70:E7
            X509v3 Authority Key Identifier:
                keyid:87:F3:4F:60:22:1B:F7:46:90:6C:4F:08:11:FB:67:79:25:DD:3A:7C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/8acfc458285d8bcacad68699f2691b0083ca913f.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/78a2168e-0624-4ed1-90a5-cc40c920412e/132c337ba76e1335af304af0509e91e018e250a7.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/78a2168e-0624-4ed1-90a5-cc40c920412e/8acfc458285d8bcacad68699f2691b0083ca913f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  168.181.24.0/22
                IPv6:
                  2803:4d40::/32

    Signature Algorithm: sha256WithRSAEncryption
         22:13:7b:c9:2d:56:f8:57:25:3f:28:8f:e0:81:81:d9:45:7a:
         6a:70:b6:a1:d5:fc:db:2c:e3:eb:fc:6f:d3:f4:74:4a:75:d3:
         59:75:93:d3:7e:07:f3:9a:9a:97:91:20:5a:63:32:13:d0:0c:
         4d:ba:1d:cd:fb:4e:f5:09:f4:9a:dd:d8:75:0f:ca:db:c0:6a:
         c3:1c:2a:03:fd:e4:74:1d:c0:b8:ec:cc:9f:1d:5d:02:b1:b6:
         de:89:31:e4:b7:f3:03:67:85:a1:a7:5b:f6:0d:77:65:8a:4e:
         17:e0:67:6c:5c:36:a4:4f:01:8d:38:7c:62:51:ce:ad:7e:f0:
         72:4a:48:30:e6:c1:3b:48:58:18:5a:2a:ef:0a:3f:c0:04:a8:
         96:85:ad:cc:f5:53:35:9f:3c:9a:55:90:52:dd:5e:5b:ae:1d:
         f5:5a:77:4f:c9:b9:e7:64:32:04:7a:33:26:71:33:bb:b0:d2:
         80:55:7a:bf:90:67:23:d6:55:0e:2f:e9:34:be:c7:41:f9:92:
         56:90:8e:6e:14:a5:30:29:29:05:56:bf:5a:43:2c:63:89:00:
         31:32:48:2b:01:3c:5a:47:3d:76:e2:10:78:1e:0c:e5:92:9c:
         b1:6c:14:39:34:f0:cd:9b:c9:bc:d9:76:6d:96:7d:89:a1:a0:
         dd:e1:57:77
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgIDEag5MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDhh
Y2ZjNDU4Mjg1ZDhiY2FjYWQ2ODY5OWYyNjkxYjAwODNjYTkxM2YwHhcNMjMwNTA5
MDgzMDAwWhcNMjUwNTA4MDgzMDAwWjAzMTEwLwYDVQQDEygxMzJjMzM3YmE3NmUx
MzM1YWYzMDRhZjA1MDllOTFlMDE4ZTI1MGE3MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAi9GyqLBlndliddv2/TifWt81sNrWnxLUCi9SKnTuxN0B4IVM
Fe7uirTM5PU8/x9Za+MJhm/KR+a3CxZVvG+SwQeyn7i2jUUy7O+CCW8zyxaW+6QX
W3Sri6Wjb/qrH/oeqr4P+EUvgL+uShKsngOtGu9nt9I+T7JUtkvl5SdNQ3pQGWR3
JiWvE5Y4NZqa+iMH8cGOUv4aL/DaMT//BtyiaAje0ntq6FPU0hr0djsnPWvX3aGe
awuCi+hklD+jTUoyL5ZNBLFoX52o4alva+mw6hG3JKJrSTPeyn593tO+2rLAay+q
BbyS2h/qvG6vMxUIrwHe4KDzb/+P4H896WFaHwIDAQABo4ICajCCAmYwHQYDVR0O
BBYEFDAp9YfgJOiFCIe5Cc9tuxK6fHDnMB8GA1UdIwQYMBaAFIfzT2AiG/dGkGxP
CBH7Z3kl3Tp8MA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvOGFjZmM0
NTgyODVkOGJjYWNhZDY4Njk5ZjI2OTFiMDA4M2NhOTEzZi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNzhhMjE2OGUtMDYyNC00ZWQxLTkwYTUtY2M0MGM5
MjA0MTJlLzEzMmMzMzdiYTc2ZTEzMzVhZjMwNGFmMDUwOWU5MWUwMThlMjUwYTcu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy83OGEyMTY4ZS0wNjI0LTRlZDEtOTBhNS1jYzQw
YzkyMDQxMmUvOGFjZmM0NTgyODVkOGJjYWNhZDY4Njk5ZjI2OTFiMDA4M2NhOTEz
Zi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQf
MB0wDAQCAAEwBgMEAqi1GDANBAIAAjAHAwUAKANNQDANBgkqhkiG9w0BAQsFAAOC
AQEAIhN7yS1W+FclPyiP4IGB2UV6anC2odX82yzj6/xv0/R0SnXTWXWT034H85qa
l5EgWmMyE9AMTbodzftO9Qn0mt3YdQ/K28BqwxwqA/3kdB3AuOzMnx1dArG23okx
5LfzA2eFoadb9g13ZYpOF+BnbFw2pE8BjTh8YlHOrX7wckpIMObBO0hYGFoq7wo/
wASoloWtzPVTNZ88mlWQUt1eW64d9Vp3T8m552QyBHozJnEzu7DSgFV6v5BnI9ZV
Di/pNL7HQfmSVpCObhSlMCkpBVa/WkMsY4kAMTJIKwE8Wkc9duIQeB4M5ZKcsWwU
OTTwzZvJvNl2bZZ9iaGg3eFXdw==
-----END CERTIFICATE-----
Generated at Fri Mar 1 23:42:05 2024 by rpki-client on console-ams.rpki-client.org