Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/797c21b0-a0c4-448d-84a6-35f179b73e46/e8c87a181374bdbd105931a5b0300e21cabfd335.roa
File:                     e8c87a181374bdbd105931a5b0300e21cabfd335.roa (raw, json)
Hash identifier:          qn7TFt3z2zCzgJw6GSZrYCQ67YRw0CyxYytjU/xT6GI=
Subject key identifier:   62:F4:18:53:AA:67:95:02:E6:ED:8B:95:98:FD:50:E0:92:0E:89:7F
Certificate issuer:       /CN=4445cb9beea798f0fcde4339a7ff23524d49bf44
Certificate serial:       111D07
Authority key identifier: 12:C5:1C:F8:D8:09:FF:70:36:76:21:8F:19:93:0F:62:AC:25:BA:91
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/4445cb9beea798f0fcde4339a7ff23524d49bf44.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/797c21b0-a0c4-448d-84a6-35f179b73e46/e8c87a181374bdbd105931a5b0300e21cabfd335.roa
Signing time:             Sun 21 May 2023 21:48:08 +0000
ROA not before:           Sat 20 May 2023 21:48:07 +0000
ROA not after:            Wed 21 May 2025 21:48:07 +0000
asID:                     64108
IP address blocks:        45.226.168.0/22 maxlen: 24
                          2803:4120::/32 maxlen: 48

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/797c21b0-a0c4-448d-84a6-35f179b73e46/4445cb9beea798f0fcde4339a7ff23524d49bf44.crl
                          rsync://repository.lacnic.net/rpki/lacnic/797c21b0-a0c4-448d-84a6-35f179b73e46/4445cb9beea798f0fcde4339a7ff23524d49bf44.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/4445cb9beea798f0fcde4339a7ff23524d49bf44.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Tue 27 Feb 2024 21:42:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1121543 (0x111d07)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4445cb9beea798f0fcde4339a7ff23524d49bf44
        Validity
            Not Before: May 20 21:48:07 2023 GMT
            Not After : May 21 21:48:07 2025 GMT
        Subject: CN=e8c87a181374bdbd105931a5b0300e21cabfd335
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:80:a9:96:7a:53:d1:38:55:ff:e8:b7:4e:66:10:
                    2b:d0:8d:72:1e:b2:1c:b3:89:63:6c:dc:cd:36:7c:
                    0f:b0:b0:50:8b:70:a9:c8:d9:9f:10:48:d3:d1:cc:
                    1b:d8:ac:b4:fa:36:c0:4f:bc:42:6e:13:ff:87:6c:
                    ff:4a:6f:f8:bf:d8:b5:4a:68:c9:97:60:70:e7:ad:
                    6c:1a:cd:1d:30:93:fd:1a:7d:e0:2a:c0:69:e2:f2:
                    69:f6:da:15:2b:65:30:cd:2e:1f:fc:ac:e4:f4:b6:
                    cd:d5:de:8f:7b:aa:05:f4:a1:8e:24:1e:bb:fa:d9:
                    fc:d4:fa:69:6f:4b:d5:ef:e7:34:e5:61:9f:c8:55:
                    b6:ed:41:ee:c5:28:d3:34:8d:88:f4:88:a5:a1:0a:
                    82:14:02:65:87:49:03:39:a8:a4:f8:3a:4a:64:55:
                    fd:28:81:d6:d8:fa:c9:ea:8d:3e:a1:11:20:d7:f6:
                    de:08:4f:b6:ce:4c:07:3f:94:47:b3:df:78:f4:72:
                    c7:1d:98:58:2f:29:a9:ee:55:22:3d:50:91:37:38:
                    cf:ba:36:f3:ed:76:33:3b:24:29:53:6d:c9:10:74:
                    ed:6c:aa:41:50:fe:ef:72:df:eb:39:42:c8:93:c5:
                    82:79:ec:aa:cb:d3:f3:76:b9:89:ff:2b:ac:9c:c6:
                    7b:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                62:F4:18:53:AA:67:95:02:E6:ED:8B:95:98:FD:50:E0:92:0E:89:7F
            X509v3 Authority Key Identifier:
                keyid:12:C5:1C:F8:D8:09:FF:70:36:76:21:8F:19:93:0F:62:AC:25:BA:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/4445cb9beea798f0fcde4339a7ff23524d49bf44.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/797c21b0-a0c4-448d-84a6-35f179b73e46/e8c87a181374bdbd105931a5b0300e21cabfd335.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/797c21b0-a0c4-448d-84a6-35f179b73e46/4445cb9beea798f0fcde4339a7ff23524d49bf44.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.226.168.0/22
                IPv6:
                  2803:4120::/32

    Signature Algorithm: sha256WithRSAEncryption
         80:d0:5c:08:fa:60:8d:b3:39:f0:30:77:db:13:ca:2f:d2:37:
         7c:53:17:df:ca:ea:e5:00:1f:f7:e1:79:0f:59:3a:72:bf:7d:
         6e:1a:11:27:66:94:9d:41:f0:00:14:4e:2c:06:ce:4a:44:97:
         5c:dc:88:a7:85:03:5c:0b:cd:f5:7a:1c:a8:18:ec:05:d8:ba:
         90:1f:3c:ff:47:7c:ad:9d:29:a7:c9:05:2d:33:65:6f:5b:c2:
         9f:d4:8f:43:de:9c:6e:19:63:19:aa:09:da:74:ab:53:5a:b4:
         7f:6b:26:87:c6:9e:30:92:ef:30:1c:00:4d:44:03:75:5e:a8:
         a1:bf:71:ad:9a:34:11:2b:d9:a7:2f:29:73:2d:23:76:cb:6c:
         96:bd:0b:7c:d7:43:d0:f0:e7:dd:73:9f:79:75:c7:09:b0:b7:
         01:ca:ae:db:a8:aa:86:3e:64:f7:79:1f:f6:b0:5a:33:0c:87:
         83:3a:bf:fa:8c:e5:7d:88:c1:2d:96:33:35:59:1c:e5:1f:af:
         c7:b2:b9:2a:5d:7c:56:83:fe:f4:46:3e:e4:02:ca:4a:87:1d:
         37:8d:1b:50:f8:59:27:f7:c0:06:b1:aa:3a:84:0a:20:17:e7:
         e8:6c:fa:1a:84:2b:5c:18:cc:a9:4e:5b:83:e2:e9:96:2f:74:
         7a:7c:b7:00
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgIDER0HMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDQ0
NDVjYjliZWVhNzk4ZjBmY2RlNDMzOWE3ZmYyMzUyNGQ0OWJmNDQwHhcNMjMwNTIw
MjE0ODA3WhcNMjUwNTIxMjE0ODA3WjAzMTEwLwYDVQQDEyhlOGM4N2ExODEzNzRi
ZGJkMTA1OTMxYTViMDMwMGUyMWNhYmZkMzM1MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAgKmWelPROFX/6LdOZhAr0I1yHrIcs4ljbNzNNnwPsLBQi3Cp
yNmfEEjT0cwb2Ky0+jbAT7xCbhP/h2z/Sm/4v9i1SmjJl2Bw561sGs0dMJP9Gn3g
KsBp4vJp9toVK2UwzS4f/Kzk9LbN1d6Pe6oF9KGOJB67+tn81Pppb0vV7+c05WGf
yFW27UHuxSjTNI2I9IiloQqCFAJlh0kDOaik+DpKZFX9KIHW2PrJ6o0+oREg1/be
CE+2zkwHP5RHs9949HLHHZhYLymp7lUiPVCRNzjPujbz7XYzOyQpU23JEHTtbKpB
UP7vct/rOULIk8WCeeyqy9PzdrmJ/yusnMZ7fQIDAQABo4ICajCCAmYwHQYDVR0O
BBYEFGL0GFOqZ5UC5u2LlZj9UOCSDol/MB8GA1UdIwQYMBaAFBLFHPjYCf9wNnYh
jxmTD2KsJbqRMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvNDQ0NWNi
OWJlZWE3OThmMGZjZGU0MzM5YTdmZjIzNTI0ZDQ5YmY0NC5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNzk3YzIxYjAtYTBjNC00NDhkLTg0YTYtMzVmMTc5
YjczZTQ2L2U4Yzg3YTE4MTM3NGJkYmQxMDU5MzFhNWIwMzAwZTIxY2FiZmQzMzUu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy83OTdjMjFiMC1hMGM0LTQ0OGQtODRhNi0zNWYx
NzliNzNlNDYvNDQ0NWNiOWJlZWE3OThmMGZjZGU0MzM5YTdmZjIzNTI0ZDQ5YmY0
NC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQf
MB0wDAQCAAEwBgMEAi3iqDANBAIAAjAHAwUAKANBIDANBgkqhkiG9w0BAQsFAAOC
AQEAgNBcCPpgjbM58DB32xPKL9I3fFMX38rq5QAf9+F5D1k6cr99bhoRJ2aUnUHw
ABROLAbOSkSXXNyIp4UDXAvN9XocqBjsBdi6kB88/0d8rZ0pp8kFLTNlb1vCn9SP
Q96cbhljGaoJ2nSrU1q0f2smh8aeMJLvMBwATUQDdV6oob9xrZo0ESvZpy8pcy0j
dstslr0LfNdD0PDn3XOfeXXHCbC3Acqu26iqhj5k93kf9rBaMwyHgzq/+ozlfYjB
LZYzNVkc5R+vx7K5Kl18VoP+9EY+5ALKSocdN40bUPhZJ/fABrGqOoQKIBfn6Gz6
GoQrXBjMqU5bg+Lpli90eny3AA==
-----END CERTIFICATE-----
Generated at Sun Feb 25 01:34:24 2024 by rpki-client on console-fra.rpki-client.org