Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/7ae23e18-d064-4323-bbc5-878ae16e18d3/0cb284c58c9def12d1f16790fe35b21d7fd5fdd2.roa
File:                     0cb284c58c9def12d1f16790fe35b21d7fd5fdd2.roa (raw, json)
Hash identifier:          8yGJuzv5rF1EjMRy8Zv1LROtUbaQ9H5jcme7Bo4IKM4=
Subject key identifier:   8B:43:BB:A4:D5:9B:72:DB:58:E6:CC:C4:C3:26:6F:DC:B1:E2:6A:FE
Certificate issuer:       /CN=d644dc4f03e4edb1c47800a7f22ba12fcb5be9bf
Certificate serial:       03FB07
Authority key identifier: 3D:15:9A:1B:F8:45:30:25:C9:F9:AF:1C:6C:1B:80:45:B5:55:52:AE
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/d644dc4f03e4edb1c47800a7f22ba12fcb5be9bf.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/7ae23e18-d064-4323-bbc5-878ae16e18d3/0cb284c58c9def12d1f16790fe35b21d7fd5fdd2.roa
Signing time:             Wed 24 Mar 2021 14:32:10 +0000
ROA not before:           Wed 24 Mar 2021 14:32:10 +0000
ROA not after:            Tue 24 Mar 2026 14:32:10 +0000
asID:                     265740
IP address blocks:        128.201.20.0/22 maxlen: 22

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/7ae23e18-d064-4323-bbc5-878ae16e18d3/d644dc4f03e4edb1c47800a7f22ba12fcb5be9bf.crl
                          rsync://repository.lacnic.net/rpki/lacnic/7ae23e18-d064-4323-bbc5-878ae16e18d3/d644dc4f03e4edb1c47800a7f22ba12fcb5be9bf.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/d644dc4f03e4edb1c47800a7f22ba12fcb5be9bf.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 01 Apr 2024 05:58:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 260871 (0x3fb07)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d644dc4f03e4edb1c47800a7f22ba12fcb5be9bf
        Validity
            Not Before: Mar 24 14:32:10 2021 GMT
            Not After : Mar 24 14:32:10 2026 GMT
        Subject: CN=0cb284c58c9def12d1f16790fe35b21d7fd5fdd2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:84:08:f4:e8:0e:80:3c:53:70:92:f3:5a:64:
                    41:48:c9:2a:0a:2b:1f:56:63:26:cb:4b:0a:84:a9:
                    55:4b:aa:e1:ff:51:24:fe:d5:0c:15:bd:ed:25:60:
                    84:fa:59:23:8c:56:20:22:2b:4f:5d:69:d4:69:31:
                    b5:f5:77:df:17:00:5f:29:38:14:b1:0a:bd:a3:67:
                    d5:63:cc:b2:4f:0e:be:a3:89:14:2e:19:c0:c0:6e:
                    e8:b8:9e:5b:da:ce:14:14:ff:bb:f8:34:be:64:65:
                    0b:37:af:51:f4:16:15:4a:27:5e:6a:b2:a9:98:91:
                    61:c8:e5:01:a2:0f:6b:49:ae:58:41:7c:e9:7c:55:
                    4a:29:01:47:2f:01:6c:d4:8e:12:00:06:be:31:ee:
                    82:b3:da:4d:07:b5:26:a9:7a:d7:51:42:9d:62:a8:
                    04:bf:c2:7c:10:ac:a4:f5:ff:63:39:2e:a5:26:4c:
                    cd:30:ad:d5:6b:d8:f2:ec:10:e1:70:6a:2a:df:19:
                    28:d9:4d:9b:02:d3:48:17:01:7b:b8:9a:fc:b3:a8:
                    a0:be:d2:e1:fb:59:03:2f:c7:a6:f6:2a:69:e8:49:
                    45:dd:e7:a2:99:3f:ee:c4:a9:ce:61:8d:12:0a:87:
                    1a:ea:f7:c7:59:ba:2b:61:42:ce:37:9f:f7:3b:76:
                    dd:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8B:43:BB:A4:D5:9B:72:DB:58:E6:CC:C4:C3:26:6F:DC:B1:E2:6A:FE
            X509v3 Authority Key Identifier:
                keyid:3D:15:9A:1B:F8:45:30:25:C9:F9:AF:1C:6C:1B:80:45:B5:55:52:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/d644dc4f03e4edb1c47800a7f22ba12fcb5be9bf.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/7ae23e18-d064-4323-bbc5-878ae16e18d3/0cb284c58c9def12d1f16790fe35b21d7fd5fdd2.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/7ae23e18-d064-4323-bbc5-878ae16e18d3/d644dc4f03e4edb1c47800a7f22ba12fcb5be9bf.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  128.201.20.0/22

    Signature Algorithm: sha256WithRSAEncryption
         51:8f:c5:fd:3e:37:3e:e4:21:53:20:1b:c5:57:30:2b:77:46:
         6b:1f:31:2e:84:5a:cb:ce:89:62:28:3e:49:41:13:bb:3f:44:
         f2:94:e4:9a:ce:62:a4:f7:8c:39:5a:79:df:f1:26:ad:c4:3f:
         3b:af:cd:7c:50:65:fd:91:e5:ac:b0:b1:44:e2:e4:9e:35:49:
         6d:db:ae:45:fd:50:16:d1:b0:fc:b2:10:01:fe:8c:53:a4:95:
         5c:2c:96:de:08:f3:0b:cd:0d:b5:c1:3a:ad:55:d8:2b:46:48:
         44:35:18:da:b4:ad:e2:d6:dc:91:dc:28:49:5f:4a:a3:4b:d7:
         68:7d:ee:23:eb:a6:c2:33:e3:20:12:29:f5:7c:2b:07:74:91:
         f7:da:07:3f:4c:d4:47:3a:ac:24:7c:30:6a:04:64:24:9f:a8:
         bd:26:d2:3e:5d:c2:70:90:77:ba:7c:a4:0e:d2:a6:a4:0a:64:
         a3:70:3f:5a:53:8f:76:85:9f:88:e8:9c:f0:0b:49:3b:95:eb:
         b4:72:c0:a8:22:51:e2:fe:9a:93:d6:20:fe:ae:b3:56:c8:c8:
         0f:a5:6b:84:d6:3d:c9:e9:74:96:35:d1:9b:fb:d3:3c:cc:96:
         21:c7:85:be:4e:39:9c:7a:b1:dc:e1:1b:78:31:37:3d:a3:6b:
         f7:3a:9a:4b
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDA/sHMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGQ2
NDRkYzRmMDNlNGVkYjFjNDc4MDBhN2YyMmJhMTJmY2I1YmU5YmYwHhcNMjEwMzI0
MTQzMjEwWhcNMjYwMzI0MTQzMjEwWjAzMTEwLwYDVQQDEygwY2IyODRjNThjOWRl
ZjEyZDFmMTY3OTBmZTM1YjIxZDdmZDVmZGQyMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAoYQI9OgOgDxTcJLzWmRBSMkqCisfVmMmy0sKhKlVS6rh/1Ek
/tUMFb3tJWCE+lkjjFYgIitPXWnUaTG19XffFwBfKTgUsQq9o2fVY8yyTw6+o4kU
LhnAwG7ouJ5b2s4UFP+7+DS+ZGULN69R9BYVSidearKpmJFhyOUBog9rSa5YQXzp
fFVKKQFHLwFs1I4SAAa+Me6Cs9pNB7UmqXrXUUKdYqgEv8J8EKyk9f9jOS6lJkzN
MK3Va9jy7BDhcGoq3xko2U2bAtNIFwF7uJr8s6igvtLh+1kDL8em9ipp6ElF3eei
mT/uxKnOYY0SCoca6vfHWborYULON5/3O3bdGQIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFItDu6TVm3LbWObMxMMmb9yx4mr+MB8GA1UdIwQYMBaAFD0Vmhv4RTAlyfmv
HGwbgEW1VVKuMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvZDY0NGRj
NGYwM2U0ZWRiMWM0NzgwMGE3ZjIyYmExMmZjYjViZTliZi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvN2FlMjNlMTgtZDA2NC00MzIzLWJiYzUtODc4YWUx
NmUxOGQzLzBjYjI4NGM1OGM5ZGVmMTJkMWYxNjc5MGZlMzViMjFkN2ZkNWZkZDIu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy83YWUyM2UxOC1kMDY0LTQzMjMtYmJjNS04Nzhh
ZTE2ZTE4ZDMvZDY0NGRjNGYwM2U0ZWRiMWM0NzgwMGE3ZjIyYmExMmZjYjViZTli
Zi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAoDJFDANBgkqhkiG9w0BAQsFAAOCAQEAUY/F/T43PuQhUyAb
xVcwK3dGax8xLoRay86JYig+SUETuz9E8pTkms5ipPeMOVp53/EmrcQ/O6/NfFBl
/ZHlrLCxROLknjVJbduuRf1QFtGw/LIQAf6MU6SVXCyW3gjzC80NtcE6rVXYK0ZI
RDUY2rSt4tbckdwoSV9Ko0vXaH3uI+umwjPjIBIp9XwrB3SR99oHP0zURzqsJHww
agRkJJ+ovSbSPl3CcJB3unykDtKmpApko3A/WlOPdoWfiOic8AtJO5XrtHLAqCJR
4v6ak9Yg/q6zVsjID6VrhNY9yel0ljXRm/vTPMyWIceFvk45nHqx3OEbeDE3PaNr
9zqaSw==
-----END CERTIFICATE-----
Generated at Fri Mar 29 04:59:27 2024 by rpki-client on console-fra.rpki-client.org