Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/7b414a22-e901-4a7f-9364-7ea88fb71e5a/aa98dc5853789f46dc1c6a9fc2e835683773b51c.roa
File:                     aa98dc5853789f46dc1c6a9fc2e835683773b51c.roa (raw, json)
Hash identifier:          +xG+FPoZT1WGn6ICd8EHUJDx25CFxNZIvUAXsxskQKw=
Subject key identifier:   10:47:05:F7:CE:F2:B0:6E:CA:5E:71:E2:38:8E:20:0C:AE:2B:C3:54
Certificate issuer:       /CN=6c4e32566e6591859de2af682b800bad4f8ce7ad
Certificate serial:       0BB865
Authority key identifier: 07:A5:DA:6D:EB:59:9C:9D:91:80:25:2E:FF:3B:72:4A:27:91:D2:3A
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/6c4e32566e6591859de2af682b800bad4f8ce7ad.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/7b414a22-e901-4a7f-9364-7ea88fb71e5a/aa98dc5853789f46dc1c6a9fc2e835683773b51c.roa
Signing time:             Wed 24 Mar 2021 14:43:25 +0000
ROA not before:           Wed 24 Mar 2021 14:43:24 +0000
ROA not after:            Tue 24 Mar 2026 14:43:24 +0000
asID:                     265565
IP address blocks:        45.167.253.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/7b414a22-e901-4a7f-9364-7ea88fb71e5a/6c4e32566e6591859de2af682b800bad4f8ce7ad.crl
                          rsync://repository.lacnic.net/rpki/lacnic/7b414a22-e901-4a7f-9364-7ea88fb71e5a/6c4e32566e6591859de2af682b800bad4f8ce7ad.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/6c4e32566e6591859de2af682b800bad4f8ce7ad.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 01 Apr 2024 05:58:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 768101 (0xbb865)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6c4e32566e6591859de2af682b800bad4f8ce7ad
        Validity
            Not Before: Mar 24 14:43:24 2021 GMT
            Not After : Mar 24 14:43:24 2026 GMT
        Subject: CN=aa98dc5853789f46dc1c6a9fc2e835683773b51c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:69:08:b9:69:a9:66:9c:e2:54:3a:99:5b:02:
                    c2:63:4d:24:86:b8:57:0c:00:fb:fc:e9:bc:a8:6d:
                    ec:f9:02:5c:0e:14:3e:30:91:e4:f6:00:82:f0:ff:
                    4d:a7:26:c7:e0:99:5e:b0:d8:ea:36:b2:5d:e0:e0:
                    cb:e0:90:f0:0f:3f:84:5b:dd:e2:ad:cb:54:c7:98:
                    f9:d7:45:8e:45:18:42:ba:06:d9:38:3f:f4:c0:50:
                    84:ce:af:7a:d0:7c:2e:6a:e0:05:ef:89:9e:1d:70:
                    c3:14:c4:2a:ff:8c:d7:40:2a:5d:dd:da:f6:ee:79:
                    bf:be:0c:4e:7c:b3:c4:81:5c:67:e1:3d:94:d4:ae:
                    6f:b2:bd:67:62:a6:dd:15:2a:42:2d:0e:7e:d0:c8:
                    94:65:f8:10:f7:69:34:66:3a:75:ce:75:da:5e:a6:
                    85:9f:d4:7f:dd:8c:c8:41:78:96:e9:0d:15:1c:65:
                    a4:c2:ca:e9:88:72:da:0a:c5:55:49:33:bf:69:ac:
                    a5:f6:2b:63:45:2f:6d:05:79:56:b8:20:ff:cd:9f:
                    fa:57:44:50:53:83:28:98:ff:78:fc:6c:32:24:1f:
                    86:58:c9:a6:14:3a:06:7a:4b:fe:22:b4:dc:67:10:
                    a9:6c:50:32:21:b3:4e:1a:9e:03:55:63:6c:13:6f:
                    92:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                10:47:05:F7:CE:F2:B0:6E:CA:5E:71:E2:38:8E:20:0C:AE:2B:C3:54
            X509v3 Authority Key Identifier:
                keyid:07:A5:DA:6D:EB:59:9C:9D:91:80:25:2E:FF:3B:72:4A:27:91:D2:3A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/6c4e32566e6591859de2af682b800bad4f8ce7ad.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/7b414a22-e901-4a7f-9364-7ea88fb71e5a/aa98dc5853789f46dc1c6a9fc2e835683773b51c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/7b414a22-e901-4a7f-9364-7ea88fb71e5a/6c4e32566e6591859de2af682b800bad4f8ce7ad.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.167.253.0/24

    Signature Algorithm: sha256WithRSAEncryption
         69:8b:44:47:6f:3a:26:fc:64:80:36:9b:b6:03:e5:40:81:90:
         1f:43:ce:a3:d4:95:9a:cb:4a:c1:f8:30:39:e2:ed:6e:9f:f2:
         39:62:e2:2b:0c:37:c5:5b:d2:dc:79:f0:40:4b:51:ef:9e:a3:
         74:03:cb:c4:20:65:63:13:55:7a:a0:58:2c:39:fd:10:d4:b5:
         33:ba:10:10:fe:2c:7d:76:32:2a:b9:2c:f6:41:26:d8:1f:ed:
         ab:c4:23:9c:d5:bb:45:ae:74:b7:a8:f2:db:b3:4a:f5:a0:f6:
         dc:72:f2:6d:69:9c:ba:7f:78:6c:44:a5:92:da:c1:52:cb:79:
         94:9a:37:d8:b3:0f:c6:26:37:6e:c9:de:39:fb:b6:3a:a6:12:
         a0:b2:52:0a:4a:8c:21:99:f0:5f:5b:5b:21:9f:c4:a0:c8:fa:
         d4:21:23:7d:0d:a7:aa:22:cf:80:94:9b:77:3e:06:2c:ad:d0:
         75:76:3c:1b:21:db:bd:0a:8c:9d:a9:10:a7:fd:a6:7b:d0:12:
         96:38:75:00:63:d8:7f:84:c7:29:89:55:e8:b5:82:cc:c0:cf:
         81:cf:99:97:89:f6:92:22:8f:65:79:5e:ec:54:02:fb:29:8d:
         4e:eb:02:ad:a0:f4:b9:ae:7a:e7:8e:b2:aa:ff:52:51:a2:d1:
         90:bb:be:f3
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDC7hlMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDZj
NGUzMjU2NmU2NTkxODU5ZGUyYWY2ODJiODAwYmFkNGY4Y2U3YWQwHhcNMjEwMzI0
MTQ0MzI0WhcNMjYwMzI0MTQ0MzI0WjAzMTEwLwYDVQQDEyhhYTk4ZGM1ODUzNzg5
ZjQ2ZGMxYzZhOWZjMmU4MzU2ODM3NzNiNTFjMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAvWkIuWmpZpziVDqZWwLCY00khrhXDAD7/Om8qG3s+QJcDhQ+
MJHk9gCC8P9NpybH4JlesNjqNrJd4ODL4JDwDz+EW93irctUx5j510WORRhCugbZ
OD/0wFCEzq960HwuauAF74meHXDDFMQq/4zXQCpd3dr27nm/vgxOfLPEgVxn4T2U
1K5vsr1nYqbdFSpCLQ5+0MiUZfgQ92k0Zjp1znXaXqaFn9R/3YzIQXiW6Q0VHGWk
wsrpiHLaCsVVSTO/aayl9itjRS9tBXlWuCD/zZ/6V0RQU4MomP94/GwyJB+GWMmm
FDoGekv+IrTcZxCpbFAyIbNOGp4DVWNsE2+SgQIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFBBHBffO8rBuyl5x4jiOIAyuK8NUMB8GA1UdIwQYMBaAFAel2m3rWZydkYAl
Lv87ckonkdI6MA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvNmM0ZTMy
NTY2ZTY1OTE4NTlkZTJhZjY4MmI4MDBiYWQ0ZjhjZTdhZC5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvN2I0MTRhMjItZTkwMS00YTdmLTkzNjQtN2VhODhm
YjcxZTVhL2FhOThkYzU4NTM3ODlmNDZkYzFjNmE5ZmMyZTgzNTY4Mzc3M2I1MWMu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy83YjQxNGEyMi1lOTAxLTRhN2YtOTM2NC03ZWE4
OGZiNzFlNWEvNmM0ZTMyNTY2ZTY1OTE4NTlkZTJhZjY4MmI4MDBiYWQ0ZjhjZTdh
ZC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAC2n/TANBgkqhkiG9w0BAQsFAAOCAQEAaYtER286JvxkgDab
tgPlQIGQH0POo9SVmstKwfgwOeLtbp/yOWLiKww3xVvS3HnwQEtR756jdAPLxCBl
YxNVeqBYLDn9ENS1M7oQEP4sfXYyKrks9kEm2B/tq8QjnNW7Ra50t6jy27NK9aD2
3HLybWmcun94bESlktrBUst5lJo32LMPxiY3bsneOfu2OqYSoLJSCkqMIZnwX1tb
IZ/EoMj61CEjfQ2nqiLPgJSbdz4GLK3QdXY8GyHbvQqMnakQp/2me9ASljh1AGPY
f4THKYlV6LWCzMDPgc+Zl4n2kiKPZXle7FQC+ymNTusCraD0ua56546yqv9SUaLR
kLu+8w==
-----END CERTIFICATE-----
Generated at Fri Mar 29 07:30:58 2024 by rpki-client on console-fra.rpki-client.org