Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/7bf1ac0a-4d1d-4778-a9dc-9bdc1612df0b/6daa16c2f895f8f701099ed3e683cf103f99834a.roa
File:                     6daa16c2f895f8f701099ed3e683cf103f99834a.roa (raw, json)
Hash identifier:          l7T/CqaKelt+0um7oJ40pZwlUsKiA+JQJ+Fyhayrhxo=
Subject key identifier:   D7:09:61:2B:08:F1:D9:8A:1D:57:BC:74:42:95:E4:69:90:21:C7:75
Certificate issuer:       /CN=15ef5960d1a1653e9afb4b92c680fec5a4cff418
Certificate serial:       0D46E8
Authority key identifier: 5F:EB:71:D9:E1:FE:32:9D:1B:31:E9:4A:83:C5:E8:B3:B1:A8:36:0F
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/15ef5960d1a1653e9afb4b92c680fec5a4cff418.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/7bf1ac0a-4d1d-4778-a9dc-9bdc1612df0b/6daa16c2f895f8f701099ed3e683cf103f99834a.roa
Signing time:             Wed 24 Mar 2021 14:45:47 +0000
ROA not before:           Wed 24 Mar 2021 14:45:46 +0000
ROA not after:            Tue 24 Mar 2026 14:45:46 +0000
asID:                     265794
IP address blocks:        192.141.40.0/24 maxlen: 24
                          192.141.41.0/24 maxlen: 24
                          192.141.42.0/24 maxlen: 24
                          192.141.43.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/7bf1ac0a-4d1d-4778-a9dc-9bdc1612df0b/15ef5960d1a1653e9afb4b92c680fec5a4cff418.crl
                          rsync://repository.lacnic.net/rpki/lacnic/7bf1ac0a-4d1d-4778-a9dc-9bdc1612df0b/15ef5960d1a1653e9afb4b92c680fec5a4cff418.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/15ef5960d1a1653e9afb4b92c680fec5a4cff418.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 03:49:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 870120 (0xd46e8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=15ef5960d1a1653e9afb4b92c680fec5a4cff418
        Validity
            Not Before: Mar 24 14:45:46 2021 GMT
            Not After : Mar 24 14:45:46 2026 GMT
        Subject: CN=6daa16c2f895f8f701099ed3e683cf103f99834a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:45:9a:0d:40:29:f8:f6:78:81:98:2e:6d:74:
                    88:6e:5b:c5:d8:7a:d3:db:76:7c:fe:6d:5c:cf:b2:
                    1f:c7:23:a5:1a:b3:fa:b3:c8:5f:55:fa:db:0e:e3:
                    19:32:4c:0d:fc:28:d3:71:a1:11:2c:b8:83:56:49:
                    5f:48:60:9e:05:79:5f:e3:a4:38:7e:db:d6:59:38:
                    e7:80:97:1d:d6:11:77:7a:74:4f:0c:36:91:3f:c0:
                    ff:d7:b7:32:fd:e4:7e:7b:51:57:4b:3b:b6:25:51:
                    10:5e:5a:10:49:36:18:96:8b:69:6c:d9:52:79:50:
                    da:13:32:35:e9:83:2c:29:00:b1:b5:f5:fa:1a:41:
                    d4:12:63:4b:ae:38:38:30:d2:98:de:22:e8:a2:c7:
                    bb:18:e4:2a:bf:e6:83:c2:70:b7:b1:47:f4:75:79:
                    cc:73:20:79:7f:ad:0a:8b:fb:88:c9:73:53:27:ad:
                    0c:37:ae:60:21:59:97:7b:52:90:7d:97:cc:8a:78:
                    1a:c7:98:51:8a:b3:e5:57:9c:a3:77:79:1e:d1:d0:
                    fe:40:14:3f:c9:e2:5c:a2:5e:89:64:d6:be:56:fb:
                    23:4f:12:88:f5:62:a1:a2:e6:85:99:c4:68:96:9b:
                    b3:65:cf:8c:9a:84:bf:1f:51:db:c6:00:94:09:58:
                    65:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D7:09:61:2B:08:F1:D9:8A:1D:57:BC:74:42:95:E4:69:90:21:C7:75
            X509v3 Authority Key Identifier:
                keyid:5F:EB:71:D9:E1:FE:32:9D:1B:31:E9:4A:83:C5:E8:B3:B1:A8:36:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/15ef5960d1a1653e9afb4b92c680fec5a4cff418.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/7bf1ac0a-4d1d-4778-a9dc-9bdc1612df0b/6daa16c2f895f8f701099ed3e683cf103f99834a.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/7bf1ac0a-4d1d-4778-a9dc-9bdc1612df0b/15ef5960d1a1653e9afb4b92c680fec5a4cff418.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  192.141.40.0/22

    Signature Algorithm: sha256WithRSAEncryption
         27:df:c1:5c:19:51:a1:80:75:19:7c:13:4f:63:b5:90:e9:a8:
         8e:02:5e:a1:84:dd:f9:2e:cf:c6:16:de:63:4b:7a:fb:c1:f2:
         5c:9f:6d:1e:c2:33:44:88:2d:4d:d2:11:67:52:73:a2:ee:df:
         ac:19:27:48:35:86:e3:6a:c7:78:64:82:f8:c8:b4:ea:de:7e:
         1c:2b:fe:bb:1c:26:9a:fe:eb:16:31:e4:1e:1a:80:fd:1e:16:
         bc:af:9b:61:33:b6:93:77:38:df:8e:84:f2:70:71:0a:ec:01:
         09:ed:f0:60:18:63:68:92:9f:88:ff:8d:8e:11:b2:a5:35:ed:
         50:14:4b:d2:59:83:70:f3:b8:e7:88:65:41:25:3e:7f:81:b4:
         ab:14:91:6d:fa:16:43:08:cb:0b:3d:52:89:53:4b:ba:3d:d1:
         ae:59:7e:a4:c4:26:2a:4a:ac:4a:76:9e:5a:43:c0:89:e7:5c:
         95:5d:97:69:48:bb:6e:7a:7c:ea:b7:d4:59:72:c0:c0:82:42:
         f6:28:df:7e:a5:6d:17:31:43:fb:ab:14:91:b3:77:b8:c3:99:
         a2:cb:7e:83:69:28:90:9d:68:fd:67:f1:d1:2f:3b:90:5a:70:
         1e:50:ba:90:05:7a:79:0c:2f:e5:ab:cb:c0:5a:1a:ff:3c:33:
         69:19:70:30
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDDUboMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDE1
ZWY1OTYwZDFhMTY1M2U5YWZiNGI5MmM2ODBmZWM1YTRjZmY0MTgwHhcNMjEwMzI0
MTQ0NTQ2WhcNMjYwMzI0MTQ0NTQ2WjAzMTEwLwYDVQQDEyg2ZGFhMTZjMmY4OTVm
OGY3MDEwOTllZDNlNjgzY2YxMDNmOTk4MzRhMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAsEWaDUAp+PZ4gZgubXSIblvF2HrT23Z8/m1cz7IfxyOlGrP6
s8hfVfrbDuMZMkwN/CjTcaERLLiDVklfSGCeBXlf46Q4ftvWWTjngJcd1hF3enRP
DDaRP8D/17cy/eR+e1FXSzu2JVEQXloQSTYYlotpbNlSeVDaEzI16YMsKQCxtfX6
GkHUEmNLrjg4MNKY3iLoose7GOQqv+aDwnC3sUf0dXnMcyB5f60Ki/uIyXNTJ60M
N65gIVmXe1KQfZfMingax5hRirPlV5yjd3ke0dD+QBQ/yeJcol6JZNa+VvsjTxKI
9WKhouaFmcRolpuzZc+MmoS/H1HbxgCUCVhlWwIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFNcJYSsI8dmKHVe8dEKV5GmQIcd1MB8GA1UdIwQYMBaAFF/rcdnh/jKdGzHp
SoPF6LOxqDYPMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvMTVlZjU5
NjBkMWExNjUzZTlhZmI0YjkyYzY4MGZlYzVhNGNmZjQxOC5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvN2JmMWFjMGEtNGQxZC00Nzc4LWE5ZGMtOWJkYzE2
MTJkZjBiLzZkYWExNmMyZjg5NWY4ZjcwMTA5OWVkM2U2ODNjZjEwM2Y5OTgzNGEu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy83YmYxYWMwYS00ZDFkLTQ3NzgtYTlkYy05YmRj
MTYxMmRmMGIvMTVlZjU5NjBkMWExNjUzZTlhZmI0YjkyYzY4MGZlYzVhNGNmZjQx
OC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAsCNKDANBgkqhkiG9w0BAQsFAAOCAQEAJ9/BXBlRoYB1GXwT
T2O1kOmojgJeoYTd+S7PxhbeY0t6+8HyXJ9tHsIzRIgtTdIRZ1Jzou7frBknSDWG
42rHeGSC+Mi06t5+HCv+uxwmmv7rFjHkHhqA/R4WvK+bYTO2k3c4346E8nBxCuwB
Ce3wYBhjaJKfiP+NjhGypTXtUBRL0lmDcPO454hlQSU+f4G0qxSRbfoWQwjLCz1S
iVNLuj3Rrll+pMQmKkqsSnaeWkPAiedclV2XaUi7bnp86rfUWXLAwIJC9ijffqVt
FzFD+6sUkbN3uMOZost+g2kokJ1o/Wfx0S87kFpwHlC6kAV6eQwv5avLwFoa/zwz
aRlwMA==
-----END CERTIFICATE-----
Generated at Thu Mar 28 04:54:54 2024 by rpki-client on console-ams.rpki-client.org