Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/7d48c231-5123-4237-96c2-e2e3b41b58aa/b68b5b2d547faf8cea7456856bfac7223bf77164.roa
File:                     b68b5b2d547faf8cea7456856bfac7223bf77164.roa (raw, json)
Hash identifier:          +lN8gZM880hvcaw49dpCjsQPP/cCxRIU7Umzz3Nww0Q=
Subject key identifier:   F5:FD:F1:4A:33:00:30:87:1F:83:9D:98:0A:85:0C:2E:A3:C4:74:66
Certificate issuer:       /CN=79aa997c3add235597a12ab7bfcd7908569d5f30
Certificate serial:       0D55F7
Authority key identifier: 79:57:67:3E:6A:82:19:69:11:89:9E:C0:97:BB:FF:E6:51:A1:02:43
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/79aa997c3add235597a12ab7bfcd7908569d5f30.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/7d48c231-5123-4237-96c2-e2e3b41b58aa/b68b5b2d547faf8cea7456856bfac7223bf77164.roa
Signing time:             Wed 24 Mar 2021 14:34:08 +0000
ROA not before:           Wed 24 Mar 2021 14:34:07 +0000
ROA not after:            Tue 24 Mar 2026 14:34:07 +0000
asID:                     27901
IP address blocks:        179.60.64.0/19 maxlen: 24
                          190.5.32.0/19 maxlen: 24
                          190.102.224.0/20 maxlen: 24
                          190.102.240.0/20 maxlen: 24
                          190.110.160.0/20 maxlen: 24
                          190.114.32.0/19 maxlen: 24
                          200.73.120.0/21 maxlen: 24
                          2803:c600::/32 maxlen: 48

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/7d48c231-5123-4237-96c2-e2e3b41b58aa/79aa997c3add235597a12ab7bfcd7908569d5f30.crl
                          rsync://repository.lacnic.net/rpki/lacnic/7d48c231-5123-4237-96c2-e2e3b41b58aa/79aa997c3add235597a12ab7bfcd7908569d5f30.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/79aa997c3add235597a12ab7bfcd7908569d5f30.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 03:49:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 873975 (0xd55f7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=79aa997c3add235597a12ab7bfcd7908569d5f30
        Validity
            Not Before: Mar 24 14:34:07 2021 GMT
            Not After : Mar 24 14:34:07 2026 GMT
        Subject: CN=b68b5b2d547faf8cea7456856bfac7223bf77164
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:b7:84:aa:99:d6:cd:7e:14:a8:a9:0a:f3:76:
                    6d:20:c7:d7:64:07:d4:c4:39:47:df:63:eb:06:6a:
                    70:4f:2c:c9:9e:89:d8:2e:a6:98:30:50:e7:f6:dc:
                    16:be:0a:6c:aa:08:8b:b5:9e:df:fe:e9:cb:97:c8:
                    0d:63:60:1b:a4:fc:11:67:f6:d2:d4:e4:6e:bf:a1:
                    cf:6c:47:6b:3a:9f:90:68:35:73:2b:5d:22:71:ec:
                    57:a5:a4:5d:df:24:74:75:08:c9:20:7e:16:ac:a0:
                    6e:81:bd:93:15:05:b6:6c:4f:cd:14:4e:ff:c1:0f:
                    a0:f3:77:ff:f6:6d:3e:10:a9:b0:1a:10:99:84:4a:
                    c5:5f:c2:27:8e:2e:03:7f:a8:8c:fa:07:72:8a:8b:
                    64:68:c2:db:3d:bb:f2:a4:f8:80:bd:9b:fc:57:fe:
                    45:04:5c:dd:c3:7a:06:f4:01:9d:a1:d7:d3:f9:c5:
                    02:1c:59:88:c5:83:48:80:a4:22:3a:fd:21:6a:c0:
                    60:4a:d9:d1:0a:0a:cb:5e:0a:98:3a:55:25:fe:4b:
                    2b:e4:c5:93:c7:74:e7:32:06:50:79:c2:ba:2a:58:
                    b8:ee:e7:6e:3e:3d:0c:dd:2b:d1:47:e2:ad:e0:a0:
                    3d:5c:dc:90:c2:8e:f2:56:19:cc:f3:0d:ce:05:f9:
                    c9:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F5:FD:F1:4A:33:00:30:87:1F:83:9D:98:0A:85:0C:2E:A3:C4:74:66
            X509v3 Authority Key Identifier:
                keyid:79:57:67:3E:6A:82:19:69:11:89:9E:C0:97:BB:FF:E6:51:A1:02:43

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/79aa997c3add235597a12ab7bfcd7908569d5f30.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/7d48c231-5123-4237-96c2-e2e3b41b58aa/b68b5b2d547faf8cea7456856bfac7223bf77164.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/7d48c231-5123-4237-96c2-e2e3b41b58aa/79aa997c3add235597a12ab7bfcd7908569d5f30.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  179.60.64.0/19
                  190.5.32.0/19
                  190.102.224.0/19
                  190.110.160.0/20
                  190.114.32.0/19
                  200.73.120.0/21
                IPv6:
                  2803:c600::/32

    Signature Algorithm: sha256WithRSAEncryption
         51:81:d0:9c:99:7d:dc:25:81:fb:6d:54:29:c3:a5:0e:b7:1b:
         1d:96:aa:40:9d:00:53:3c:ca:49:86:60:04:7f:7e:65:69:63:
         36:c2:8a:70:5e:a3:6a:cb:8a:9e:f9:7f:d1:b5:18:09:05:d8:
         ac:51:71:75:5c:ed:ac:13:e6:49:1d:9e:80:28:fd:27:ac:c6:
         db:fc:0c:3d:28:79:1a:31:04:68:5b:18:17:5c:20:f6:94:bd:
         45:8d:e4:b9:1c:de:39:76:d3:d3:d6:09:20:23:48:57:f2:3e:
         10:6c:88:5c:ac:80:00:42:3c:cd:f4:85:6d:2b:73:be:c8:53:
         cf:80:bd:27:d5:68:34:d8:33:d4:65:3f:00:d8:55:89:2f:2e:
         a7:c9:ae:f1:82:06:a6:42:ba:ac:ce:3b:4a:df:5e:bb:39:44:
         39:8f:f6:89:97:ad:5d:28:8a:15:f2:47:99:3f:54:c3:9b:f8:
         ab:f7:a0:6f:50:95:e5:ef:e6:68:dc:4d:ba:b1:21:2b:6b:92:
         01:da:c5:3f:fd:8f:b1:e1:b7:fa:97:aa:8a:00:27:c0:52:1d:
         1d:48:73:68:a8:8e:53:12:b6:ef:e9:60:b6:7e:65:b2:ae:53:
         aa:90:76:b0:6c:74:f4:7c:9d:a7:17:da:23:5a:a5:ca:8a:59:
         02:6c:ff:f7
-----BEGIN CERTIFICATE-----
MIIFbTCCBFWgAwIBAgIDDVX3MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDc5
YWE5OTdjM2FkZDIzNTU5N2ExMmFiN2JmY2Q3OTA4NTY5ZDVmMzAwHhcNMjEwMzI0
MTQzNDA3WhcNMjYwMzI0MTQzNDA3WjAzMTEwLwYDVQQDEyhiNjhiNWIyZDU0N2Zh
ZjhjZWE3NDU2ODU2YmZhYzcyMjNiZjc3MTY0MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAiLeEqpnWzX4UqKkK83ZtIMfXZAfUxDlH32PrBmpwTyzJnonY
LqaYMFDn9twWvgpsqgiLtZ7f/unLl8gNY2AbpPwRZ/bS1ORuv6HPbEdrOp+QaDVz
K10icexXpaRd3yR0dQjJIH4WrKBugb2TFQW2bE/NFE7/wQ+g83f/9m0+EKmwGhCZ
hErFX8Inji4Df6iM+gdyiotkaMLbPbvypPiAvZv8V/5FBFzdw3oG9AGdodfT+cUC
HFmIxYNIgKQiOv0hasBgStnRCgrLXgqYOlUl/ksr5MWTx3TnMgZQecK6Kli47udu
Pj0M3SvRR+Kt4KA9XNyQwo7yVhnM8w3OBfnJiwIDAQABo4ICiDCCAoQwHQYDVR0O
BBYEFPX98UozADCHH4OdmAqFDC6jxHRmMB8GA1UdIwQYMBaAFHlXZz5qghlpEYme
wJe7/+ZRoQJDMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvNzlhYTk5
N2MzYWRkMjM1NTk3YTEyYWI3YmZjZDc5MDg1NjlkNWYzMC5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvN2Q0OGMyMzEtNTEyMy00MjM3LTk2YzItZTJlM2I0
MWI1OGFhL2I2OGI1YjJkNTQ3ZmFmOGNlYTc0NTY4NTZiZmFjNzIyM2JmNzcxNjQu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy83ZDQ4YzIzMS01MTIzLTQyMzctOTZjMi1lMmUz
YjQxYjU4YWEvNzlhYTk5N2MzYWRkMjM1NTk3YTEyYWI3YmZjZDc5MDg1NjlkNWYz
MC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBMBggrBgEFBQcBBwEB/wQ9
MDswKgQCAAEwJAMEBbM8QAMEBb4FIAMEBb5m4AMEBL5uoAMEBb5yIAMEA8hJeDAN
BAIAAjAHAwUAKAPGADANBgkqhkiG9w0BAQsFAAOCAQEAUYHQnJl93CWB+21UKcOl
DrcbHZaqQJ0AUzzKSYZgBH9+ZWljNsKKcF6jasuKnvl/0bUYCQXYrFFxdVztrBPm
SR2egCj9J6zG2/wMPSh5GjEEaFsYF1wg9pS9RY3kuRzeOXbT09YJICNIV/I+EGyI
XKyAAEI8zfSFbStzvshTz4C9J9VoNNgz1GU/ANhViS8up8mu8YIGpkK6rM47St9e
uzlEOY/2iZetXSiKFfJHmT9Uw5v4q/egb1CV5e/maNxNurEhK2uSAdrFP/2PseG3
+peqigAnwFIdHUhzaKiOUxK27+lgtn5lsq5TqpB2sGx09HydpxfaI1qlyopZAmz/
9w==
-----END CERTIFICATE-----
Generated at Thu Mar 28 11:17:50 2024 by rpki-client on console-fra.rpki-client.org