Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/7d48c231-5123-4237-96c2-e2e3b41b58aa/f9584b96132ea3f0e87dfb7ec3661fd02dbdbaaf.roa
File:                     f9584b96132ea3f0e87dfb7ec3661fd02dbdbaaf.roa (raw, json)
Hash identifier:          8/gVU8+4d9lkzPHYbGL+i8xmeDFhrVQBc90wTTw+YJQ=
Subject key identifier:   2E:1D:EB:8D:72:F2:04:13:19:C3:2D:B5:B2:6F:EE:39:98:59:0F:D3
Certificate issuer:       /CN=79aa997c3add235597a12ab7bfcd7908569d5f30
Certificate serial:       0D4F98
Authority key identifier: 79:57:67:3E:6A:82:19:69:11:89:9E:C0:97:BB:FF:E6:51:A1:02:43
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/79aa997c3add235597a12ab7bfcd7908569d5f30.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/7d48c231-5123-4237-96c2-e2e3b41b58aa/f9584b96132ea3f0e87dfb7ec3661fd02dbdbaaf.roa
Signing time:             Wed 24 Mar 2021 14:34:08 +0000
ROA not before:           Wed 24 Mar 2021 14:34:07 +0000
ROA not after:            Tue 24 Mar 2026 14:34:07 +0000
asID:                     27901
IP address blocks:        170.82.188.0/22 maxlen: 23
                          170.150.156.0/22 maxlen: 23

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/7d48c231-5123-4237-96c2-e2e3b41b58aa/79aa997c3add235597a12ab7bfcd7908569d5f30.crl
                          rsync://repository.lacnic.net/rpki/lacnic/7d48c231-5123-4237-96c2-e2e3b41b58aa/79aa997c3add235597a12ab7bfcd7908569d5f30.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/79aa997c3add235597a12ab7bfcd7908569d5f30.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 03:49:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 872344 (0xd4f98)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=79aa997c3add235597a12ab7bfcd7908569d5f30
        Validity
            Not Before: Mar 24 14:34:07 2021 GMT
            Not After : Mar 24 14:34:07 2026 GMT
        Subject: CN=f9584b96132ea3f0e87dfb7ec3661fd02dbdbaaf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:55:35:23:41:85:59:e5:0b:8d:07:e3:bb:1f:
                    19:4c:03:38:b1:23:3b:4b:23:08:97:f8:f6:6a:08:
                    a1:ab:80:e6:43:5a:e8:b5:c3:f6:a5:78:48:c3:06:
                    79:a4:ed:30:86:d0:cf:92:c9:08:a6:99:04:c7:2c:
                    3f:e1:56:e5:ba:3f:9e:80:71:e7:54:b1:b0:44:ed:
                    84:d4:5c:c8:39:ce:00:c5:66:e0:e1:f8:b8:b4:f0:
                    dd:a3:82:04:c0:5a:a0:76:3b:11:49:ff:ac:67:3e:
                    a9:bf:18:40:a2:fe:43:f9:de:d9:3a:1d:6e:ec:07:
                    b0:f8:5f:15:bf:1e:28:45:fd:c6:2d:3b:82:d4:bc:
                    b5:2e:28:00:b9:57:db:d8:ed:29:45:99:13:e5:83:
                    15:95:1c:ae:86:00:fc:96:a7:65:1e:70:d6:73:9d:
                    b2:1d:ab:86:99:d4:d4:b8:94:be:b0:23:8c:a2:b1:
                    69:51:03:83:09:3e:7e:80:62:58:7f:95:94:94:9d:
                    7e:42:24:76:b2:6c:fa:69:e9:ba:fe:af:10:8c:53:
                    69:45:58:12:1b:5d:a4:55:d5:57:69:3b:f9:1c:78:
                    71:21:b1:b0:23:02:2d:cb:b6:c7:a7:ea:3a:8d:fc:
                    77:53:43:58:49:c2:66:d2:7d:a3:59:05:81:04:77:
                    9a:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2E:1D:EB:8D:72:F2:04:13:19:C3:2D:B5:B2:6F:EE:39:98:59:0F:D3
            X509v3 Authority Key Identifier:
                keyid:79:57:67:3E:6A:82:19:69:11:89:9E:C0:97:BB:FF:E6:51:A1:02:43

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/79aa997c3add235597a12ab7bfcd7908569d5f30.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/7d48c231-5123-4237-96c2-e2e3b41b58aa/f9584b96132ea3f0e87dfb7ec3661fd02dbdbaaf.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/7d48c231-5123-4237-96c2-e2e3b41b58aa/79aa997c3add235597a12ab7bfcd7908569d5f30.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  170.82.188.0/22
                  170.150.156.0/22

    Signature Algorithm: sha256WithRSAEncryption
         39:1e:9c:c5:95:4f:0c:0c:ea:af:8a:eb:5d:ce:76:8b:c5:78:
         8c:4b:1c:4a:45:f0:18:80:c4:23:45:a8:f7:4d:61:ae:9d:6b:
         01:11:0d:2b:4f:da:29:e8:c2:dc:dd:16:3b:5a:54:ca:88:09:
         e6:3b:94:0c:b3:84:f8:08:a8:d0:3e:5c:2d:c0:62:5f:af:bb:
         93:5d:68:ca:38:25:ab:86:69:c0:d2:39:11:03:85:1b:35:6d:
         15:2c:40:3b:ec:3b:5e:5e:71:d9:6b:71:cd:a6:07:56:09:85:
         4e:89:c0:db:f7:39:0e:47:85:03:04:af:df:a7:da:e4:74:15:
         50:c2:85:25:14:ff:ae:cf:49:38:92:74:d2:0f:f4:d2:29:e4:
         1d:ca:7f:de:ec:c9:3d:6b:04:e6:6e:cf:9c:84:ea:2b:27:17:
         e3:75:b4:88:76:0e:5a:c2:29:58:78:1a:fb:c8:08:bc:de:7f:
         71:26:23:59:e2:fc:bc:68:44:f5:c6:72:56:19:7a:90:be:cd:
         ab:c7:92:38:07:d7:30:d7:c1:90:ec:df:36:02:9a:85:cb:a4:
         39:54:f4:4d:93:b6:23:3b:a9:e3:91:53:23:14:72:5e:c8:a4:
         55:e5:94:ef:d1:10:80:22:1f:81:f1:05:af:e3:4d:eb:92:7e:
         c6:af:93:09
-----BEGIN CERTIFICATE-----
MIIFRjCCBC6gAwIBAgIDDU+YMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDc5
YWE5OTdjM2FkZDIzNTU5N2ExMmFiN2JmY2Q3OTA4NTY5ZDVmMzAwHhcNMjEwMzI0
MTQzNDA3WhcNMjYwMzI0MTQzNDA3WjAzMTEwLwYDVQQDEyhmOTU4NGI5NjEzMmVh
M2YwZTg3ZGZiN2VjMzY2MWZkMDJkYmRiYWFmMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAlFU1I0GFWeULjQfjux8ZTAM4sSM7SyMIl/j2agihq4DmQ1ro
tcP2pXhIwwZ5pO0whtDPkskIppkExyw/4Vbluj+egHHnVLGwRO2E1FzIOc4AxWbg
4fi4tPDdo4IEwFqgdjsRSf+sZz6pvxhAov5D+d7ZOh1u7Aew+F8Vvx4oRf3GLTuC
1Ly1LigAuVfb2O0pRZkT5YMVlRyuhgD8lqdlHnDWc52yHauGmdTUuJS+sCOMorFp
UQODCT5+gGJYf5WUlJ1+QiR2smz6aem6/q8QjFNpRVgSG12kVdVXaTv5HHhxIbGw
IwIty7bHp+o6jfx3U0NYScJm0n2jWQWBBHeaRwIDAQABo4ICYTCCAl0wHQYDVR0O
BBYEFC4d641y8gQTGcMttbJv7jmYWQ/TMB8GA1UdIwQYMBaAFHlXZz5qghlpEYme
wJe7/+ZRoQJDMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvNzlhYTk5
N2MzYWRkMjM1NTk3YTEyYWI3YmZjZDc5MDg1NjlkNWYzMC5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvN2Q0OGMyMzEtNTEyMy00MjM3LTk2YzItZTJlM2I0
MWI1OGFhL2Y5NTg0Yjk2MTMyZWEzZjBlODdkZmI3ZWMzNjYxZmQwMmRiZGJhYWYu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy83ZDQ4YzIzMS01MTIzLTQyMzctOTZjMi1lMmUz
YjQxYjU4YWEvNzlhYTk5N2MzYWRkMjM1NTk3YTEyYWI3YmZjZDc5MDg1NjlkNWYz
MC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQW
MBQwEgQCAAEwDAMEAqpSvAMEAqqWnDANBgkqhkiG9w0BAQsFAAOCAQEAOR6cxZVP
DAzqr4rrXc52i8V4jEscSkXwGIDEI0Wo901hrp1rARENK0/aKejC3N0WO1pUyogJ
5juUDLOE+Aio0D5cLcBiX6+7k11oyjglq4ZpwNI5EQOFGzVtFSxAO+w7Xl5x2Wtx
zaYHVgmFTonA2/c5DkeFAwSv36fa5HQVUMKFJRT/rs9JOJJ00g/00inkHcp/3uzJ
PWsE5m7PnITqKycX43W0iHYOWsIpWHga+8gIvN5/cSYjWeL8vGhE9cZyVhl6kL7N
q8eSOAfXMNfBkOzfNgKahcukOVT0TZO2Izup45FTIxRyXsikVeWU79EQgCIfgfEF
r+NN65J+xq+TCQ==
-----END CERTIFICATE-----
Generated at Thu Mar 28 11:17:50 2024 by rpki-client on console-fra.rpki-client.org