Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/7e5504d7-1a40-43f8-b6bb-36c782f1a848/2c3a27efa18917d28523d4450edb93f26972f74b.roa
File:                     2c3a27efa18917d28523d4450edb93f26972f74b.roa (raw, json)
Hash identifier:          bcWoAPskTIHf8fwXH/AOyAhvv+/lVnQOHQbBXLt6z/o=
Subject key identifier:   67:CE:71:FC:EA:01:77:B5:06:F3:71:3B:30:AA:26:AE:E5:03:7D:CC
Certificate issuer:       /CN=3412449a934b8459db5d421617e014290aa33b9d
Certificate serial:       0CF1CA
Authority key identifier: 6D:47:6F:A3:09:CC:24:11:D6:D6:B2:6E:44:01:DE:4F:1F:E8:A6:A2
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/3412449a934b8459db5d421617e014290aa33b9d.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/7e5504d7-1a40-43f8-b6bb-36c782f1a848/2c3a27efa18917d28523d4450edb93f26972f74b.roa
Signing time:             Wed 24 Mar 2021 14:45:21 +0000
ROA not before:           Wed 24 Mar 2021 14:45:21 +0000
ROA not after:            Tue 24 Mar 2026 14:45:21 +0000
asID:                     23414
IP address blocks:        168.77.204.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/7e5504d7-1a40-43f8-b6bb-36c782f1a848/3412449a934b8459db5d421617e014290aa33b9d.crl
                          rsync://repository.lacnic.net/rpki/lacnic/7e5504d7-1a40-43f8-b6bb-36c782f1a848/3412449a934b8459db5d421617e014290aa33b9d.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/3412449a934b8459db5d421617e014290aa33b9d.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 03 Mar 2024 11:46:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 848330 (0xcf1ca)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3412449a934b8459db5d421617e014290aa33b9d
        Validity
            Not Before: Mar 24 14:45:21 2021 GMT
            Not After : Mar 24 14:45:21 2026 GMT
        Subject: CN=2c3a27efa18917d28523d4450edb93f26972f74b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:ff:b3:2d:58:92:75:fa:f8:32:e6:03:79:10:
                    47:80:c5:f6:4f:82:07:1d:e5:31:84:8c:92:f7:bf:
                    ad:85:15:30:19:9d:49:62:73:1b:f1:0e:6a:17:dc:
                    a3:47:1b:31:42:ee:3e:b5:ca:c2:a1:00:1d:08:53:
                    1c:a3:48:25:f8:6e:29:d2:85:29:67:c7:07:11:da:
                    cd:12:c0:13:0b:ea:4f:77:a8:ef:b3:ae:c4:fe:7b:
                    2e:d1:9c:95:c0:56:1d:45:20:ac:cb:9c:23:80:96:
                    77:59:af:ec:e4:1d:d1:0f:c8:e3:62:10:bf:94:9c:
                    a6:c6:5b:2b:93:c4:9c:74:7f:c6:08:4e:90:08:58:
                    82:37:53:54:86:76:7b:91:3a:1b:06:9b:dd:07:ce:
                    f6:39:be:54:38:55:7e:90:69:dd:70:54:4a:de:42:
                    91:fe:88:55:55:09:2f:45:c2:4c:95:9e:f9:49:81:
                    48:e0:67:31:bf:88:cc:58:50:c1:cd:8e:e0:a3:a8:
                    21:7a:5b:a9:6e:8b:cd:d8:23:71:74:46:4d:86:bf:
                    33:28:68:f6:2b:ef:f2:b0:55:99:de:48:00:d9:1b:
                    b9:d0:7c:d2:b4:72:c8:6a:84:f1:b7:cf:7e:ff:f7:
                    39:e0:53:11:5a:60:11:69:b3:9d:9e:21:5c:b6:64:
                    87:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                67:CE:71:FC:EA:01:77:B5:06:F3:71:3B:30:AA:26:AE:E5:03:7D:CC
            X509v3 Authority Key Identifier:
                keyid:6D:47:6F:A3:09:CC:24:11:D6:D6:B2:6E:44:01:DE:4F:1F:E8:A6:A2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/3412449a934b8459db5d421617e014290aa33b9d.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/7e5504d7-1a40-43f8-b6bb-36c782f1a848/2c3a27efa18917d28523d4450edb93f26972f74b.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/7e5504d7-1a40-43f8-b6bb-36c782f1a848/3412449a934b8459db5d421617e014290aa33b9d.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  168.77.204.0/22

    Signature Algorithm: sha256WithRSAEncryption
         14:70:93:81:24:0b:76:de:a7:fa:0f:58:90:74:5b:f8:1f:f9:
         f2:d1:32:6a:be:c8:af:1c:a0:cc:6c:08:ac:ca:0f:5e:d5:2c:
         81:f8:21:cf:0b:ff:0c:9f:2e:78:e0:d0:bd:3d:06:87:77:10:
         80:b5:63:a9:fd:3a:a9:6d:98:48:8f:87:79:c7:a9:6c:8f:d4:
         53:56:e4:8b:03:17:32:82:63:88:16:b8:68:26:74:98:2c:16:
         82:fa:71:77:52:89:94:f2:2d:66:19:c6:e1:ce:8c:8b:78:b9:
         85:6c:d1:e6:18:09:46:46:d8:57:8b:bb:91:2d:e7:1a:92:c7:
         f2:f5:94:70:fc:7e:ee:48:49:b4:59:21:e2:20:72:da:19:24:
         57:5e:d3:04:81:77:c8:50:7f:4a:0b:b7:51:48:f0:ff:35:60:
         58:ca:de:9e:00:2a:d9:af:01:39:38:e8:0c:27:3b:4d:f2:bc:
         cc:ad:17:0a:db:c7:c6:a7:c7:3b:f4:6e:b2:48:7c:7f:6d:a4:
         21:da:0f:b6:bb:bd:a8:d9:18:fd:d8:63:8e:71:39:cc:d9:74:
         cf:10:ac:13:27:03:c5:d7:6a:f9:d6:03:aa:70:3b:10:94:4f:
         29:00:47:16:eb:2a:97:3f:30:52:33:2a:35:65:8c:7c:73:89:
         1b:8d:b8:17
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDDPHKMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDM0
MTI0NDlhOTM0Yjg0NTlkYjVkNDIxNjE3ZTAxNDI5MGFhMzNiOWQwHhcNMjEwMzI0
MTQ0NTIxWhcNMjYwMzI0MTQ0NTIxWjAzMTEwLwYDVQQDEygyYzNhMjdlZmExODkx
N2QyODUyM2Q0NDUwZWRiOTNmMjY5NzJmNzRiMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAnf+zLViSdfr4MuYDeRBHgMX2T4IHHeUxhIyS97+thRUwGZ1J
YnMb8Q5qF9yjRxsxQu4+tcrCoQAdCFMco0gl+G4p0oUpZ8cHEdrNEsATC+pPd6jv
s67E/nsu0ZyVwFYdRSCsy5wjgJZ3Wa/s5B3RD8jjYhC/lJymxlsrk8ScdH/GCE6Q
CFiCN1NUhnZ7kTobBpvdB872Ob5UOFV+kGndcFRK3kKR/ohVVQkvRcJMlZ75SYFI
4Gcxv4jMWFDBzY7go6ghelupbovN2CNxdEZNhr8zKGj2K+/ysFWZ3kgA2Ru50HzS
tHLIaoTxt89+//c54FMRWmARabOdniFctmSHXQIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFGfOcfzqAXe1BvNxOzCqJq7lA33MMB8GA1UdIwQYMBaAFG1Hb6MJzCQR1tay
bkQB3k8f6KaiMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvMzQxMjQ0
OWE5MzRiODQ1OWRiNWQ0MjE2MTdlMDE0MjkwYWEzM2I5ZC5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvN2U1NTA0ZDctMWE0MC00M2Y4LWI2YmItMzZjNzgy
ZjFhODQ4LzJjM2EyN2VmYTE4OTE3ZDI4NTIzZDQ0NTBlZGI5M2YyNjk3MmY3NGIu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy83ZTU1MDRkNy0xYTQwLTQzZjgtYjZiYi0zNmM3
ODJmMWE4NDgvMzQxMjQ0OWE5MzRiODQ1OWRiNWQ0MjE2MTdlMDE0MjkwYWEzM2I5
ZC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAqhNzDANBgkqhkiG9w0BAQsFAAOCAQEAFHCTgSQLdt6n+g9Y
kHRb+B/58tEyar7IrxygzGwIrMoPXtUsgfghzwv/DJ8ueODQvT0Gh3cQgLVjqf06
qW2YSI+HecepbI/UU1bkiwMXMoJjiBa4aCZ0mCwWgvpxd1KJlPItZhnG4c6Mi3i5
hWzR5hgJRkbYV4u7kS3nGpLH8vWUcPx+7khJtFkh4iBy2hkkV17TBIF3yFB/Sgu3
UUjw/zVgWMrengAq2a8BOTjoDCc7TfK8zK0XCtvHxqfHO/Ruskh8f22kIdoPtru9
qNkY/dhjjnE5zNl0zxCsEycDxddq+dYDqnA7EJRPKQBHFusqlz8wUjMqNWWMfHOJ
G424Fw==
-----END CERTIFICATE-----
Generated at Thu Feb 29 19:38:11 2024 by rpki-client on console-fra.rpki-client.org