Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/7e5504d7-1a40-43f8-b6bb-36c782f1a848/6b04c5c46747376b3017a4b7c12a5c200a38e545.roa
File:                     6b04c5c46747376b3017a4b7c12a5c200a38e545.roa (raw, json)
Hash identifier:          l8L1gdgK3x1Zun+azgM5hma3ymcN4i7ReVSAkPZOsPQ=
Subject key identifier:   34:D2:38:0E:7B:11:83:A1:3C:A9:31:E8:A7:C7:FA:5F:81:9F:7E:4A
Certificate issuer:       /CN=3412449a934b8459db5d421617e014290aa33b9d
Certificate serial:       0CF4AD
Authority key identifier: 6D:47:6F:A3:09:CC:24:11:D6:D6:B2:6E:44:01:DE:4F:1F:E8:A6:A2
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/3412449a934b8459db5d421617e014290aa33b9d.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/7e5504d7-1a40-43f8-b6bb-36c782f1a848/6b04c5c46747376b3017a4b7c12a5c200a38e545.roa
Signing time:             Wed 24 Mar 2021 14:45:21 +0000
ROA not before:           Wed 24 Mar 2021 14:45:21 +0000
ROA not after:            Tue 24 Mar 2026 14:45:21 +0000
asID:                     52336
IP address blocks:        168.77.210.0/23 maxlen: 23
                          168.77.212.0/23 maxlen: 23

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/7e5504d7-1a40-43f8-b6bb-36c782f1a848/3412449a934b8459db5d421617e014290aa33b9d.crl
                          rsync://repository.lacnic.net/rpki/lacnic/7e5504d7-1a40-43f8-b6bb-36c782f1a848/3412449a934b8459db5d421617e014290aa33b9d.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/3412449a934b8459db5d421617e014290aa33b9d.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 03 Mar 2024 11:46:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 849069 (0xcf4ad)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3412449a934b8459db5d421617e014290aa33b9d
        Validity
            Not Before: Mar 24 14:45:21 2021 GMT
            Not After : Mar 24 14:45:21 2026 GMT
        Subject: CN=6b04c5c46747376b3017a4b7c12a5c200a38e545
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:82:d8:9b:84:a9:0b:e8:50:92:eb:59:aa:00:38:
                    82:3d:ff:71:cb:21:a1:02:97:fd:54:f4:e0:36:a8:
                    69:6f:43:aa:af:c6:6d:1f:57:e5:14:cd:87:20:30:
                    7a:6b:58:e6:39:4a:61:68:55:89:ec:13:11:43:a4:
                    7b:f7:fa:75:0c:51:9e:53:8c:aa:90:be:26:af:1b:
                    8e:5e:d4:e1:97:a0:58:30:41:97:ac:7c:09:ca:5b:
                    d7:9d:b7:dc:88:a9:36:2b:63:a2:a8:c7:fd:60:dd:
                    dd:5e:72:47:ce:a2:60:aa:07:3a:00:48:aa:be:9d:
                    4c:aa:1a:bb:f4:e6:e3:b0:02:e7:2d:0a:75:14:a6:
                    7d:df:98:3b:18:7f:a7:e5:d8:62:a5:c1:0b:65:e9:
                    63:34:d4:fc:a2:d5:68:0e:28:7c:58:5a:66:1c:d4:
                    86:6b:e6:c9:7f:51:bb:92:4e:3f:63:1d:15:eb:3b:
                    a3:2e:f8:0c:ba:67:4e:e7:01:58:97:ec:69:e0:4f:
                    0b:d7:a7:b4:21:e5:36:e6:cb:78:e3:e1:e5:c4:5f:
                    74:16:56:50:c9:67:e3:84:68:c1:73:b5:18:b8:00:
                    c1:4d:c2:8b:b7:4a:e6:1d:76:31:fc:ad:58:89:f7:
                    90:63:ab:ef:c9:2f:e2:29:37:7c:e3:0f:0b:a8:46:
                    d9:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                34:D2:38:0E:7B:11:83:A1:3C:A9:31:E8:A7:C7:FA:5F:81:9F:7E:4A
            X509v3 Authority Key Identifier:
                keyid:6D:47:6F:A3:09:CC:24:11:D6:D6:B2:6E:44:01:DE:4F:1F:E8:A6:A2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/3412449a934b8459db5d421617e014290aa33b9d.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/7e5504d7-1a40-43f8-b6bb-36c782f1a848/6b04c5c46747376b3017a4b7c12a5c200a38e545.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/7e5504d7-1a40-43f8-b6bb-36c782f1a848/3412449a934b8459db5d421617e014290aa33b9d.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  168.77.210.0-168.77.213.255

    Signature Algorithm: sha256WithRSAEncryption
         4a:50:42:ee:58:20:4b:e7:8b:f0:a8:a1:be:57:80:b6:d8:f6:
         1f:74:2b:55:f7:d2:d6:fb:c7:fb:ec:b4:eb:48:f2:2c:52:07:
         12:b3:2e:28:47:ba:9b:35:fe:2a:8e:4f:92:e3:b2:d5:21:9a:
         78:62:75:19:0f:6a:ab:e2:ef:ac:2b:a9:09:6c:f7:b5:be:af:
         ad:82:bc:bf:7b:17:6a:d6:19:ed:2d:71:d9:84:09:4a:e1:7b:
         40:44:09:da:84:2b:53:ea:02:0b:a6:65:95:bc:c1:ae:83:2e:
         01:2f:de:91:5c:6a:cb:c8:60:11:fe:b9:5a:bc:67:46:4c:69:
         91:8b:76:35:e5:d8:11:0d:ba:66:bf:8f:5a:bb:fa:db:f4:86:
         a1:b7:17:6e:73:7e:96:31:8d:da:69:83:29:3b:5d:a4:2b:a8:
         d3:01:58:e5:0d:33:17:52:dc:8f:8b:a5:89:54:b1:ed:32:2a:
         99:2b:ec:43:83:2d:8b:c6:74:d7:59:4b:64:72:81:76:4b:91:
         d9:42:d0:94:e6:bf:11:b1:33:dc:ec:53:cd:7f:dd:81:e5:c2:
         d6:d2:f0:ff:05:a0:ce:61:71:5e:0e:73:8c:2b:8b:3e:96:07:
         29:9e:80:36:b5:60:4b:23:9d:ab:25:b0:48:52:ef:4b:3a:89:
         a1:94:68:a7
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgIDDPStMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDM0
MTI0NDlhOTM0Yjg0NTlkYjVkNDIxNjE3ZTAxNDI5MGFhMzNiOWQwHhcNMjEwMzI0
MTQ0NTIxWhcNMjYwMzI0MTQ0NTIxWjAzMTEwLwYDVQQDEyg2YjA0YzVjNDY3NDcz
NzZiMzAxN2E0YjdjMTJhNWMyMDBhMzhlNTQ1MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAgtibhKkL6FCS61mqADiCPf9xyyGhApf9VPTgNqhpb0Oqr8Zt
H1flFM2HIDB6a1jmOUphaFWJ7BMRQ6R79/p1DFGeU4yqkL4mrxuOXtThl6BYMEGX
rHwJylvXnbfciKk2K2OiqMf9YN3dXnJHzqJgqgc6AEiqvp1Mqhq79ObjsALnLQp1
FKZ935g7GH+n5dhipcELZeljNNT8otVoDih8WFpmHNSGa+bJf1G7kk4/Yx0V6zuj
LvgMumdO5wFYl+xp4E8L16e0IeU25st44+HlxF90FlZQyWfjhGjBc7UYuADBTcKL
t0rmHXYx/K1YifeQY6vvyS/iKTd84w8LqEbZCwIDAQABo4ICYzCCAl8wHQYDVR0O
BBYEFDTSOA57EYOhPKkx6KfH+l+Bn35KMB8GA1UdIwQYMBaAFG1Hb6MJzCQR1tay
bkQB3k8f6KaiMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvMzQxMjQ0
OWE5MzRiODQ1OWRiNWQ0MjE2MTdlMDE0MjkwYWEzM2I5ZC5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvN2U1NTA0ZDctMWE0MC00M2Y4LWI2YmItMzZjNzgy
ZjFhODQ4LzZiMDRjNWM0Njc0NzM3NmIzMDE3YTRiN2MxMmE1YzIwMGEzOGU1NDUu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy83ZTU1MDRkNy0xYTQwLTQzZjgtYjZiYi0zNmM3
ODJmMWE4NDgvMzQxMjQ0OWE5MzRiODQ1OWRiNWQ0MjE2MTdlMDE0MjkwYWEzM2I5
ZC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAnBggrBgEFBQcBBwEB/wQY
MBYwFAQCAAEwDjAMAwQBqE3SAwQBqE3UMA0GCSqGSIb3DQEBCwUAA4IBAQBKUELu
WCBL54vwqKG+V4C22PYfdCtV99LW+8f77LTrSPIsUgcSsy4oR7qbNf4qjk+S47LV
IZp4YnUZD2qr4u+sK6kJbPe1vq+tgry/exdq1hntLXHZhAlK4XtARAnahCtT6gIL
pmWVvMGugy4BL96RXGrLyGAR/rlavGdGTGmRi3Y15dgRDbpmv49au/rb9Iahtxdu
c36WMY3aaYMpO12kK6jTAVjlDTMXUtyPi6WJVLHtMiqZK+xDgy2LxnTXWUtkcoF2
S5HZQtCU5r8RsTPc7FPNf92B5cLW0vD/BaDOYXFeDnOMK4s+lgcpnoA2tWBLI52r
JbBIUu9LOomhlGin
-----END CERTIFICATE-----
Generated at Thu Feb 29 19:48:14 2024 by rpki-client on console-ams.rpki-client.org