Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/7e5504d7-1a40-43f8-b6bb-36c782f1a848/b867c22f0a3419c6cb70a0892ef0a8a0789e793c.roa
File:                     b867c22f0a3419c6cb70a0892ef0a8a0789e793c.roa (raw, json)
Hash identifier:          /0nWgSQlwXeEPKsLRbysyXG3IaiwrIdm6jBbSLH5lm8=
Subject key identifier:   5F:A8:8D:4F:64:5C:F3:37:99:E8:4A:06:F2:1A:EE:2A:D8:89:12:6B
Certificate issuer:       /CN=3412449a934b8459db5d421617e014290aa33b9d
Certificate serial:       0CF6F5
Authority key identifier: 6D:47:6F:A3:09:CC:24:11:D6:D6:B2:6E:44:01:DE:4F:1F:E8:A6:A2
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/3412449a934b8459db5d421617e014290aa33b9d.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/7e5504d7-1a40-43f8-b6bb-36c782f1a848/b867c22f0a3419c6cb70a0892ef0a8a0789e793c.roa
Signing time:             Wed 24 Mar 2021 14:45:21 +0000
ROA not before:           Wed 24 Mar 2021 14:45:21 +0000
ROA not after:            Tue 24 Mar 2026 14:45:21 +0000
asID:                     52446
IP address blocks:        168.77.214.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/7e5504d7-1a40-43f8-b6bb-36c782f1a848/3412449a934b8459db5d421617e014290aa33b9d.crl
                          rsync://repository.lacnic.net/rpki/lacnic/7e5504d7-1a40-43f8-b6bb-36c782f1a848/3412449a934b8459db5d421617e014290aa33b9d.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/3412449a934b8459db5d421617e014290aa33b9d.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 03 Mar 2024 11:46:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 849653 (0xcf6f5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3412449a934b8459db5d421617e014290aa33b9d
        Validity
            Not Before: Mar 24 14:45:21 2021 GMT
            Not After : Mar 24 14:45:21 2026 GMT
        Subject: CN=b867c22f0a3419c6cb70a0892ef0a8a0789e793c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:db:29:e0:a5:e5:fc:e3:80:81:8e:c6:38:a9:
                    7c:5a:75:63:b8:f6:25:64:00:af:f1:d2:39:52:8f:
                    6e:d9:d1:d0:1f:27:b5:15:11:0e:76:0f:62:af:68:
                    20:80:5e:d3:d8:69:91:4b:2a:39:a0:b6:fc:3d:9e:
                    29:65:df:4f:19:3c:00:83:98:5a:03:70:13:74:fb:
                    1d:ad:da:29:96:79:be:78:81:20:a1:fe:a9:82:72:
                    ca:6e:ac:3b:cf:f6:f8:f9:99:e1:f0:7e:e9:aa:d9:
                    aa:bf:22:12:50:dc:8a:45:9a:c3:bf:8e:c4:d4:d3:
                    06:0b:1c:74:1c:76:2a:2a:bc:5b:33:50:d4:74:62:
                    1e:a4:c7:eb:1c:42:04:47:38:af:a0:73:fe:c2:6b:
                    be:7f:12:e8:21:38:9d:eb:3f:1d:2e:d5:6d:19:10:
                    1f:d1:7c:d2:b9:e2:5f:e6:26:05:13:f0:a9:4d:35:
                    d8:15:6d:b0:e9:86:b3:64:4e:9b:57:f5:53:a8:36:
                    d3:ae:5e:33:a6:f8:f5:d5:ae:61:c2:26:8a:b3:ba:
                    00:87:81:aa:60:2b:b7:5f:79:6c:18:a4:e9:04:6a:
                    c2:54:3b:cc:05:0a:7b:10:b7:0a:47:32:f6:a0:1e:
                    1d:ef:47:96:e0:e1:92:a1:3f:70:74:65:31:ba:b5:
                    12:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5F:A8:8D:4F:64:5C:F3:37:99:E8:4A:06:F2:1A:EE:2A:D8:89:12:6B
            X509v3 Authority Key Identifier:
                keyid:6D:47:6F:A3:09:CC:24:11:D6:D6:B2:6E:44:01:DE:4F:1F:E8:A6:A2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/3412449a934b8459db5d421617e014290aa33b9d.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/7e5504d7-1a40-43f8-b6bb-36c782f1a848/b867c22f0a3419c6cb70a0892ef0a8a0789e793c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/7e5504d7-1a40-43f8-b6bb-36c782f1a848/3412449a934b8459db5d421617e014290aa33b9d.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  168.77.214.0/24

    Signature Algorithm: sha256WithRSAEncryption
         75:7b:b9:58:52:c1:12:a7:71:92:36:b9:41:7e:92:4d:3b:e1:
         8a:fb:44:39:80:52:96:ef:3e:d3:49:3e:ce:77:87:ab:8a:82:
         0b:05:08:7b:62:9e:3e:01:a2:27:e5:ec:86:03:c5:83:91:1b:
         f6:fa:d8:48:0e:e8:48:7a:d7:a7:d1:29:fb:27:c6:ee:4c:04:
         25:a7:fe:e3:27:fa:1d:eb:80:2a:3a:ff:27:9e:69:d0:c5:ad:
         97:b4:60:3c:0d:87:40:09:26:39:30:85:b3:ee:24:06:f8:02:
         ab:16:6e:fd:ef:12:d9:23:b2:5c:e2:25:16:39:f5:0f:42:a3:
         de:bc:fb:7a:b0:fd:b5:59:ab:cf:fd:a9:d3:3f:a2:f3:60:98:
         d7:c4:3f:c9:ea:88:43:ef:81:5f:69:0b:22:e2:99:1a:cc:1f:
         be:d7:bb:9f:94:63:dc:0d:4d:cb:6a:87:f0:e8:e4:03:d2:d7:
         86:ed:e7:9d:74:6e:6a:a9:2e:6d:ca:b8:49:2a:8e:a9:1c:00:
         77:b5:2c:31:d8:6b:d5:9f:5d:cb:f2:2c:12:64:14:d3:9c:73:
         8e:fb:ac:8d:b7:10:f0:d0:90:c0:ba:7b:59:e1:ea:7c:b7:ce:
         34:c4:13:0f:13:a7:81:7c:e5:5e:bb:b1:d6:2f:e2:2f:4c:e3:
         ae:39:5a:b0
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDDPb1MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDM0
MTI0NDlhOTM0Yjg0NTlkYjVkNDIxNjE3ZTAxNDI5MGFhMzNiOWQwHhcNMjEwMzI0
MTQ0NTIxWhcNMjYwMzI0MTQ0NTIxWjAzMTEwLwYDVQQDEyhiODY3YzIyZjBhMzQx
OWM2Y2I3MGEwODkyZWYwYThhMDc4OWU3OTNjMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAm9sp4KXl/OOAgY7GOKl8WnVjuPYlZACv8dI5Uo9u2dHQHye1
FREOdg9ir2gggF7T2GmRSyo5oLb8PZ4pZd9PGTwAg5haA3ATdPsdrdoplnm+eIEg
of6pgnLKbqw7z/b4+Znh8H7pqtmqvyISUNyKRZrDv47E1NMGCxx0HHYqKrxbM1DU
dGIepMfrHEIERzivoHP+wmu+fxLoITid6z8dLtVtGRAf0XzSueJf5iYFE/CpTTXY
FW2w6YazZE6bV/VTqDbTrl4zpvj11a5hwiaKs7oAh4GqYCu3X3lsGKTpBGrCVDvM
BQp7ELcKRzL2oB4d70eW4OGSoT9wdGUxurUS8wIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFF+ojU9kXPM3mehKBvIa7irYiRJrMB8GA1UdIwQYMBaAFG1Hb6MJzCQR1tay
bkQB3k8f6KaiMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvMzQxMjQ0
OWE5MzRiODQ1OWRiNWQ0MjE2MTdlMDE0MjkwYWEzM2I5ZC5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvN2U1NTA0ZDctMWE0MC00M2Y4LWI2YmItMzZjNzgy
ZjFhODQ4L2I4NjdjMjJmMGEzNDE5YzZjYjcwYTA4OTJlZjBhOGEwNzg5ZTc5M2Mu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy83ZTU1MDRkNy0xYTQwLTQzZjgtYjZiYi0zNmM3
ODJmMWE4NDgvMzQxMjQ0OWE5MzRiODQ1OWRiNWQ0MjE2MTdlMDE0MjkwYWEzM2I5
ZC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAKhN1jANBgkqhkiG9w0BAQsFAAOCAQEAdXu5WFLBEqdxkja5
QX6STTvhivtEOYBSlu8+00k+zneHq4qCCwUIe2KePgGiJ+XshgPFg5Eb9vrYSA7o
SHrXp9Ep+yfG7kwEJaf+4yf6HeuAKjr/J55p0MWtl7RgPA2HQAkmOTCFs+4kBvgC
qxZu/e8S2SOyXOIlFjn1D0Kj3rz7erD9tVmrz/2p0z+i82CY18Q/yeqIQ++BX2kL
IuKZGswfvte7n5Rj3A1Ny2qH8OjkA9LXhu3nnXRuaqkubcq4SSqOqRwAd7UsMdhr
1Z9dy/IsEmQU05xzjvusjbcQ8NCQwLp7WeHqfLfONMQTDxOngXzlXrux1i/iL0zj
rjlasA==
-----END CERTIFICATE-----
Generated at Thu Feb 29 19:48:14 2024 by rpki-client on console-ams.rpki-client.org