Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/7e5504d7-1a40-43f8-b6bb-36c782f1a848/eca249978b3e830998f7e6c61f943ef37e7247b0.roa
File:                     eca249978b3e830998f7e6c61f943ef37e7247b0.roa (raw, json)
Hash identifier:          415jt47D2eXVcE2OASz8F2GUM7k5jBdcYF6bxGZpgLw=
Subject key identifier:   3A:9B:0E:77:79:20:33:51:8E:91:F2:EA:C8:E3:A8:06:AC:AC:8D:EA
Certificate issuer:       /CN=3412449a934b8459db5d421617e014290aa33b9d
Certificate serial:       0CF266
Authority key identifier: 6D:47:6F:A3:09:CC:24:11:D6:D6:B2:6E:44:01:DE:4F:1F:E8:A6:A2
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/3412449a934b8459db5d421617e014290aa33b9d.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/7e5504d7-1a40-43f8-b6bb-36c782f1a848/eca249978b3e830998f7e6c61f943ef37e7247b0.roa
Signing time:             Wed 24 Mar 2021 14:45:21 +0000
ROA not before:           Wed 24 Mar 2021 14:45:21 +0000
ROA not after:            Tue 24 Mar 2026 14:45:21 +0000
asID:                     3551
IP address blocks:        168.77.0.0/16 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/7e5504d7-1a40-43f8-b6bb-36c782f1a848/3412449a934b8459db5d421617e014290aa33b9d.crl
                          rsync://repository.lacnic.net/rpki/lacnic/7e5504d7-1a40-43f8-b6bb-36c782f1a848/3412449a934b8459db5d421617e014290aa33b9d.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/3412449a934b8459db5d421617e014290aa33b9d.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 03 Mar 2024 11:46:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 848486 (0xcf266)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3412449a934b8459db5d421617e014290aa33b9d
        Validity
            Not Before: Mar 24 14:45:21 2021 GMT
            Not After : Mar 24 14:45:21 2026 GMT
        Subject: CN=eca249978b3e830998f7e6c61f943ef37e7247b0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:c1:49:bf:0c:4a:48:78:ec:af:3c:73:93:29:
                    4c:ac:09:01:a4:d7:f9:17:1c:ab:3c:93:4c:d4:ac:
                    33:ef:ba:26:4f:c4:10:5d:0a:e1:f7:f3:79:02:50:
                    89:75:70:c3:12:77:79:67:a0:50:7e:38:2d:fd:78:
                    b3:75:2c:d3:86:9f:bb:92:19:f6:58:fa:90:bb:5b:
                    7c:93:93:c3:ca:6a:77:18:67:25:b3:bb:c5:cd:6f:
                    e0:0e:2d:5a:40:e4:ec:99:b3:22:cd:38:af:99:11:
                    43:a7:09:53:37:f0:94:e0:6d:60:dd:b2:51:37:3e:
                    62:68:e3:b2:37:4a:f0:b8:29:8d:dd:1d:74:d8:ad:
                    fd:45:57:1d:33:e8:eb:60:4a:08:d4:d9:d6:3c:20:
                    74:86:57:aa:c2:9d:73:0f:50:4a:a6:b4:3d:2f:29:
                    4f:b1:e2:42:a2:32:52:e6:c3:11:92:98:20:b9:81:
                    0a:82:4f:70:24:96:5f:66:67:59:a6:c6:39:98:a6:
                    c4:54:f4:72:0c:b1:51:18:a8:46:80:af:7e:08:44:
                    fa:43:52:0d:04:d3:f4:64:a2:03:68:17:d1:cb:a1:
                    d5:5c:10:84:62:19:bf:8a:fb:04:08:3e:d2:01:93:
                    71:de:00:ac:6b:59:a2:ae:d1:df:2e:fb:39:ed:f2:
                    ce:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3A:9B:0E:77:79:20:33:51:8E:91:F2:EA:C8:E3:A8:06:AC:AC:8D:EA
            X509v3 Authority Key Identifier:
                keyid:6D:47:6F:A3:09:CC:24:11:D6:D6:B2:6E:44:01:DE:4F:1F:E8:A6:A2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/3412449a934b8459db5d421617e014290aa33b9d.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/7e5504d7-1a40-43f8-b6bb-36c782f1a848/eca249978b3e830998f7e6c61f943ef37e7247b0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/7e5504d7-1a40-43f8-b6bb-36c782f1a848/3412449a934b8459db5d421617e014290aa33b9d.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  168.77.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         82:93:93:5b:c5:af:0a:e2:c2:58:a8:95:cb:09:ad:43:89:61:
         af:9f:19:6e:ed:43:b2:7a:57:3d:0a:00:1f:fa:02:ae:d7:0c:
         dc:86:83:13:d6:86:b0:d7:f9:a3:5e:e4:c8:fb:99:37:9b:9b:
         db:3d:9e:bb:1b:b3:06:b3:5c:82:95:cb:8d:ca:b9:25:f9:fa:
         89:3e:77:f5:aa:ee:dc:e0:d1:cf:1b:48:79:44:ca:f7:47:03:
         1a:63:f3:8a:67:2e:2c:a2:33:99:d5:16:a7:a9:d6:01:d8:cf:
         4e:29:f0:e6:49:14:bb:cd:88:56:7e:93:dc:a8:ad:6a:33:19:
         f8:99:73:d8:bf:87:7c:e1:db:46:81:51:3d:ee:45:69:ef:6e:
         5a:37:d7:19:87:d1:1f:a9:5c:7c:cd:1d:5c:58:cd:13:e9:6c:
         53:e9:33:dc:df:72:55:d9:f6:58:90:04:8c:d6:e2:22:93:59:
         44:c8:a7:d5:38:94:e8:d6:a6:f2:32:af:75:fb:d2:cf:77:54:
         26:be:6a:58:78:a9:81:57:91:9f:5b:f6:db:e7:87:db:e3:f2:
         e9:af:60:c6:47:18:bd:49:7e:2f:d9:6c:64:f9:9e:b5:72:af:
         77:64:36:b9:c7:39:86:03:b2:8b:33:e4:63:cd:93:6d:d6:5c:
         5d:d9:16:5b
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgIDDPJmMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDM0
MTI0NDlhOTM0Yjg0NTlkYjVkNDIxNjE3ZTAxNDI5MGFhMzNiOWQwHhcNMjEwMzI0
MTQ0NTIxWhcNMjYwMzI0MTQ0NTIxWjAzMTEwLwYDVQQDEyhlY2EyNDk5NzhiM2U4
MzA5OThmN2U2YzYxZjk0M2VmMzdlNzI0N2IwMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAnsFJvwxKSHjsrzxzkylMrAkBpNf5FxyrPJNM1Kwz77omT8QQ
XQrh9/N5AlCJdXDDEnd5Z6BQfjgt/XizdSzThp+7khn2WPqQu1t8k5PDymp3GGcl
s7vFzW/gDi1aQOTsmbMizTivmRFDpwlTN/CU4G1g3bJRNz5iaOOyN0rwuCmN3R10
2K39RVcdM+jrYEoI1NnWPCB0hleqwp1zD1BKprQ9LylPseJCojJS5sMRkpgguYEK
gk9wJJZfZmdZpsY5mKbEVPRyDLFRGKhGgK9+CET6Q1INBNP0ZKIDaBfRy6HVXBCE
Yhm/ivsECD7SAZNx3gCsa1mirtHfLvs57fLOwwIDAQABo4ICWjCCAlYwHQYDVR0O
BBYEFDqbDnd5IDNRjpHy6sjjqAasrI3qMB8GA1UdIwQYMBaAFG1Hb6MJzCQR1tay
bkQB3k8f6KaiMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvMzQxMjQ0
OWE5MzRiODQ1OWRiNWQ0MjE2MTdlMDE0MjkwYWEzM2I5ZC5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvN2U1NTA0ZDctMWE0MC00M2Y4LWI2YmItMzZjNzgy
ZjFhODQ4L2VjYTI0OTk3OGIzZTgzMDk5OGY3ZTZjNjFmOTQzZWYzN2U3MjQ3YjAu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy83ZTU1MDRkNy0xYTQwLTQzZjgtYjZiYi0zNmM3
ODJmMWE4NDgvMzQxMjQ0OWE5MzRiODQ1OWRiNWQ0MjE2MTdlMDE0MjkwYWEzM2I5
ZC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQP
MA0wCwQCAAEwBQMDAKhNMA0GCSqGSIb3DQEBCwUAA4IBAQCCk5Nbxa8K4sJYqJXL
Ca1DiWGvnxlu7UOyelc9CgAf+gKu1wzchoMT1oaw1/mjXuTI+5k3m5vbPZ67G7MG
s1yClcuNyrkl+fqJPnf1qu7c4NHPG0h5RMr3RwMaY/OKZy4sojOZ1RanqdYB2M9O
KfDmSRS7zYhWfpPcqK1qMxn4mXPYv4d84dtGgVE97kVp725aN9cZh9EfqVx8zR1c
WM0T6WxT6TPc33JV2fZYkASM1uIik1lEyKfVOJTo1qbyMq91+9LPd1QmvmpYeKmB
V5GfW/bb54fb4/Lpr2DGRxi9SX4v2Wxk+Z61cq93ZDa5xzmGA7KLM+RjzZNt1lxd
2RZb
-----END CERTIFICATE-----
Generated at Thu Feb 29 19:38:11 2024 by rpki-client on console-fra.rpki-client.org