Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/7f112c7d-862c-4867-ba49-772b4d6018ab/bde80fc7e49b703c5880cce47abf7f72d9c7328f.roa
File:                     bde80fc7e49b703c5880cce47abf7f72d9c7328f.roa (raw, json)
Hash identifier:          9+c1vIk7rnTlmE4mv5MpvmwQqDrTszQRk7vzK963DEE=
Subject key identifier:   DC:7E:13:B0:6D:97:09:42:9E:77:63:5A:3A:90:A7:63:0B:37:10:A5
Certificate issuer:       /CN=ae12d182092cdf9310f84c5937df4c7b73df4145
Certificate serial:       1BE0F4
Authority key identifier: B4:63:15:8F:59:B6:3A:2D:3E:11:99:EF:4C:95:1B:1C:0C:99:36:BA
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ae12d182092cdf9310f84c5937df4c7b73df4145.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/7f112c7d-862c-4867-ba49-772b4d6018ab/bde80fc7e49b703c5880cce47abf7f72d9c7328f.roa
Signing time:             Mon 31 Oct 2022 16:19:31 +0000
ROA not before:           Tue 23 Mar 2021 14:48:10 +0000
ROA not after:            Tue 24 Mar 2026 14:48:10 +0000
asID:                     27889
IP address blocks:        181.17.0.0/16 maxlen: 20
                          181.18.0.0/15 maxlen: 20
                          181.34.0.0/15 maxlen: 20
                          186.26.0.0/18 maxlen: 20
                          186.26.128.0/17 maxlen: 20
                          200.107.192.0/21 maxlen: 21
                          201.238.0.0/19 maxlen: 24
                          201.238.32.0/19 maxlen: 24
                          2800:500::/32 maxlen: 32

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/7f112c7d-862c-4867-ba49-772b4d6018ab/ae12d182092cdf9310f84c5937df4c7b73df4145.crl
                          rsync://repository.lacnic.net/rpki/lacnic/7f112c7d-862c-4867-ba49-772b4d6018ab/ae12d182092cdf9310f84c5937df4c7b73df4145.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ae12d182092cdf9310f84c5937df4c7b73df4145.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 12:22:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1827060 (0x1be0f4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ae12d182092cdf9310f84c5937df4c7b73df4145
        Validity
            Not Before: Mar 23 14:48:10 2021 GMT
            Not After : Mar 24 14:48:10 2026 GMT
        Subject: CN=bde80fc7e49b703c5880cce47abf7f72d9c7328f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:f1:7b:37:93:32:c6:aa:f5:7d:c9:f8:04:1b:
                    d1:7c:65:7a:48:d5:8f:bd:b1:ce:98:6b:28:2b:fd:
                    1c:80:32:72:ca:b0:14:da:69:a9:19:ef:4b:4d:99:
                    a2:ea:96:e0:db:3e:56:2f:5f:59:c0:4c:55:42:8a:
                    a7:16:92:72:2b:84:97:52:90:0b:55:7d:bc:fa:69:
                    3d:14:e0:cf:3e:48:dd:f8:9e:6c:53:5d:f0:78:e0:
                    b1:ed:2a:20:53:93:08:a1:33:83:67:98:49:d0:ad:
                    c0:f4:8d:54:c5:f4:c2:d1:74:05:6a:52:f7:d9:b7:
                    7b:72:95:08:87:59:7d:ae:de:47:17:ea:12:b5:e5:
                    b2:91:98:16:73:12:03:3b:01:dd:fd:7f:8d:81:d1:
                    0a:d4:ad:46:42:c7:0c:43:e7:56:29:6b:c3:26:b4:
                    37:39:b3:8a:18:02:c0:6d:dc:c0:14:1b:f0:7f:3f:
                    f1:d4:40:ba:78:1f:0e:06:ef:c4:20:0b:e7:49:bd:
                    f2:87:49:6f:c2:10:c3:ef:b8:ea:52:3d:f6:33:a9:
                    64:13:7c:5d:db:2b:74:96:42:84:f9:05:7f:8f:7f:
                    2a:e5:14:81:36:d3:a2:bb:1b:a8:0a:ec:8b:4c:f8:
                    16:79:a1:53:18:ec:3a:71:85:03:86:bb:a2:08:e8:
                    c3:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DC:7E:13:B0:6D:97:09:42:9E:77:63:5A:3A:90:A7:63:0B:37:10:A5
            X509v3 Authority Key Identifier:
                keyid:B4:63:15:8F:59:B6:3A:2D:3E:11:99:EF:4C:95:1B:1C:0C:99:36:BA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ae12d182092cdf9310f84c5937df4c7b73df4145.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/7f112c7d-862c-4867-ba49-772b4d6018ab/bde80fc7e49b703c5880cce47abf7f72d9c7328f.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/7f112c7d-862c-4867-ba49-772b4d6018ab/ae12d182092cdf9310f84c5937df4c7b73df4145.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  181.17.0.0-181.19.255.255
                  181.34.0.0/15
                  186.26.0.0/18
                  186.26.128.0/17
                  200.107.192.0/21
                  201.238.0.0/18
                IPv6:
                  2800:500::/32

    Signature Algorithm: sha256WithRSAEncryption
         19:e7:a0:68:9c:21:63:dd:69:cf:a5:8c:03:5c:5d:8d:42:42:
         08:3d:83:45:cc:31:ae:f9:10:8e:c1:37:e9:2f:18:be:cf:95:
         87:66:c4:b6:bb:20:77:20:ce:c9:a2:29:b3:af:56:c0:89:f7:
         4a:81:71:76:0a:58:68:64:ec:60:dd:b1:64:45:c1:88:0d:9a:
         31:06:ee:9a:6b:28:c6:45:28:44:80:1c:dd:b1:c2:9a:10:72:
         61:9c:0a:9c:3f:42:7c:11:fe:f8:33:5c:f8:a2:68:12:90:51:
         ab:f8:2e:92:e8:c6:e3:aa:90:6e:1c:42:c1:d3:56:3a:9d:11:
         04:79:18:50:6a:88:5d:71:60:fb:6c:01:13:30:80:e3:66:c1:
         dd:d2:48:ad:74:b4:da:9f:b1:77:d7:92:b4:86:4c:5c:06:c5:
         ba:6b:d3:57:0f:7a:61:0b:2c:a7:0a:95:24:be:3c:17:a7:a1:
         e6:8e:e7:e4:1d:e4:c3:c9:1b:ce:7d:81:c7:6c:2e:24:65:9b:
         a3:17:84:85:33:92:73:1a:b4:b4:ea:5c:e8:8f:de:09:38:11:
         e6:d0:f2:93:d7:a8:12:bc:5f:59:f7:84:ab:22:c7:c9:53:c8:
         30:cc:7d:9a:84:c4:e8:0e:a6:49:b7:ca:02:3f:e3:b4:cf:48:
         cb:84:f3:60
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgIDG+D0MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGFl
MTJkMTgyMDkyY2RmOTMxMGY4NGM1OTM3ZGY0YzdiNzNkZjQxNDUwHhcNMjEwMzIz
MTQ0ODEwWhcNMjYwMzI0MTQ0ODEwWjAzMTEwLwYDVQQDEyhiZGU4MGZjN2U0OWI3
MDNjNTg4MGNjZTQ3YWJmN2Y3MmQ5YzczMjhmMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAhfF7N5Myxqr1fcn4BBvRfGV6SNWPvbHOmGsoK/0cgDJyyrAU
2mmpGe9LTZmi6pbg2z5WL19ZwExVQoqnFpJyK4SXUpALVX28+mk9FODPPkjd+J5s
U13weOCx7SogU5MIoTODZ5hJ0K3A9I1UxfTC0XQFalL32bd7cpUIh1l9rt5HF+oS
teWykZgWcxIDOwHd/X+NgdEK1K1GQscMQ+dWKWvDJrQ3ObOKGALAbdzAFBvwfz/x
1EC6eB8OBu/EIAvnSb3yh0lvwhDD77jqUj32M6lkE3xd2yt0lkKE+QV/j38q5RSB
NtOiuxuoCuyLTPgWeaFTGOw6cYUDhruiCOjD7wIDAQABo4ICjTCCAokwHQYDVR0O
BBYEFNx+E7BtlwlCnndjWjqQp2MLNxClMB8GA1UdIwQYMBaAFLRjFY9ZtjotPhGZ
70yVGxwMmTa6MA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYWUxMmQx
ODIwOTJjZGY5MzEwZjg0YzU5MzdkZjRjN2I3M2RmNDE0NS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvN2YxMTJjN2QtODYyYy00ODY3LWJhNDktNzcyYjRk
NjAxOGFiL2JkZTgwZmM3ZTQ5YjcwM2M1ODgwY2NlNDdhYmY3ZjcyZDljNzMyOGYu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy83ZjExMmM3ZC04NjJjLTQ4NjctYmE0OS03NzJi
NGQ2MDE4YWIvYWUxMmQxODIwOTJjZGY5MzEwZjg0YzU5MzdkZjRjN2I3M2RmNDE0
NS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBRBggrBgEFBQcBBwEB/wRC
MEAwLwQCAAEwKTAKAwMAtREDAwK1EAMDAbUiAwQGuhoAAwQHuhqAAwQDyGvAAwQG
ye4AMA0EAgACMAcDBQAoAAUAMA0GCSqGSIb3DQEBCwUAA4IBAQAZ56BonCFj3WnP
pYwDXF2NQkIIPYNFzDGu+RCOwTfpLxi+z5WHZsS2uyB3IM7Joimzr1bAifdKgXF2
ClhoZOxg3bFkRcGIDZoxBu6aayjGRShEgBzdscKaEHJhnAqcP0J8Ef74M1z4omgS
kFGr+C6S6MbjqpBuHELB01Y6nREEeRhQaohdcWD7bAETMIDjZsHd0kitdLTan7F3
15K0hkxcBsW6a9NXD3phCyynCpUkvjwXp6HmjufkHeTDyRvOfYHHbC4kZZujF4SF
M5JzGrS06lzoj94JOBHm0PKT16gSvF9Z94SrIsfJU8gwzH2ahMToDqZJt8oCP+O0
z0jLhPNg
-----END CERTIFICATE-----
Generated at Thu Mar 28 16:43:51 2024 by rpki-client on console-fra.rpki-client.org