Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/8032544b-7a43-4110-8325-a3c7a15e2015/b68780927fe3d1d5d941ead92f53e966c3c63cd0.roa
File:                     b68780927fe3d1d5d941ead92f53e966c3c63cd0.roa (raw, json)
Hash identifier:          MJaZj37gahQWGyB8A+DFA/tDGTtua2RjptCxULZHT3c=
Subject key identifier:   A7:AA:B5:90:2B:3B:3B:B9:3D:FA:63:3B:A8:00:9A:DD:EA:1E:65:F9
Certificate issuer:       /CN=9d85ce0d434273e623cb46add718a5d62e967fd1
Certificate serial:       0D6377
Authority key identifier: ED:8D:8E:6D:4B:82:4C:B3:59:AC:E3:13:E5:A0:AD:3F:01:A1:E9:29
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/9d85ce0d434273e623cb46add718a5d62e967fd1.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/8032544b-7a43-4110-8325-a3c7a15e2015/b68780927fe3d1d5d941ead92f53e966c3c63cd0.roa
Signing time:             Wed 24 Mar 2021 14:28:52 +0000
ROA not before:           Wed 24 Mar 2021 14:28:52 +0000
ROA not after:            Tue 24 Mar 2026 14:28:52 +0000
asID:                     263221
IP address blocks:        161.0.176.0/21 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/8032544b-7a43-4110-8325-a3c7a15e2015/9d85ce0d434273e623cb46add718a5d62e967fd1.crl
                          rsync://repository.lacnic.net/rpki/lacnic/8032544b-7a43-4110-8325-a3c7a15e2015/9d85ce0d434273e623cb46add718a5d62e967fd1.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/9d85ce0d434273e623cb46add718a5d62e967fd1.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 03:49:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 877431 (0xd6377)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9d85ce0d434273e623cb46add718a5d62e967fd1
        Validity
            Not Before: Mar 24 14:28:52 2021 GMT
            Not After : Mar 24 14:28:52 2026 GMT
        Subject: CN=b68780927fe3d1d5d941ead92f53e966c3c63cd0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:c5:47:41:27:64:c2:c7:8f:f1:e4:82:28:11:
                    10:18:1e:24:f0:aa:60:f5:e5:a9:a7:e4:f6:45:ab:
                    45:91:46:bd:85:bf:fa:d9:95:c2:35:11:55:6e:15:
                    b3:69:72:12:6d:24:be:d7:96:3f:03:ce:fb:2e:bd:
                    47:4e:11:d3:18:fc:6f:1a:d7:fb:19:b0:1f:07:cd:
                    67:67:2e:bf:65:db:b2:d1:e0:1a:55:f8:3a:40:fc:
                    7e:ed:eb:28:8b:73:d0:33:f5:b4:1b:43:d1:16:f5:
                    b1:ed:8f:a9:1b:fc:d2:56:f2:46:0d:2f:0d:18:a0:
                    97:16:58:f8:71:7c:44:49:c4:bd:c6:1a:a6:7b:9e:
                    23:2b:cb:71:3c:35:37:c2:27:9d:7c:ee:26:8a:49:
                    e5:56:19:d6:a4:a0:d4:78:ab:48:7b:63:f4:9e:c7:
                    e8:a5:37:e0:21:e3:36:97:89:6e:e9:93:5e:50:4f:
                    fc:70:03:c4:2f:a9:de:16:f8:8b:1b:5a:85:0c:56:
                    b1:3f:ce:27:ad:4e:3f:f8:a7:f6:25:26:27:ff:29:
                    c9:49:81:2a:3a:36:f9:ab:50:0f:17:9c:a3:1c:e4:
                    f1:07:cd:90:eb:ac:7e:f0:36:ad:60:12:17:db:d2:
                    98:11:d6:76:80:69:3b:81:6a:e1:62:1c:89:21:ea:
                    92:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A7:AA:B5:90:2B:3B:3B:B9:3D:FA:63:3B:A8:00:9A:DD:EA:1E:65:F9
            X509v3 Authority Key Identifier:
                keyid:ED:8D:8E:6D:4B:82:4C:B3:59:AC:E3:13:E5:A0:AD:3F:01:A1:E9:29

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/9d85ce0d434273e623cb46add718a5d62e967fd1.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/8032544b-7a43-4110-8325-a3c7a15e2015/b68780927fe3d1d5d941ead92f53e966c3c63cd0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/8032544b-7a43-4110-8325-a3c7a15e2015/9d85ce0d434273e623cb46add718a5d62e967fd1.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  161.0.176.0/21

    Signature Algorithm: sha256WithRSAEncryption
         8e:64:b4:63:e6:c4:7f:4a:4d:f6:98:50:8f:74:e4:9c:7a:d1:
         ff:82:e5:95:1c:6b:e6:d4:f3:ca:59:85:05:51:27:5f:3c:f6:
         58:39:51:d1:dd:7b:a3:15:75:bc:65:8d:64:16:64:8f:07:65:
         01:7a:0f:22:9b:1e:b7:9e:c1:7c:94:5b:21:5b:16:79:b5:c1:
         ee:04:07:43:cc:10:1f:60:af:85:14:15:05:79:f7:6d:89:a0:
         73:21:cf:7d:bf:aa:99:87:4e:ac:d1:e7:d5:55:c9:99:46:4a:
         b1:54:2c:8a:2d:33:e8:a2:af:8a:f5:fd:2e:a6:81:2c:7a:c3:
         27:07:da:13:e3:51:db:fc:15:41:a3:50:1d:c1:d3:54:3b:00:
         fd:08:bc:4a:15:60:b6:77:30:db:a9:5a:49:10:63:92:53:0c:
         6e:0e:43:4c:2f:8e:c6:fd:fb:02:9c:1b:21:5f:9c:e1:00:52:
         ff:37:a1:fc:97:a5:91:59:d4:7c:be:ba:df:4c:8c:d7:26:ce:
         76:46:4e:b1:ac:43:80:34:fc:23:01:e1:94:a3:87:71:d7:e9:
         8b:66:0c:d8:3a:77:8e:3a:a4:1f:a9:ee:9b:e6:84:bd:ff:53:
         59:20:c2:f2:01:52:e4:ed:71:23:ff:63:6d:4a:39:5b:33:86:
         eb:06:60:93
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDDWN3MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDlk
ODVjZTBkNDM0MjczZTYyM2NiNDZhZGQ3MThhNWQ2MmU5NjdmZDEwHhcNMjEwMzI0
MTQyODUyWhcNMjYwMzI0MTQyODUyWjAzMTEwLwYDVQQDEyhiNjg3ODA5MjdmZTNk
MWQ1ZDk0MWVhZDkyZjUzZTk2NmMzYzYzY2QwMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAmsVHQSdkwseP8eSCKBEQGB4k8Kpg9eWpp+T2RatFkUa9hb/6
2ZXCNRFVbhWzaXISbSS+15Y/A877Lr1HThHTGPxvGtf7GbAfB81nZy6/Zduy0eAa
Vfg6QPx+7esoi3PQM/W0G0PRFvWx7Y+pG/zSVvJGDS8NGKCXFlj4cXxEScS9xhqm
e54jK8txPDU3wiedfO4miknlVhnWpKDUeKtIe2P0nsfopTfgIeM2l4lu6ZNeUE/8
cAPEL6neFviLG1qFDFaxP84nrU4/+Kf2JSYn/ynJSYEqOjb5q1APF5yjHOTxB82Q
66x+8DatYBIX29KYEdZ2gGk7gWrhYhyJIeqSQwIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFKeqtZArOzu5PfpjO6gAmt3qHmX5MB8GA1UdIwQYMBaAFO2Njm1LgkyzWazj
E+WgrT8BoekpMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvOWQ4NWNl
MGQ0MzQyNzNlNjIzY2I0NmFkZDcxOGE1ZDYyZTk2N2ZkMS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvODAzMjU0NGItN2E0My00MTEwLTgzMjUtYTNjN2Ex
NWUyMDE1L2I2ODc4MDkyN2ZlM2QxZDVkOTQxZWFkOTJmNTNlOTY2YzNjNjNjZDAu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy84MDMyNTQ0Yi03YTQzLTQxMTAtODMyNS1hM2M3
YTE1ZTIwMTUvOWQ4NWNlMGQ0MzQyNzNlNjIzY2I0NmFkZDcxOGE1ZDYyZTk2N2Zk
MS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEA6EAsDANBgkqhkiG9w0BAQsFAAOCAQEAjmS0Y+bEf0pN9phQ
j3TknHrR/4LllRxr5tTzylmFBVEnXzz2WDlR0d17oxV1vGWNZBZkjwdlAXoPIpse
t57BfJRbIVsWebXB7gQHQ8wQH2CvhRQVBXn3bYmgcyHPfb+qmYdOrNHn1VXJmUZK
sVQsii0z6KKvivX9LqaBLHrDJwfaE+NR2/wVQaNQHcHTVDsA/Qi8ShVgtncw26la
SRBjklMMbg5DTC+Oxv37ApwbIV+c4QBS/zeh/JelkVnUfL6630yM1ybOdkZOsaxD
gDT8IwHhlKOHcdfpi2YM2Dp3jjqkH6num+aEvf9TWSDC8gFS5O1xI/9jbUo5WzOG
6wZgkw==
-----END CERTIFICATE-----
Generated at Thu Mar 28 10:47:08 2024 by rpki-client on console-ams.rpki-client.org