Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/82500ff0-8d42-48c6-95bc-0acb2b407481/ad0bed28049b755b1c93780f20bb524baecf1419.roa
File:                     ad0bed28049b755b1c93780f20bb524baecf1419.roa (raw, json)
Hash identifier:          dQqj4qpohQNkUMpURULVTOT9/XFCLTAFbi3Phgq3XO8=
Subject key identifier:   A0:63:3E:8D:CA:5A:EE:0A:7E:B0:F5:8D:94:59:F3:92:1A:00:A6:96
Certificate issuer:       /CN=309dae9bb504b6387b7f44347b2931723572b161
Certificate serial:       02D109
Authority key identifier: DC:C2:D1:27:C2:E0:0D:AF:00:46:61:34:85:E3:E4:7E:D3:0A:53:8B
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/309dae9bb504b6387b7f44347b2931723572b161.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/82500ff0-8d42-48c6-95bc-0acb2b407481/ad0bed28049b755b1c93780f20bb524baecf1419.roa
Signing time:             Wed 24 Mar 2021 14:46:10 +0000
ROA not before:           Wed 24 Mar 2021 14:46:10 +0000
ROA not after:            Tue 24 Mar 2026 14:46:10 +0000
asID:                     27843
IP address blocks:        45.236.228.0/22 maxlen: 24
                          2803:a4a0::/32 maxlen: 48

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/82500ff0-8d42-48c6-95bc-0acb2b407481/309dae9bb504b6387b7f44347b2931723572b161.crl
                          rsync://repository.lacnic.net/rpki/lacnic/82500ff0-8d42-48c6-95bc-0acb2b407481/309dae9bb504b6387b7f44347b2931723572b161.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/309dae9bb504b6387b7f44347b2931723572b161.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 01 Apr 2024 05:58:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 184585 (0x2d109)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=309dae9bb504b6387b7f44347b2931723572b161
        Validity
            Not Before: Mar 24 14:46:10 2021 GMT
            Not After : Mar 24 14:46:10 2026 GMT
        Subject: CN=ad0bed28049b755b1c93780f20bb524baecf1419
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:83:90:38:a2:34:ff:e2:f0:89:e4:85:93:d9:da:
                    93:c0:c4:73:be:51:f1:24:e9:e9:72:dc:d9:e9:1e:
                    24:17:7e:66:b3:d7:b0:30:7b:12:21:e8:6c:f4:9f:
                    fc:f0:95:30:5f:e2:85:46:50:3e:80:4c:ca:c8:39:
                    a8:12:4f:12:8b:99:ac:fa:a0:08:21:02:13:9e:b8:
                    db:af:54:d1:89:d7:94:dd:79:86:b3:86:90:dd:2a:
                    2a:67:d5:cd:8c:d9:0c:37:43:f6:99:02:26:4d:e7:
                    d9:22:99:29:45:01:f6:30:6e:e6:97:ee:38:78:d3:
                    5a:21:45:70:6c:ec:cf:d1:8b:48:9a:92:ae:50:6b:
                    54:4e:e4:25:93:ab:07:c6:b0:5b:00:81:b8:b8:18:
                    c6:cd:13:a8:cc:ff:e8:43:82:e3:c5:1e:33:f1:7f:
                    75:63:87:cc:b1:73:c8:46:44:02:cb:e5:34:13:eb:
                    ee:66:29:79:b3:e3:b7:6f:82:98:a5:ad:48:64:0f:
                    3a:21:02:74:e5:17:cb:a9:70:a9:61:a4:91:64:39:
                    a5:0b:c9:45:28:74:c4:22:d8:dd:91:be:c5:06:c2:
                    f9:38:cf:9c:4c:9e:50:cd:63:8f:96:31:ad:1e:2d:
                    fe:40:0f:ce:e4:b5:18:23:57:39:5e:62:94:bf:38:
                    f8:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A0:63:3E:8D:CA:5A:EE:0A:7E:B0:F5:8D:94:59:F3:92:1A:00:A6:96
            X509v3 Authority Key Identifier:
                keyid:DC:C2:D1:27:C2:E0:0D:AF:00:46:61:34:85:E3:E4:7E:D3:0A:53:8B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/309dae9bb504b6387b7f44347b2931723572b161.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/82500ff0-8d42-48c6-95bc-0acb2b407481/ad0bed28049b755b1c93780f20bb524baecf1419.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/82500ff0-8d42-48c6-95bc-0acb2b407481/309dae9bb504b6387b7f44347b2931723572b161.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.236.228.0/22
                IPv6:
                  2803:a4a0::/32

    Signature Algorithm: sha256WithRSAEncryption
         6b:0a:ea:92:75:59:33:e2:13:fc:40:2b:63:aa:05:8a:36:43:
         51:00:3e:54:0f:5c:56:cb:35:94:4a:50:82:7c:59:32:cc:74:
         52:46:25:40:df:4f:45:4c:84:8f:9f:62:3e:10:89:5c:75:0a:
         81:4e:49:c1:a8:20:57:3c:c1:9b:86:d5:b0:a0:6d:65:79:e8:
         3f:4c:e3:05:44:a9:9d:5d:35:51:0a:1d:43:9e:e9:b7:d4:58:
         6f:f8:2c:7a:52:ae:08:60:58:58:b0:f3:04:46:80:01:91:00:
         d3:dc:29:44:60:68:2c:a1:97:c0:de:a9:df:c9:65:f6:49:57:
         d4:77:43:c8:25:b6:0b:26:23:1f:92:44:95:89:20:84:d4:4e:
         7e:4d:06:75:47:19:ab:d3:9d:3b:d2:11:0b:bb:f9:e7:61:40:
         14:c6:d4:52:4a:c2:e5:e6:c5:ec:c9:0c:f2:03:cc:f1:27:e0:
         20:4e:87:d8:40:89:22:a5:fb:f3:6f:85:df:bb:9f:61:bc:ff:
         e9:b7:a7:95:41:01:58:e7:99:b7:9f:cf:a2:07:53:2e:38:bd:
         42:38:fe:13:c1:a5:f2:d6:3c:9b:97:c3:fc:f8:65:5a:ac:e9:
         91:31:26:f5:4d:de:fc:91:78:3e:07:e0:e7:7e:a3:c4:24:47:
         03:d5:24:3f
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgIDAtEJMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDMw
OWRhZTliYjUwNGI2Mzg3YjdmNDQzNDdiMjkzMTcyMzU3MmIxNjEwHhcNMjEwMzI0
MTQ0NjEwWhcNMjYwMzI0MTQ0NjEwWjAzMTEwLwYDVQQDEyhhZDBiZWQyODA0OWI3
NTViMWM5Mzc4MGYyMGJiNTI0YmFlY2YxNDE5MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAg5A4ojT/4vCJ5IWT2dqTwMRzvlHxJOnpctzZ6R4kF35ms9ew
MHsSIehs9J/88JUwX+KFRlA+gEzKyDmoEk8Si5ms+qAIIQITnrjbr1TRideU3XmG
s4aQ3SoqZ9XNjNkMN0P2mQImTefZIpkpRQH2MG7ml+44eNNaIUVwbOzP0YtImpKu
UGtUTuQlk6sHxrBbAIG4uBjGzROozP/oQ4LjxR4z8X91Y4fMsXPIRkQCy+U0E+vu
Zil5s+O3b4KYpa1IZA86IQJ05RfLqXCpYaSRZDmlC8lFKHTEItjdkb7FBsL5OM+c
TJ5QzWOPljGtHi3+QA/O5LUYI1c5XmKUvzj4twIDAQABo4ICajCCAmYwHQYDVR0O
BBYEFKBjPo3KWu4KfrD1jZRZ85IaAKaWMB8GA1UdIwQYMBaAFNzC0SfC4A2vAEZh
NIXj5H7TClOLMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvMzA5ZGFl
OWJiNTA0YjYzODdiN2Y0NDM0N2IyOTMxNzIzNTcyYjE2MS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvODI1MDBmZjAtOGQ0Mi00OGM2LTk1YmMtMGFjYjJi
NDA3NDgxL2FkMGJlZDI4MDQ5Yjc1NWIxYzkzNzgwZjIwYmI1MjRiYWVjZjE0MTku
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy84MjUwMGZmMC04ZDQyLTQ4YzYtOTViYy0wYWNi
MmI0MDc0ODEvMzA5ZGFlOWJiNTA0YjYzODdiN2Y0NDM0N2IyOTMxNzIzNTcyYjE2
MS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQf
MB0wDAQCAAEwBgMEAi3s5DANBAIAAjAHAwUAKAOkoDANBgkqhkiG9w0BAQsFAAOC
AQEAawrqknVZM+IT/EArY6oFijZDUQA+VA9cVss1lEpQgnxZMsx0UkYlQN9PRUyE
j59iPhCJXHUKgU5JwaggVzzBm4bVsKBtZXnoP0zjBUSpnV01UQodQ57pt9RYb/gs
elKuCGBYWLDzBEaAAZEA09wpRGBoLKGXwN6p38ll9klX1HdDyCW2CyYjH5JElYkg
hNROfk0GdUcZq9OdO9IRC7v552FAFMbUUkrC5ebF7MkM8gPM8SfgIE6H2ECJIqX7
82+F37ufYbz/6benlUEBWOeZt5/PogdTLji9Qjj+E8Gl8tY8m5fD/PhlWqzpkTEm
9U3e/JF4Pgfg536jxCRHA9UkPw==
-----END CERTIFICATE-----
Generated at Fri Mar 29 06:25:32 2024 by rpki-client on console-ams.rpki-client.org