Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/8257f013-afa3-456e-aefa-ebaa7ba59392/86fa410c085ace7a37938e6c228522600bda50c8.roa
File:                     86fa410c085ace7a37938e6c228522600bda50c8.roa (raw, json)
Hash identifier:          J7R+bD8vCsUiHE8v88iePyWpv3O50FviKpYAd3p6m6o=
Subject key identifier:   79:94:66:4E:C7:91:9F:31:77:32:20:95:DD:89:01:27:C0:85:9B:85
Certificate issuer:       /CN=e35265d5b311e016b0d83ba29138bc707e21721b
Certificate serial:       23F7
Authority key identifier: FC:1A:22:05:32:C6:A4:63:35:18:21:0F:60:6D:77:ED:67:E1:E4:B7
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/e35265d5b311e016b0d83ba29138bc707e21721b.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/8257f013-afa3-456e-aefa-ebaa7ba59392/86fa410c085ace7a37938e6c228522600bda50c8.roa
Signing time:             Mon 17 May 2021 23:50:07 +0000
ROA not before:           Mon 17 May 2021 03:00:00 +0000
ROA not after:            Sat 17 May 2025 03:00:00 +0000
asID:                     271870
IP address blocks:        177.73.152.0/24 maxlen: 30

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/8257f013-afa3-456e-aefa-ebaa7ba59392/e35265d5b311e016b0d83ba29138bc707e21721b.crl
                          rsync://repository.lacnic.net/rpki/lacnic/8257f013-afa3-456e-aefa-ebaa7ba59392/e35265d5b311e016b0d83ba29138bc707e21721b.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/e35265d5b311e016b0d83ba29138bc707e21721b.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 03:49:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 9207 (0x23f7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e35265d5b311e016b0d83ba29138bc707e21721b
        Validity
            Not Before: May 17 03:00:00 2021 GMT
            Not After : May 17 03:00:00 2025 GMT
        Subject: CN=86fa410c085ace7a37938e6c228522600bda50c8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:8b:e2:97:d4:02:c6:0d:98:27:81:06:49:da:
                    60:47:e5:69:d8:6d:fc:95:63:16:db:21:7e:57:db:
                    c9:ee:6b:5c:2e:42:da:21:72:49:06:03:bc:2e:0a:
                    a8:88:75:81:99:d7:0e:a8:42:3c:0d:bc:27:9d:7d:
                    cb:71:85:c2:79:25:0c:2c:16:33:59:f2:9d:fb:ae:
                    79:98:88:18:1f:3e:a7:c2:07:c8:ad:1f:ba:95:b9:
                    64:ed:aa:a2:75:c6:ad:57:0d:1d:5c:50:0f:6b:95:
                    cb:79:0c:89:cd:35:df:32:e9:75:05:7d:dc:33:b8:
                    09:a6:29:01:61:db:03:2d:19:b7:25:e0:f7:dc:d9:
                    4f:df:b1:2c:c2:f3:4b:b5:d5:73:bc:fe:b1:0b:0c:
                    11:82:05:c7:1e:13:51:b8:e9:3d:aa:f7:23:75:13:
                    45:d2:e9:57:29:64:d5:29:0a:1e:b2:4d:2a:d8:5f:
                    dc:1e:55:c0:c8:43:a7:41:2c:f1:fb:42:75:ed:15:
                    2e:d2:6e:dc:62:5d:89:d0:22:82:88:42:43:a2:6c:
                    a2:48:bd:c8:8b:55:72:a1:a4:d4:4a:04:86:49:4d:
                    44:fe:41:10:1a:6d:5e:90:01:ad:61:3b:2f:d9:68:
                    44:ed:59:72:a3:65:66:d9:81:a9:27:f6:18:c8:4e:
                    10:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                79:94:66:4E:C7:91:9F:31:77:32:20:95:DD:89:01:27:C0:85:9B:85
            X509v3 Authority Key Identifier:
                keyid:FC:1A:22:05:32:C6:A4:63:35:18:21:0F:60:6D:77:ED:67:E1:E4:B7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/e35265d5b311e016b0d83ba29138bc707e21721b.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/8257f013-afa3-456e-aefa-ebaa7ba59392/86fa410c085ace7a37938e6c228522600bda50c8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/8257f013-afa3-456e-aefa-ebaa7ba59392/e35265d5b311e016b0d83ba29138bc707e21721b.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  177.73.152.0/24

    Signature Algorithm: sha256WithRSAEncryption
         47:55:86:f3:ae:ae:f8:b7:2e:72:96:84:56:24:59:a1:2d:a9:
         6f:e0:93:97:a7:c6:7e:37:2d:95:1a:90:7a:45:bc:22:1f:da:
         48:5f:31:4e:03:c7:81:08:f6:89:8a:85:20:82:fa:25:86:ff:
         55:4f:63:3b:f6:63:92:64:85:bc:e1:67:6b:ea:74:eb:22:d2:
         7a:76:f1:d9:1c:90:6f:7e:46:20:5e:cb:4d:11:82:34:f9:dc:
         5e:ff:f4:c3:a5:74:31:c1:08:e0:a3:85:59:ea:0f:72:0f:fe:
         13:c1:e0:25:ec:1c:e3:31:67:77:5b:9e:8d:4c:9c:cd:c4:5f:
         29:23:ab:a2:b5:8d:d1:9b:71:2f:00:b0:53:86:f4:b3:56:0f:
         4a:d7:8e:00:35:59:4f:61:28:d5:bc:4a:af:ae:09:af:05:4d:
         cb:c2:30:5e:81:26:9e:9f:00:cb:40:8c:91:ae:b2:c7:ad:fa:
         48:75:ef:58:bd:db:8b:c2:fc:14:33:84:ce:01:88:c8:03:e4:
         a8:1a:33:c4:21:fa:84:76:cf:8b:10:4a:2a:0c:a5:9a:d5:24:
         4b:fe:8e:92:6c:93:a5:20:7c:8a:7b:8f:0d:f8:bf:64:e0:31:
         8f:50:bc:80:85:33:21:5d:ff:34:19:c4:d8:2d:44:2c:93:92:
         47:ef:ab:1f
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgICI/cwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoZTM1
MjY1ZDViMzExZTAxNmIwZDgzYmEyOTEzOGJjNzA3ZTIxNzIxYjAeFw0yMTA1MTcw
MzAwMDBaFw0yNTA1MTcwMzAwMDBaMDMxMTAvBgNVBAMTKDg2ZmE0MTBjMDg1YWNl
N2EzNzkzOGU2YzIyODUyMjYwMGJkYTUwYzgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCLi+KX1ALGDZgngQZJ2mBH5WnYbfyVYxbbIX5X28nua1wuQtoh
ckkGA7wuCqiIdYGZ1w6oQjwNvCedfctxhcJ5JQwsFjNZ8p37rnmYiBgfPqfCB8it
H7qVuWTtqqJ1xq1XDR1cUA9rlct5DInNNd8y6XUFfdwzuAmmKQFh2wMtGbcl4Pfc
2U/fsSzC80u11XO8/rELDBGCBcceE1G46T2q9yN1E0XS6VcpZNUpCh6yTSrYX9we
VcDIQ6dBLPH7QnXtFS7SbtxiXYnQIoKIQkOibKJIvciLVXKhpNRKBIZJTUT+QRAa
bV6QAa1hOy/ZaETtWXKjZWbZgakn9hjIThCLAgMBAAGjggJbMIICVzAdBgNVHQ4E
FgQUeZRmTseRnzF3MiCV3YkBJ8CFm4UwHwYDVR0jBBgwFoAU/BoiBTLGpGM1GCEP
YG137Wfh5LcwDgYDVR0PAQH/BAQDAgeAMIGaBggrBgEFBQcBAQSBjTCBijCBhwYI
KwYBBQUHMAKGe3JzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jwa2kvbGFj
bmljLzQ4ZjA4M2JiLWY2MDMtNDg5My05OTkwLTAyODRjMDRjZWI4NS9lMzUyNjVk
NWIzMTFlMDE2YjBkODNiYTI5MTM4YmM3MDdlMjE3MjFiLmNlcjCBmgYIKwYBBQUH
AQsEgY0wgYowgYcGCCsGAQUFBzALhntyc3luYzovL3JlcG9zaXRvcnkubGFjbmlj
Lm5ldC9ycGtpL2xhY25pYy84MjU3ZjAxMy1hZmEzLTQ1NmUtYWVmYS1lYmFhN2Jh
NTkzOTIvODZmYTQxMGMwODVhY2U3YTM3OTM4ZTZjMjI4NTIyNjAwYmRhNTBjOC5y
b2EwgY8GA1UdHwSBhzCBhDCBgaB/oH2Ge3JzeW5jOi8vcmVwb3NpdG9yeS5sYWNu
aWMubmV0L3Jwa2kvbGFjbmljLzgyNTdmMDEzLWFmYTMtNDU2ZS1hZWZhLWViYWE3
YmE1OTM5Mi9lMzUyNjVkNWIzMTFlMDE2YjBkODNiYTI5MTM4YmM3MDdlMjE3MjFi
LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAw
DjAMBAIAATAGAwQAsUmYMA0GCSqGSIb3DQEBCwUAA4IBAQBHVYbzrq74ty5yloRW
JFmhLalv4JOXp8Z+Ny2VGpB6RbwiH9pIXzFOA8eBCPaJioUggvolhv9VT2M79mOS
ZIW84Wdr6nTrItJ6dvHZHJBvfkYgXstNEYI0+dxe//TDpXQxwQjgo4VZ6g9yD/4T
weAl7BzjMWd3W56NTJzNxF8pI6uitY3Rm3EvALBThvSzVg9K144ANVlPYSjVvEqv
rgmvBU3LwjBegSaenwDLQIyRrrLHrfpIde9YvduLwvwUM4TOAYjIA+SoGjPEIfqE
ds+LEEoqDKWa1SRL/o6SbJOlIHyKe48N+L9k4DGPULyAhTMhXf80GcTYLUQsk5JH
76sf
-----END CERTIFICATE-----
Generated at Thu Mar 28 08:12:24 2024 by rpki-client on console-ams.rpki-client.org