Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/837ac0c2-f570-437e-9066-d68297fdb874/ffab051088bfdd0aa81493a6f666c4bacaefefe4.roa
File:                     ffab051088bfdd0aa81493a6f666c4bacaefefe4.roa (raw, json)
Hash identifier:          9M9WbFnRJzSdfrqnMtVo18u26XoDBpTy3scUKDsTyjs=
Subject key identifier:   3B:D9:34:58:15:D6:9D:3B:D7:FF:CB:6B:86:51:B6:E4:B1:0A:E7:C6
Certificate issuer:       /CN=8c372aeabf439eb0f54ff6f7cfd475033b2cf2fe
Certificate serial:       0BD5DE
Authority key identifier: CA:A2:37:45:E3:C8:C6:97:4F:6A:67:C0:B7:6E:0E:3A:B0:69:C4:02
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/8c372aeabf439eb0f54ff6f7cfd475033b2cf2fe.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/837ac0c2-f570-437e-9066-d68297fdb874/ffab051088bfdd0aa81493a6f666c4bacaefefe4.roa
Signing time:             Wed 24 Mar 2021 14:40:08 +0000
ROA not before:           Wed 24 Mar 2021 14:40:08 +0000
ROA not after:            Tue 24 Mar 2026 14:40:08 +0000
asID:                     263238
IP address blocks:        45.173.228.0/22 maxlen: 24
                          2803:5c60::/32 maxlen: 64

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/837ac0c2-f570-437e-9066-d68297fdb874/8c372aeabf439eb0f54ff6f7cfd475033b2cf2fe.crl
                          rsync://repository.lacnic.net/rpki/lacnic/837ac0c2-f570-437e-9066-d68297fdb874/8c372aeabf439eb0f54ff6f7cfd475033b2cf2fe.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/8c372aeabf439eb0f54ff6f7cfd475033b2cf2fe.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Fri 01 Mar 2024 15:12:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 775646 (0xbd5de)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8c372aeabf439eb0f54ff6f7cfd475033b2cf2fe
        Validity
            Not Before: Mar 24 14:40:08 2021 GMT
            Not After : Mar 24 14:40:08 2026 GMT
        Subject: CN=ffab051088bfdd0aa81493a6f666c4bacaefefe4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:cb:c1:18:15:10:f9:8a:a8:4e:b0:02:c4:d6:
                    91:95:86:e2:55:3a:60:52:69:06:a9:dd:9f:89:af:
                    e6:8b:ad:d9:1f:7a:0d:f9:50:70:11:6c:4d:82:54:
                    a2:49:2a:dc:13:3a:36:42:32:c6:8c:d3:b1:b8:19:
                    b0:dc:0b:ea:aa:01:e1:01:6e:cf:9e:bd:86:d7:69:
                    d1:b2:6b:89:01:a4:9e:dc:0a:b6:4b:4a:e4:1b:19:
                    e4:99:af:d8:68:7f:dd:12:da:31:28:8d:58:34:76:
                    51:ff:f4:54:8a:8d:d9:95:db:5f:f0:07:03:55:63:
                    84:0e:e4:8a:78:75:a6:af:89:61:bc:58:2a:85:5e:
                    40:e4:e6:cd:e9:c5:43:9d:fa:2c:89:7d:0f:82:9c:
                    48:52:2c:58:06:a3:e3:98:2f:f6:8c:07:af:34:6d:
                    4e:4f:59:96:49:ff:d4:6f:d1:20:79:f7:35:06:00:
                    03:f3:b1:3c:7c:b0:d1:cc:29:fd:bd:ad:1f:09:e6:
                    6c:a6:7f:2d:32:d9:92:07:40:38:71:29:78:16:76:
                    b3:42:20:29:e1:04:6d:df:47:e2:79:ca:a2:8f:6b:
                    84:12:2d:bd:6f:17:d5:56:85:83:0e:12:50:16:1b:
                    be:0b:51:18:44:e5:d0:f5:0d:c4:f3:81:fb:67:4c:
                    63:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3B:D9:34:58:15:D6:9D:3B:D7:FF:CB:6B:86:51:B6:E4:B1:0A:E7:C6
            X509v3 Authority Key Identifier:
                keyid:CA:A2:37:45:E3:C8:C6:97:4F:6A:67:C0:B7:6E:0E:3A:B0:69:C4:02

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/8c372aeabf439eb0f54ff6f7cfd475033b2cf2fe.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/837ac0c2-f570-437e-9066-d68297fdb874/ffab051088bfdd0aa81493a6f666c4bacaefefe4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/837ac0c2-f570-437e-9066-d68297fdb874/8c372aeabf439eb0f54ff6f7cfd475033b2cf2fe.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.173.228.0/22
                IPv6:
                  2803:5c60::/32

    Signature Algorithm: sha256WithRSAEncryption
         4f:ce:7a:54:32:1f:8f:d4:9a:a4:ea:c3:5e:49:fb:30:12:0b:
         7b:ad:a5:8c:66:dd:87:fd:25:48:e3:26:7e:af:5e:d8:cc:6b:
         05:78:84:18:c0:f4:12:49:07:4e:65:3d:60:6b:8f:b6:07:b3:
         fb:61:cb:19:5c:1b:14:d5:fa:3e:87:7d:ef:de:87:17:91:93:
         6a:25:b2:3c:6a:fa:51:f7:59:8b:16:db:ea:9f:07:df:db:26:
         9d:44:16:ee:ef:a1:67:e9:b3:29:56:4a:e6:87:6d:ae:95:93:
         5d:4c:3c:7f:6d:63:da:88:ea:82:60:c6:1e:05:00:05:01:e9:
         28:86:75:a1:09:81:3a:be:c6:de:99:cb:df:16:40:1f:98:40:
         f8:0b:98:ed:09:74:a4:14:eb:84:0a:41:ac:dc:9f:1d:84:fb:
         8d:16:16:b1:a1:f1:5f:3a:e3:31:62:a0:33:d5:96:36:ad:94:
         7c:16:42:aa:9f:32:74:6a:97:2d:ec:2d:57:6d:a7:27:62:49:
         66:97:0f:11:94:8a:c0:8c:11:88:3d:1d:1e:91:41:94:fe:2a:
         87:bc:16:1c:36:b0:09:69:84:68:a5:ef:17:92:71:96:01:28:
         35:1d:5c:1f:39:5b:97:ff:a7:ce:89:5b:4f:2d:bb:b0:08:45:
         52:43:6a:b0
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgIDC9XeMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDhj
MzcyYWVhYmY0MzllYjBmNTRmZjZmN2NmZDQ3NTAzM2IyY2YyZmUwHhcNMjEwMzI0
MTQ0MDA4WhcNMjYwMzI0MTQ0MDA4WjAzMTEwLwYDVQQDEyhmZmFiMDUxMDg4YmZk
ZDBhYTgxNDkzYTZmNjY2YzRiYWNhZWZlZmU0MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAmsvBGBUQ+YqoTrACxNaRlYbiVTpgUmkGqd2fia/mi63ZH3oN
+VBwEWxNglSiSSrcEzo2QjLGjNOxuBmw3AvqqgHhAW7Pnr2G12nRsmuJAaSe3Aq2
S0rkGxnkma/YaH/dEtoxKI1YNHZR//RUio3Zldtf8AcDVWOEDuSKeHWmr4lhvFgq
hV5A5ObN6cVDnfosiX0PgpxIUixYBqPjmC/2jAevNG1OT1mWSf/Ub9Egefc1BgAD
87E8fLDRzCn9va0fCeZspn8tMtmSB0A4cSl4FnazQiAp4QRt30fiecqij2uEEi29
bxfVVoWDDhJQFhu+C1EYROXQ9Q3E84H7Z0xjJwIDAQABo4ICajCCAmYwHQYDVR0O
BBYEFDvZNFgV1p071//La4ZRtuSxCufGMB8GA1UdIwQYMBaAFMqiN0XjyMaXT2pn
wLduDjqwacQCMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvOGMzNzJh
ZWFiZjQzOWViMGY1NGZmNmY3Y2ZkNDc1MDMzYjJjZjJmZS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvODM3YWMwYzItZjU3MC00MzdlLTkwNjYtZDY4Mjk3
ZmRiODc0L2ZmYWIwNTEwODhiZmRkMGFhODE0OTNhNmY2NjZjNGJhY2FlZmVmZTQu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy84MzdhYzBjMi1mNTcwLTQzN2UtOTA2Ni1kNjgy
OTdmZGI4NzQvOGMzNzJhZWFiZjQzOWViMGY1NGZmNmY3Y2ZkNDc1MDMzYjJjZjJm
ZS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQf
MB0wDAQCAAEwBgMEAi2t5DANBAIAAjAHAwUAKANcYDANBgkqhkiG9w0BAQsFAAOC
AQEAT856VDIfj9SapOrDXkn7MBILe62ljGbdh/0lSOMmfq9e2MxrBXiEGMD0EkkH
TmU9YGuPtgez+2HLGVwbFNX6Pod9796HF5GTaiWyPGr6UfdZixbb6p8H39smnUQW
7u+hZ+mzKVZK5odtrpWTXUw8f21j2ojqgmDGHgUABQHpKIZ1oQmBOr7G3pnL3xZA
H5hA+AuY7Ql0pBTrhApBrNyfHYT7jRYWsaHxXzrjMWKgM9WWNq2UfBZCqp8ydGqX
LewtV22nJ2JJZpcPEZSKwIwRiD0dHpFBlP4qh7wWHDawCWmEaKXvF5JxlgEoNR1c
Hzlbl/+nzolbTy27sAhFUkNqsA==
-----END CERTIFICATE-----
Generated at Tue Feb 27 17:04:28 2024 by rpki-client on console-ams.rpki-client.org