Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/87339146-20c3-42dd-9546-dcb353dbc985/9e877652a4dbbe13a788bc4c2f56616e771f8b93.roa
File:                     9e877652a4dbbe13a788bc4c2f56616e771f8b93.roa (raw, json)
Hash identifier:          F4mlOoPykXgaKZJoPeqhttcNZ6W6K8mu9k2CPJP3gBw=
Subject key identifier:   78:83:20:DE:89:61:77:40:6F:C2:D1:80:3C:9D:A6:3C:D8:3C:BB:2E
Certificate issuer:       /CN=4e59ab85356d25d04ce88952ed51cf85fdedace6
Certificate serial:       0F3D61
Authority key identifier: C2:CF:29:05:77:4E:F7:C1:04:16:37:C3:5F:1A:CD:97:1C:CB:55:2A
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/4e59ab85356d25d04ce88952ed51cf85fdedace6.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/87339146-20c3-42dd-9546-dcb353dbc985/9e877652a4dbbe13a788bc4c2f56616e771f8b93.roa
Signing time:             Tue 25 Apr 2023 14:58:34 +0000
ROA not before:           Mon 24 Apr 2023 14:58:34 +0000
ROA not after:            Fri 25 Apr 2025 14:58:34 +0000
asID:                     264622
IP address blocks:        143.137.244.0/22 maxlen: 24
                          2803:140::/32 maxlen: 32

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/87339146-20c3-42dd-9546-dcb353dbc985/4e59ab85356d25d04ce88952ed51cf85fdedace6.crl
                          rsync://repository.lacnic.net/rpki/lacnic/87339146-20c3-42dd-9546-dcb353dbc985/4e59ab85356d25d04ce88952ed51cf85fdedace6.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/4e59ab85356d25d04ce88952ed51cf85fdedace6.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 03 Mar 2024 00:18:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 998753 (0xf3d61)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4e59ab85356d25d04ce88952ed51cf85fdedace6
        Validity
            Not Before: Apr 24 14:58:34 2023 GMT
            Not After : Apr 25 14:58:34 2025 GMT
        Subject: CN=9e877652a4dbbe13a788bc4c2f56616e771f8b93
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:d2:51:6a:cc:4e:22:3c:df:4e:32:4a:c8:d5:
                    5f:1c:c1:29:df:4d:5a:d7:d0:6a:d7:99:f7:39:1c:
                    e1:be:b0:23:ab:0f:d7:d0:75:24:e1:af:d2:b9:52:
                    e3:5d:14:25:71:12:6e:13:1c:ab:09:6a:08:d9:23:
                    e2:b3:d4:e6:9c:e2:55:fa:6a:06:48:cf:f9:22:3d:
                    aa:8d:6e:e5:09:02:1d:fd:74:94:68:9b:f0:64:16:
                    3a:46:5a:5c:e1:0d:76:27:de:a8:13:a4:5b:c3:d3:
                    d2:4f:48:e6:a5:df:5b:8d:7b:27:fe:ae:df:e2:47:
                    c4:3d:79:b6:48:45:1f:fb:a1:b8:80:a3:cc:a3:55:
                    09:93:2f:b4:bf:26:87:75:8e:72:fb:36:fa:08:40:
                    3e:83:66:ac:89:30:c6:79:c0:df:da:a4:d6:d1:ed:
                    2c:c3:fd:aa:1f:8b:21:32:ef:63:08:d4:61:29:58:
                    dc:4e:28:bf:c1:fd:e2:b1:f8:66:b0:21:81:65:b7:
                    03:6b:b5:1c:13:c6:91:31:2a:8f:45:58:9a:7c:8d:
                    c7:02:ea:10:2d:07:61:32:f0:c4:77:b1:c1:99:4d:
                    c8:8d:f0:04:5d:59:15:54:bb:0f:b4:e4:9f:20:e4:
                    ae:d3:86:ad:0e:26:8f:30:88:0a:40:76:7d:d5:98:
                    18:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                78:83:20:DE:89:61:77:40:6F:C2:D1:80:3C:9D:A6:3C:D8:3C:BB:2E
            X509v3 Authority Key Identifier:
                keyid:C2:CF:29:05:77:4E:F7:C1:04:16:37:C3:5F:1A:CD:97:1C:CB:55:2A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/4e59ab85356d25d04ce88952ed51cf85fdedace6.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/87339146-20c3-42dd-9546-dcb353dbc985/9e877652a4dbbe13a788bc4c2f56616e771f8b93.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/87339146-20c3-42dd-9546-dcb353dbc985/4e59ab85356d25d04ce88952ed51cf85fdedace6.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  143.137.244.0/22
                IPv6:
                  2803:140::/32

    Signature Algorithm: sha256WithRSAEncryption
         51:74:2a:08:0a:72:6e:4b:5a:e8:99:76:08:09:ae:05:93:e9:
         f8:b9:bb:48:3f:d3:9c:12:f7:52:eb:61:d1:2a:2e:07:c4:a8:
         40:ac:a6:c0:02:87:80:52:22:a3:bd:d4:94:2c:8b:f1:6f:d9:
         68:fd:64:3e:bb:99:97:ba:02:35:36:15:82:56:b7:e4:dc:11:
         f2:4c:74:3b:45:a4:08:be:26:c7:75:4f:f3:96:16:5c:ed:3a:
         f8:87:f6:74:48:ea:c8:29:9d:d2:b0:77:e7:41:e2:d2:23:23:
         31:13:6e:c3:7a:6a:5a:a9:6a:d8:c3:99:35:93:39:90:63:73:
         bb:35:80:83:39:c2:7a:10:3d:0d:89:a6:e7:72:fa:ef:be:04:
         16:05:9b:71:a9:2b:f4:af:67:73:d5:e2:aa:06:33:eb:7c:c4:
         0d:53:00:34:fc:a2:8c:11:c7:7d:c7:35:e0:79:ab:16:d1:8c:
         35:e9:e4:97:74:a3:d3:ad:56:f6:67:b5:54:02:29:75:b6:01:
         64:32:56:f1:0a:ce:80:1d:d1:76:da:c5:98:77:03:49:d1:e9:
         3b:ea:01:05:4c:91:51:27:19:60:54:72:8b:00:50:0c:34:9e:
         c1:02:e2:17:22:76:1c:2c:05:48:b9:ec:8d:3b:33:13:45:74:
         21:48:4d:a0
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgIDDz1hMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDRl
NTlhYjg1MzU2ZDI1ZDA0Y2U4ODk1MmVkNTFjZjg1ZmRlZGFjZTYwHhcNMjMwNDI0
MTQ1ODM0WhcNMjUwNDI1MTQ1ODM0WjAzMTEwLwYDVQQDEyg5ZTg3NzY1MmE0ZGJi
ZTEzYTc4OGJjNGMyZjU2NjE2ZTc3MWY4YjkzMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAudJRasxOIjzfTjJKyNVfHMEp301a19Bq15n3ORzhvrAjqw/X
0HUk4a/SuVLjXRQlcRJuExyrCWoI2SPis9TmnOJV+moGSM/5Ij2qjW7lCQId/XSU
aJvwZBY6Rlpc4Q12J96oE6Rbw9PST0jmpd9bjXsn/q7f4kfEPXm2SEUf+6G4gKPM
o1UJky+0vyaHdY5y+zb6CEA+g2asiTDGecDf2qTW0e0sw/2qH4shMu9jCNRhKVjc
Tii/wf3isfhmsCGBZbcDa7UcE8aRMSqPRViafI3HAuoQLQdhMvDEd7HBmU3IjfAE
XVkVVLsPtOSfIOSu04atDiaPMIgKQHZ91ZgYQwIDAQABo4ICajCCAmYwHQYDVR0O
BBYEFHiDIN6JYXdAb8LRgDydpjzYPLsuMB8GA1UdIwQYMBaAFMLPKQV3TvfBBBY3
w18azZccy1UqMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvNGU1OWFi
ODUzNTZkMjVkMDRjZTg4OTUyZWQ1MWNmODVmZGVkYWNlNi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvODczMzkxNDYtMjBjMy00MmRkLTk1NDYtZGNiMzUz
ZGJjOTg1LzllODc3NjUyYTRkYmJlMTNhNzg4YmM0YzJmNTY2MTZlNzcxZjhiOTMu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy84NzMzOTE0Ni0yMGMzLTQyZGQtOTU0Ni1kY2Iz
NTNkYmM5ODUvNGU1OWFiODUzNTZkMjVkMDRjZTg4OTUyZWQ1MWNmODVmZGVkYWNl
Ni5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQf
MB0wDAQCAAEwBgMEAo+J9DANBAIAAjAHAwUAKAMBQDANBgkqhkiG9w0BAQsFAAOC
AQEAUXQqCApybkta6Jl2CAmuBZPp+Lm7SD/TnBL3Uuth0SouB8SoQKymwAKHgFIi
o73UlCyL8W/ZaP1kPruZl7oCNTYVgla35NwR8kx0O0WkCL4mx3VP85YWXO06+If2
dEjqyCmd0rB350Hi0iMjMRNuw3pqWqlq2MOZNZM5kGNzuzWAgznCehA9DYmm53L6
774EFgWbcakr9K9nc9XiqgYz63zEDVMANPyijBHHfcc14HmrFtGMNenkl3Sj061W
9me1VAIpdbYBZDJW8QrOgB3RdtrFmHcDSdHpO+oBBUyRUScZYFRyiwBQDDSewQLi
FyJ2HCwFSLnsjTszE0V0IUhNoA==
-----END CERTIFICATE-----
Generated at Thu Feb 29 02:36:49 2024 by rpki-client on console-fra.rpki-client.org