Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/8981fc56-ac47-4508-994c-af4b862173c4/3be3d1783d5a5f752fc8e44a720b1a5e748cefc4.roa
File:                     3be3d1783d5a5f752fc8e44a720b1a5e748cefc4.roa (raw, json)
Hash identifier:          RsUm6YEgf04AwvMIeyufRi0hVjaUzk1//7LPnzeW++c=
Subject key identifier:   E7:8B:7D:4E:B4:CB:06:9F:EB:21:C0:63:84:E3:82:3A:A7:FB:28:CD
Certificate issuer:       /CN=c852da8e6bb5beba55af1f3e439b76d81d468f5a
Certificate serial:       0D7E12
Authority key identifier: 88:E4:98:B0:92:7D:A4:16:88:E1:A6:EA:DE:08:F2:A5:A3:C1:B0:CF
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/c852da8e6bb5beba55af1f3e439b76d81d468f5a.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/8981fc56-ac47-4508-994c-af4b862173c4/3be3d1783d5a5f752fc8e44a720b1a5e748cefc4.roa
Signing time:             Wed 24 Mar 2021 14:30:22 +0000
ROA not before:           Wed 24 Mar 2021 14:30:22 +0000
ROA not after:            Tue 24 Mar 2026 14:30:22 +0000
asID:                     52431
IP address blocks:        181.114.224.0/21 maxlen: 24
                          2803:5500::/32 maxlen: 40

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/8981fc56-ac47-4508-994c-af4b862173c4/c852da8e6bb5beba55af1f3e439b76d81d468f5a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/8981fc56-ac47-4508-994c-af4b862173c4/c852da8e6bb5beba55af1f3e439b76d81d468f5a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/c852da8e6bb5beba55af1f3e439b76d81d468f5a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 30 Mar 2024 16:20:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 884242 (0xd7e12)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c852da8e6bb5beba55af1f3e439b76d81d468f5a
        Validity
            Not Before: Mar 24 14:30:22 2021 GMT
            Not After : Mar 24 14:30:22 2026 GMT
        Subject: CN=3be3d1783d5a5f752fc8e44a720b1a5e748cefc4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:87:b7:c9:95:d9:e8:81:01:62:87:f4:a1:d6:
                    e3:59:89:01:c1:17:17:8a:8b:fb:9d:8c:2b:bf:a7:
                    61:df:2a:c3:97:45:cb:c7:1a:8a:11:83:de:9f:8b:
                    63:89:26:e1:48:37:1c:3c:59:e1:13:d4:26:73:a7:
                    ed:0f:0f:e5:f1:8c:69:19:dd:7c:77:13:02:82:7f:
                    5d:50:d8:87:00:ff:ea:ee:6a:20:03:89:29:d3:d0:
                    77:61:74:7a:09:5d:de:3e:41:8f:71:c8:6c:4b:ba:
                    d6:27:c7:ee:37:33:59:4d:a8:2e:aa:e1:b6:05:7b:
                    1b:bf:62:dd:23:ea:ac:ab:7d:d3:4e:e6:f6:63:5e:
                    d0:fe:98:98:b8:4c:0d:47:73:af:36:60:8e:a8:fb:
                    65:54:36:0b:7d:18:7e:91:5a:5f:80:ae:de:6d:4c:
                    a0:7f:fa:8c:70:dc:99:60:4f:25:29:4d:80:df:de:
                    ba:d4:b5:dd:6a:88:09:eb:44:2f:b0:13:78:07:ae:
                    be:14:64:9e:ef:e4:38:fa:9f:41:5b:26:2b:79:be:
                    b6:4d:b8:cf:e1:84:61:53:20:4a:82:aa:24:10:0a:
                    50:07:59:d6:f2:7a:44:c9:b5:db:12:77:9d:36:43:
                    25:9e:00:4b:da:ca:e0:dd:fd:1d:23:b9:ea:9a:64:
                    58:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E7:8B:7D:4E:B4:CB:06:9F:EB:21:C0:63:84:E3:82:3A:A7:FB:28:CD
            X509v3 Authority Key Identifier:
                keyid:88:E4:98:B0:92:7D:A4:16:88:E1:A6:EA:DE:08:F2:A5:A3:C1:B0:CF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/c852da8e6bb5beba55af1f3e439b76d81d468f5a.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/8981fc56-ac47-4508-994c-af4b862173c4/3be3d1783d5a5f752fc8e44a720b1a5e748cefc4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/8981fc56-ac47-4508-994c-af4b862173c4/c852da8e6bb5beba55af1f3e439b76d81d468f5a.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  181.114.224.0/21
                IPv6:
                  2803:5500::/32

    Signature Algorithm: sha256WithRSAEncryption
         93:dd:e8:44:55:a6:ea:11:81:d4:a8:e6:97:1c:b0:ed:9d:ec:
         fe:09:cc:79:63:32:76:b9:76:2a:e2:a9:3c:8b:ea:00:df:7a:
         53:66:0b:c4:48:8d:46:6c:f7:53:69:28:0b:43:38:21:ab:2f:
         e3:b7:50:7e:ca:81:a6:5b:4b:2b:91:24:b4:8d:ba:a9:2f:92:
         61:09:38:df:77:12:f2:06:f8:79:8c:e9:e8:08:48:0b:4f:27:
         22:54:cb:98:d3:66:04:5c:55:b4:0e:43:9c:ac:8c:b7:0e:57:
         89:81:30:8e:16:b6:c2:45:27:3a:e1:d4:85:2b:a0:d1:1c:e2:
         36:24:17:22:da:d3:61:83:f5:cb:30:53:84:c8:af:c4:f3:37:
         4e:f7:34:6c:e7:a1:14:ee:47:f2:57:f2:c0:2d:d6:15:3b:ac:
         40:60:c2:bf:b3:88:20:e1:2c:cb:18:d5:22:83:27:45:bb:c8:
         b1:c5:23:23:10:95:3d:47:01:42:3c:70:6c:fb:2c:13:e9:1d:
         3a:d6:c4:be:e2:a8:68:63:90:04:f0:d7:3a:64:c0:71:47:71:
         3d:84:6e:ae:b9:65:99:93:46:a8:74:9d:2f:2f:a4:46:af:b4:
         2a:31:15:cc:ed:0b:bb:c5:ff:f5:e8:6d:fe:76:51:a7:1b:1f:
         99:ef:af:fa
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgIDDX4SMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGM4
NTJkYThlNmJiNWJlYmE1NWFmMWYzZTQzOWI3NmQ4MWQ0NjhmNWEwHhcNMjEwMzI0
MTQzMDIyWhcNMjYwMzI0MTQzMDIyWjAzMTEwLwYDVQQDEygzYmUzZDE3ODNkNWE1
Zjc1MmZjOGU0NGE3MjBiMWE1ZTc0OGNlZmM0MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAoIe3yZXZ6IEBYof0odbjWYkBwRcXiov7nYwrv6dh3yrDl0XL
xxqKEYPen4tjiSbhSDccPFnhE9Qmc6ftDw/l8YxpGd18dxMCgn9dUNiHAP/q7mog
A4kp09B3YXR6CV3ePkGPcchsS7rWJ8fuNzNZTaguquG2BXsbv2LdI+qsq33TTub2
Y17Q/piYuEwNR3OvNmCOqPtlVDYLfRh+kVpfgK7ebUygf/qMcNyZYE8lKU2A3966
1LXdaogJ60QvsBN4B66+FGSe7+Q4+p9BWyYreb62TbjP4YRhUyBKgqokEApQB1nW
8npEybXbEnedNkMlngBL2srg3f0dI7nqmmRYNQIDAQABo4ICajCCAmYwHQYDVR0O
BBYEFOeLfU60ywaf6yHAY4Tjgjqn+yjNMB8GA1UdIwQYMBaAFIjkmLCSfaQWiOGm
6t4I8qWjwbDPMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYzg1MmRh
OGU2YmI1YmViYTU1YWYxZjNlNDM5Yjc2ZDgxZDQ2OGY1YS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvODk4MWZjNTYtYWM0Ny00NTA4LTk5NGMtYWY0Yjg2
MjE3M2M0LzNiZTNkMTc4M2Q1YTVmNzUyZmM4ZTQ0YTcyMGIxYTVlNzQ4Y2VmYzQu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy84OTgxZmM1Ni1hYzQ3LTQ1MDgtOTk0Yy1hZjRi
ODYyMTczYzQvYzg1MmRhOGU2YmI1YmViYTU1YWYxZjNlNDM5Yjc2ZDgxZDQ2OGY1
YS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQf
MB0wDAQCAAEwBgMEA7Vy4DANBAIAAjAHAwUAKANVADANBgkqhkiG9w0BAQsFAAOC
AQEAk93oRFWm6hGB1Kjmlxyw7Z3s/gnMeWMydrl2KuKpPIvqAN96U2YLxEiNRmz3
U2koC0M4Iasv47dQfsqBpltLK5EktI26qS+SYQk433cS8gb4eYzp6AhIC08nIlTL
mNNmBFxVtA5DnKyMtw5XiYEwjha2wkUnOuHUhSug0RziNiQXItrTYYP1yzBThMiv
xPM3Tvc0bOehFO5H8lfywC3WFTusQGDCv7OIIOEsyxjVIoMnRbvIscUjIxCVPUcB
QjxwbPssE+kdOtbEvuKoaGOQBPDXOmTAcUdxPYRurrllmZNGqHSdLy+kRq+0KjEV
zO0Lu8X/9eht/nZRpxsfme+v+g==
-----END CERTIFICATE-----
Generated at Thu Mar 28 00:11:58 2024 by rpki-client on console-fra.rpki-client.org