Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/8d2c5922-a702-4472-b427-25731d531f00/bbe1cbdb3c6c76c55658b9d526870311018c68ac.roa
File:                     bbe1cbdb3c6c76c55658b9d526870311018c68ac.roa (raw, json)
Hash identifier:          jM1cPA2StwrUDUtWV8YXwUurz5nBY9um/d8sb2xXYX4=
Subject key identifier:   EC:7B:91:39:6E:84:DE:A9:F3:F8:BB:3C:C0:DE:1E:F1:4A:BF:C7:60
Certificate issuer:       /CN=72abba6b7cd25cc52bbab3345005452793c3070a
Certificate serial:       122C20
Authority key identifier: DF:A6:D1:42:79:C2:7D:AB:84:68:F0:56:15:83:0F:3A:0C:FB:A5:A3
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/72abba6b7cd25cc52bbab3345005452793c3070a.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/8d2c5922-a702-4472-b427-25731d531f00/bbe1cbdb3c6c76c55658b9d526870311018c68ac.roa
Signing time:             Wed 19 Jul 2023 08:30:00 +0000
ROA not before:           Tue 18 Jul 2023 08:30:00 +0000
ROA not after:            Thu 17 Jul 2025 08:30:00 +0000
asID:                     271938
IP address blocks:        45.5.216.0/22 maxlen: 22
                          2803:8610::/32 maxlen: 32

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/8d2c5922-a702-4472-b427-25731d531f00/72abba6b7cd25cc52bbab3345005452793c3070a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/8d2c5922-a702-4472-b427-25731d531f00/72abba6b7cd25cc52bbab3345005452793c3070a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/72abba6b7cd25cc52bbab3345005452793c3070a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Tue 27 Feb 2024 02:19:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1190944 (0x122c20)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72abba6b7cd25cc52bbab3345005452793c3070a
        Validity
            Not Before: Jul 18 08:30:00 2023 GMT
            Not After : Jul 17 08:30:00 2025 GMT
        Subject: CN=bbe1cbdb3c6c76c55658b9d526870311018c68ac
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:54:42:a2:e1:06:36:cc:ec:5e:6b:b1:41:04:
                    d7:b3:07:c0:96:89:08:8a:0f:aa:32:51:01:f8:10:
                    a6:88:a6:c0:e5:67:68:0d:c5:d4:a3:51:05:56:a0:
                    9c:82:0b:4f:19:19:bf:ca:a2:bc:fa:99:c8:61:65:
                    28:dc:af:8e:4c:35:4a:0d:4c:77:fc:61:b1:8b:2e:
                    a8:8b:15:d1:64:dd:bf:8e:86:13:98:88:0e:6a:de:
                    7f:f5:03:d8:31:a7:3a:74:98:f9:9e:ee:e1:5f:eb:
                    38:e2:9c:09:34:3f:1e:90:73:6f:75:70:02:45:65:
                    d7:1c:d1:8f:80:b3:51:c6:72:11:0c:a6:f7:f8:4d:
                    44:89:09:df:ca:21:0c:a0:10:bb:95:23:7f:22:c4:
                    5c:59:2e:42:d4:6b:58:87:55:d3:02:13:0e:9f:13:
                    91:7c:95:4d:78:3c:e6:d3:dc:fc:df:cb:1c:44:a2:
                    2b:14:e0:57:df:11:8a:13:35:2b:17:4a:c0:84:49:
                    7e:78:05:57:44:1b:bd:76:88:de:46:93:43:18:b8:
                    6b:84:b5:08:1d:27:52:dc:0c:52:23:d4:45:04:90:
                    4a:0e:95:af:4e:8f:eb:e7:5b:3b:ef:eb:5c:af:6e:
                    8f:90:3f:d9:27:ec:93:2f:ef:a4:31:fa:75:4b:f5:
                    bf:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EC:7B:91:39:6E:84:DE:A9:F3:F8:BB:3C:C0:DE:1E:F1:4A:BF:C7:60
            X509v3 Authority Key Identifier:
                keyid:DF:A6:D1:42:79:C2:7D:AB:84:68:F0:56:15:83:0F:3A:0C:FB:A5:A3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/72abba6b7cd25cc52bbab3345005452793c3070a.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/8d2c5922-a702-4472-b427-25731d531f00/bbe1cbdb3c6c76c55658b9d526870311018c68ac.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/8d2c5922-a702-4472-b427-25731d531f00/72abba6b7cd25cc52bbab3345005452793c3070a.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.5.216.0/22
                IPv6:
                  2803:8610::/32

    Signature Algorithm: sha256WithRSAEncryption
         03:a5:6c:80:0b:2e:f1:8b:99:5a:c0:39:06:e9:76:b5:e4:c7:
         70:20:f8:4b:0a:60:9d:34:d2:53:e5:06:bf:40:58:c1:5a:47:
         db:fe:14:64:05:33:e7:d0:9a:81:60:d5:1d:b5:90:98:d5:ae:
         eb:33:0c:86:7a:f2:e8:21:e2:13:17:36:b6:f6:55:3f:20:78:
         a7:a2:d1:1d:d7:b5:39:be:55:e9:3e:42:11:4f:7b:ac:88:7f:
         8b:5d:80:aa:63:b2:81:63:c8:16:8e:ef:b7:d3:f8:fd:78:8b:
         52:a4:98:7c:83:79:f0:62:7e:9b:ac:85:67:94:ec:29:59:f5:
         75:ca:5e:41:69:b4:02:ae:71:12:15:11:93:f5:20:1b:a8:bd:
         f0:83:59:3e:8f:07:63:ab:d8:6f:1a:49:0d:d4:50:62:5d:47:
         53:a2:93:bc:d0:45:94:dd:13:14:82:e0:28:c1:7e:78:8e:5d:
         65:cd:0c:fc:04:56:42:bf:83:51:99:09:d1:11:e3:04:a8:cd:
         28:ab:c9:15:f2:e2:f5:e9:de:97:6c:1b:06:97:ee:80:69:3f:
         db:76:44:9a:01:94:e7:a0:47:4c:5d:f9:c6:1c:5c:98:ec:7a:
         c6:2a:40:dd:16:80:99:f4:88:c2:6d:69:14:c0:b6:89:4b:65:
         09:8e:0b:1d
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgIDEiwgMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDcy
YWJiYTZiN2NkMjVjYzUyYmJhYjMzNDUwMDU0NTI3OTNjMzA3MGEwHhcNMjMwNzE4
MDgzMDAwWhcNMjUwNzE3MDgzMDAwWjAzMTEwLwYDVQQDEyhiYmUxY2JkYjNjNmM3
NmM1NTY1OGI5ZDUyNjg3MDMxMTAxOGM2OGFjMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAuFRCouEGNszsXmuxQQTXswfAlokIig+qMlEB+BCmiKbA5Wdo
DcXUo1EFVqCcggtPGRm/yqK8+pnIYWUo3K+OTDVKDUx3/GGxiy6oixXRZN2/joYT
mIgOat5/9QPYMac6dJj5nu7hX+s44pwJND8ekHNvdXACRWXXHNGPgLNRxnIRDKb3
+E1EiQnfyiEMoBC7lSN/IsRcWS5C1GtYh1XTAhMOnxORfJVNeDzm09z838scRKIr
FOBX3xGKEzUrF0rAhEl+eAVXRBu9dojeRpNDGLhrhLUIHSdS3AxSI9RFBJBKDpWv
To/r51s77+tcr26PkD/ZJ+yTL++kMfp1S/W/UwIDAQABo4ICajCCAmYwHQYDVR0O
BBYEFOx7kTluhN6p8/i7PMDeHvFKv8dgMB8GA1UdIwQYMBaAFN+m0UJ5wn2rhGjw
VhWDDzoM+6WjMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvNzJhYmJh
NmI3Y2QyNWNjNTJiYmFiMzM0NTAwNTQ1Mjc5M2MzMDcwYS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvOGQyYzU5MjItYTcwMi00NDcyLWI0MjctMjU3MzFk
NTMxZjAwL2JiZTFjYmRiM2M2Yzc2YzU1NjU4YjlkNTI2ODcwMzExMDE4YzY4YWMu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy84ZDJjNTkyMi1hNzAyLTQ0NzItYjQyNy0yNTcz
MWQ1MzFmMDAvNzJhYmJhNmI3Y2QyNWNjNTJiYmFiMzM0NTAwNTQ1Mjc5M2MzMDcw
YS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQf
MB0wDAQCAAEwBgMEAi0F2DANBAIAAjAHAwUAKAOGEDANBgkqhkiG9w0BAQsFAAOC
AQEAA6VsgAsu8YuZWsA5Bul2teTHcCD4SwpgnTTSU+UGv0BYwVpH2/4UZAUz59Ca
gWDVHbWQmNWu6zMMhnry6CHiExc2tvZVPyB4p6LRHde1Ob5V6T5CEU97rIh/i12A
qmOygWPIFo7vt9P4/XiLUqSYfIN58GJ+m6yFZ5TsKVn1dcpeQWm0Aq5xEhURk/Ug
G6i98INZPo8HY6vYbxpJDdRQYl1HU6KTvNBFlN0TFILgKMF+eI5dZc0M/ARWQr+D
UZkJ0RHjBKjNKKvJFfLi9enel2wbBpfugGk/23ZEmgGU56BHTF35xhxcmOx6xipA
3RaAmfSIwm1pFMC2iUtlCY4LHQ==
-----END CERTIFICATE-----
Generated at Sat Feb 24 10:17:43 2024 by rpki-client on console-ams.rpki-client.org