Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/8e97950b-e264-4efc-b62d-bb9be834f07a/5c50270f0f60c05dbc43171459ebaf1c792db79c.roa
File:                     5c50270f0f60c05dbc43171459ebaf1c792db79c.roa (raw, json)
Hash identifier:          4XfoiVg9sG9h/Hl5NIFuNtpxb6gWJyXdAyRfJItkNDk=
Subject key identifier:   35:6A:45:9E:AC:CD:93:C0:E8:65:DF:10:89:E6:BE:46:FC:D4:9C:DC
Certificate issuer:       /CN=0ba89b5a5f62fc523e60435c6d5fa0dcdf68d657
Certificate serial:       0DAB98
Authority key identifier: F9:25:D3:A4:9E:FD:63:03:A1:A0:A6:F9:E5:53:CA:10:FE:8C:1A:FD
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/0ba89b5a5f62fc523e60435c6d5fa0dcdf68d657.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/8e97950b-e264-4efc-b62d-bb9be834f07a/5c50270f0f60c05dbc43171459ebaf1c792db79c.roa
Signing time:             Wed 24 Mar 2021 14:29:11 +0000
ROA not before:           Wed 24 Mar 2021 14:29:11 +0000
ROA not after:            Tue 24 Mar 2026 14:29:11 +0000
asID:                     22080
IP address blocks:        186.148.64.0/20 maxlen: 24
                          200.112.128.0/19 maxlen: 24
                          200.112.160.0/19 maxlen: 24
                          200.124.96.0/20 maxlen: 24
                          168.121.212.0/22 maxlen: 24
                          2800:a40::/32 maxlen: 64
                          2803:7540::/32 maxlen: 64

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/8e97950b-e264-4efc-b62d-bb9be834f07a/0ba89b5a5f62fc523e60435c6d5fa0dcdf68d657.crl
                          rsync://repository.lacnic.net/rpki/lacnic/8e97950b-e264-4efc-b62d-bb9be834f07a/0ba89b5a5f62fc523e60435c6d5fa0dcdf68d657.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/0ba89b5a5f62fc523e60435c6d5fa0dcdf68d657.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 24 Feb 2024 17:37:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 895896 (0xdab98)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ba89b5a5f62fc523e60435c6d5fa0dcdf68d657
        Validity
            Not Before: Mar 24 14:29:11 2021 GMT
            Not After : Mar 24 14:29:11 2026 GMT
        Subject: CN=5c50270f0f60c05dbc43171459ebaf1c792db79c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:01:35:14:25:92:13:19:df:69:41:72:c3:b5:
                    7d:55:69:f5:ce:06:ad:09:7c:42:b5:69:50:70:da:
                    84:a8:9d:e6:e7:1a:96:ff:83:a8:ad:97:7e:b9:80:
                    cd:4c:a7:36:bb:5d:fc:05:a3:39:b8:01:48:a0:01:
                    54:e1:b4:4d:4c:59:25:56:d8:a5:7b:3c:e2:8c:d7:
                    b2:66:dd:42:51:e9:cb:a3:bf:6a:fb:3a:30:e0:06:
                    c3:12:f8:fa:f8:b2:9f:c1:e5:b2:f4:2c:d7:f2:e8:
                    dd:34:9a:2d:f8:32:2e:11:5e:71:ed:c3:7c:71:72:
                    34:7b:56:2b:4a:5d:80:40:90:b1:5a:84:71:94:0d:
                    94:66:91:db:ce:b3:54:70:cf:22:03:49:4d:d8:db:
                    6d:5d:26:0d:01:c8:20:ea:2e:9c:33:69:bf:65:7f:
                    67:31:25:c2:a9:43:62:20:e5:a0:ea:64:1a:86:95:
                    89:cb:06:d9:b1:cb:cb:f0:d1:a4:e3:b2:19:88:c7:
                    23:5b:fc:8c:c5:4b:a9:d8:fe:a9:05:00:ef:21:47:
                    88:f8:84:18:c8:3d:7f:6a:ee:d8:e7:33:dd:60:e8:
                    b7:a7:d4:4e:ed:3e:24:e5:6a:0f:28:ba:10:55:2d:
                    d7:ef:c3:67:1d:47:8e:18:92:1a:5e:ef:95:1a:a4:
                    76:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                35:6A:45:9E:AC:CD:93:C0:E8:65:DF:10:89:E6:BE:46:FC:D4:9C:DC
            X509v3 Authority Key Identifier:
                keyid:F9:25:D3:A4:9E:FD:63:03:A1:A0:A6:F9:E5:53:CA:10:FE:8C:1A:FD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/0ba89b5a5f62fc523e60435c6d5fa0dcdf68d657.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/8e97950b-e264-4efc-b62d-bb9be834f07a/5c50270f0f60c05dbc43171459ebaf1c792db79c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/8e97950b-e264-4efc-b62d-bb9be834f07a/0ba89b5a5f62fc523e60435c6d5fa0dcdf68d657.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  168.121.212.0/22
                  186.148.64.0/20
                  200.112.128.0/18
                  200.124.96.0/20
                IPv6:
                  2800:a40::/32
                  2803:7540::/32

    Signature Algorithm: sha256WithRSAEncryption
         2d:c0:22:88:57:97:54:d3:ce:dc:af:d9:b9:4e:1b:fa:59:09:
         0f:ce:ba:58:77:54:f6:4a:21:6c:8f:f7:96:c8:64:6a:78:9c:
         47:b4:82:16:3c:70:72:9b:09:e8:d3:91:dd:c0:1a:a2:36:98:
         1a:92:fa:f4:69:f8:ee:c4:a3:79:df:22:96:ae:ad:45:bb:a7:
         2e:92:c5:38:b9:ed:66:82:2a:e7:59:6e:56:f0:3d:ed:32:f4:
         46:4c:e7:41:8c:e8:25:fd:a7:00:a9:08:45:d2:0f:35:e3:26:
         ba:94:4a:f3:df:d3:92:c0:08:c5:0d:73:a1:55:67:9e:18:fd:
         66:6e:b8:c2:ce:8b:ad:d1:d6:83:51:44:3a:10:af:05:96:11:
         39:09:de:c7:07:32:be:b2:59:4e:d6:1a:5b:c0:1f:50:16:28:
         20:5f:bd:3e:eb:4c:e3:00:f9:86:e3:bc:85:4f:dc:c0:2d:8e:
         84:1f:f7:01:d2:8d:44:40:02:1f:79:47:3c:40:02:6d:4e:de:
         28:77:e1:65:7a:26:b7:8f:b8:5e:23:76:0d:e8:16:44:c9:0b:
         d5:8e:2d:d0:7b:e9:d0:d5:11:d9:83:1f:48:3f:e9:73:b2:6f:
         4d:d5:e8:16:ce:38:7b:5b:3f:e2:62:5c:a4:76:64:ec:e1:33:
         81:3a:99:81
-----BEGIN CERTIFICATE-----
MIIFaDCCBFCgAwIBAgIDDauYMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDBi
YTg5YjVhNWY2MmZjNTIzZTYwNDM1YzZkNWZhMGRjZGY2OGQ2NTcwHhcNMjEwMzI0
MTQyOTExWhcNMjYwMzI0MTQyOTExWjAzMTEwLwYDVQQDEyg1YzUwMjcwZjBmNjBj
MDVkYmM0MzE3MTQ1OWViYWYxYzc5MmRiNzljMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEApwE1FCWSExnfaUFyw7V9VWn1zgatCXxCtWlQcNqEqJ3m5xqW
/4OorZd+uYDNTKc2u138BaM5uAFIoAFU4bRNTFklVtilezzijNeyZt1CUenLo79q
+zow4AbDEvj6+LKfweWy9CzX8ujdNJot+DIuEV5x7cN8cXI0e1YrSl2AQJCxWoRx
lA2UZpHbzrNUcM8iA0lN2NttXSYNAcgg6i6cM2m/ZX9nMSXCqUNiIOWg6mQahpWJ
ywbZscvL8NGk47IZiMcjW/yMxUup2P6pBQDvIUeI+IQYyD1/au7Y5zPdYOi3p9RO
7T4k5WoPKLoQVS3X78NnHUeOGJIaXu+VGqR2XwIDAQABo4ICgzCCAn8wHQYDVR0O
BBYEFDVqRZ6szZPA6GXfEInmvkb81JzcMB8GA1UdIwQYMBaAFPkl06Se/WMDoaCm
+eVTyhD+jBr9MA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvMGJhODli
NWE1ZjYyZmM1MjNlNjA0MzVjNmQ1ZmEwZGNkZjY4ZDY1Ny5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvOGU5Nzk1MGItZTI2NC00ZWZjLWI2MmQtYmI5YmU4
MzRmMDdhLzVjNTAyNzBmMGY2MGMwNWRiYzQzMTcxNDU5ZWJhZjFjNzkyZGI3OWMu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy84ZTk3OTUwYi1lMjY0LTRlZmMtYjYyZC1iYjli
ZTgzNGYwN2EvMGJhODliNWE1ZjYyZmM1MjNlNjA0MzVjNmQ1ZmEwZGNkZjY4ZDY1
Ny5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBHBggrBgEFBQcBBwEB/wQ4
MDYwHgQCAAEwGAMEAqh51AMEBLqUQAMEBshwgAMEBMh8YDAUBAIAAjAOAwUAKAAK
QAMFACgDdUAwDQYJKoZIhvcNAQELBQADggEBAC3AIohXl1TTztyv2blOG/pZCQ/O
ulh3VPZKIWyP95bIZGp4nEe0ghY8cHKbCejTkd3AGqI2mBqS+vRp+O7Eo3nfIpau
rUW7py6SxTi57WaCKudZblbwPe0y9EZM50GM6CX9pwCpCEXSDzXjJrqUSvPf05LA
CMUNc6FVZ54Y/WZuuMLOi63R1oNRRDoQrwWWETkJ3scHMr6yWU7WGlvAH1AWKCBf
vT7rTOMA+YbjvIVP3MAtjoQf9wHSjURAAh95RzxAAm1O3ih34WV6JrePuF4jdg3o
FkTJC9WOLdB76dDVEdmDH0g/6XOyb03V6BbOOHtbP+JiXKR2ZOzhM4E6mYE=
-----END CERTIFICATE-----
Generated at Wed Feb 21 21:43:05 2024 by rpki-client on console-fra.rpki-client.org