Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/8eede5bb-de99-4d7b-b0fe-38407dc1780b/594abf88fdcb204a4d729dd664306ac71cf1212b.roa
File:                     594abf88fdcb204a4d729dd664306ac71cf1212b.roa (raw, json)
Hash identifier:          7hJLulIWje0Ib6Ra7RATXgNMKmHyb8futY2c90DGlwc=
Subject key identifier:   E5:8F:E1:E7:14:85:E5:4B:64:AC:CF:56:86:BB:DD:74:F2:4A:47:A5
Certificate issuer:       /CN=421456d9e45db9330f8c7a4b9aa4a99bdb9f1324
Certificate serial:       04677F
Authority key identifier: C8:58:1C:A7:E7:F0:CC:44:F2:EA:7E:27:45:53:76:48:D8:A5:DD:68
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/421456d9e45db9330f8c7a4b9aa4a99bdb9f1324.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/8eede5bb-de99-4d7b-b0fe-38407dc1780b/594abf88fdcb204a4d729dd664306ac71cf1212b.roa
Signing time:             Wed 24 Mar 2021 14:35:36 +0000
ROA not before:           Wed 24 Mar 2021 14:35:36 +0000
ROA not after:            Tue 24 Mar 2026 14:35:36 +0000
asID:                     265696
IP address blocks:        45.5.160.0/23 maxlen: 23

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/8eede5bb-de99-4d7b-b0fe-38407dc1780b/421456d9e45db9330f8c7a4b9aa4a99bdb9f1324.crl
                          rsync://repository.lacnic.net/rpki/lacnic/8eede5bb-de99-4d7b-b0fe-38407dc1780b/421456d9e45db9330f8c7a4b9aa4a99bdb9f1324.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/421456d9e45db9330f8c7a4b9aa4a99bdb9f1324.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 03:32:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 288639 (0x4677f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=421456d9e45db9330f8c7a4b9aa4a99bdb9f1324
        Validity
            Not Before: Mar 24 14:35:36 2021 GMT
            Not After : Mar 24 14:35:36 2026 GMT
        Subject: CN=594abf88fdcb204a4d729dd664306ac71cf1212b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:25:71:a5:b9:8a:7c:2a:83:62:f8:fa:b6:dd:
                    34:95:40:d0:7d:19:07:65:45:14:dd:a0:bf:e0:ef:
                    2b:4c:ed:0a:fa:0d:29:9e:de:d5:86:ba:c8:de:b1:
                    3b:2a:21:44:98:c3:1b:76:c3:53:d8:58:08:d8:8b:
                    8e:0a:df:b0:27:63:51:30:ab:09:56:2a:6e:b3:38:
                    06:d0:b4:c9:26:b4:8f:ed:ae:16:8c:ef:31:a1:17:
                    76:98:52:c8:73:5f:c2:16:cb:8e:ac:ef:44:8f:24:
                    08:bd:6a:7a:4e:62:b5:82:e8:b5:47:9c:7a:2f:78:
                    52:6d:a7:4f:c9:73:9b:9c:ce:53:ab:34:87:c5:48:
                    77:ea:ee:16:4c:f7:c6:df:bf:e0:a6:72:43:f6:cb:
                    40:48:ff:ab:8b:05:ee:c5:82:eb:07:9c:0e:56:df:
                    b5:b7:d3:ce:52:8a:6a:66:85:6f:64:4e:75:83:dc:
                    e2:0d:03:18:06:74:e7:cd:2d:c1:69:93:c9:54:c9:
                    14:33:48:51:66:4f:e6:b0:10:33:22:1d:5e:6c:2d:
                    44:4c:3a:5c:7b:5a:f6:ac:22:3c:e6:5d:23:2c:2f:
                    3e:c4:d4:c5:37:8a:54:10:09:69:7a:ab:46:21:90:
                    e6:dc:91:54:bd:57:12:0b:f7:8b:6f:af:9f:79:8a:
                    61:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E5:8F:E1:E7:14:85:E5:4B:64:AC:CF:56:86:BB:DD:74:F2:4A:47:A5
            X509v3 Authority Key Identifier:
                keyid:C8:58:1C:A7:E7:F0:CC:44:F2:EA:7E:27:45:53:76:48:D8:A5:DD:68

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/421456d9e45db9330f8c7a4b9aa4a99bdb9f1324.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/8eede5bb-de99-4d7b-b0fe-38407dc1780b/594abf88fdcb204a4d729dd664306ac71cf1212b.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/8eede5bb-de99-4d7b-b0fe-38407dc1780b/421456d9e45db9330f8c7a4b9aa4a99bdb9f1324.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.5.160.0/23

    Signature Algorithm: sha256WithRSAEncryption
         29:53:29:79:3b:f5:17:b0:f0:ab:89:39:9f:e4:45:4d:54:09:
         eb:c6:46:7a:30:76:11:8a:24:4f:15:d6:04:f3:2e:66:7d:f4:
         80:44:f4:db:03:fa:7b:48:c2:e8:2c:56:4c:2c:be:3c:e7:64:
         7c:a8:c0:a5:d4:92:52:19:3d:f4:5c:cb:e3:6e:a1:9a:20:88:
         5d:24:a1:e1:34:2d:94:e8:9f:df:c8:24:99:0b:8c:74:15:ac:
         c6:d8:c4:0e:a9:44:8c:84:1b:1d:17:21:ec:bc:54:c2:c9:d6:
         30:7e:82:63:d0:79:25:67:ea:c2:0e:7c:d5:11:83:95:5a:e2:
         1b:b8:f5:9a:f0:e7:52:a7:0e:87:c9:ac:85:2d:b2:fa:ac:59:
         e3:86:40:46:56:c9:3b:c6:e0:da:08:43:80:d2:ea:30:e0:3f:
         62:2f:5a:52:34:82:d4:cd:82:7a:98:b2:b3:46:5f:91:e9:03:
         99:34:7d:9d:13:1a:e9:f7:f1:07:d1:ab:5b:93:67:f7:05:b4:
         57:32:3b:e3:7e:1f:c9:12:68:49:9d:54:b0:16:1a:6f:d0:c0:
         8c:6d:58:2a:93:90:18:89:7e:5c:03:62:47:f4:0e:0b:d6:62:
         15:68:c5:94:d1:8e:44:08:f6:87:42:d0:29:3c:9e:1f:15:1f:
         e2:3c:28:ad
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDBGd/MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDQy
MTQ1NmQ5ZTQ1ZGI5MzMwZjhjN2E0YjlhYTRhOTliZGI5ZjEzMjQwHhcNMjEwMzI0
MTQzNTM2WhcNMjYwMzI0MTQzNTM2WjAzMTEwLwYDVQQDEyg1OTRhYmY4OGZkY2Iy
MDRhNGQ3MjlkZDY2NDMwNmFjNzFjZjEyMTJiMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAtSVxpbmKfCqDYvj6tt00lUDQfRkHZUUU3aC/4O8rTO0K+g0p
nt7VhrrI3rE7KiFEmMMbdsNT2FgI2IuOCt+wJ2NRMKsJVipuszgG0LTJJrSP7a4W
jO8xoRd2mFLIc1/CFsuOrO9EjyQIvWp6TmK1gui1R5x6L3hSbadPyXObnM5TqzSH
xUh36u4WTPfG37/gpnJD9stASP+riwXuxYLrB5wOVt+1t9POUopqZoVvZE51g9zi
DQMYBnTnzS3BaZPJVMkUM0hRZk/msBAzIh1ebC1ETDpce1r2rCI85l0jLC8+xNTF
N4pUEAlpeqtGIZDm3JFUvVcSC/eLb6+feYphZQIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFOWP4ecUheVLZKzPVoa73XTySkelMB8GA1UdIwQYMBaAFMhYHKfn8MxE8up+
J0VTdkjYpd1oMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvNDIxNDU2
ZDllNDVkYjkzMzBmOGM3YTRiOWFhNGE5OWJkYjlmMTMyNC5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvOGVlZGU1YmItZGU5OS00ZDdiLWIwZmUtMzg0MDdk
YzE3ODBiLzU5NGFiZjg4ZmRjYjIwNGE0ZDcyOWRkNjY0MzA2YWM3MWNmMTIxMmIu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy84ZWVkZTViYi1kZTk5LTRkN2ItYjBmZS0zODQw
N2RjMTc4MGIvNDIxNDU2ZDllNDVkYjkzMzBmOGM3YTRiOWFhNGE5OWJkYjlmMTMy
NC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAS0FoDANBgkqhkiG9w0BAQsFAAOCAQEAKVMpeTv1F7Dwq4k5
n+RFTVQJ68ZGejB2EYokTxXWBPMuZn30gET02wP6e0jC6CxWTCy+POdkfKjApdSS
Uhk99FzL426hmiCIXSSh4TQtlOif38gkmQuMdBWsxtjEDqlEjIQbHRch7LxUwsnW
MH6CY9B5JWfqwg581RGDlVriG7j1mvDnUqcOh8mshS2y+qxZ44ZARlbJO8bg2ghD
gNLqMOA/Yi9aUjSC1M2Cepiys0ZfkekDmTR9nRMa6ffxB9GrW5Nn9wW0VzI7434f
yRJoSZ1UsBYab9DAjG1YKpOQGIl+XANiR/QOC9ZiFWjFlNGORAj2h0LQKTyeHxUf
4jworQ==
-----END CERTIFICATE-----
Generated at Thu Mar 28 03:26:09 2024 by rpki-client on console-ams.rpki-client.org