Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/929203c6-cbb1-4894-b2a8-bed5449864ea/2145ad0522e36b83948a99e53c86571a3b71265b.roa
File:                     2145ad0522e36b83948a99e53c86571a3b71265b.roa (raw, json)
Hash identifier:          cM0WBQwKqcYBtEKq1M37p81nCl/h+H0WGWc+UbDmwzs=
Subject key identifier:   25:6E:85:EF:EC:73:2A:CF:68:E0:59:AA:C6:52:22:8B:0A:B3:D0:F2
Certificate issuer:       /CN=04e65d9cfa04d747b88ea28fd9ad978e7c768fab
Certificate serial:       0CFBD8
Authority key identifier: 03:D5:69:B8:56:66:AB:3E:A1:BF:73:C7:D1:3F:4D:59:75:88:15:60
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/04e65d9cfa04d747b88ea28fd9ad978e7c768fab.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/929203c6-cbb1-4894-b2a8-bed5449864ea/2145ad0522e36b83948a99e53c86571a3b71265b.roa
Signing time:             Wed 24 Mar 2021 14:45:27 +0000
ROA not before:           Wed 24 Mar 2021 14:45:27 +0000
ROA not after:            Tue 24 Mar 2026 14:45:27 +0000
asID:                     61497
IP address blocks:        138.99.136.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/929203c6-cbb1-4894-b2a8-bed5449864ea/04e65d9cfa04d747b88ea28fd9ad978e7c768fab.crl
                          rsync://repository.lacnic.net/rpki/lacnic/929203c6-cbb1-4894-b2a8-bed5449864ea/04e65d9cfa04d747b88ea28fd9ad978e7c768fab.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/04e65d9cfa04d747b88ea28fd9ad978e7c768fab.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 19:38:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 850904 (0xcfbd8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=04e65d9cfa04d747b88ea28fd9ad978e7c768fab
        Validity
            Not Before: Mar 24 14:45:27 2021 GMT
            Not After : Mar 24 14:45:27 2026 GMT
        Subject: CN=2145ad0522e36b83948a99e53c86571a3b71265b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:6d:8a:01:58:1d:25:86:3d:61:b0:a4:90:a4:
                    b5:fd:4a:c7:da:0f:d5:ec:2f:c7:21:44:9b:5d:5e:
                    9a:d4:64:04:e7:c1:17:14:10:a4:ff:85:f6:a8:4e:
                    3a:ed:e8:11:35:f1:00:ee:5d:89:98:75:d1:29:f8:
                    f2:1a:a0:21:5e:f7:c6:ba:06:60:38:40:bc:06:20:
                    ff:47:e7:2e:0b:40:61:44:15:a8:ac:ac:4e:10:e0:
                    d5:aa:59:a7:3a:98:19:53:82:ca:01:a4:03:6f:4a:
                    24:48:1b:f0:68:41:61:86:a6:73:cf:46:19:58:b2:
                    ee:72:80:a4:3d:2e:bf:49:4a:36:58:3f:3a:3d:bf:
                    d9:66:71:a0:30:f0:53:f3:9c:a7:04:17:89:cd:f9:
                    59:7e:96:ea:31:9a:29:88:6d:6e:12:10:a4:bf:6b:
                    61:f5:3f:a3:a8:09:0e:cd:c6:1c:31:31:5e:da:87:
                    ea:95:c6:43:d1:be:3b:b7:59:1f:09:c6:b6:f8:1d:
                    a2:ab:af:ea:05:a0:c7:4a:19:87:61:d3:cb:2c:f0:
                    90:7a:58:aa:25:2f:8f:12:d0:55:32:bf:29:a9:2f:
                    89:dd:58:57:3e:38:98:a1:c4:5c:a0:33:3f:0d:6b:
                    9c:c6:1e:61:35:c3:ec:81:91:44:06:5d:ba:de:ad:
                    d2:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                25:6E:85:EF:EC:73:2A:CF:68:E0:59:AA:C6:52:22:8B:0A:B3:D0:F2
            X509v3 Authority Key Identifier:
                keyid:03:D5:69:B8:56:66:AB:3E:A1:BF:73:C7:D1:3F:4D:59:75:88:15:60

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/04e65d9cfa04d747b88ea28fd9ad978e7c768fab.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/929203c6-cbb1-4894-b2a8-bed5449864ea/2145ad0522e36b83948a99e53c86571a3b71265b.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/929203c6-cbb1-4894-b2a8-bed5449864ea/04e65d9cfa04d747b88ea28fd9ad978e7c768fab.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  138.99.136.0/24

    Signature Algorithm: sha256WithRSAEncryption
         86:35:93:76:a4:2e:dd:fc:37:13:87:39:ee:46:c5:fa:03:3e:
         fd:38:6b:c7:34:47:a8:d5:cb:54:0e:a6:7c:4b:52:d5:2c:58:
         47:5b:52:5c:9d:a3:b4:1a:fd:c5:56:68:59:99:d4:10:6c:85:
         30:5e:60:95:36:cb:b1:2f:b2:cc:e4:79:00:5e:89:59:10:27:
         10:b6:fc:56:93:cd:3c:94:df:b5:f7:74:f2:10:31:01:c4:a7:
         7a:4f:f5:73:eb:8f:71:c5:74:a8:e2:fe:1d:24:55:15:99:05:
         21:9c:74:44:3f:e9:59:78:c9:25:77:f9:8e:05:52:3e:4f:af:
         f2:35:58:09:4b:71:fc:40:c4:e3:33:d6:06:0f:54:40:3c:2c:
         2f:ef:61:91:bb:60:fc:0a:eb:29:55:87:ae:c7:2c:da:14:cf:
         2c:ff:f8:75:1d:8f:9c:27:42:2a:2c:fc:0a:df:07:73:37:4f:
         4e:a9:9e:d4:e5:10:d6:f2:de:b6:20:21:2a:49:9f:6b:06:09:
         93:00:af:5c:8e:f4:63:ef:b6:6c:11:7f:99:c9:9e:7e:98:a2:
         9b:0e:24:c2:a1:3f:59:cd:26:65:98:82:33:b4:a2:73:4a:f2:
         55:6a:1d:22:f9:65:74:1e:a4:90:72:80:ea:ff:87:37:43:35:
         15:d9:50:e0
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDDPvYMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDA0
ZTY1ZDljZmEwNGQ3NDdiODhlYTI4ZmQ5YWQ5NzhlN2M3NjhmYWIwHhcNMjEwMzI0
MTQ0NTI3WhcNMjYwMzI0MTQ0NTI3WjAzMTEwLwYDVQQDEygyMTQ1YWQwNTIyZTM2
YjgzOTQ4YTk5ZTUzYzg2NTcxYTNiNzEyNjViMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAhW2KAVgdJYY9YbCkkKS1/UrH2g/V7C/HIUSbXV6a1GQE58EX
FBCk/4X2qE467egRNfEA7l2JmHXRKfjyGqAhXvfGugZgOEC8BiD/R+cuC0BhRBWo
rKxOEODVqlmnOpgZU4LKAaQDb0okSBvwaEFhhqZzz0YZWLLucoCkPS6/SUo2WD86
Pb/ZZnGgMPBT85ynBBeJzflZfpbqMZopiG1uEhCkv2th9T+jqAkOzcYcMTFe2ofq
lcZD0b47t1kfCca2+B2iq6/qBaDHShmHYdPLLPCQeliqJS+PEtBVMr8pqS+J3VhX
PjiYocRcoDM/DWucxh5hNcPsgZFEBl263q3SPwIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFCVuhe/scyrPaOBZqsZSIosKs9DyMB8GA1UdIwQYMBaAFAPVabhWZqs+ob9z
x9E/TVl1iBVgMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvMDRlNjVk
OWNmYTA0ZDc0N2I4OGVhMjhmZDlhZDk3OGU3Yzc2OGZhYi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvOTI5MjAzYzYtY2JiMS00ODk0LWIyYTgtYmVkNTQ0
OTg2NGVhLzIxNDVhZDA1MjJlMzZiODM5NDhhOTllNTNjODY1NzFhM2I3MTI2NWIu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy85MjkyMDNjNi1jYmIxLTQ4OTQtYjJhOC1iZWQ1
NDQ5ODY0ZWEvMDRlNjVkOWNmYTA0ZDc0N2I4OGVhMjhmZDlhZDk3OGU3Yzc2OGZh
Yi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAIpjiDANBgkqhkiG9w0BAQsFAAOCAQEAhjWTdqQu3fw3E4c5
7kbF+gM+/ThrxzRHqNXLVA6mfEtS1SxYR1tSXJ2jtBr9xVZoWZnUEGyFMF5glTbL
sS+yzOR5AF6JWRAnELb8VpPNPJTftfd08hAxAcSnek/1c+uPccV0qOL+HSRVFZkF
IZx0RD/pWXjJJXf5jgVSPk+v8jVYCUtx/EDE4zPWBg9UQDwsL+9hkbtg/ArrKVWH
rscs2hTPLP/4dR2PnCdCKiz8Ct8HczdPTqme1OUQ1vLetiAhKkmfawYJkwCvXI70
Y++2bBF/mcmefpiimw4kwqE/Wc0mZZiCM7Sic0ryVWodIvlldB6kkHKA6v+HN0M1
FdlQ4A==
-----END CERTIFICATE-----
Generated at Thu Mar 28 23:49:02 2024 by rpki-client on console-ams.rpki-client.org