Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/933a465a-5d49-4792-b665-4eeb2673e469/4f9ed13a270079838b381f02d79897b92a134e9e.roa
File:                     4f9ed13a270079838b381f02d79897b92a134e9e.roa (raw, json)
Hash identifier:          B1mjCz84ADR7sLaoGsh0utgeMsk+fybVt9kItRJYTuY=
Subject key identifier:   06:EB:DF:35:A0:06:20:C8:8C:60:9F:0A:EF:BE:97:27:C7:54:C9:7E
Certificate issuer:       /CN=c65ba17b7cb91333bcc22fe64fc9d8216227dd67
Certificate serial:       F47E
Authority key identifier: 28:C5:68:54:18:47:79:D9:C8:D1:28:4E:9D:02:ED:80:91:69:4B:3D
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/c65ba17b7cb91333bcc22fe64fc9d8216227dd67.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/933a465a-5d49-4792-b665-4eeb2673e469/4f9ed13a270079838b381f02d79897b92a134e9e.roa
Signing time:             Wed 24 Mar 2021 14:30:32 +0000
ROA not before:           Wed 24 Mar 2021 14:30:32 +0000
ROA not after:            Tue 24 Mar 2026 14:30:32 +0000
asID:                     52503
IP address blocks:        179.61.8.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/933a465a-5d49-4792-b665-4eeb2673e469/c65ba17b7cb91333bcc22fe64fc9d8216227dd67.crl
                          rsync://repository.lacnic.net/rpki/lacnic/933a465a-5d49-4792-b665-4eeb2673e469/c65ba17b7cb91333bcc22fe64fc9d8216227dd67.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/c65ba17b7cb91333bcc22fe64fc9d8216227dd67.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 24 Feb 2024 17:37:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 62590 (0xf47e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c65ba17b7cb91333bcc22fe64fc9d8216227dd67
        Validity
            Not Before: Mar 24 14:30:32 2021 GMT
            Not After : Mar 24 14:30:32 2026 GMT
        Subject: CN=4f9ed13a270079838b381f02d79897b92a134e9e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:ed:33:e9:1a:bd:fd:df:97:02:0b:9f:eb:46:
                    95:3d:68:ec:af:89:34:1c:27:eb:10:a2:f7:dc:cd:
                    82:32:20:57:66:0f:21:bc:6c:c2:d5:fb:ca:8c:81:
                    ed:c0:77:1e:42:95:4b:ef:2e:c7:77:5f:b4:35:bb:
                    b1:be:49:c8:83:50:a9:db:f6:c4:9b:4f:98:11:91:
                    e1:cd:ca:e0:d3:ff:13:b7:8e:64:a1:ea:85:d1:79:
                    9e:27:4d:f2:8f:26:42:ff:7d:71:a7:a4:51:b4:0b:
                    f7:ab:0a:9e:50:ae:6f:2f:00:bd:9a:7f:f6:d4:8f:
                    e0:25:f7:6f:a6:b5:fd:b6:7a:19:c9:2d:5b:a7:a5:
                    d7:0d:61:c4:cb:00:24:75:6f:06:67:d3:89:39:f1:
                    a5:48:b1:0a:4f:02:51:eb:1d:8c:dd:00:a6:38:21:
                    3a:3f:cb:07:3b:30:76:10:db:cd:66:42:8d:cf:0e:
                    49:4a:e2:4d:99:92:02:eb:37:49:ad:3b:f7:dc:7c:
                    a1:dc:23:a5:6b:91:69:68:d9:ca:fe:8d:97:cf:12:
                    1e:74:1a:da:9f:88:ba:f2:d5:fc:0b:3d:4a:88:4b:
                    2e:51:be:c1:e8:ed:08:48:cd:e6:bb:b2:50:68:de:
                    13:f7:f6:e0:91:0e:01:91:61:c5:3a:35:11:e2:32:
                    7f:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                06:EB:DF:35:A0:06:20:C8:8C:60:9F:0A:EF:BE:97:27:C7:54:C9:7E
            X509v3 Authority Key Identifier:
                keyid:28:C5:68:54:18:47:79:D9:C8:D1:28:4E:9D:02:ED:80:91:69:4B:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/c65ba17b7cb91333bcc22fe64fc9d8216227dd67.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/933a465a-5d49-4792-b665-4eeb2673e469/4f9ed13a270079838b381f02d79897b92a134e9e.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/933a465a-5d49-4792-b665-4eeb2673e469/c65ba17b7cb91333bcc22fe64fc9d8216227dd67.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  179.61.8.0/22

    Signature Algorithm: sha256WithRSAEncryption
         92:6c:c0:87:1a:fc:1e:14:64:5f:07:13:54:2f:fd:ce:c9:0b:
         ca:0d:d0:5b:b1:29:e8:0a:42:2f:33:48:90:fd:58:3e:d2:0a:
         1d:8d:ae:0a:2d:fa:71:ad:81:53:90:e3:52:a9:f9:f6:d4:04:
         b8:45:9e:fd:28:6f:f4:84:bd:2d:73:23:60:66:82:5a:fd:cb:
         61:ef:e2:2b:91:6d:ac:9b:47:59:cc:93:fc:60:d9:f7:ef:0f:
         b2:ad:31:e0:bc:bf:a6:68:c3:b9:de:f8:a1:7c:d6:f4:24:02:
         14:7d:8c:92:0d:40:8a:11:fd:98:80:89:dd:78:b4:e1:00:69:
         eb:6e:65:e8:19:97:7b:37:43:07:26:88:c5:e8:54:6f:5b:64:
         5f:52:97:e0:38:ff:90:d8:b4:29:9f:b1:d0:41:2b:2b:bd:59:
         08:e1:f9:48:8e:3f:bd:58:dc:95:7b:e5:48:6e:b3:0c:8e:9b:
         98:82:39:eb:e9:bd:98:a4:c1:84:d5:2f:1a:39:12:97:1f:de:
         03:5f:3e:b6:7d:9c:34:46:e6:5f:17:0b:09:7b:33:0a:bf:bf:
         bc:6c:f8:24:47:ab:80:13:39:82:f5:cc:1f:bc:c4:ff:21:a3:
         26:8a:a3:53:b0:11:ba:4b:ee:87:1e:2d:f8:7f:8a:22:f8:a3:
         3b:d3:1f:99
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDAPR+MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGM2
NWJhMTdiN2NiOTEzMzNiY2MyMmZlNjRmYzlkODIxNjIyN2RkNjcwHhcNMjEwMzI0
MTQzMDMyWhcNMjYwMzI0MTQzMDMyWjAzMTEwLwYDVQQDEyg0ZjllZDEzYTI3MDA3
OTgzOGIzODFmMDJkNzk4OTdiOTJhMTM0ZTllMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAq+0z6Rq9/d+XAguf60aVPWjsr4k0HCfrEKL33M2CMiBXZg8h
vGzC1fvKjIHtwHceQpVL7y7Hd1+0NbuxvknIg1Cp2/bEm0+YEZHhzcrg0/8Tt45k
oeqF0XmeJ03yjyZC/31xp6RRtAv3qwqeUK5vLwC9mn/21I/gJfdvprX9tnoZyS1b
p6XXDWHEywAkdW8GZ9OJOfGlSLEKTwJR6x2M3QCmOCE6P8sHOzB2ENvNZkKNzw5J
SuJNmZIC6zdJrTv33Hyh3COla5FpaNnK/o2XzxIedBran4i68tX8Cz1KiEsuUb7B
6O0ISM3mu7JQaN4T9/bgkQ4BkWHFOjUR4jJ/LwIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFAbr3zWgBiDIjGCfCu++lyfHVMl+MB8GA1UdIwQYMBaAFCjFaFQYR3nZyNEo
Tp0C7YCRaUs9MA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYzY1YmEx
N2I3Y2I5MTMzM2JjYzIyZmU2NGZjOWQ4MjE2MjI3ZGQ2Ny5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvOTMzYTQ2NWEtNWQ0OS00NzkyLWI2NjUtNGVlYjI2
NzNlNDY5LzRmOWVkMTNhMjcwMDc5ODM4YjM4MWYwMmQ3OTg5N2I5MmExMzRlOWUu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy85MzNhNDY1YS01ZDQ5LTQ3OTItYjY2NS00ZWVi
MjY3M2U0NjkvYzY1YmExN2I3Y2I5MTMzM2JjYzIyZmU2NGZjOWQ4MjE2MjI3ZGQ2
Ny5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEArM9CDANBgkqhkiG9w0BAQsFAAOCAQEAkmzAhxr8HhRkXwcT
VC/9zskLyg3QW7Ep6ApCLzNIkP1YPtIKHY2uCi36ca2BU5DjUqn59tQEuEWe/Shv
9IS9LXMjYGaCWv3LYe/iK5FtrJtHWcyT/GDZ9+8Psq0x4Ly/pmjDud74oXzW9CQC
FH2Mkg1AihH9mICJ3Xi04QBp625l6BmXezdDByaIxehUb1tkX1KX4Dj/kNi0KZ+x
0EErK71ZCOH5SI4/vVjclXvlSG6zDI6bmII56+m9mKTBhNUvGjkSlx/eA18+tn2c
NEbmXxcLCXszCr+/vGz4JEergBM5gvXMH7zE/yGjJoqjU7ARukvuhx4t+H+KIvij
O9MfmQ==
-----END CERTIFICATE-----
Generated at Wed Feb 21 22:41:50 2024 by rpki-client on console-ams.rpki-client.org