Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/948f5704-fd57-4b83-8a72-60596ce663f0/ff7ab12a64742926026d220452f82007d953690d.roa
File:                     ff7ab12a64742926026d220452f82007d953690d.roa (raw, json)
Hash identifier:          e5nSkyyJX4x6WDr33Rnz6mmIamxKtTRMBBzg7UxMIJo=
Subject key identifier:   69:10:5C:48:D0:58:04:18:B4:A7:71:AC:6F:B1:57:F2:84:F8:A3:28
Certificate issuer:       /CN=ff66ce057bfc23ceec4ccae09b8a304bfc677e65
Certificate serial:       0C0CED
Authority key identifier: 5C:A1:6A:8C:61:0B:6F:62:35:01:7E:7C:6A:1C:52:8C:CD:80:BF:1F
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff66ce057bfc23ceec4ccae09b8a304bfc677e65.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/948f5704-fd57-4b83-8a72-60596ce663f0/ff7ab12a64742926026d220452f82007d953690d.roa
Signing time:             Wed 24 Mar 2021 14:33:19 +0000
ROA not before:           Wed 24 Mar 2021 14:33:19 +0000
ROA not after:            Tue 24 Mar 2026 14:33:19 +0000
asID:                     265703
IP address blocks:        45.165.168.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/948f5704-fd57-4b83-8a72-60596ce663f0/ff66ce057bfc23ceec4ccae09b8a304bfc677e65.crl
                          rsync://repository.lacnic.net/rpki/lacnic/948f5704-fd57-4b83-8a72-60596ce663f0/ff66ce057bfc23ceec4ccae09b8a304bfc677e65.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff66ce057bfc23ceec4ccae09b8a304bfc677e65.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 19:38:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 789741 (0xc0ced)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ff66ce057bfc23ceec4ccae09b8a304bfc677e65
        Validity
            Not Before: Mar 24 14:33:19 2021 GMT
            Not After : Mar 24 14:33:19 2026 GMT
        Subject: CN=ff7ab12a64742926026d220452f82007d953690d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:64:d5:2c:de:8f:40:8a:14:a0:73:77:05:c9:
                    b6:e8:6f:6c:dd:1c:58:c5:52:b8:bb:90:44:c8:b3:
                    17:bb:f3:f3:c6:76:2a:c5:f4:19:98:df:49:a9:c8:
                    a6:d5:ad:38:d9:4f:4f:f3:30:4f:6c:76:e5:e7:27:
                    07:4c:3c:dd:5f:6b:d9:ed:0c:d6:ce:f9:33:cf:a3:
                    fe:e6:fc:5a:4f:73:01:62:6f:f2:c1:9b:e2:00:f8:
                    de:43:f5:b7:85:03:b5:83:6d:64:ea:a6:d4:af:3b:
                    75:a4:2b:4b:6f:c7:6f:c9:0d:e6:98:64:a7:ae:f3:
                    a7:db:c8:75:35:37:5f:98:74:fa:ee:98:7f:4b:f5:
                    59:91:2d:28:39:d4:fa:18:6b:1e:f9:af:35:6e:db:
                    a0:f9:91:67:f7:23:b4:fb:9c:b5:56:b1:37:b6:41:
                    e8:05:9e:2a:56:7e:92:e5:34:6c:93:56:5e:9c:00:
                    cc:98:e2:fb:4d:82:56:2c:a7:58:ea:7b:e7:2b:3e:
                    1e:2f:de:c4:74:59:df:60:45:d6:09:c8:cd:3f:0e:
                    a4:d3:9a:26:50:a9:a7:18:11:7a:81:c4:98:78:ad:
                    ac:4b:9e:fa:59:18:82:42:f9:87:a5:10:a8:9c:6f:
                    d3:f5:4d:35:d1:d7:60:cb:af:64:d0:4e:9a:7e:ff:
                    c4:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                69:10:5C:48:D0:58:04:18:B4:A7:71:AC:6F:B1:57:F2:84:F8:A3:28
            X509v3 Authority Key Identifier:
                keyid:5C:A1:6A:8C:61:0B:6F:62:35:01:7E:7C:6A:1C:52:8C:CD:80:BF:1F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff66ce057bfc23ceec4ccae09b8a304bfc677e65.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/948f5704-fd57-4b83-8a72-60596ce663f0/ff7ab12a64742926026d220452f82007d953690d.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/948f5704-fd57-4b83-8a72-60596ce663f0/ff66ce057bfc23ceec4ccae09b8a304bfc677e65.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.165.168.0/22

    Signature Algorithm: sha256WithRSAEncryption
         43:d0:6b:52:30:a5:3d:0e:62:c9:71:bb:80:14:a4:53:8e:ee:
         ee:25:cf:fa:44:db:fc:b2:e8:1e:d2:71:67:78:67:ed:d3:14:
         36:f2:ad:ee:71:b6:17:71:8b:9b:f7:97:49:6b:99:d8:77:e3:
         86:ee:16:f2:b6:84:f5:15:63:17:9e:45:43:96:8d:5e:17:e5:
         bd:5e:76:41:8d:8a:40:4f:4b:54:82:97:75:1e:c0:32:d3:54:
         9f:e0:63:3e:67:49:24:2c:0a:6a:06:ef:5e:65:af:c2:5d:2e:
         c8:07:2a:5b:3b:f1:47:02:33:b7:df:64:0e:7c:4f:6e:22:7d:
         26:54:70:e8:c0:9d:ed:24:9b:b5:5a:70:c8:05:46:ae:a4:c9:
         d6:c0:24:7c:b3:c9:dd:3f:55:8b:3c:ff:1c:86:ff:1d:16:96:
         20:da:1c:8b:77:b0:a7:c7:62:d6:d7:96:3d:db:79:f7:64:cd:
         b3:84:96:1a:e4:bc:e1:fc:fb:c9:d5:f0:67:f1:35:d0:1e:44:
         a8:c8:be:a6:87:d6:4d:2e:84:8a:91:6d:b3:20:c4:50:e0:cc:
         13:4d:c8:c8:68:a7:bb:26:57:d1:74:02:0f:08:b5:e4:cd:27:
         2d:c2:3f:51:5e:14:dd:fc:ef:66:68:fb:71:76:39:20:e8:f3:
         0a:6d:97:b7
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDDAztMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGZm
NjZjZTA1N2JmYzIzY2VlYzRjY2FlMDliOGEzMDRiZmM2NzdlNjUwHhcNMjEwMzI0
MTQzMzE5WhcNMjYwMzI0MTQzMzE5WjAzMTEwLwYDVQQDEyhmZjdhYjEyYTY0NzQy
OTI2MDI2ZDIyMDQ1MmY4MjAwN2Q5NTM2OTBkMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAoGTVLN6PQIoUoHN3Bcm26G9s3RxYxVK4u5BEyLMXu/PzxnYq
xfQZmN9Jqcim1a042U9P8zBPbHbl5ycHTDzdX2vZ7QzWzvkzz6P+5vxaT3MBYm/y
wZviAPjeQ/W3hQO1g21k6qbUrzt1pCtLb8dvyQ3mmGSnrvOn28h1NTdfmHT67ph/
S/VZkS0oOdT6GGse+a81btug+ZFn9yO0+5y1VrE3tkHoBZ4qVn6S5TRsk1ZenADM
mOL7TYJWLKdY6nvnKz4eL97EdFnfYEXWCcjNPw6k05omUKmnGBF6gcSYeK2sS576
WRiCQvmHpRConG/T9U010ddgy69k0E6afv/EMQIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFGkQXEjQWAQYtKdxrG+xV/KE+KMoMB8GA1UdIwQYMBaAFFyhaoxhC29iNQF+
fGocUozNgL8fMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvZmY2NmNl
MDU3YmZjMjNjZWVjNGNjYWUwOWI4YTMwNGJmYzY3N2U2NS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvOTQ4ZjU3MDQtZmQ1Ny00YjgzLThhNzItNjA1OTZj
ZTY2M2YwL2ZmN2FiMTJhNjQ3NDI5MjYwMjZkMjIwNDUyZjgyMDA3ZDk1MzY5MGQu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy85NDhmNTcwNC1mZDU3LTRiODMtOGE3Mi02MDU5
NmNlNjYzZjAvZmY2NmNlMDU3YmZjMjNjZWVjNGNjYWUwOWI4YTMwNGJmYzY3N2U2
NS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAi2lqDANBgkqhkiG9w0BAQsFAAOCAQEAQ9BrUjClPQ5iyXG7
gBSkU47u7iXP+kTb/LLoHtJxZ3hn7dMUNvKt7nG2F3GLm/eXSWuZ2Hfjhu4W8raE
9RVjF55FQ5aNXhflvV52QY2KQE9LVIKXdR7AMtNUn+BjPmdJJCwKagbvXmWvwl0u
yAcqWzvxRwIzt99kDnxPbiJ9JlRw6MCd7SSbtVpwyAVGrqTJ1sAkfLPJ3T9Vizz/
HIb/HRaWINoci3ewp8di1teWPdt592TNs4SWGuS84fz7ydXwZ/E10B5EqMi+pofW
TS6EipFtsyDEUODME03IyGinuyZX0XQCDwi15M0nLcI/UV4U3fzvZmj7cXY5IOjz
Cm2Xtw==
-----END CERTIFICATE-----
Generated at Thu Mar 28 22:53:06 2024 by rpki-client on console-ams.rpki-client.org