Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/95490ec3-36af-4d63-9b38-c4d83d8fd853/84bcecbef4f7ab52a18946a60f0de32e47be83da.roa
File:                     84bcecbef4f7ab52a18946a60f0de32e47be83da.roa (raw, json)
Hash identifier:          sqiI5XJb+7OIG5IUC2ZifBL8FEkMNRpPDe54IUmGxa4=
Subject key identifier:   43:8F:6D:83:DE:4E:2A:2E:7C:79:86:E8:F5:49:8C:6C:7C:6D:23:AE
Certificate issuer:       /CN=0346440b241d40bd970699e1c0567cf9a1f8b922
Certificate serial:       0BEC97
Authority key identifier: 30:4A:94:E6:DD:FD:B1:05:A7:94:2B:9E:D6:EB:00:82:65:62:5F:91
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/0346440b241d40bd970699e1c0567cf9a1f8b922.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/95490ec3-36af-4d63-9b38-c4d83d8fd853/84bcecbef4f7ab52a18946a60f0de32e47be83da.roa
Signing time:             Wed 24 Mar 2021 14:44:34 +0000
ROA not before:           Wed 24 Mar 2021 14:44:33 +0000
ROA not after:            Tue 24 Mar 2026 14:44:33 +0000
asID:                     3905
IP address blocks:        189.254.64.0/24 maxlen: 24
                          189.247.131.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/95490ec3-36af-4d63-9b38-c4d83d8fd853/0346440b241d40bd970699e1c0567cf9a1f8b922.crl
                          rsync://repository.lacnic.net/rpki/lacnic/95490ec3-36af-4d63-9b38-c4d83d8fd853/0346440b241d40bd970699e1c0567cf9a1f8b922.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/0346440b241d40bd970699e1c0567cf9a1f8b922.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 01 Apr 2024 05:17:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 781463 (0xbec97)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0346440b241d40bd970699e1c0567cf9a1f8b922
        Validity
            Not Before: Mar 24 14:44:33 2021 GMT
            Not After : Mar 24 14:44:33 2026 GMT
        Subject: CN=84bcecbef4f7ab52a18946a60f0de32e47be83da
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e7:83:f2:50:36:6c:e4:31:c8:2c:b4:61:0b:29:
                    26:1e:92:37:07:09:45:e5:12:ae:d5:60:ae:1f:ed:
                    f3:1b:33:3a:fa:e7:79:56:01:48:c7:ae:cd:a2:6e:
                    b4:e8:cd:54:da:04:f0:07:9d:35:73:de:f6:84:f7:
                    7e:2a:08:42:9d:7d:02:fc:b5:8e:92:59:31:1a:ce:
                    0b:16:55:5f:a9:31:bf:cf:61:22:82:db:11:7b:c1:
                    fa:fe:f9:cf:76:a0:67:29:0d:85:7f:d5:19:66:0e:
                    5b:6d:de:57:34:ec:eb:1e:d8:a0:08:3f:6b:57:35:
                    60:f3:f6:65:28:02:9c:15:e5:dd:f7:c5:29:64:3f:
                    eb:8c:e1:a7:e4:0a:7f:f4:22:bf:02:b0:6c:34:e9:
                    a4:fb:d1:ae:58:14:db:7f:71:6f:9c:10:6d:15:7b:
                    6f:a3:c5:fe:3d:e3:0b:5b:7c:64:3b:fa:47:f5:ef:
                    80:7d:95:64:1d:f5:94:f1:49:0b:7f:48:13:5a:2d:
                    2e:b7:97:07:04:ba:43:46:56:cc:53:ac:68:5f:ee:
                    f7:fb:dc:b4:76:4a:1d:f4:6c:f9:74:01:bf:ec:55:
                    b0:8e:1c:39:e1:99:fd:fa:d7:92:a9:ad:ed:f0:d6:
                    50:d6:09:bc:af:7e:4e:45:ba:9a:7a:56:a7:90:9a:
                    62:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                43:8F:6D:83:DE:4E:2A:2E:7C:79:86:E8:F5:49:8C:6C:7C:6D:23:AE
            X509v3 Authority Key Identifier:
                keyid:30:4A:94:E6:DD:FD:B1:05:A7:94:2B:9E:D6:EB:00:82:65:62:5F:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/0346440b241d40bd970699e1c0567cf9a1f8b922.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/95490ec3-36af-4d63-9b38-c4d83d8fd853/84bcecbef4f7ab52a18946a60f0de32e47be83da.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/95490ec3-36af-4d63-9b38-c4d83d8fd853/0346440b241d40bd970699e1c0567cf9a1f8b922.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  189.247.131.0/24
                  189.254.64.0/24

    Signature Algorithm: sha256WithRSAEncryption
         41:34:c0:68:07:13:16:81:5e:bc:55:e8:68:ec:98:37:96:f2:
         d1:99:4a:b8:f8:1c:d8:d4:12:ac:c0:99:37:e1:18:73:94:be:
         38:e1:96:fb:3c:f0:95:13:7c:50:c4:fd:8b:1e:b6:ec:c7:79:
         78:32:31:78:a0:25:df:ae:65:b7:aa:eb:16:1b:cb:41:4d:33:
         4a:c8:5f:54:37:96:e2:ff:93:ee:85:e8:2c:0f:ce:28:dc:42:
         b0:3c:05:0c:e6:cd:41:f9:c8:92:92:61:1b:60:b4:9e:43:4e:
         de:23:c6:dc:f5:81:ad:29:ff:e9:58:4a:17:93:81:0d:61:bc:
         cd:24:90:d6:19:ae:df:01:13:08:22:99:14:70:16:21:b2:58:
         ae:62:29:0a:28:94:81:a9:50:26:ee:44:d4:04:88:96:b9:4f:
         88:fb:6a:e7:7e:5a:76:ae:6a:85:df:03:7e:02:17:dc:d4:9b:
         01:28:41:b2:98:17:ba:76:42:ca:11:a3:6b:9c:ca:fd:d5:2f:
         b8:fa:c0:07:35:d4:39:ce:5b:93:9d:74:c9:37:e3:01:76:1f:
         a0:c1:b2:e9:e2:ea:c0:d7:1a:96:0b:4d:b3:ff:10:be:bd:1e:
         7a:3b:d1:b2:e0:c1:74:9e:9f:4c:aa:e7:98:07:7d:13:6a:93:
         13:b8:e4:58
-----BEGIN CERTIFICATE-----
MIIFRjCCBC6gAwIBAgIDC+yXMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDAz
NDY0NDBiMjQxZDQwYmQ5NzA2OTllMWMwNTY3Y2Y5YTFmOGI5MjIwHhcNMjEwMzI0
MTQ0NDMzWhcNMjYwMzI0MTQ0NDMzWjAzMTEwLwYDVQQDEyg4NGJjZWNiZWY0Zjdh
YjUyYTE4OTQ2YTYwZjBkZTMyZTQ3YmU4M2RhMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA54PyUDZs5DHILLRhCykmHpI3BwlF5RKu1WCuH+3zGzM6+ud5
VgFIx67Nom606M1U2gTwB501c972hPd+KghCnX0C/LWOklkxGs4LFlVfqTG/z2Ei
gtsRe8H6/vnPdqBnKQ2Ff9UZZg5bbd5XNOzrHtigCD9rVzVg8/ZlKAKcFeXd98Up
ZD/rjOGn5Ap/9CK/ArBsNOmk+9GuWBTbf3FvnBBtFXtvo8X+PeMLW3xkO/pH9e+A
fZVkHfWU8UkLf0gTWi0ut5cHBLpDRlbMU6xoX+73+9y0dkod9Gz5dAG/7FWwjhw5
4Zn9+teSqa3t8NZQ1gm8r35ORbqaelankJpifwIDAQABo4ICYTCCAl0wHQYDVR0O
BBYEFEOPbYPeTioufHmG6PVJjGx8bSOuMB8GA1UdIwQYMBaAFDBKlObd/bEFp5Qr
ntbrAIJlYl+RMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvMDM0NjQ0
MGIyNDFkNDBiZDk3MDY5OWUxYzA1NjdjZjlhMWY4YjkyMi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvOTU0OTBlYzMtMzZhZi00ZDYzLTliMzgtYzRkODNk
OGZkODUzLzg0YmNlY2JlZjRmN2FiNTJhMTg5NDZhNjBmMGRlMzJlNDdiZTgzZGEu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy85NTQ5MGVjMy0zNmFmLTRkNjMtOWIzOC1jNGQ4
M2Q4ZmQ4NTMvMDM0NjQ0MGIyNDFkNDBiZDk3MDY5OWUxYzA1NjdjZjlhMWY4Yjky
Mi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQW
MBQwEgQCAAEwDAMEAL33gwMEAL3+QDANBgkqhkiG9w0BAQsFAAOCAQEAQTTAaAcT
FoFevFXoaOyYN5by0ZlKuPgc2NQSrMCZN+EYc5S+OOGW+zzwlRN8UMT9ix627Md5
eDIxeKAl365lt6rrFhvLQU0zSshfVDeW4v+T7oXoLA/OKNxCsDwFDObNQfnIkpJh
G2C0nkNO3iPG3PWBrSn/6VhKF5OBDWG8zSSQ1hmu3wETCCKZFHAWIbJYrmIpCiiU
galQJu5E1ASIlrlPiPtq535adq5qhd8DfgIX3NSbAShBspgXunZCyhGja5zK/dUv
uPrABzXUOc5bk510yTfjAXYfoMGy6eLqwNcalgtNs/8Qvr0eejvRsuDBdJ6fTKrn
mAd9E2qTE7jkWA==
-----END CERTIFICATE-----
Generated at Fri Mar 29 04:59:28 2024 by rpki-client on console-fra.rpki-client.org