Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/95490ec3-36af-4d63-9b38-c4d83d8fd853/d121968f4b6fce4382ae721200b7998baee4e954.roa
File:                     d121968f4b6fce4382ae721200b7998baee4e954.roa (raw, json)
Hash identifier:          v3wsdb7r1d0t78FMJfDMeYP5G0X87vmT+BYF5K5zjaA=
Subject key identifier:   B9:66:73:69:EA:0C:8E:67:F2:CD:A9:84:8E:CF:88:21:6A:43:63:13
Certificate issuer:       /CN=0346440b241d40bd970699e1c0567cf9a1f8b922
Certificate serial:       0C11FD
Authority key identifier: 30:4A:94:E6:DD:FD:B1:05:A7:94:2B:9E:D6:EB:00:82:65:62:5F:91
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/0346440b241d40bd970699e1c0567cf9a1f8b922.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/95490ec3-36af-4d63-9b38-c4d83d8fd853/d121968f4b6fce4382ae721200b7998baee4e954.roa
Signing time:             Wed 24 Mar 2021 14:44:36 +0000
ROA not before:           Wed 24 Mar 2021 14:44:33 +0000
ROA not after:            Tue 24 Mar 2026 14:44:33 +0000
asID:                     20940
IP address blocks:        189.247.207.0/24 maxlen: 24
                          189.247.206.0/24 maxlen: 24
                          189.247.204.0/23 maxlen: 24
                          189.247.216.0/24 maxlen: 24
                          2806:1040:fc::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/95490ec3-36af-4d63-9b38-c4d83d8fd853/0346440b241d40bd970699e1c0567cf9a1f8b922.crl
                          rsync://repository.lacnic.net/rpki/lacnic/95490ec3-36af-4d63-9b38-c4d83d8fd853/0346440b241d40bd970699e1c0567cf9a1f8b922.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/0346440b241d40bd970699e1c0567cf9a1f8b922.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 01 Apr 2024 05:17:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 791037 (0xc11fd)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0346440b241d40bd970699e1c0567cf9a1f8b922
        Validity
            Not Before: Mar 24 14:44:33 2021 GMT
            Not After : Mar 24 14:44:33 2026 GMT
        Subject: CN=d121968f4b6fce4382ae721200b7998baee4e954
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:e0:46:77:13:1c:0e:2d:91:22:d8:08:c8:38:
                    56:71:49:50:fd:e9:df:80:eb:52:0b:23:90:ea:98:
                    51:01:92:4a:92:23:d5:9d:a4:46:1e:30:f4:e8:56:
                    33:6f:d1:b8:d6:5f:00:d7:6b:81:67:c2:6e:92:e6:
                    f7:01:5b:8c:55:fb:de:a1:14:5e:42:33:8a:4f:a0:
                    35:48:13:c6:04:09:02:17:24:39:72:ae:db:21:bf:
                    66:6a:13:07:73:a8:99:53:c4:d1:c6:5b:9c:a3:3d:
                    71:46:b4:b9:81:f0:90:2e:62:f7:d2:be:08:de:50:
                    16:d5:a6:b6:84:b6:84:70:e8:fb:3d:69:0d:78:05:
                    63:fe:03:8e:0d:52:f2:f7:19:bb:44:64:e6:8a:f8:
                    b8:7c:65:35:38:04:30:87:72:0f:d2:bb:8b:a9:6b:
                    a3:75:58:54:94:f7:bc:bd:5f:cb:a2:5a:d5:96:fb:
                    27:ff:5b:cc:22:f2:ba:22:81:8e:4f:54:d3:82:53:
                    0c:1d:91:72:ea:3a:7a:0f:12:b9:71:c0:fc:c3:73:
                    19:c3:e6:7c:f5:a3:22:8b:d8:f2:4f:88:a2:1c:d5:
                    00:3c:2c:c5:af:3d:85:91:d0:66:a5:95:ea:fb:33:
                    a9:dc:8f:d3:a6:94:30:b8:54:f2:06:ec:79:1f:14:
                    6f:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B9:66:73:69:EA:0C:8E:67:F2:CD:A9:84:8E:CF:88:21:6A:43:63:13
            X509v3 Authority Key Identifier:
                keyid:30:4A:94:E6:DD:FD:B1:05:A7:94:2B:9E:D6:EB:00:82:65:62:5F:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/0346440b241d40bd970699e1c0567cf9a1f8b922.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/95490ec3-36af-4d63-9b38-c4d83d8fd853/d121968f4b6fce4382ae721200b7998baee4e954.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/95490ec3-36af-4d63-9b38-c4d83d8fd853/0346440b241d40bd970699e1c0567cf9a1f8b922.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  189.247.204.0/22
                  189.247.216.0/24
                IPv6:
                  2806:1040:fc::/48

    Signature Algorithm: sha256WithRSAEncryption
         45:2d:cd:d2:0f:59:4a:81:ab:a0:96:4b:a4:e8:e5:59:4b:58:
         0f:2c:f2:9c:88:bc:3d:70:f9:8a:35:3f:f1:36:99:01:41:42:
         7b:fc:a9:b1:52:95:29:02:5f:b7:7d:59:67:67:2f:e9:0b:ba:
         32:7d:52:13:1f:14:fc:94:5b:02:23:ba:d8:b2:74:59:f3:4c:
         e8:87:50:cd:9f:3f:fd:3d:ff:a5:db:d6:34:b5:77:a7:13:b1:
         90:a8:4d:8a:9f:a7:ab:09:a9:65:b9:fc:3e:86:2c:b0:dc:c3:
         3a:11:34:41:56:d3:05:ec:e6:b2:bc:16:52:a0:71:da:82:38:
         65:22:7b:3c:a7:8d:04:af:7e:b7:7f:d7:d7:c5:e4:9a:08:a8:
         a8:f2:6a:cc:29:28:33:98:28:89:0c:6e:75:32:47:8a:b6:7b:
         3a:55:9b:8e:0c:c7:2e:3c:65:64:75:70:d7:ab:d4:01:6e:ee:
         19:07:95:a7:3d:57:82:79:4a:f8:83:0d:cf:bd:82:5c:c2:0a:
         2b:db:e4:02:9e:55:da:78:38:49:b9:7c:24:b7:0b:e4:a3:89:
         bb:4b:44:e4:de:23:ed:17:1a:ee:42:50:2c:e4:cd:fb:40:ea:
         99:0c:bb:c1:90:06:3d:ca:64:64:b7:0a:b2:1c:c6:82:d9:f2:
         d1:64:29:51
-----BEGIN CERTIFICATE-----
MIIFVzCCBD+gAwIBAgIDDBH9MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDAz
NDY0NDBiMjQxZDQwYmQ5NzA2OTllMWMwNTY3Y2Y5YTFmOGI5MjIwHhcNMjEwMzI0
MTQ0NDMzWhcNMjYwMzI0MTQ0NDMzWjAzMTEwLwYDVQQDEyhkMTIxOTY4ZjRiNmZj
ZTQzODJhZTcyMTIwMGI3OTk4YmFlZTRlOTU0MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAwuBGdxMcDi2RItgIyDhWcUlQ/enfgOtSCyOQ6phRAZJKkiPV
naRGHjD06FYzb9G41l8A12uBZ8Jukub3AVuMVfveoRReQjOKT6A1SBPGBAkCFyQ5
cq7bIb9mahMHc6iZU8TRxlucoz1xRrS5gfCQLmL30r4I3lAW1aa2hLaEcOj7PWkN
eAVj/gOODVLy9xm7RGTmivi4fGU1OAQwh3IP0ruLqWujdVhUlPe8vV/LolrVlvsn
/1vMIvK6IoGOT1TTglMMHZFy6jp6DxK5ccD8w3MZw+Z89aMii9jyT4iiHNUAPCzF
rz2FkdBmpZXq+zOp3I/TppQwuFTyBux5HxRvKwIDAQABo4ICcjCCAm4wHQYDVR0O
BBYEFLlmc2nqDI5n8s2phI7PiCFqQ2MTMB8GA1UdIwQYMBaAFDBKlObd/bEFp5Qr
ntbrAIJlYl+RMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvMDM0NjQ0
MGIyNDFkNDBiZDk3MDY5OWUxYzA1NjdjZjlhMWY4YjkyMi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvOTU0OTBlYzMtMzZhZi00ZDYzLTliMzgtYzRkODNk
OGZkODUzL2QxMjE5NjhmNGI2ZmNlNDM4MmFlNzIxMjAwYjc5OThiYWVlNGU5NTQu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy85NTQ5MGVjMy0zNmFmLTRkNjMtOWIzOC1jNGQ4
M2Q4ZmQ4NTMvMDM0NjQ0MGIyNDFkNDBiZDk3MDY5OWUxYzA1NjdjZjlhMWY4Yjky
Mi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA2BggrBgEFBQcBBwEB/wQn
MCUwEgQCAAEwDAMEAr33zAMEAL332DAPBAIAAjAJAwcAKAYQQAD8MA0GCSqGSIb3
DQEBCwUAA4IBAQBFLc3SD1lKgauglkuk6OVZS1gPLPKciLw9cPmKNT/xNpkBQUJ7
/KmxUpUpAl+3fVlnZy/pC7oyfVITHxT8lFsCI7rYsnRZ80zoh1DNnz/9Pf+l29Y0
tXenE7GQqE2Kn6erCallufw+hiyw3MM6ETRBVtMF7OayvBZSoHHagjhlIns8p40E
r363f9fXxeSaCKio8mrMKSgzmCiJDG51MkeKtns6VZuODMcuPGVkdXDXq9QBbu4Z
B5WnPVeCeUr4gw3PvYJcwgor2+QCnlXaeDhJuXwktwvko4m7S0Tk3iPtFxruQlAs
5M37QOqZDLvBkAY9ymRktwqyHMaC2fLRZClR
-----END CERTIFICATE-----
Generated at Fri Mar 29 05:45:44 2024 by rpki-client on console-ams.rpki-client.org