Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/958c92c8-a386-49c3-9691-8ee3c4ff17ee/370f118922072584f5eebe8a3dbae438bdf847f8.roa
File:                     370f118922072584f5eebe8a3dbae438bdf847f8.roa (raw, json)
Hash identifier:          gk/U5i7gTKq5ehssFjud5S8NltnvmWLbjdzJCSJPQo0=
Subject key identifier:   F0:61:77:9F:2D:81:31:6D:B2:4C:DD:65:DE:CE:EB:C4:02:41:84:21
Certificate issuer:       /CN=e8b953b12842ffe0d97ca6fedbe7550e5a400acf
Certificate serial:       1D875D
Authority key identifier: 71:85:EB:FB:A8:0B:53:41:D8:52:3D:48:A0:FD:52:94:2E:E5:4E:63
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/e8b953b12842ffe0d97ca6fedbe7550e5a400acf.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/958c92c8-a386-49c3-9691-8ee3c4ff17ee/370f118922072584f5eebe8a3dbae438bdf847f8.roa
Signing time:             Sat 04 Mar 2023 13:43:20 +0000
ROA not before:           Tue 23 Mar 2021 03:00:00 +0000
ROA not after:            Tue 24 Mar 2026 03:00:00 +0000
asID:                     269728
IP address blocks:        45.180.140.0/24 maxlen: 24
                          45.180.141.0/24 maxlen: 24
                          45.180.142.0/24 maxlen: 24
                          45.180.143.0/24 maxlen: 24
                          2803:1160::/32 maxlen: 32

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/958c92c8-a386-49c3-9691-8ee3c4ff17ee/e8b953b12842ffe0d97ca6fedbe7550e5a400acf.crl
                          rsync://repository.lacnic.net/rpki/lacnic/958c92c8-a386-49c3-9691-8ee3c4ff17ee/e8b953b12842ffe0d97ca6fedbe7550e5a400acf.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/e8b953b12842ffe0d97ca6fedbe7550e5a400acf.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Tue 27 Feb 2024 21:42:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1935197 (0x1d875d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e8b953b12842ffe0d97ca6fedbe7550e5a400acf
        Validity
            Not Before: Mar 23 03:00:00 2021 GMT
            Not After : Mar 24 03:00:00 2026 GMT
        Subject: CN=370f118922072584f5eebe8a3dbae438bdf847f8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:8d:2a:cc:46:f3:b5:88:71:7a:34:70:94:7f:
                    6c:a4:89:cd:6a:78:cc:a3:01:12:a9:1e:67:2e:81:
                    27:e3:48:01:dd:16:a4:47:9b:b2:4a:6c:5b:b9:72:
                    40:01:87:8f:99:f3:2c:e4:53:42:35:b4:1d:60:58:
                    75:f4:eb:4a:a2:7d:25:af:78:4b:8a:bf:10:32:d6:
                    11:e6:3c:04:0b:0b:a2:5a:8f:04:b0:f8:73:14:e0:
                    9d:2a:53:02:8f:b5:77:44:0e:91:eb:77:40:51:f3:
                    dc:a9:24:e1:a5:e9:e9:cf:80:6a:e8:84:8e:a2:71:
                    9a:98:79:03:bf:e1:a2:03:e6:c0:71:91:28:8b:9a:
                    34:40:cc:ee:fd:81:71:7f:38:98:0e:58:03:a5:4b:
                    18:54:3e:57:6b:54:62:1f:f9:c8:2e:dd:a1:51:3f:
                    9b:a8:a1:9b:91:4e:91:d4:e9:1d:04:28:1f:cf:f8:
                    d5:7e:82:df:67:41:a6:47:d4:18:92:99:e5:ab:cd:
                    3a:94:7d:be:e9:d4:49:6c:18:0e:a8:21:fd:07:5d:
                    1f:25:96:3f:da:d4:6c:2b:c5:eb:f6:94:28:93:76:
                    95:47:2b:fe:16:46:0f:0a:10:77:16:ec:fc:35:1a:
                    15:c3:0d:76:ca:67:22:3b:9c:2e:a7:2a:86:e0:91:
                    d8:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F0:61:77:9F:2D:81:31:6D:B2:4C:DD:65:DE:CE:EB:C4:02:41:84:21
            X509v3 Authority Key Identifier:
                keyid:71:85:EB:FB:A8:0B:53:41:D8:52:3D:48:A0:FD:52:94:2E:E5:4E:63

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/e8b953b12842ffe0d97ca6fedbe7550e5a400acf.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/958c92c8-a386-49c3-9691-8ee3c4ff17ee/370f118922072584f5eebe8a3dbae438bdf847f8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/958c92c8-a386-49c3-9691-8ee3c4ff17ee/e8b953b12842ffe0d97ca6fedbe7550e5a400acf.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.180.140.0/22
                IPv6:
                  2803:1160::/32

    Signature Algorithm: sha256WithRSAEncryption
         dd:05:d2:18:4c:60:57:cb:af:dc:3c:11:e1:90:22:ef:7a:01:
         eb:8a:59:45:c2:f8:a1:58:39:34:15:cf:15:2d:df:1b:37:c5:
         28:5f:3d:3e:d6:22:5d:50:47:06:e2:c9:d5:a9:90:b0:8a:6f:
         b8:7d:5e:3e:c8:54:47:43:49:7e:a9:b1:40:61:52:6a:ee:db:
         69:f1:85:e4:2c:e5:72:1f:97:84:7a:48:95:59:9b:b2:3e:91:
         40:fd:8b:56:33:a5:a3:f7:25:2d:b5:38:71:90:ec:a3:57:8a:
         24:91:11:03:b8:64:9a:33:b0:24:16:c7:97:0d:73:d0:d8:14:
         53:8c:7c:4c:82:8b:4c:94:0a:08:39:02:9c:f9:07:cc:ab:0a:
         6d:51:88:8a:68:cc:9a:30:79:df:c7:e0:8a:07:7a:e8:cf:76:
         14:3c:a7:75:6d:db:84:b6:03:54:24:8d:1f:e6:9f:8a:e1:54:
         66:68:92:dd:97:8e:3a:40:89:6b:d3:a3:ed:00:e9:00:3b:c6:
         64:ad:71:a9:99:c5:2f:60:5f:43:78:f6:5e:f0:b4:a9:8f:cc:
         c7:68:cc:58:2a:95:6f:b4:e3:f1:4d:01:af:5a:2c:45:64:40:
         f0:05:37:39:aa:ce:b8:32:98:c8:91:31:df:c1:d0:0e:6e:55:
         53:fa:b0:d6
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgIDHYddMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGU4
Yjk1M2IxMjg0MmZmZTBkOTdjYTZmZWRiZTc1NTBlNWE0MDBhY2YwHhcNMjEwMzIz
MDMwMDAwWhcNMjYwMzI0MDMwMDAwWjAzMTEwLwYDVQQDEygzNzBmMTE4OTIyMDcy
NTg0ZjVlZWJlOGEzZGJhZTQzOGJkZjg0N2Y4MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAlo0qzEbztYhxejRwlH9spInNanjMowESqR5nLoEn40gB3Rak
R5uySmxbuXJAAYePmfMs5FNCNbQdYFh19OtKon0lr3hLir8QMtYR5jwECwuiWo8E
sPhzFOCdKlMCj7V3RA6R63dAUfPcqSThpenpz4Bq6ISOonGamHkDv+GiA+bAcZEo
i5o0QMzu/YFxfziYDlgDpUsYVD5Xa1RiH/nILt2hUT+bqKGbkU6R1OkdBCgfz/jV
foLfZ0GmR9QYkpnlq806lH2+6dRJbBgOqCH9B10fJZY/2tRsK8Xr9pQok3aVRyv+
FkYPChB3Fuz8NRoVww12ymciO5wupyqG4JHYBQIDAQABo4ICajCCAmYwHQYDVR0O
BBYEFPBhd58tgTFtskzdZd7O68QCQYQhMB8GA1UdIwQYMBaAFHGF6/uoC1NB2FI9
SKD9UpQu5U5jMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvZThiOTUz
YjEyODQyZmZlMGQ5N2NhNmZlZGJlNzU1MGU1YTQwMGFjZi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvOTU4YzkyYzgtYTM4Ni00OWMzLTk2OTEtOGVlM2M0
ZmYxN2VlLzM3MGYxMTg5MjIwNzI1ODRmNWVlYmU4YTNkYmFlNDM4YmRmODQ3Zjgu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy85NThjOTJjOC1hMzg2LTQ5YzMtOTY5MS04ZWUz
YzRmZjE3ZWUvZThiOTUzYjEyODQyZmZlMGQ5N2NhNmZlZGJlNzU1MGU1YTQwMGFj
Zi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQf
MB0wDAQCAAEwBgMEAi20jDANBAIAAjAHAwUAKAMRYDANBgkqhkiG9w0BAQsFAAOC
AQEA3QXSGExgV8uv3DwR4ZAi73oB64pZRcL4oVg5NBXPFS3fGzfFKF89PtYiXVBH
BuLJ1amQsIpvuH1ePshUR0NJfqmxQGFSau7bafGF5Czlch+XhHpIlVmbsj6RQP2L
VjOlo/clLbU4cZDso1eKJJERA7hkmjOwJBbHlw1z0NgUU4x8TIKLTJQKCDkCnPkH
zKsKbVGIimjMmjB538fgigd66M92FDyndW3bhLYDVCSNH+afiuFUZmiS3ZeOOkCJ
a9Oj7QDpADvGZK1xqZnFL2BfQ3j2XvC0qY/Mx2jMWCqVb7Tj8U0Br1osRWRA8AU3
OarOuDKYyJEx38HQDm5VU/qw1g==
-----END CERTIFICATE-----
Generated at Sun Feb 25 02:19:04 2024 by rpki-client on console-fra.rpki-client.org