Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/95ba07cf-b046-4915-838e-136e207ba897/04bd9d6488da05c49b00dcf045d2ea65cd9bae21.roa
File:                     04bd9d6488da05c49b00dcf045d2ea65cd9bae21.roa (raw, json)
Hash identifier:          SVWk1k/NnHpPzBX8cBBS7/1ZU9oftTqoOsYd75XPwdQ=
Subject key identifier:   7B:CE:08:3A:13:90:92:5C:C4:3F:7D:74:F6:1A:15:8D:6F:C3:8E:D0
Certificate issuer:       /CN=52cabd7c82ad25b1d422313740868842924c1649
Certificate serial:       0CF513
Authority key identifier: 8C:1A:92:BF:B3:DB:DD:04:44:92:92:44:4F:58:5F:51:D7:5E:2E:4B
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/52cabd7c82ad25b1d422313740868842924c1649.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/95ba07cf-b046-4915-838e-136e207ba897/04bd9d6488da05c49b00dcf045d2ea65cd9bae21.roa
Signing time:             Wed 24 Mar 2021 14:34:21 +0000
ROA not before:           Wed 24 Mar 2021 14:34:21 +0000
ROA not after:            Tue 24 Mar 2026 14:34:21 +0000
asID:                     266857
IP address blocks:        45.239.208.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/95ba07cf-b046-4915-838e-136e207ba897/52cabd7c82ad25b1d422313740868842924c1649.crl
                          rsync://repository.lacnic.net/rpki/lacnic/95ba07cf-b046-4915-838e-136e207ba897/52cabd7c82ad25b1d422313740868842924c1649.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/52cabd7c82ad25b1d422313740868842924c1649.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 30 Mar 2024 16:20:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 849171 (0xcf513)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=52cabd7c82ad25b1d422313740868842924c1649
        Validity
            Not Before: Mar 24 14:34:21 2021 GMT
            Not After : Mar 24 14:34:21 2026 GMT
        Subject: CN=04bd9d6488da05c49b00dcf045d2ea65cd9bae21
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:c9:81:bd:08:7d:5a:cb:41:73:4f:27:03:55:
                    fd:43:36:cc:db:ff:85:da:b6:75:34:7c:22:87:dd:
                    bf:37:1e:dd:e6:10:df:50:14:dc:ec:10:d3:9b:f1:
                    69:c0:34:8e:f0:1b:97:dc:14:29:e3:fa:56:0b:97:
                    f5:3c:86:24:2a:94:96:93:10:a8:38:f1:7b:f4:19:
                    e8:8e:63:7a:22:c7:c8:b9:da:c6:7f:b3:b1:98:e8:
                    70:ef:06:ea:0d:b8:d7:de:55:49:62:28:9d:ae:8f:
                    53:b8:38:b0:2d:ef:2f:60:e2:3c:30:82:f4:35:16:
                    01:a8:7e:d4:a8:52:85:51:7d:eb:0e:da:a8:e3:3b:
                    48:1b:f4:3c:9c:06:90:73:ca:c9:00:a4:ff:70:e4:
                    00:3f:87:cc:ac:6b:da:8a:e4:92:f8:70:f7:65:a9:
                    48:0a:2c:00:c2:0d:67:1b:e8:96:82:57:d4:67:bd:
                    14:c8:0b:fd:b7:c2:a3:74:4a:26:18:56:f7:fa:35:
                    1e:00:1d:eb:fe:7b:b0:8a:b9:76:98:e9:92:a9:ff:
                    c1:69:e1:44:87:88:f0:d6:e8:48:cd:42:01:66:44:
                    f8:4d:83:c6:08:46:aa:dd:51:e0:15:53:1f:b2:5a:
                    82:2f:72:9f:67:95:17:34:87:fc:36:76:3e:05:fe:
                    35:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7B:CE:08:3A:13:90:92:5C:C4:3F:7D:74:F6:1A:15:8D:6F:C3:8E:D0
            X509v3 Authority Key Identifier:
                keyid:8C:1A:92:BF:B3:DB:DD:04:44:92:92:44:4F:58:5F:51:D7:5E:2E:4B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/52cabd7c82ad25b1d422313740868842924c1649.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/95ba07cf-b046-4915-838e-136e207ba897/04bd9d6488da05c49b00dcf045d2ea65cd9bae21.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/95ba07cf-b046-4915-838e-136e207ba897/52cabd7c82ad25b1d422313740868842924c1649.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.239.208.0/22

    Signature Algorithm: sha256WithRSAEncryption
         10:f4:3d:7b:f5:f1:18:31:04:95:8f:15:84:f9:8b:0f:c2:fb:
         f2:5c:72:32:f1:e4:8b:81:fe:d6:69:06:94:ba:9b:73:03:c0:
         13:59:c9:29:62:68:8e:d7:67:b0:0e:90:d6:04:c5:e9:43:f7:
         07:ad:b7:2a:98:a4:b8:04:f6:1f:08:46:6d:a7:18:11:51:72:
         31:6c:52:0c:4a:48:0a:aa:79:17:be:83:00:62:b4:6c:5f:c5:
         30:2e:fa:88:10:de:c7:a6:2e:ba:48:84:d3:82:ce:47:f7:9d:
         a3:67:d1:38:6f:8b:5e:21:34:bf:4b:94:c0:21:63:4a:5d:0f:
         44:16:9c:3f:27:1d:e8:90:d6:5d:a3:04:fb:29:18:15:93:38:
         a7:a4:a9:f9:6d:09:5f:f8:f2:ff:06:75:f5:b9:fb:69:c0:4b:
         55:91:15:63:25:a5:19:13:41:13:6a:ff:e7:91:ab:d3:2c:19:
         cc:b0:8a:01:21:ca:04:7a:84:75:5f:cb:f7:5a:66:89:48:08:
         00:8f:20:1c:b5:52:de:e0:0a:46:33:f4:0a:6b:1c:5e:2c:97:
         2e:39:3f:e1:3a:4e:98:42:2e:d4:82:c6:df:67:51:96:f8:32:
         10:f7:d5:0b:74:92:86:d1:5c:57:c2:c5:e1:fe:b5:7f:9f:af:
         9f:b9:18:99
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDDPUTMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDUy
Y2FiZDdjODJhZDI1YjFkNDIyMzEzNzQwODY4ODQyOTI0YzE2NDkwHhcNMjEwMzI0
MTQzNDIxWhcNMjYwMzI0MTQzNDIxWjAzMTEwLwYDVQQDEygwNGJkOWQ2NDg4ZGEw
NWM0OWIwMGRjZjA0NWQyZWE2NWNkOWJhZTIxMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAhMmBvQh9WstBc08nA1X9QzbM2/+F2rZ1NHwih92/Nx7d5hDf
UBTc7BDTm/FpwDSO8BuX3BQp4/pWC5f1PIYkKpSWkxCoOPF79BnojmN6IsfIudrG
f7OxmOhw7wbqDbjX3lVJYiidro9TuDiwLe8vYOI8MIL0NRYBqH7UqFKFUX3rDtqo
4ztIG/Q8nAaQc8rJAKT/cOQAP4fMrGvaiuSS+HD3ZalICiwAwg1nG+iWglfUZ70U
yAv9t8KjdEomGFb3+jUeAB3r/nuwirl2mOmSqf/BaeFEh4jw1uhIzUIBZkT4TYPG
CEaq3VHgFVMfslqCL3KfZ5UXNIf8NnY+Bf41DQIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFHvOCDoTkJJcxD99dPYaFY1vw47QMB8GA1UdIwQYMBaAFIwakr+z290ERJKS
RE9YX1HXXi5LMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvNTJjYWJk
N2M4MmFkMjViMWQ0MjIzMTM3NDA4Njg4NDI5MjRjMTY0OS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvOTViYTA3Y2YtYjA0Ni00OTE1LTgzOGUtMTM2ZTIw
N2JhODk3LzA0YmQ5ZDY0ODhkYTA1YzQ5YjAwZGNmMDQ1ZDJlYTY1Y2Q5YmFlMjEu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy85NWJhMDdjZi1iMDQ2LTQ5MTUtODM4ZS0xMzZl
MjA3YmE4OTcvNTJjYWJkN2M4MmFkMjViMWQ0MjIzMTM3NDA4Njg4NDI5MjRjMTY0
OS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAi3v0DANBgkqhkiG9w0BAQsFAAOCAQEAEPQ9e/XxGDEElY8V
hPmLD8L78lxyMvHki4H+1mkGlLqbcwPAE1nJKWJojtdnsA6Q1gTF6UP3B623Kpik
uAT2HwhGbacYEVFyMWxSDEpICqp5F76DAGK0bF/FMC76iBDex6YuukiE04LOR/ed
o2fROG+LXiE0v0uUwCFjSl0PRBacPycd6JDWXaME+ykYFZM4p6Sp+W0JX/jy/wZ1
9bn7acBLVZEVYyWlGRNBE2r/55Gr0ywZzLCKASHKBHqEdV/L91pmiUgIAI8gHLVS
3uAKRjP0CmscXiyXLjk/4TpOmEIu1ILG32dRlvgyEPfVC3SShtFcV8LF4f61f5+v
n7kYmQ==
-----END CERTIFICATE-----
Generated at Thu Mar 28 00:12:00 2024 by rpki-client on console-fra.rpki-client.org