Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/985c1550-6da1-4adc-830d-6267cacd5f4b/2371a0da6aadb2f841bb9fa1f0578558a3d90e9a.roa
File:                     2371a0da6aadb2f841bb9fa1f0578558a3d90e9a.roa (raw, json)
Hash identifier:          Lh2DfwB+RrWBtkznBDsLyrO++H4a8cBMJ0LnohBDohs=
Subject key identifier:   5F:43:98:D6:ED:F1:BE:70:E1:43:86:C1:3B:8B:2E:FE:6A:D5:3B:F0
Certificate issuer:       /CN=fd4c114c1b8bf7133cf870558849bd65d2fcfdb0
Certificate serial:       0DB58A
Authority key identifier: 81:8E:3F:2A:F4:FC:E0:FD:4A:8F:F6:A3:A1:8E:BD:5D:C1:95:36:12
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/fd4c114c1b8bf7133cf870558849bd65d2fcfdb0.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/985c1550-6da1-4adc-830d-6267cacd5f4b/2371a0da6aadb2f841bb9fa1f0578558a3d90e9a.roa
Signing time:             Wed 24 Mar 2021 14:48:07 +0000
ROA not before:           Wed 24 Mar 2021 14:48:07 +0000
ROA not after:            Tue 24 Mar 2026 14:48:07 +0000
asID:                     263701
IP address blocks:        131.221.112.0/22 maxlen: 23
                          143.0.96.0/22 maxlen: 23

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/985c1550-6da1-4adc-830d-6267cacd5f4b/fd4c114c1b8bf7133cf870558849bd65d2fcfdb0.crl
                          rsync://repository.lacnic.net/rpki/lacnic/985c1550-6da1-4adc-830d-6267cacd5f4b/fd4c114c1b8bf7133cf870558849bd65d2fcfdb0.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/fd4c114c1b8bf7133cf870558849bd65d2fcfdb0.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Tue 27 Feb 2024 12:23:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 898442 (0xdb58a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fd4c114c1b8bf7133cf870558849bd65d2fcfdb0
        Validity
            Not Before: Mar 24 14:48:07 2021 GMT
            Not After : Mar 24 14:48:07 2026 GMT
        Subject: CN=2371a0da6aadb2f841bb9fa1f0578558a3d90e9a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:c9:53:9a:00:81:85:e1:ea:cc:81:a6:31:9b:
                    96:ee:45:e5:f1:fb:07:33:b8:cf:77:f0:26:b2:c4:
                    42:9a:3c:cb:4a:07:03:6f:a5:55:79:d0:6e:c3:34:
                    96:cb:e6:e2:71:3a:a4:5c:8f:97:e1:5f:f0:69:4d:
                    dc:77:75:68:7f:d5:b0:22:fe:4c:93:4a:37:9e:de:
                    17:33:9e:e6:fc:cf:31:a3:10:14:e9:7a:70:5a:c4:
                    c3:93:ad:db:b2:06:4b:f2:b8:69:fb:4a:ae:00:a3:
                    2f:81:db:a3:49:43:06:ba:64:f8:5d:1f:54:4c:8f:
                    38:dc:4a:47:80:85:2a:90:db:d5:c1:57:ca:8e:3b:
                    1f:32:69:e3:c4:a3:18:18:6e:45:39:e4:1e:9c:1e:
                    56:69:be:6b:cd:8f:be:a9:3c:c9:1b:a1:f8:8c:db:
                    ac:ed:f8:09:cb:e0:35:34:43:4f:58:b7:3b:3c:73:
                    bb:fa:bc:ff:74:a9:92:85:65:f1:c7:0f:76:02:1c:
                    f2:56:9e:d2:1c:f7:fe:8a:7c:61:72:ff:ba:33:d5:
                    d9:af:d5:95:c7:fa:91:1c:58:10:be:c3:20:87:2c:
                    59:20:53:8d:bc:43:04:06:11:37:c1:f1:12:3c:6b:
                    bd:44:24:e6:4f:40:b4:7c:93:d0:0f:ed:29:89:38:
                    1d:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5F:43:98:D6:ED:F1:BE:70:E1:43:86:C1:3B:8B:2E:FE:6A:D5:3B:F0
            X509v3 Authority Key Identifier:
                keyid:81:8E:3F:2A:F4:FC:E0:FD:4A:8F:F6:A3:A1:8E:BD:5D:C1:95:36:12

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/fd4c114c1b8bf7133cf870558849bd65d2fcfdb0.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/985c1550-6da1-4adc-830d-6267cacd5f4b/2371a0da6aadb2f841bb9fa1f0578558a3d90e9a.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/985c1550-6da1-4adc-830d-6267cacd5f4b/fd4c114c1b8bf7133cf870558849bd65d2fcfdb0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  131.221.112.0/22
                  143.0.96.0/22

    Signature Algorithm: sha256WithRSAEncryption
         95:b8:c6:0f:e6:8b:95:20:f7:91:5c:49:72:e4:6b:0a:db:19:
         dd:49:c3:18:00:aa:e6:12:47:68:d0:c6:6c:11:8e:1e:2c:7f:
         4d:2f:70:34:99:bf:5f:09:47:2b:24:0a:34:aa:8c:6c:df:28:
         14:6d:2f:76:1c:be:3b:ee:12:06:d5:ee:9f:5c:04:e8:f6:b5:
         89:e9:a4:c3:38:54:07:6c:df:a6:32:d5:8a:a3:3f:10:85:c0:
         c2:68:ac:d1:8f:0d:9b:05:38:97:1b:09:e7:72:48:73:f8:47:
         e2:b8:83:1a:4c:45:f3:d3:5f:8c:14:3f:73:e8:32:5d:f6:03:
         7e:6e:77:45:a5:31:b4:3b:3f:cb:8b:c0:99:1a:c1:98:e1:47:
         62:39:c4:58:3a:76:f1:26:f3:96:36:b6:c0:6d:9a:09:9a:b0:
         7e:45:d8:bd:e7:b8:d0:74:3c:59:1c:7f:28:c9:ba:a9:4d:4e:
         aa:a3:93:3e:48:cd:9d:91:86:8d:3e:03:da:26:e3:bb:fb:3c:
         96:ce:c9:87:92:94:25:e5:1b:78:97:75:a9:80:d8:c4:36:34:
         f6:d3:76:f4:55:58:1e:e8:bf:e6:6b:2a:51:01:8b:64:18:4f:
         45:21:7c:0f:57:fa:5d:47:10:99:b3:59:b3:65:06:dc:34:61:
         09:d0:1b:85
-----BEGIN CERTIFICATE-----
MIIFRjCCBC6gAwIBAgIDDbWKMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGZk
NGMxMTRjMWI4YmY3MTMzY2Y4NzA1NTg4NDliZDY1ZDJmY2ZkYjAwHhcNMjEwMzI0
MTQ0ODA3WhcNMjYwMzI0MTQ0ODA3WjAzMTEwLwYDVQQDEygyMzcxYTBkYTZhYWRi
MmY4NDFiYjlmYTFmMDU3ODU1OGEzZDkwZTlhMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA2slTmgCBheHqzIGmMZuW7kXl8fsHM7jPd/AmssRCmjzLSgcD
b6VVedBuwzSWy+bicTqkXI+X4V/waU3cd3Vof9WwIv5Mk0o3nt4XM57m/M8xoxAU
6XpwWsTDk63bsgZL8rhp+0quAKMvgdujSUMGumT4XR9UTI843EpHgIUqkNvVwVfK
jjsfMmnjxKMYGG5FOeQenB5Wab5rzY++qTzJG6H4jNus7fgJy+A1NENPWLc7PHO7
+rz/dKmShWXxxw92AhzyVp7SHPf+inxhcv+6M9XZr9WVx/qRHFgQvsMghyxZIFON
vEMEBhE3wfESPGu9RCTmT0C0fJPQD+0piTgd1wIDAQABo4ICYTCCAl0wHQYDVR0O
BBYEFF9DmNbt8b5w4UOGwTuLLv5q1TvwMB8GA1UdIwQYMBaAFIGOPyr0/OD9So/2
o6GOvV3BlTYSMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvZmQ0YzEx
NGMxYjhiZjcxMzNjZjg3MDU1ODg0OWJkNjVkMmZjZmRiMC5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvOTg1YzE1NTAtNmRhMS00YWRjLTgzMGQtNjI2N2Nh
Y2Q1ZjRiLzIzNzFhMGRhNmFhZGIyZjg0MWJiOWZhMWYwNTc4NTU4YTNkOTBlOWEu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy85ODVjMTU1MC02ZGExLTRhZGMtODMwZC02MjY3
Y2FjZDVmNGIvZmQ0YzExNGMxYjhiZjcxMzNjZjg3MDU1ODg0OWJkNjVkMmZjZmRi
MC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQW
MBQwEgQCAAEwDAMEAoPdcAMEAo8AYDANBgkqhkiG9w0BAQsFAAOCAQEAlbjGD+aL
lSD3kVxJcuRrCtsZ3UnDGACq5hJHaNDGbBGOHix/TS9wNJm/XwlHKyQKNKqMbN8o
FG0vdhy+O+4SBtXun1wE6Pa1iemkwzhUB2zfpjLViqM/EIXAwmis0Y8NmwU4lxsJ
53JIc/hH4riDGkxF89NfjBQ/c+gyXfYDfm53RaUxtDs/y4vAmRrBmOFHYjnEWDp2
8Sbzlja2wG2aCZqwfkXYvee40HQ8WRx/KMm6qU1OqqOTPkjNnZGGjT4D2ibju/s8
ls7Jh5KUJeUbeJd1qYDYxDY09tN29FVYHui/5msqUQGLZBhPRSF8D1f6XUcQmbNZ
s2UG3DRhCdAbhQ==
-----END CERTIFICATE-----
Generated at Sat Feb 24 14:25:14 2024 by rpki-client on console-ams.rpki-client.org