Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/985c1550-6da1-4adc-830d-6267cacd5f4b/2529694621711b4002632a6000b45cc36a2b891f.roa
File:                     2529694621711b4002632a6000b45cc36a2b891f.roa (raw, json)
Hash identifier:          QEmllpu2GIVNrl3WDpAQ/gfH0ZweYZuWTqH43wEkv5M=
Subject key identifier:   98:32:F8:52:1F:4A:4E:AE:DA:62:06:D6:6E:AF:54:9F:60:D9:60:E7
Certificate issuer:       /CN=fd4c114c1b8bf7133cf870558849bd65d2fcfdb0
Certificate serial:       0DBC3D
Authority key identifier: 81:8E:3F:2A:F4:FC:E0:FD:4A:8F:F6:A3:A1:8E:BD:5D:C1:95:36:12
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/fd4c114c1b8bf7133cf870558849bd65d2fcfdb0.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/985c1550-6da1-4adc-830d-6267cacd5f4b/2529694621711b4002632a6000b45cc36a2b891f.roa
Signing time:             Wed 24 Mar 2021 14:48:07 +0000
ROA not before:           Wed 24 Mar 2021 14:48:07 +0000
ROA not after:            Tue 24 Mar 2026 14:48:07 +0000
asID:                     263701
IP address blocks:        131.221.112.0/22 maxlen: 22

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/985c1550-6da1-4adc-830d-6267cacd5f4b/fd4c114c1b8bf7133cf870558849bd65d2fcfdb0.crl
                          rsync://repository.lacnic.net/rpki/lacnic/985c1550-6da1-4adc-830d-6267cacd5f4b/fd4c114c1b8bf7133cf870558849bd65d2fcfdb0.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/fd4c114c1b8bf7133cf870558849bd65d2fcfdb0.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Tue 27 Feb 2024 12:23:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 900157 (0xdbc3d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fd4c114c1b8bf7133cf870558849bd65d2fcfdb0
        Validity
            Not Before: Mar 24 14:48:07 2021 GMT
            Not After : Mar 24 14:48:07 2026 GMT
        Subject: CN=2529694621711b4002632a6000b45cc36a2b891f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:09:df:70:26:62:fd:07:57:64:8c:01:8f:09:
                    ac:2c:35:53:92:cd:b2:93:a1:b8:73:3b:88:4b:fa:
                    2c:62:68:f8:73:81:20:32:7c:1f:e4:41:29:14:6b:
                    82:d2:49:af:94:b8:d0:74:d7:1b:44:a1:bb:59:6d:
                    8f:cf:ab:ec:2a:b0:b9:6d:82:f6:2c:e8:20:fc:bc:
                    42:d9:42:97:63:e1:ac:09:be:f2:c1:cf:b5:ae:dc:
                    72:51:fc:55:bc:ce:01:ab:80:75:f4:52:ec:fc:34:
                    44:22:e2:7e:92:e9:78:9d:cb:6c:5b:13:f4:6f:9d:
                    a1:6d:bc:73:fc:72:0e:46:9f:eb:c5:08:32:fd:42:
                    5f:52:7f:ab:36:64:e4:3f:38:6c:58:e5:3d:b5:4e:
                    3f:a6:26:3a:9c:83:04:b1:1a:01:ba:55:03:05:75:
                    1b:1e:1e:79:98:95:79:07:e2:f3:dd:2d:71:a3:34:
                    7d:6c:8b:c6:a8:f7:8a:4c:3d:bd:1a:99:b8:d6:f8:
                    73:af:a2:ff:61:5c:b8:b3:50:f1:86:02:0c:97:74:
                    e2:8e:9c:cc:11:02:a2:6b:ea:d1:3d:92:af:f7:91:
                    96:37:13:e1:60:03:1a:a6:47:e7:c0:97:20:ff:b5:
                    80:c9:11:4f:e7:a3:64:90:d5:2f:4a:c6:7e:35:53:
                    64:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                98:32:F8:52:1F:4A:4E:AE:DA:62:06:D6:6E:AF:54:9F:60:D9:60:E7
            X509v3 Authority Key Identifier:
                keyid:81:8E:3F:2A:F4:FC:E0:FD:4A:8F:F6:A3:A1:8E:BD:5D:C1:95:36:12

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/fd4c114c1b8bf7133cf870558849bd65d2fcfdb0.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/985c1550-6da1-4adc-830d-6267cacd5f4b/2529694621711b4002632a6000b45cc36a2b891f.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/985c1550-6da1-4adc-830d-6267cacd5f4b/fd4c114c1b8bf7133cf870558849bd65d2fcfdb0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  131.221.112.0/22

    Signature Algorithm: sha256WithRSAEncryption
         66:58:fb:83:4b:63:0a:61:22:27:6e:31:61:8d:1d:14:33:9b:
         08:c0:b6:cb:23:0b:12:18:86:3f:c7:e6:73:f4:c0:e1:2a:6c:
         c0:df:da:da:f9:c8:9c:1e:e8:10:dd:b2:ec:bb:00:b4:d5:79:
         92:80:54:91:2d:7c:2f:3f:d8:26:43:2c:28:54:13:58:10:12:
         e7:d8:7c:10:a1:59:0d:57:a3:9b:28:6c:fd:97:77:23:a2:94:
         9f:bc:84:ab:d1:13:8a:94:75:61:ef:d6:cb:86:a5:fa:2f:5c:
         4c:79:01:4c:e2:26:b4:f8:17:be:c3:6f:ed:fd:b8:e2:18:58:
         84:f8:74:92:59:b1:17:3e:46:f7:f4:66:ee:ea:36:62:7f:6c:
         e7:87:7a:b0:d0:e6:ac:4f:eb:f9:6c:dd:8a:62:3e:2a:02:42:
         31:9c:3e:11:5a:dd:94:b8:af:83:06:cd:6b:1b:9a:57:9b:cd:
         40:b9:64:dc:bf:94:2d:0b:58:94:99:0c:96:a9:41:5d:9a:c1:
         b8:b9:82:3d:22:11:b6:1a:c3:9f:fc:80:a8:2b:85:e4:7c:14:
         6d:5f:de:c9:28:62:50:45:59:a8:5e:46:f2:ad:42:9a:26:91:
         1e:a3:1c:92:80:e5:1f:bf:50:bf:74:ba:4c:be:db:26:4f:fb:
         99:7c:e5:2e
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDDbw9MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGZk
NGMxMTRjMWI4YmY3MTMzY2Y4NzA1NTg4NDliZDY1ZDJmY2ZkYjAwHhcNMjEwMzI0
MTQ0ODA3WhcNMjYwMzI0MTQ0ODA3WjAzMTEwLwYDVQQDEygyNTI5Njk0NjIxNzEx
YjQwMDI2MzJhNjAwMGI0NWNjMzZhMmI4OTFmMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAswnfcCZi/QdXZIwBjwmsLDVTks2yk6G4czuIS/osYmj4c4Eg
Mnwf5EEpFGuC0kmvlLjQdNcbRKG7WW2Pz6vsKrC5bYL2LOgg/LxC2UKXY+GsCb7y
wc+1rtxyUfxVvM4Bq4B19FLs/DREIuJ+kul4nctsWxP0b52hbbxz/HIORp/rxQgy
/UJfUn+rNmTkPzhsWOU9tU4/piY6nIMEsRoBulUDBXUbHh55mJV5B+Lz3S1xozR9
bIvGqPeKTD29Gpm41vhzr6L/YVy4s1DxhgIMl3TijpzMEQKia+rRPZKv95GWNxPh
YAMapkfnwJcg/7WAyRFP56NkkNUvSsZ+NVNkTQIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFJgy+FIfSk6u2mIG1m6vVJ9g2WDnMB8GA1UdIwQYMBaAFIGOPyr0/OD9So/2
o6GOvV3BlTYSMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvZmQ0YzEx
NGMxYjhiZjcxMzNjZjg3MDU1ODg0OWJkNjVkMmZjZmRiMC5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvOTg1YzE1NTAtNmRhMS00YWRjLTgzMGQtNjI2N2Nh
Y2Q1ZjRiLzI1Mjk2OTQ2MjE3MTFiNDAwMjYzMmE2MDAwYjQ1Y2MzNmEyYjg5MWYu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy85ODVjMTU1MC02ZGExLTRhZGMtODMwZC02MjY3
Y2FjZDVmNGIvZmQ0YzExNGMxYjhiZjcxMzNjZjg3MDU1ODg0OWJkNjVkMmZjZmRi
MC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAoPdcDANBgkqhkiG9w0BAQsFAAOCAQEAZlj7g0tjCmEiJ24x
YY0dFDObCMC2yyMLEhiGP8fmc/TA4SpswN/a2vnInB7oEN2y7LsAtNV5koBUkS18
Lz/YJkMsKFQTWBAS59h8EKFZDVejmyhs/Zd3I6KUn7yEq9ETipR1Ye/Wy4al+i9c
THkBTOImtPgXvsNv7f244hhYhPh0klmxFz5G9/Rm7uo2Yn9s54d6sNDmrE/r+Wzd
imI+KgJCMZw+EVrdlLivgwbNaxuaV5vNQLlk3L+ULQtYlJkMlqlBXZrBuLmCPSIR
thrDn/yAqCuF5HwUbV/eyShiUEVZqF5G8q1CmiaRHqMckoDlH79Qv3S6TL7bJk/7
mXzlLg==
-----END CERTIFICATE-----
Generated at Sat Feb 24 14:41:20 2024 by rpki-client on console-fra.rpki-client.org