Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/985c1550-6da1-4adc-830d-6267cacd5f4b/a9738b0a650b4982ea49710a95efd41ebf672068.roa
File:                     a9738b0a650b4982ea49710a95efd41ebf672068.roa (raw, json)
Hash identifier:          HP1xK8zWF3CPQN9Y3vv9ylNYCXO4iSWtlKnl6lY4BI0=
Subject key identifier:   EC:AC:DA:0A:6F:CF:C7:16:2C:62:E7:83:D1:98:F0:6E:AC:E5:83:14
Certificate issuer:       /CN=fd4c114c1b8bf7133cf870558849bd65d2fcfdb0
Certificate serial:       0DB494
Authority key identifier: 81:8E:3F:2A:F4:FC:E0:FD:4A:8F:F6:A3:A1:8E:BD:5D:C1:95:36:12
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/fd4c114c1b8bf7133cf870558849bd65d2fcfdb0.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/985c1550-6da1-4adc-830d-6267cacd5f4b/a9738b0a650b4982ea49710a95efd41ebf672068.roa
Signing time:             Wed 24 Mar 2021 14:48:07 +0000
ROA not before:           Wed 24 Mar 2021 14:48:07 +0000
ROA not after:            Tue 24 Mar 2026 14:48:07 +0000
asID:                     263701
IP address blocks:        143.0.96.0/22 maxlen: 23

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/985c1550-6da1-4adc-830d-6267cacd5f4b/fd4c114c1b8bf7133cf870558849bd65d2fcfdb0.crl
                          rsync://repository.lacnic.net/rpki/lacnic/985c1550-6da1-4adc-830d-6267cacd5f4b/fd4c114c1b8bf7133cf870558849bd65d2fcfdb0.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/fd4c114c1b8bf7133cf870558849bd65d2fcfdb0.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 26 Feb 2024 16:36:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 898196 (0xdb494)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fd4c114c1b8bf7133cf870558849bd65d2fcfdb0
        Validity
            Not Before: Mar 24 14:48:07 2021 GMT
            Not After : Mar 24 14:48:07 2026 GMT
        Subject: CN=a9738b0a650b4982ea49710a95efd41ebf672068
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:98:d9:21:67:20:2b:fa:15:6d:3f:fb:5f:0d:
                    f2:3a:23:eb:7b:16:8c:2f:56:a8:ed:b0:c8:57:bb:
                    8f:ac:c7:c5:d2:d5:91:fd:69:9a:eb:08:d0:99:15:
                    3e:03:03:f9:1d:6f:b7:82:79:73:de:7d:43:b1:8e:
                    b7:9d:93:7b:6c:64:e5:2d:5f:ba:76:f3:db:e1:76:
                    32:ae:ee:80:3a:fb:19:48:01:45:ee:06:11:5e:a4:
                    5d:50:72:2f:8b:59:d0:d4:2b:62:8c:cf:01:02:b6:
                    89:e7:af:e5:dc:a9:4b:e5:1c:a1:55:eb:a0:d5:b0:
                    3f:d8:eb:70:64:c0:af:20:df:f3:28:e5:82:55:4b:
                    b3:71:38:08:9a:ce:ef:15:e3:9f:41:2f:0d:71:75:
                    57:ab:53:c4:4c:a2:cc:0e:c7:9a:92:1d:c9:10:91:
                    00:b8:e8:3c:7e:39:21:38:91:42:d9:46:88:7e:c1:
                    bc:85:20:a2:7c:73:26:af:2a:a8:c3:43:1c:9b:98:
                    89:81:72:d0:a1:31:91:05:54:67:7d:0f:95:47:ac:
                    5d:6f:ae:40:bf:4b:a5:3e:70:03:68:d2:9b:40:ea:
                    1d:7b:44:61:d8:e1:e2:62:8a:5d:d2:3c:3e:67:44:
                    47:a7:2f:93:d2:d5:70:f1:f2:2d:23:39:99:42:bb:
                    97:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EC:AC:DA:0A:6F:CF:C7:16:2C:62:E7:83:D1:98:F0:6E:AC:E5:83:14
            X509v3 Authority Key Identifier:
                keyid:81:8E:3F:2A:F4:FC:E0:FD:4A:8F:F6:A3:A1:8E:BD:5D:C1:95:36:12

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/fd4c114c1b8bf7133cf870558849bd65d2fcfdb0.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/985c1550-6da1-4adc-830d-6267cacd5f4b/a9738b0a650b4982ea49710a95efd41ebf672068.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/985c1550-6da1-4adc-830d-6267cacd5f4b/fd4c114c1b8bf7133cf870558849bd65d2fcfdb0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  143.0.96.0/22

    Signature Algorithm: sha256WithRSAEncryption
         07:46:04:6b:13:44:b1:db:55:ce:0b:e0:b3:fa:b8:d4:4b:60:
         cb:be:ad:af:e6:33:d1:6e:68:96:a8:d4:d5:fc:53:79:27:71:
         c2:4a:ef:36:15:b4:47:88:24:78:2e:2c:23:44:1d:e2:fd:3f:
         14:84:25:54:7a:fe:41:2b:55:11:f2:63:c7:2d:5f:cd:eb:0d:
         db:f9:51:10:a7:f1:bb:fe:27:26:33:a0:4d:ee:95:cf:9b:19:
         53:a6:cf:de:2c:7d:05:ca:10:a4:4d:1c:92:be:a7:73:5e:31:
         37:37:5c:f1:c4:22:b3:ef:1d:71:38:a9:59:c7:76:ac:93:f0:
         50:f6:4a:4b:c2:48:eb:fa:e3:9b:6f:2f:85:f7:8e:95:3d:77:
         d5:ed:3d:e5:f3:2b:08:13:54:05:32:cd:f0:e5:21:d8:ab:cc:
         7c:19:28:d1:ea:60:23:8b:61:6c:2c:cb:c5:47:31:82:38:d8:
         bd:81:97:3b:ae:66:df:db:f5:7f:32:46:b8:a8:43:73:f4:ee:
         6a:32:e7:46:7f:2b:79:40:17:bd:4f:4a:d4:39:b0:a7:d6:a1:
         23:5e:77:2f:8b:25:3f:e4:39:0e:b3:82:cf:17:72:52:d3:eb:
         c3:48:aa:ee:8f:fe:c0:25:30:1e:4a:5f:79:e8:53:09:9e:bb:
         7c:ba:8f:28
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDDbSUMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGZk
NGMxMTRjMWI4YmY3MTMzY2Y4NzA1NTg4NDliZDY1ZDJmY2ZkYjAwHhcNMjEwMzI0
MTQ0ODA3WhcNMjYwMzI0MTQ0ODA3WjAzMTEwLwYDVQQDEyhhOTczOGIwYTY1MGI0
OTgyZWE0OTcxMGE5NWVmZDQxZWJmNjcyMDY4MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAupjZIWcgK/oVbT/7Xw3yOiPrexaML1ao7bDIV7uPrMfF0tWR
/Wma6wjQmRU+AwP5HW+3gnlz3n1DsY63nZN7bGTlLV+6dvPb4XYyru6AOvsZSAFF
7gYRXqRdUHIvi1nQ1CtijM8BAraJ56/l3KlL5RyhVeug1bA/2OtwZMCvIN/zKOWC
VUuzcTgIms7vFeOfQS8NcXVXq1PETKLMDseakh3JEJEAuOg8fjkhOJFC2UaIfsG8
hSCifHMmryqow0Mcm5iJgXLQoTGRBVRnfQ+VR6xdb65Av0ulPnADaNKbQOode0Rh
2OHiYopd0jw+Z0RHpy+T0tVw8fItIzmZQruXQwIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFOys2gpvz8cWLGLng9GY8G6s5YMUMB8GA1UdIwQYMBaAFIGOPyr0/OD9So/2
o6GOvV3BlTYSMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvZmQ0YzEx
NGMxYjhiZjcxMzNjZjg3MDU1ODg0OWJkNjVkMmZjZmRiMC5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvOTg1YzE1NTAtNmRhMS00YWRjLTgzMGQtNjI2N2Nh
Y2Q1ZjRiL2E5NzM4YjBhNjUwYjQ5ODJlYTQ5NzEwYTk1ZWZkNDFlYmY2NzIwNjgu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy85ODVjMTU1MC02ZGExLTRhZGMtODMwZC02MjY3
Y2FjZDVmNGIvZmQ0YzExNGMxYjhiZjcxMzNjZjg3MDU1ODg0OWJkNjVkMmZjZmRi
MC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAo8AYDANBgkqhkiG9w0BAQsFAAOCAQEAB0YEaxNEsdtVzgvg
s/q41Etgy76tr+Yz0W5olqjU1fxTeSdxwkrvNhW0R4gkeC4sI0Qd4v0/FIQlVHr+
QStVEfJjxy1fzesN2/lREKfxu/4nJjOgTe6Vz5sZU6bP3ix9BcoQpE0ckr6nc14x
Nzdc8cQis+8dcTipWcd2rJPwUPZKS8JI6/rjm28vhfeOlT131e095fMrCBNUBTLN
8OUh2KvMfBko0epgI4thbCzLxUcxgjjYvYGXO65m39v1fzJGuKhDc/TuajLnRn8r
eUAXvU9K1Dmwp9ahI153L4slP+Q5DrOCzxdyUtPrw0iq7o/+wCUwHkpfeehTCZ67
fLqPKA==
-----END CERTIFICATE-----
Generated at Fri Feb 23 20:09:57 2024 by rpki-client on console-ams.rpki-client.org