Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/99dd9bde-ddb3-4611-8419-1b5bd54ad15b/17b981e2bbdcce8b8fb3992c7436d8126c67cbe1.roa
File:                     17b981e2bbdcce8b8fb3992c7436d8126c67cbe1.roa (raw, json)
Hash identifier:          Vy4w1+rd8AjhdZfJQw8I1dAahuaJecdDVPznk/17jHU=
Subject key identifier:   C6:46:67:01:4A:E7:39:88:98:B7:A0:0B:4A:A4:2A:25:59:EB:AA:B4
Certificate issuer:       /CN=6d3fb389f70a916033345e190c8c7b8f1e388696
Certificate serial:       E791
Authority key identifier: AC:48:F4:78:B6:A4:54:06:28:E6:F8:E7:BF:2C:FE:77:FB:DB:CB:D2
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/6d3fb389f70a916033345e190c8c7b8f1e388696.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/99dd9bde-ddb3-4611-8419-1b5bd54ad15b/17b981e2bbdcce8b8fb3992c7436d8126c67cbe1.roa
Signing time:             Tue 23 Aug 2022 14:05:10 +0000
ROA not before:           Mon 18 Jul 2022 03:00:00 +0000
ROA not after:            Thu 18 Jul 2024 03:00:00 +0000
asID:                     272064
IP address blocks:        181.232.160.0/22 maxlen: 24
                          2803:e310::/32 maxlen: 64

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/99dd9bde-ddb3-4611-8419-1b5bd54ad15b/6d3fb389f70a916033345e190c8c7b8f1e388696.crl
                          rsync://repository.lacnic.net/rpki/lacnic/99dd9bde-ddb3-4611-8419-1b5bd54ad15b/6d3fb389f70a916033345e190c8c7b8f1e388696.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/6d3fb389f70a916033345e190c8c7b8f1e388696.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 04 Mar 2024 17:26:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 59281 (0xe791)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6d3fb389f70a916033345e190c8c7b8f1e388696
        Validity
            Not Before: Jul 18 03:00:00 2022 GMT
            Not After : Jul 18 03:00:00 2024 GMT
        Subject: CN=17b981e2bbdcce8b8fb3992c7436d8126c67cbe1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:c7:5d:34:b8:cc:3e:a4:ad:e0:38:39:aa:51:
                    b3:14:1b:3b:35:97:bf:34:f4:0e:26:bb:b5:b0:6e:
                    49:f4:a7:be:1d:9a:b0:86:7a:c6:3c:e1:56:71:01:
                    ea:2c:78:15:dc:38:e2:fd:cd:04:4f:df:4a:38:97:
                    41:80:97:ed:95:63:c1:c5:05:83:7b:79:7c:41:18:
                    8d:a7:00:2c:92:4f:60:5f:ee:41:55:e1:41:d8:d8:
                    aa:fe:1e:f6:29:d9:58:b3:60:4d:0b:51:8c:ae:0f:
                    22:ab:7f:f8:65:97:d5:1e:04:31:1e:69:1b:45:ca:
                    e3:e8:9f:85:46:bd:cf:43:45:b4:20:20:3d:ea:92:
                    78:51:ba:a8:f9:2e:67:ee:af:4a:46:6b:6e:1b:7e:
                    78:c2:6c:0a:f8:b7:e3:26:2e:1b:7f:d3:29:9d:e5:
                    f8:66:46:e2:44:58:f7:78:d5:6f:44:8d:48:e4:99:
                    15:2f:fd:ea:9c:78:38:b5:1d:16:57:f8:cc:f8:ac:
                    9d:74:60:c0:b0:84:33:c7:8d:b6:b0:5f:04:38:cf:
                    28:09:b7:0f:93:bf:50:3b:f6:bc:75:69:c0:ff:48:
                    ca:c0:a2:27:b6:3d:8a:74:a9:ea:54:8b:c0:9e:73:
                    bb:fb:e6:b0:f4:ed:1d:9d:09:50:d8:fa:0f:3e:14:
                    06:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C6:46:67:01:4A:E7:39:88:98:B7:A0:0B:4A:A4:2A:25:59:EB:AA:B4
            X509v3 Authority Key Identifier:
                keyid:AC:48:F4:78:B6:A4:54:06:28:E6:F8:E7:BF:2C:FE:77:FB:DB:CB:D2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/6d3fb389f70a916033345e190c8c7b8f1e388696.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/99dd9bde-ddb3-4611-8419-1b5bd54ad15b/17b981e2bbdcce8b8fb3992c7436d8126c67cbe1.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/99dd9bde-ddb3-4611-8419-1b5bd54ad15b/6d3fb389f70a916033345e190c8c7b8f1e388696.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  181.232.160.0/22
                IPv6:
                  2803:e310::/32

    Signature Algorithm: sha256WithRSAEncryption
         b4:e9:fd:43:f6:58:24:29:fa:03:32:ac:34:70:47:47:80:02:
         aa:ec:08:29:42:01:e3:06:1b:ae:2e:8e:74:f5:6c:6a:a7:00:
         c7:53:a3:a7:3d:3e:ec:de:6d:83:75:33:49:7f:13:cc:c5:9e:
         77:96:07:10:d7:5f:df:b3:48:5a:43:7e:80:77:cf:53:2c:ff:
         fe:e7:c4:fb:5b:5f:86:3c:b5:97:a9:f0:84:58:15:9d:34:0e:
         47:75:92:a0:be:f1:e8:b0:7d:b7:90:94:c6:0b:5d:5a:a3:b3:
         8d:32:ea:f2:aa:43:22:22:f9:1f:a9:2a:a8:7c:02:11:95:20:
         43:94:6c:86:aa:02:4f:70:e1:fa:c4:46:e5:f4:4c:21:e2:2c:
         24:92:09:b7:20:bb:82:e4:5d:64:ec:c1:b9:db:3f:a6:c6:b4:
         88:0f:dd:8c:c9:ac:4d:b2:d5:3c:68:f8:94:f3:1d:df:26:39:
         57:18:a3:a0:64:a4:30:b9:be:be:f9:20:09:e0:24:e2:fe:cf:
         b4:4a:a8:ab:77:7a:c9:f1:1f:44:b9:fa:b7:c0:1a:f8:5d:2e:
         17:4b:b2:2a:ef:85:11:8f:26:03:be:ee:37:b3:ce:73:a2:d5:
         16:ee:b5:c3:f4:e2:b2:b0:c5:c0:bd:b4:a8:87:9c:a8:88:e2:
         7d:8a:cd:16
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgIDAOeRMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDZk
M2ZiMzg5ZjcwYTkxNjAzMzM0NWUxOTBjOGM3YjhmMWUzODg2OTYwHhcNMjIwNzE4
MDMwMDAwWhcNMjQwNzE4MDMwMDAwWjAzMTEwLwYDVQQDEygxN2I5ODFlMmJiZGNj
ZThiOGZiMzk5MmM3NDM2ZDgxMjZjNjdjYmUxMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAicddNLjMPqSt4Dg5qlGzFBs7NZe/NPQOJru1sG5J9Ke+HZqw
hnrGPOFWcQHqLHgV3Dji/c0ET99KOJdBgJftlWPBxQWDe3l8QRiNpwAskk9gX+5B
VeFB2Niq/h72KdlYs2BNC1GMrg8iq3/4ZZfVHgQxHmkbRcrj6J+FRr3PQ0W0ICA9
6pJ4Ubqo+S5n7q9KRmtuG354wmwK+LfjJi4bf9MpneX4ZkbiRFj3eNVvRI1I5JkV
L/3qnHg4tR0WV/jM+KyddGDAsIQzx422sF8EOM8oCbcPk79QO/a8dWnA/0jKwKIn
tj2KdKnqVIvAnnO7++aw9O0dnQlQ2PoPPhQGawIDAQABo4ICajCCAmYwHQYDVR0O
BBYEFMZGZwFK5zmImLegC0qkKiVZ66q0MB8GA1UdIwQYMBaAFKxI9Hi2pFQGKOb4
578s/nf728vSMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvNmQzZmIz
ODlmNzBhOTE2MDMzMzQ1ZTE5MGM4YzdiOGYxZTM4ODY5Ni5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvOTlkZDliZGUtZGRiMy00NjExLTg0MTktMWI1YmQ1
NGFkMTViLzE3Yjk4MWUyYmJkY2NlOGI4ZmIzOTkyYzc0MzZkODEyNmM2N2NiZTEu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy85OWRkOWJkZS1kZGIzLTQ2MTEtODQxOS0xYjVi
ZDU0YWQxNWIvNmQzZmIzODlmNzBhOTE2MDMzMzQ1ZTE5MGM4YzdiOGYxZTM4ODY5
Ni5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQf
MB0wDAQCAAEwBgMEArXooDANBAIAAjAHAwUAKAPjEDANBgkqhkiG9w0BAQsFAAOC
AQEAtOn9Q/ZYJCn6AzKsNHBHR4ACquwIKUIB4wYbri6OdPVsaqcAx1Ojpz0+7N5t
g3UzSX8TzMWed5YHENdf37NIWkN+gHfPUyz//ufE+1tfhjy1l6nwhFgVnTQOR3WS
oL7x6LB9t5CUxgtdWqOzjTLq8qpDIiL5H6kqqHwCEZUgQ5RshqoCT3Dh+sRG5fRM
IeIsJJIJtyC7guRdZOzBuds/psa0iA/djMmsTbLVPGj4lPMd3yY5VxijoGSkMLm+
vvkgCeAk4v7PtEqoq3d6yfEfRLn6t8Aa+F0uF0uyKu+FEY8mA77uN7POc6LVFu61
w/TisrDFwL20qIecqIjifYrNFg==
-----END CERTIFICATE-----
Generated at Sat Mar 2 00:39:38 2024 by rpki-client on console-ams.rpki-client.org