Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/9aebed69-30de-4262-a494-d262b33c2c9c/3d134455b385eb853951cea1a0f4e6b5f81893ab.roa
File:                     3d134455b385eb853951cea1a0f4e6b5f81893ab.roa (raw, json)
Hash identifier:          0zrGoa0/RWUuVakp/Fe36T/oJ5hC9rbo/ROB2ZEbFX8=
Subject key identifier:   B3:D0:0A:C2:1D:DF:01:4D:45:E1:4B:9A:3E:29:D8:6C:4B:56:ED:90
Certificate issuer:       /CN=f4a582f6c7807f5fdd31b69ae270f85d00c39706
Certificate serial:       0D7A99
Authority key identifier: 65:0A:83:02:70:66:B1:DD:B3:AE:82:16:83:CF:34:D2:8B:74:66:7B
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/f4a582f6c7807f5fdd31b69ae270f85d00c39706.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/9aebed69-30de-4262-a494-d262b33c2c9c/3d134455b385eb853951cea1a0f4e6b5f81893ab.roa
Signing time:             Wed 24 Mar 2021 14:40:01 +0000
ROA not before:           Wed 24 Mar 2021 14:39:56 +0000
ROA not after:            Tue 24 Mar 2026 14:39:56 +0000
asID:                     22724
IP address blocks:        170.83.216.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/9aebed69-30de-4262-a494-d262b33c2c9c/f4a582f6c7807f5fdd31b69ae270f85d00c39706.crl
                          rsync://repository.lacnic.net/rpki/lacnic/9aebed69-30de-4262-a494-d262b33c2c9c/f4a582f6c7807f5fdd31b69ae270f85d00c39706.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/f4a582f6c7807f5fdd31b69ae270f85d00c39706.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 12:22:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 883353 (0xd7a99)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f4a582f6c7807f5fdd31b69ae270f85d00c39706
        Validity
            Not Before: Mar 24 14:39:56 2021 GMT
            Not After : Mar 24 14:39:56 2026 GMT
        Subject: CN=3d134455b385eb853951cea1a0f4e6b5f81893ab
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:d0:59:14:d7:b6:44:91:79:1d:dc:7b:5f:79:
                    8a:93:33:fe:2e:0d:df:86:6d:78:5c:93:8c:76:cd:
                    ec:7b:3e:be:9a:4d:69:d1:dc:54:3a:64:1e:a8:48:
                    fd:90:06:3a:8a:c0:84:a5:d3:d6:d7:29:a8:dd:96:
                    6e:5d:62:87:ca:8b:d8:ca:ce:45:bf:da:bd:b5:c5:
                    c6:d7:5f:e1:fb:47:b9:8c:1c:b4:57:8a:1d:23:ee:
                    5b:f1:22:04:c8:d7:cd:f9:79:2c:ab:96:34:4e:4f:
                    af:5c:0b:6f:54:d1:cb:31:cc:94:1c:8a:2d:a5:ee:
                    b5:93:2b:08:3a:03:fc:59:24:80:86:0a:5d:67:dc:
                    58:83:1c:b4:4d:59:cc:9c:f8:d2:e4:b7:0f:c5:5c:
                    7c:b4:0e:43:3e:80:b0:01:fc:79:e6:ad:0d:02:1b:
                    19:28:ab:d5:42:69:d2:ab:3e:e3:37:6a:08:01:9f:
                    a3:c2:40:1b:e2:3e:72:9f:a3:7a:78:38:0a:98:b3:
                    24:1b:9f:b0:3c:77:4d:54:0a:6c:41:0c:9f:2b:d0:
                    f6:c6:50:75:21:1a:dd:85:2e:04:61:2a:1e:34:c6:
                    82:71:ec:7a:6c:73:bd:d2:24:9f:fe:84:5b:50:8d:
                    11:7e:3c:4f:a9:a1:8c:67:b2:7d:67:f9:4d:6c:80:
                    54:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B3:D0:0A:C2:1D:DF:01:4D:45:E1:4B:9A:3E:29:D8:6C:4B:56:ED:90
            X509v3 Authority Key Identifier:
                keyid:65:0A:83:02:70:66:B1:DD:B3:AE:82:16:83:CF:34:D2:8B:74:66:7B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/f4a582f6c7807f5fdd31b69ae270f85d00c39706.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/9aebed69-30de-4262-a494-d262b33c2c9c/3d134455b385eb853951cea1a0f4e6b5f81893ab.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/9aebed69-30de-4262-a494-d262b33c2c9c/f4a582f6c7807f5fdd31b69ae270f85d00c39706.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  170.83.216.0/22

    Signature Algorithm: sha256WithRSAEncryption
         67:91:cf:59:41:87:d0:a5:26:e3:ab:cf:38:ea:d0:00:b1:49:
         86:e3:ad:1d:59:cd:a5:21:c9:33:6b:8a:a8:64:d4:7f:80:41:
         d6:c3:eb:26:eb:83:19:0b:2e:80:d2:a9:86:fd:0a:0a:d3:17:
         ed:ec:d5:dd:41:0c:79:8c:66:3a:bc:28:99:0e:ae:bc:79:0c:
         00:66:1c:68:3c:5b:5a:b4:f7:a9:37:95:4d:e8:8c:fb:67:d2:
         3c:39:e1:80:a6:21:59:e4:2b:b0:2d:42:30:d1:8f:7f:db:e3:
         40:a5:af:7f:08:89:a8:67:01:a6:5e:a5:e9:a8:f8:35:1f:cf:
         3c:16:0a:42:04:65:95:39:a1:7a:62:6e:e4:c1:66:6f:e0:a0:
         9c:d3:9f:1c:ef:70:d6:69:e8:c7:30:37:8f:46:07:58:cf:78:
         86:e1:2b:e3:99:79:02:8c:a7:cf:14:37:33:e8:3c:a6:f3:74:
         96:90:e7:ef:04:0b:9d:c9:e4:7b:a4:fb:53:13:d2:b8:43:70:
         19:f8:e8:a6:9b:aa:02:2f:b7:d9:d1:eb:7e:b9:98:48:c9:3e:
         d7:2a:0d:a4:8c:52:ab:17:53:77:86:17:52:a3:8d:a5:2b:83:
         ba:49:80:07:d7:c9:83:a9:cb:6f:40:ff:89:16:aa:d9:4a:af:
         dc:b4:2a:86
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDDXqZMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGY0
YTU4MmY2Yzc4MDdmNWZkZDMxYjY5YWUyNzBmODVkMDBjMzk3MDYwHhcNMjEwMzI0
MTQzOTU2WhcNMjYwMzI0MTQzOTU2WjAzMTEwLwYDVQQDEygzZDEzNDQ1NWIzODVl
Yjg1Mzk1MWNlYTFhMGY0ZTZiNWY4MTg5M2FiMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAnNBZFNe2RJF5Hdx7X3mKkzP+Lg3fhm14XJOMds3sez6+mk1p
0dxUOmQeqEj9kAY6isCEpdPW1ymo3ZZuXWKHyovYys5Fv9q9tcXG11/h+0e5jBy0
V4odI+5b8SIEyNfN+Xksq5Y0Tk+vXAtvVNHLMcyUHIotpe61kysIOgP8WSSAhgpd
Z9xYgxy0TVnMnPjS5LcPxVx8tA5DPoCwAfx55q0NAhsZKKvVQmnSqz7jN2oIAZ+j
wkAb4j5yn6N6eDgKmLMkG5+wPHdNVApsQQyfK9D2xlB1IRrdhS4EYSoeNMaCcex6
bHO90iSf/oRbUI0RfjxPqaGMZ7J9Z/lNbIBU8QIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFLPQCsId3wFNReFLmj4p2GxLVu2QMB8GA1UdIwQYMBaAFGUKgwJwZrHds66C
FoPPNNKLdGZ7MA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvZjRhNTgy
ZjZjNzgwN2Y1ZmRkMzFiNjlhZTI3MGY4NWQwMGMzOTcwNi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvOWFlYmVkNjktMzBkZS00MjYyLWE0OTQtZDI2MmIz
M2MyYzljLzNkMTM0NDU1YjM4NWViODUzOTUxY2VhMWEwZjRlNmI1ZjgxODkzYWIu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy85YWViZWQ2OS0zMGRlLTQyNjItYTQ5NC1kMjYy
YjMzYzJjOWMvZjRhNTgyZjZjNzgwN2Y1ZmRkMzFiNjlhZTI3MGY4NWQwMGMzOTcw
Ni5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAqpT2DANBgkqhkiG9w0BAQsFAAOCAQEAZ5HPWUGH0KUm46vP
OOrQALFJhuOtHVnNpSHJM2uKqGTUf4BB1sPrJuuDGQsugNKphv0KCtMX7ezV3UEM
eYxmOrwomQ6uvHkMAGYcaDxbWrT3qTeVTeiM+2fSPDnhgKYhWeQrsC1CMNGPf9vj
QKWvfwiJqGcBpl6l6aj4NR/PPBYKQgRllTmhemJu5MFmb+CgnNOfHO9w1mnoxzA3
j0YHWM94huEr45l5AoynzxQ3M+g8pvN0lpDn7wQLncnke6T7UxPSuENwGfjoppuq
Ai+32dHrfrmYSMk+1yoNpIxSqxdTd4YXUqONpSuDukmAB9fJg6nLb0D/iRaq2Uqv
3LQqhg==
-----END CERTIFICATE-----
Generated at Thu Mar 28 16:04:18 2024 by rpki-client on console-ams.rpki-client.org