Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/9b68a10c-54a0-424e-88c9-e0e7e85e5c5c/61dca2403ed2dc84ce9e55881087c4096563b685.roa
File:                     61dca2403ed2dc84ce9e55881087c4096563b685.roa (raw, json)
Hash identifier:          BIvQ6Pf2Y88up1cKvPO1eAW7YCjpZ0iRqSp2mZZz+Rs=
Subject key identifier:   1B:11:B8:CF:5B:5A:13:5D:38:AB:FD:96:30:4E:E4:58:64:A4:56:F1
Certificate issuer:       /CN=3e089b1672b85d5b6e072fa49ac9aa7681ce1d2c
Certificate serial:       25F38E
Authority key identifier: C0:DF:BE:F2:49:D4:28:4F:A2:22:65:25:74:CA:A9:6B:98:D1:BD:D8
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/3e089b1672b85d5b6e072fa49ac9aa7681ce1d2c.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/9b68a10c-54a0-424e-88c9-e0e7e85e5c5c/61dca2403ed2dc84ce9e55881087c4096563b685.roa
Signing time:             Tue 28 Nov 2023 13:36:37 +0000
ROA not before:           Tue 28 Nov 2023 13:36:37 +0000
ROA not after:            Fri 28 Nov 2025 13:36:37 +0000
asID:                     265633
IP address blocks:        170.244.52.0/22 maxlen: 24
                          2803:5ac0::/32 maxlen: 48

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/9b68a10c-54a0-424e-88c9-e0e7e85e5c5c/3e089b1672b85d5b6e072fa49ac9aa7681ce1d2c.crl
                          rsync://repository.lacnic.net/rpki/lacnic/9b68a10c-54a0-424e-88c9-e0e7e85e5c5c/3e089b1672b85d5b6e072fa49ac9aa7681ce1d2c.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/3e089b1672b85d5b6e072fa49ac9aa7681ce1d2c.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 26 Feb 2024 16:36:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2487182 (0x25f38e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3e089b1672b85d5b6e072fa49ac9aa7681ce1d2c
        Validity
            Not Before: Nov 28 13:36:37 2023 GMT
            Not After : Nov 28 13:36:37 2025 GMT
        Subject: CN=61dca2403ed2dc84ce9e55881087c4096563b685
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:2d:d6:26:47:77:f5:cc:3e:55:e2:7f:a2:a1:
                    c9:12:88:de:7e:7a:45:85:9c:df:b3:fa:f1:0b:c2:
                    07:95:fb:10:93:e6:8a:92:4b:ce:75:6d:54:8f:6b:
                    31:5f:0f:c6:39:4c:de:28:5f:58:96:a7:97:87:eb:
                    f6:84:87:70:d4:ce:90:f1:c9:f4:71:95:52:47:f6:
                    07:fd:6c:23:4e:dc:95:50:8c:52:ef:01:7e:13:ab:
                    e3:1a:88:8b:2d:d6:8b:46:ca:40:d5:96:10:c1:23:
                    3a:a5:a5:72:a4:eb:c3:4d:4d:72:3d:12:3b:9e:70:
                    1d:df:82:d4:77:44:e6:1d:22:78:08:4b:c3:b7:ee:
                    81:18:2e:82:99:d4:e8:ce:44:74:d0:87:12:40:55:
                    fc:78:a9:b9:75:3d:48:7a:4f:43:31:fa:1d:56:29:
                    dd:15:0f:d4:1e:a6:67:32:f9:b7:3e:1e:1f:aa:bf:
                    c4:9e:d2:8d:19:f6:07:b4:1a:68:b4:b3:6a:5e:54:
                    91:df:df:18:09:b9:2f:a8:59:32:2c:1c:d1:9d:5c:
                    25:21:22:1b:db:43:2c:f5:b4:0e:c2:04:66:23:7a:
                    4f:05:89:df:1e:22:0d:60:fb:81:a3:09:b9:e5:46:
                    6d:af:54:c9:d1:1a:12:6f:0c:bc:2e:5d:e5:b6:aa:
                    dc:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1B:11:B8:CF:5B:5A:13:5D:38:AB:FD:96:30:4E:E4:58:64:A4:56:F1
            X509v3 Authority Key Identifier:
                keyid:C0:DF:BE:F2:49:D4:28:4F:A2:22:65:25:74:CA:A9:6B:98:D1:BD:D8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/3e089b1672b85d5b6e072fa49ac9aa7681ce1d2c.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/9b68a10c-54a0-424e-88c9-e0e7e85e5c5c/61dca2403ed2dc84ce9e55881087c4096563b685.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/9b68a10c-54a0-424e-88c9-e0e7e85e5c5c/3e089b1672b85d5b6e072fa49ac9aa7681ce1d2c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  170.244.52.0/22
                IPv6:
                  2803:5ac0::/32

    Signature Algorithm: sha256WithRSAEncryption
         b8:35:f8:a0:14:fd:8e:94:a0:73:ae:b9:ff:3c:74:51:2c:54:
         8e:b2:77:65:9a:40:22:3d:71:bf:cf:15:4e:7c:5f:3a:a4:9b:
         57:9e:66:f9:7f:cb:92:18:61:75:22:d7:6e:89:0a:4b:65:6d:
         9c:56:f0:0b:6d:1b:9a:fb:d0:9d:6b:06:f6:02:21:d2:76:92:
         3b:0b:15:9e:2b:c7:5b:b0:cf:4f:6b:4d:4a:0b:3b:90:cf:a4:
         4b:f7:a9:b7:8c:01:a9:e4:3c:ab:28:43:6d:c5:19:c9:52:53:
         18:86:72:19:ad:e7:8d:4b:01:cd:96:dd:56:3c:a6:af:75:c5:
         38:0a:bb:2e:6b:e6:21:1d:b9:a2:9b:29:78:c4:14:dd:54:bc:
         9c:cf:1c:81:e8:ce:42:89:01:32:8e:3c:4b:7e:21:8b:de:a1:
         6d:cc:9b:81:a7:a3:c1:1b:55:7f:56:c2:36:20:45:43:bb:a8:
         5a:7b:19:12:2f:d4:9c:12:ff:ed:19:9e:7a:fa:30:a8:ef:ab:
         46:e9:48:66:ab:49:e7:9c:45:c5:b6:78:f0:a5:c9:b9:3a:ed:
         8d:16:a3:1e:67:cf:bb:a3:38:72:a8:b3:77:1f:7a:94:f9:58:
         fd:38:1f:39:6d:11:26:f3:f7:4c:c0:e9:45:37:0e:d3:d5:6c:
         6e:20:17:d5
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgIDJfOOMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDNl
MDg5YjE2NzJiODVkNWI2ZTA3MmZhNDlhYzlhYTc2ODFjZTFkMmMwHhcNMjMxMTI4
MTMzNjM3WhcNMjUxMTI4MTMzNjM3WjAzMTEwLwYDVQQDEyg2MWRjYTI0MDNlZDJk
Yzg0Y2U5ZTU1ODgxMDg3YzQwOTY1NjNiNjg1MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAyS3WJkd39cw+VeJ/oqHJEojefnpFhZzfs/rxC8IHlfsQk+aK
kkvOdW1Uj2sxXw/GOUzeKF9YlqeXh+v2hIdw1M6Q8cn0cZVSR/YH/WwjTtyVUIxS
7wF+E6vjGoiLLdaLRspA1ZYQwSM6paVypOvDTU1yPRI7nnAd34LUd0TmHSJ4CEvD
t+6BGC6CmdTozkR00IcSQFX8eKm5dT1Iek9DMfodVindFQ/UHqZnMvm3Ph4fqr/E
ntKNGfYHtBpotLNqXlSR398YCbkvqFkyLBzRnVwlISIb20Ms9bQOwgRmI3pPBYnf
HiINYPuBowm55UZtr1TJ0RoSbwy8Ll3ltqrclwIDAQABo4ICajCCAmYwHQYDVR0O
BBYEFBsRuM9bWhNdOKv9ljBO5FhkpFbxMB8GA1UdIwQYMBaAFMDfvvJJ1ChPoiJl
JXTKqWuY0b3YMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvM2UwODli
MTY3MmI4NWQ1YjZlMDcyZmE0OWFjOWFhNzY4MWNlMWQyYy5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvOWI2OGExMGMtNTRhMC00MjRlLTg4YzktZTBlN2U4
NWU1YzVjLzYxZGNhMjQwM2VkMmRjODRjZTllNTU4ODEwODdjNDA5NjU2M2I2ODUu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy85YjY4YTEwYy01NGEwLTQyNGUtODhjOS1lMGU3
ZTg1ZTVjNWMvM2UwODliMTY3MmI4NWQ1YjZlMDcyZmE0OWFjOWFhNzY4MWNlMWQy
Yy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQf
MB0wDAQCAAEwBgMEAqr0NDANBAIAAjAHAwUAKANawDANBgkqhkiG9w0BAQsFAAOC
AQEAuDX4oBT9jpSgc665/zx0USxUjrJ3ZZpAIj1xv88VTnxfOqSbV55m+X/Lkhhh
dSLXbokKS2VtnFbwC20bmvvQnWsG9gIh0naSOwsVnivHW7DPT2tNSgs7kM+kS/ep
t4wBqeQ8qyhDbcUZyVJTGIZyGa3njUsBzZbdVjymr3XFOAq7LmvmIR25opspeMQU
3VS8nM8cgejOQokBMo48S34hi96hbcybgaejwRtVf1bCNiBFQ7uoWnsZEi/UnBL/
7RmeevowqO+rRulIZqtJ55xFxbZ48KXJuTrtjRajHmfPu6M4cqizdx96lPlY/Tgf
OW0RJvP3TMDpRTcO09VsbiAX1Q==
-----END CERTIFICATE-----
Generated at Fri Feb 23 20:02:56 2024 by rpki-client on console-fra.rpki-client.org