Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/9b68a10c-54a0-424e-88c9-e0e7e85e5c5c/ec82759fd81900b527cb3c92e7f30a05e3d93e20.roa
File:                     ec82759fd81900b527cb3c92e7f30a05e3d93e20.roa (raw, json)
Hash identifier:          wbZAQ3Leb2RJtzCDgHyfgU6MX4m/lAFxi90NeQ41nGw=
Subject key identifier:   CE:2A:A8:8F:D2:91:67:DB:8E:70:45:D6:03:5C:A0:EA:8E:6C:BB:7F
Certificate issuer:       /CN=3e089b1672b85d5b6e072fa49ac9aa7681ce1d2c
Certificate serial:       25F461
Authority key identifier: C0:DF:BE:F2:49:D4:28:4F:A2:22:65:25:74:CA:A9:6B:98:D1:BD:D8
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/3e089b1672b85d5b6e072fa49ac9aa7681ce1d2c.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/9b68a10c-54a0-424e-88c9-e0e7e85e5c5c/ec82759fd81900b527cb3c92e7f30a05e3d93e20.roa
Signing time:             Tue 28 Nov 2023 13:36:38 +0000
ROA not before:           Tue 28 Nov 2023 13:36:37 +0000
ROA not after:            Fri 28 Nov 2025 13:36:37 +0000
asID:                     63023
IP address blocks:        170.244.52.0/22 maxlen: 22
                          2803:5ac0::/32 maxlen: 48

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/9b68a10c-54a0-424e-88c9-e0e7e85e5c5c/3e089b1672b85d5b6e072fa49ac9aa7681ce1d2c.crl
                          rsync://repository.lacnic.net/rpki/lacnic/9b68a10c-54a0-424e-88c9-e0e7e85e5c5c/3e089b1672b85d5b6e072fa49ac9aa7681ce1d2c.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/3e089b1672b85d5b6e072fa49ac9aa7681ce1d2c.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Tue 27 Feb 2024 12:23:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2487393 (0x25f461)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3e089b1672b85d5b6e072fa49ac9aa7681ce1d2c
        Validity
            Not Before: Nov 28 13:36:37 2023 GMT
            Not After : Nov 28 13:36:37 2025 GMT
        Subject: CN=ec82759fd81900b527cb3c92e7f30a05e3d93e20
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:80:c4:7f:a2:43:a1:68:64:db:31:36:dd:9b:cd:
                    48:fe:48:b5:94:d8:73:d7:5e:7b:1e:d6:5e:e6:b0:
                    28:dd:f4:64:5f:7a:12:38:e6:5c:9e:ca:e3:6f:4a:
                    e0:3f:ac:3d:4c:58:f0:05:58:2e:a7:0a:b8:cb:b3:
                    c1:92:7e:97:4f:c5:ab:c1:ad:db:8f:62:36:13:a2:
                    06:45:bf:a3:6b:4a:e0:f3:59:ad:d3:99:21:62:d2:
                    56:d4:58:07:a5:34:50:d1:96:07:f8:1f:da:eb:26:
                    66:f7:da:05:b6:b1:b5:52:a6:ef:bc:2c:e0:47:02:
                    ac:f2:a8:71:2f:64:71:60:55:13:bb:4f:00:45:a4:
                    3e:64:28:7b:5d:5e:a7:7c:e8:a6:59:9f:48:a2:2d:
                    97:67:69:f9:7a:30:b4:e9:73:f6:ad:08:ad:12:01:
                    0e:ba:a2:9e:59:ca:62:78:32:1f:f5:3a:9c:86:db:
                    8f:22:7d:a7:0b:63:b7:eb:df:5c:1d:01:ff:2d:c5:
                    a4:8a:b6:e5:e3:9d:7b:9a:2c:40:ba:89:81:4c:c9:
                    67:b6:0f:9b:b0:8e:b4:3c:d1:fd:7f:7a:9f:d3:15:
                    03:da:81:57:3b:e0:c2:74:f8:f4:72:da:67:9c:5b:
                    aa:29:ab:37:4f:7d:e9:b0:b2:8a:d0:0b:90:47:2c:
                    57:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CE:2A:A8:8F:D2:91:67:DB:8E:70:45:D6:03:5C:A0:EA:8E:6C:BB:7F
            X509v3 Authority Key Identifier:
                keyid:C0:DF:BE:F2:49:D4:28:4F:A2:22:65:25:74:CA:A9:6B:98:D1:BD:D8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/3e089b1672b85d5b6e072fa49ac9aa7681ce1d2c.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/9b68a10c-54a0-424e-88c9-e0e7e85e5c5c/ec82759fd81900b527cb3c92e7f30a05e3d93e20.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/9b68a10c-54a0-424e-88c9-e0e7e85e5c5c/3e089b1672b85d5b6e072fa49ac9aa7681ce1d2c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  170.244.52.0/22
                IPv6:
                  2803:5ac0::/32

    Signature Algorithm: sha256WithRSAEncryption
         af:27:30:2a:c0:8e:a9:96:d8:81:1e:df:9c:1e:85:79:65:4a:
         ee:60:b9:ed:ae:9f:f6:49:e6:ac:d3:cf:4b:39:59:f9:d5:14:
         8b:06:0f:2e:82:17:be:ad:62:e1:18:d7:46:70:9a:8a:46:c5:
         f3:09:5d:56:c2:e4:af:7f:0a:de:5f:41:9c:f9:ca:a8:4b:a2:
         21:1f:0a:4c:6f:c9:96:1b:07:37:c5:76:2f:02:b9:80:3c:02:
         41:2c:f7:b6:ff:b2:e7:bb:85:06:05:c4:58:ea:cd:dc:9b:4c:
         88:8c:2c:31:fa:2b:78:d5:be:e1:e9:f6:b3:8a:f5:7f:2a:db:
         51:ae:b9:c8:8b:71:64:4d:fa:f2:30:5f:7d:9d:18:fb:fb:31:
         0b:bb:81:ef:ef:94:de:9d:19:b7:be:d5:91:1c:a4:a0:e6:8d:
         76:7d:88:84:d5:00:01:d1:fa:0d:af:08:13:82:41:22:d6:49:
         9c:f2:a0:24:f2:db:8b:ca:1b:86:3d:c6:02:f3:39:ff:89:2e:
         c7:e3:1b:b0:f7:16:f1:9e:f3:ec:33:21:73:21:31:46:61:6f:
         c3:76:61:a5:cd:13:b0:f8:85:b7:b4:28:ab:a5:e6:94:3a:67:
         77:89:5a:0b:63:1c:cd:fc:03:04:f1:1e:4d:d7:9d:10:d6:8f:
         2a:85:e2:e8
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgIDJfRhMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDNl
MDg5YjE2NzJiODVkNWI2ZTA3MmZhNDlhYzlhYTc2ODFjZTFkMmMwHhcNMjMxMTI4
MTMzNjM3WhcNMjUxMTI4MTMzNjM3WjAzMTEwLwYDVQQDEyhlYzgyNzU5ZmQ4MTkw
MGI1MjdjYjNjOTJlN2YzMGEwNWUzZDkzZTIwMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAgMR/okOhaGTbMTbdm81I/ki1lNhz1157HtZe5rAo3fRkX3oS
OOZcnsrjb0rgP6w9TFjwBVgupwq4y7PBkn6XT8Wrwa3bj2I2E6IGRb+ja0rg81mt
05khYtJW1FgHpTRQ0ZYH+B/a6yZm99oFtrG1UqbvvCzgRwKs8qhxL2RxYFUTu08A
RaQ+ZCh7XV6nfOimWZ9Ioi2XZ2n5ejC06XP2rQitEgEOuqKeWcpieDIf9TqchtuP
In2nC2O3699cHQH/LcWkirbl4517mixAuomBTMlntg+bsI60PNH9f3qf0xUD2oFX
O+DCdPj0ctpnnFuqKas3T33psLKK0AuQRyxXsQIDAQABo4ICajCCAmYwHQYDVR0O
BBYEFM4qqI/SkWfbjnBF1gNcoOqObLt/MB8GA1UdIwQYMBaAFMDfvvJJ1ChPoiJl
JXTKqWuY0b3YMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvM2UwODli
MTY3MmI4NWQ1YjZlMDcyZmE0OWFjOWFhNzY4MWNlMWQyYy5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvOWI2OGExMGMtNTRhMC00MjRlLTg4YzktZTBlN2U4
NWU1YzVjL2VjODI3NTlmZDgxOTAwYjUyN2NiM2M5MmU3ZjMwYTA1ZTNkOTNlMjAu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy85YjY4YTEwYy01NGEwLTQyNGUtODhjOS1lMGU3
ZTg1ZTVjNWMvM2UwODliMTY3MmI4NWQ1YjZlMDcyZmE0OWFjOWFhNzY4MWNlMWQy
Yy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQf
MB0wDAQCAAEwBgMEAqr0NDANBAIAAjAHAwUAKANawDANBgkqhkiG9w0BAQsFAAOC
AQEArycwKsCOqZbYgR7fnB6FeWVK7mC57a6f9knmrNPPSzlZ+dUUiwYPLoIXvq1i
4RjXRnCaikbF8wldVsLkr38K3l9BnPnKqEuiIR8KTG/JlhsHN8V2LwK5gDwCQSz3
tv+y57uFBgXEWOrN3JtMiIwsMforeNW+4en2s4r1fyrbUa65yItxZE368jBffZ0Y
+/sxC7uB7++U3p0Zt77VkRykoOaNdn2IhNUAAdH6Da8IE4JBItZJnPKgJPLbi8ob
hj3GAvM5/4kux+MbsPcW8Z7z7DMhcyExRmFvw3Zhpc0TsPiFt7Qoq6XmlDpnd4la
C2MczfwDBPEeTdedENaPKoXi6A==
-----END CERTIFICATE-----
Generated at Sat Feb 24 14:41:21 2024 by rpki-client on console-fra.rpki-client.org