Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/9d8b8faa-bbe3-4371-a95a-db197dfd3bbf/76da13ed723a9a852fc176b6daf1d2efb54d7c66.roa
File:                     76da13ed723a9a852fc176b6daf1d2efb54d7c66.roa (raw, json)
Hash identifier:          PqbWYghws3dpxOke9wNkdZGqYaAG56OPbWCrlMRti70=
Subject key identifier:   27:A6:E0:C7:62:7A:98:7E:72:9B:60:19:8A:DF:B7:31:4C:E7:69:D9
Certificate issuer:       /CN=b0e4cadafcf7e03afe28925adf350f1286db7b25
Certificate serial:       22AD05
Authority key identifier: D6:91:34:D4:D4:A3:99:B7:77:15:94:69:EF:88:67:20:5F:C1:55:73
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/b0e4cadafcf7e03afe28925adf350f1286db7b25.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/9d8b8faa-bbe3-4371-a95a-db197dfd3bbf/76da13ed723a9a852fc176b6daf1d2efb54d7c66.roa
Signing time:             Sat 29 Jul 2023 03:01:40 +0000
ROA not before:           Fri 28 Jul 2023 03:01:40 +0000
ROA not after:            Tue 29 Jul 2025 03:01:40 +0000
asID:                     264660
IP address blocks:        170.247.212.0/22 maxlen: 24
                          138.186.4.0/23 maxlen: 24
                          2803:3c40::/32 maxlen: 33
                          2803:3c40::/33 maxlen: 33

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/9d8b8faa-bbe3-4371-a95a-db197dfd3bbf/b0e4cadafcf7e03afe28925adf350f1286db7b25.crl
                          rsync://repository.lacnic.net/rpki/lacnic/9d8b8faa-bbe3-4371-a95a-db197dfd3bbf/b0e4cadafcf7e03afe28925adf350f1286db7b25.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/b0e4cadafcf7e03afe28925adf350f1286db7b25.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Thu 29 Feb 2024 02:37:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2272517 (0x22ad05)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b0e4cadafcf7e03afe28925adf350f1286db7b25
        Validity
            Not Before: Jul 28 03:01:40 2023 GMT
            Not After : Jul 29 03:01:40 2025 GMT
        Subject: CN=76da13ed723a9a852fc176b6daf1d2efb54d7c66
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:ba:6c:16:f1:1d:74:fa:02:e6:b3:c4:02:68:
                    4f:37:36:dd:85:42:18:3a:de:ba:1f:a8:51:9a:ad:
                    0c:98:d9:d1:5d:67:fd:1e:ac:8b:63:79:8a:69:dc:
                    71:60:9c:00:51:b5:52:ae:19:d3:55:89:b0:80:b5:
                    c2:6a:74:16:24:7e:51:50:17:04:c4:19:40:72:75:
                    d4:94:e1:15:0a:c4:62:e1:d8:52:e6:ff:f7:17:7d:
                    1e:34:b3:a7:10:46:24:af:3b:63:bb:e9:bd:85:13:
                    6b:bb:8d:86:f1:5e:72:ae:8c:f0:d6:fd:b4:e4:49:
                    0b:c0:20:a7:05:fe:2b:9b:97:d4:d0:dc:40:84:0e:
                    e9:13:80:eb:aa:65:a0:35:b7:72:f3:50:a8:ce:fc:
                    e8:9a:85:82:41:66:70:2e:3a:58:1c:a7:d8:30:1b:
                    c5:e5:cb:c3:5b:32:df:fa:6d:40:ac:25:be:80:5d:
                    54:cb:d0:19:78:4c:20:ce:38:eb:9e:f6:3c:1d:c5:
                    8f:f7:8c:2b:16:95:2b:cb:2c:51:06:5a:6d:9b:88:
                    b1:07:ea:30:f2:72:13:ae:92:63:c8:b6:e4:c9:76:
                    13:70:78:a8:a7:53:7e:cf:b9:19:dd:1d:3f:53:30:
                    90:eb:e2:c9:ed:de:c6:c6:e0:06:2b:9a:05:77:d0:
                    c1:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                27:A6:E0:C7:62:7A:98:7E:72:9B:60:19:8A:DF:B7:31:4C:E7:69:D9
            X509v3 Authority Key Identifier:
                keyid:D6:91:34:D4:D4:A3:99:B7:77:15:94:69:EF:88:67:20:5F:C1:55:73

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/b0e4cadafcf7e03afe28925adf350f1286db7b25.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/9d8b8faa-bbe3-4371-a95a-db197dfd3bbf/76da13ed723a9a852fc176b6daf1d2efb54d7c66.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/9d8b8faa-bbe3-4371-a95a-db197dfd3bbf/b0e4cadafcf7e03afe28925adf350f1286db7b25.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  138.186.4.0/23
                  170.247.212.0/22
                IPv6:
                  2803:3c40::/32

    Signature Algorithm: sha256WithRSAEncryption
         05:79:36:d7:60:0e:ec:c6:88:ac:26:76:b1:75:8b:26:37:f9:
         d7:23:8f:62:0a:60:ac:a9:54:bd:5b:74:05:ca:3f:c2:3c:81:
         8b:81:8d:75:a6:70:a4:d1:6d:5a:34:0b:2b:29:39:34:dc:c5:
         14:e2:e8:a2:ed:7b:34:6b:69:fa:10:21:2c:85:7d:8f:db:55:
         20:af:eb:93:86:24:76:6c:94:75:40:7e:64:55:c7:f5:b6:5d:
         dd:d7:31:8c:a4:b2:8f:46:9e:ac:4f:95:9e:c8:42:13:d9:3b:
         fb:13:7f:95:a3:22:33:34:2d:93:24:c6:65:81:a9:47:0d:35:
         d3:90:1f:ae:2c:0a:57:7f:39:40:5c:d7:80:be:66:ab:e6:4a:
         dc:08:62:d1:13:bb:1d:13:48:42:ba:c7:5d:3a:2c:db:be:ad:
         19:99:59:4b:54:cd:9b:0a:21:a7:53:d9:e6:21:6c:33:7a:70:
         fa:d4:68:e6:2a:77:2a:8a:a7:5e:a0:59:ba:1c:33:b2:11:d3:
         3a:81:aa:2d:7c:1a:79:29:26:5a:dd:48:6a:37:2a:40:5a:fd:
         f8:cc:84:02:c9:54:e6:e9:8c:df:68:9b:ed:06:12:ea:85:82:
         48:92:18:03:f5:15:8d:e0:1a:8b:fd:60:59:1e:0e:6e:15:88:
         a5:c1:af:d9
-----BEGIN CERTIFICATE-----
MIIFVTCCBD2gAwIBAgIDIq0FMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGIw
ZTRjYWRhZmNmN2UwM2FmZTI4OTI1YWRmMzUwZjEyODZkYjdiMjUwHhcNMjMwNzI4
MDMwMTQwWhcNMjUwNzI5MDMwMTQwWjAzMTEwLwYDVQQDEyg3NmRhMTNlZDcyM2E5
YTg1MmZjMTc2YjZkYWYxZDJlZmI1NGQ3YzY2MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAmbpsFvEddPoC5rPEAmhPNzbdhUIYOt66H6hRmq0MmNnRXWf9
HqyLY3mKadxxYJwAUbVSrhnTVYmwgLXCanQWJH5RUBcExBlAcnXUlOEVCsRi4dhS
5v/3F30eNLOnEEYkrztju+m9hRNru42G8V5yrozw1v205EkLwCCnBf4rm5fU0NxA
hA7pE4DrqmWgNbdy81CozvzomoWCQWZwLjpYHKfYMBvF5cvDWzLf+m1ArCW+gF1U
y9AZeEwgzjjrnvY8HcWP94wrFpUryyxRBlptm4ixB+ow8nITrpJjyLbkyXYTcHio
p1N+z7kZ3R0/UzCQ6+LJ7d7GxuAGK5oFd9DBLQIDAQABo4ICcDCCAmwwHQYDVR0O
BBYEFCem4Mdieph+cptgGYrftzFM52nZMB8GA1UdIwQYMBaAFNaRNNTUo5m3dxWU
ae+IZyBfwVVzMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYjBlNGNh
ZGFmY2Y3ZTAzYWZlMjg5MjVhZGYzNTBmMTI4NmRiN2IyNS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvOWQ4YjhmYWEtYmJlMy00MzcxLWE5NWEtZGIxOTdk
ZmQzYmJmLzc2ZGExM2VkNzIzYTlhODUyZmMxNzZiNmRhZjFkMmVmYjU0ZDdjNjYu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy85ZDhiOGZhYS1iYmUzLTQzNzEtYTk1YS1kYjE5
N2RmZDNiYmYvYjBlNGNhZGFmY2Y3ZTAzYWZlMjg5MjVhZGYzNTBmMTI4NmRiN2Iy
NS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0BggrBgEFBQcBBwEB/wQl
MCMwEgQCAAEwDAMEAYq6BAMEAqr31DANBAIAAjAHAwUAKAM8QDANBgkqhkiG9w0B
AQsFAAOCAQEABXk212AO7MaIrCZ2sXWLJjf51yOPYgpgrKlUvVt0Bco/wjyBi4GN
daZwpNFtWjQLKyk5NNzFFOLoou17NGtp+hAhLIV9j9tVIK/rk4YkdmyUdUB+ZFXH
9bZd3dcxjKSyj0aerE+VnshCE9k7+xN/laMiMzQtkyTGZYGpRw0105AfriwKV385
QFzXgL5mq+ZK3Ahi0RO7HRNIQrrHXTos276tGZlZS1TNmwohp1PZ5iFsM3pw+tRo
5ip3KoqnXqBZuhwzshHTOoGqLXwaeSkmWt1IajcqQFr9+MyEAslU5umM32ib7QYS
6oWCSJIYA/UVjeAai/1gWR4ObhWIpcGv2Q==
-----END CERTIFICATE-----
Generated at Mon Feb 26 06:06:15 2024 by rpki-client on console-ams.rpki-client.org