Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/9d93a332-5fc9-4100-ab9d-51c20c012f78/76bb4358db4fd2353db7f553b8b1cc3bd671ddee.roa
File:                     76bb4358db4fd2353db7f553b8b1cc3bd671ddee.roa (raw, json)
Hash identifier:          dRJIHJo3sVcYPk19f9/JNZ4UatGldvY8ZMe3oXCOro8=
Subject key identifier:   5B:BA:92:1A:67:F4:17:4F:81:16:D8:68:72:8F:2A:68:57:38:82:D2
Certificate issuer:       /CN=69dbd374c2a561eac76283ef20e457a087a19243
Certificate serial:       0D4673
Authority key identifier: 0B:D4:59:AC:B4:12:5D:9D:96:D3:DE:53:14:41:98:F9:21:92:91:D8
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/69dbd374c2a561eac76283ef20e457a087a19243.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/9d93a332-5fc9-4100-ab9d-51c20c012f78/76bb4358db4fd2353db7f553b8b1cc3bd671ddee.roa
Signing time:             Wed 24 Mar 2021 14:33:13 +0000
ROA not before:           Wed 24 Mar 2021 14:33:13 +0000
ROA not after:            Tue 24 Mar 2026 14:33:13 +0000
asID:                     64112
IP address blocks:        170.247.92.0/22 maxlen: 24
                          2803:3440:9000::/40 maxlen: 48

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/9d93a332-5fc9-4100-ab9d-51c20c012f78/69dbd374c2a561eac76283ef20e457a087a19243.crl
                          rsync://repository.lacnic.net/rpki/lacnic/9d93a332-5fc9-4100-ab9d-51c20c012f78/69dbd374c2a561eac76283ef20e457a087a19243.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/69dbd374c2a561eac76283ef20e457a087a19243.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 03:49:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 870003 (0xd4673)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=69dbd374c2a561eac76283ef20e457a087a19243
        Validity
            Not Before: Mar 24 14:33:13 2021 GMT
            Not After : Mar 24 14:33:13 2026 GMT
        Subject: CN=76bb4358db4fd2353db7f553b8b1cc3bd671ddee
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:6c:eb:de:9c:86:36:ea:77:36:e4:93:51:70:
                    5c:0f:66:29:dc:7a:de:22:4c:f7:2f:1c:94:79:65:
                    bd:35:81:7b:b8:95:61:89:73:47:a7:0c:37:84:54:
                    07:6c:95:9d:3e:49:ce:37:70:d2:0e:fe:9a:ce:b4:
                    85:8c:f7:f3:56:25:14:5d:c6:73:ea:6d:3c:bd:62:
                    09:1d:6c:02:b0:00:8a:f0:46:34:7e:ba:76:b2:0c:
                    70:14:cc:db:c2:c6:5e:2b:1f:4b:93:ad:ed:95:57:
                    42:f8:80:55:77:7c:9b:f9:61:56:4a:f6:11:79:a2:
                    ab:4a:08:24:ae:12:15:51:ff:16:97:af:26:af:81:
                    ff:fa:1b:b4:06:79:28:52:9a:4c:48:50:01:fe:24:
                    c3:ae:89:0b:87:8b:b1:64:ba:2d:b1:c3:ce:a7:8d:
                    17:9d:ff:17:67:f5:ed:b0:0a:c3:40:f5:a5:c2:86:
                    2c:64:4b:41:65:bd:56:39:f5:9e:81:e8:a9:03:ac:
                    25:17:54:05:f3:e8:96:2b:09:02:3b:27:67:35:a1:
                    17:65:9f:80:ca:a0:87:c1:55:c4:93:05:38:db:98:
                    1e:ec:8a:97:21:65:f4:52:5f:93:c0:36:65:23:d9:
                    4f:8f:41:b7:e4:9e:b4:19:87:9c:22:4c:81:96:ab:
                    e2:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5B:BA:92:1A:67:F4:17:4F:81:16:D8:68:72:8F:2A:68:57:38:82:D2
            X509v3 Authority Key Identifier:
                keyid:0B:D4:59:AC:B4:12:5D:9D:96:D3:DE:53:14:41:98:F9:21:92:91:D8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/69dbd374c2a561eac76283ef20e457a087a19243.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/9d93a332-5fc9-4100-ab9d-51c20c012f78/76bb4358db4fd2353db7f553b8b1cc3bd671ddee.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/9d93a332-5fc9-4100-ab9d-51c20c012f78/69dbd374c2a561eac76283ef20e457a087a19243.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  170.247.92.0/22
                IPv6:
                  2803:3440:9000::/40

    Signature Algorithm: sha256WithRSAEncryption
         6a:6e:37:ae:65:21:2d:1a:fc:5e:67:c7:42:f7:c4:62:8f:88:
         58:94:52:a6:58:b2:e1:ea:7a:d1:cd:0b:8d:aa:ea:0c:e9:c3:
         34:0f:35:cc:6f:55:3c:58:1d:c5:23:98:31:22:ae:44:04:82:
         bb:cd:77:91:d1:1d:88:ba:45:1b:42:31:a7:4f:1e:95:52:1b:
         8c:83:44:b2:a3:6a:b4:e8:c5:d1:b5:c5:9e:97:75:75:1c:fd:
         6b:65:e3:c3:74:f5:36:9f:70:c0:47:e2:07:7a:97:3f:24:d2:
         1b:b0:49:22:fd:be:03:05:03:ba:c0:48:1a:49:45:07:7d:d3:
         8a:6f:78:67:05:1a:e7:d0:68:a2:c6:d7:56:01:dc:50:e2:23:
         b7:dc:cf:f1:42:58:1f:ab:94:83:b4:4d:78:e5:ab:c9:28:eb:
         3c:18:28:78:8e:b6:98:cb:9f:ac:ec:57:3c:a8:62:7d:87:7d:
         be:26:83:d3:80:a8:f5:9a:40:8b:30:af:a5:0e:dd:6d:4d:50:
         60:fe:3b:ba:77:58:eb:6c:88:9d:6a:b8:11:aa:fc:ab:69:47:
         27:15:38:c6:23:c3:13:d8:e9:3c:f1:de:89:75:2f:4b:6b:e5:
         72:7e:e6:75:20:5c:1f:fb:24:cc:bf:3e:05:48:22:95:af:45:
         77:b9:14:72
-----BEGIN CERTIFICATE-----
MIIFUDCCBDigAwIBAgIDDUZzMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDY5
ZGJkMzc0YzJhNTYxZWFjNzYyODNlZjIwZTQ1N2EwODdhMTkyNDMwHhcNMjEwMzI0
MTQzMzEzWhcNMjYwMzI0MTQzMzEzWjAzMTEwLwYDVQQDEyg3NmJiNDM1OGRiNGZk
MjM1M2RiN2Y1NTNiOGIxY2MzYmQ2NzFkZGVlMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAtWzr3pyGNup3NuSTUXBcD2Yp3HreIkz3LxyUeWW9NYF7uJVh
iXNHpww3hFQHbJWdPknON3DSDv6azrSFjPfzViUUXcZz6m08vWIJHWwCsACK8EY0
frp2sgxwFMzbwsZeKx9Lk63tlVdC+IBVd3yb+WFWSvYReaKrSggkrhIVUf8Wl68m
r4H/+hu0BnkoUppMSFAB/iTDrokLh4uxZLotscPOp40Xnf8XZ/XtsArDQPWlwoYs
ZEtBZb1WOfWegeipA6wlF1QF8+iWKwkCOydnNaEXZZ+AyqCHwVXEkwU425ge7IqX
IWX0Ul+TwDZlI9lPj0G35J60GYecIkyBlqviDwIDAQABo4ICazCCAmcwHQYDVR0O
BBYEFFu6khpn9BdPgRbYaHKPKmhXOILSMB8GA1UdIwQYMBaAFAvUWay0El2dltPe
UxRBmPkhkpHYMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvNjlkYmQz
NzRjMmE1NjFlYWM3NjI4M2VmMjBlNDU3YTA4N2ExOTI0My5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvOWQ5M2EzMzItNWZjOS00MTAwLWFiOWQtNTFjMjBj
MDEyZjc4Lzc2YmI0MzU4ZGI0ZmQyMzUzZGI3ZjU1M2I4YjFjYzNiZDY3MWRkZWUu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy85ZDkzYTMzMi01ZmM5LTQxMDAtYWI5ZC01MWMy
MGMwMTJmNzgvNjlkYmQzNzRjMmE1NjFlYWM3NjI4M2VmMjBlNDU3YTA4N2ExOTI0
My5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAvBggrBgEFBQcBBwEB/wQg
MB4wDAQCAAEwBgMEAqr3XDAOBAIAAjAIAwYAKAM0QJAwDQYJKoZIhvcNAQELBQAD
ggEBAGpuN65lIS0a/F5nx0L3xGKPiFiUUqZYsuHqetHNC42q6gzpwzQPNcxvVTxY
HcUjmDEirkQEgrvNd5HRHYi6RRtCMadPHpVSG4yDRLKjarToxdG1xZ6XdXUc/Wtl
48N09TafcMBH4gd6lz8k0huwSSL9vgMFA7rASBpJRQd904pveGcFGufQaKLG11YB
3FDiI7fcz/FCWB+rlIO0TXjlq8ko6zwYKHiOtpjLn6zsVzyoYn2Hfb4mg9OAqPWa
QIswr6UO3W1NUGD+O7p3WOtsiJ1quBGq/KtpRycVOMYjwxPY6Tzx3ol1L0tr5XJ+
5nUgXB/7JMy/PgVIIpWvRXe5FHI=
-----END CERTIFICATE-----
Generated at Thu Mar 28 10:47:12 2024 by rpki-client on console-ams.rpki-client.org