Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/9d9462a8-9f3c-4527-bb46-c1e9346a9feb/1067b169f9955b46a73b30ffc881465dfefc65e7.roa
File:                     1067b169f9955b46a73b30ffc881465dfefc65e7.roa (raw, json)
Hash identifier:          R6OEoihi1Y2tDzkIq/tEYYZ42o9KUg58/B4iOWvm/+c=
Subject key identifier:   3F:D9:99:22:B7:7F:04:1F:F2:22:07:E4:15:7B:17:D3:F2:3A:CD:65
Certificate issuer:       /CN=cbd22aa435cb28d447ede265adf51bfeaaba86c5
Certificate serial:       179796
Authority key identifier: D5:25:2C:0B:0D:06:46:80:46:17:58:EC:64:B2:28:E5:4E:AC:B7:BB
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/cbd22aa435cb28d447ede265adf51bfeaaba86c5.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/9d9462a8-9f3c-4527-bb46-c1e9346a9feb/1067b169f9955b46a73b30ffc881465dfefc65e7.roa
Signing time:             Sun 28 May 2023 16:56:57 +0000
ROA not before:           Sat 27 May 2023 16:56:57 +0000
ROA not after:            Wed 28 May 2025 16:56:57 +0000
asID:                     266830
IP address blocks:        45.238.20.0/22 maxlen: 24
                          2803:f4a0::/32 maxlen: 32

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/9d9462a8-9f3c-4527-bb46-c1e9346a9feb/cbd22aa435cb28d447ede265adf51bfeaaba86c5.crl
                          rsync://repository.lacnic.net/rpki/lacnic/9d9462a8-9f3c-4527-bb46-c1e9346a9feb/cbd22aa435cb28d447ede265adf51bfeaaba86c5.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/cbd22aa435cb28d447ede265adf51bfeaaba86c5.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 25 Feb 2024 20:21:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1546134 (0x179796)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cbd22aa435cb28d447ede265adf51bfeaaba86c5
        Validity
            Not Before: May 27 16:56:57 2023 GMT
            Not After : May 28 16:56:57 2025 GMT
        Subject: CN=1067b169f9955b46a73b30ffc881465dfefc65e7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:19:95:d7:72:89:86:d4:5e:82:17:97:5f:e6:
                    2c:ca:b4:34:f6:04:ee:c4:b7:38:3e:76:44:c9:e9:
                    1a:37:ca:ac:d2:62:b0:5c:50:88:e3:02:c3:f2:3d:
                    63:8f:0b:0b:ec:5d:a2:82:e1:1c:8e:25:d7:0c:a8:
                    86:2a:f4:59:bb:9a:ff:13:6c:0b:4b:c6:34:3f:6d:
                    fc:9d:4d:f4:17:4b:b0:80:65:be:c2:c9:2f:d4:33:
                    0e:ad:36:a4:95:d2:f0:e1:09:c9:fb:31:14:42:1b:
                    58:4d:b8:cc:37:a9:d7:3a:10:6d:17:95:d2:9a:f9:
                    a7:5a:9d:9d:ca:b7:56:b9:b8:b9:09:5f:97:b0:9f:
                    59:1c:0c:f1:5e:d4:8e:ac:a0:7a:58:6e:4c:72:b5:
                    b2:53:1c:32:d5:ac:81:79:06:55:06:d7:66:fd:37:
                    a1:02:ca:ed:b2:7e:14:3c:eb:a8:02:0d:9a:c5:58:
                    ef:24:9b:21:0f:a1:2b:c5:e6:31:84:d5:de:3e:17:
                    2f:eb:7a:ca:72:9f:c4:3a:dd:b4:4f:1f:29:25:86:
                    77:ee:c8:62:05:b5:a7:56:a5:ba:ea:63:fe:5b:7e:
                    f0:df:f9:4a:3a:5e:03:fe:b3:0a:b5:a7:d9:5d:19:
                    f2:f3:c9:aa:db:c9:e2:74:a9:31:c6:c7:01:7d:30:
                    90:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3F:D9:99:22:B7:7F:04:1F:F2:22:07:E4:15:7B:17:D3:F2:3A:CD:65
            X509v3 Authority Key Identifier:
                keyid:D5:25:2C:0B:0D:06:46:80:46:17:58:EC:64:B2:28:E5:4E:AC:B7:BB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/cbd22aa435cb28d447ede265adf51bfeaaba86c5.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/9d9462a8-9f3c-4527-bb46-c1e9346a9feb/1067b169f9955b46a73b30ffc881465dfefc65e7.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/9d9462a8-9f3c-4527-bb46-c1e9346a9feb/cbd22aa435cb28d447ede265adf51bfeaaba86c5.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.238.20.0/22
                IPv6:
                  2803:f4a0::/32

    Signature Algorithm: sha256WithRSAEncryption
         62:dc:3c:d5:51:c1:d7:e6:fb:ee:f5:fd:aa:d1:1e:47:c6:f3:
         e9:2b:06:71:0a:9c:0e:e0:ea:90:89:b7:f1:a7:a3:b0:be:ce:
         16:83:2b:58:cb:89:37:c0:b0:c7:33:ff:27:c3:64:d6:7d:d6:
         6c:3a:d6:dd:f2:26:4c:11:89:bc:d9:4e:c8:b1:73:78:cb:bf:
         fe:83:0c:d5:5a:4e:3e:e9:40:0f:cd:7b:dc:5e:f9:68:c3:9f:
         ca:7e:08:78:ae:75:c4:d4:93:a4:bb:b6:b0:a3:96:0b:70:f8:
         85:13:e7:83:5d:df:1a:de:fb:6f:dc:10:fd:70:10:35:ec:8f:
         ec:da:d2:9d:f3:2d:ec:d0:ab:34:01:e9:53:24:08:d5:fb:aa:
         75:f2:f6:20:e1:f7:62:a7:13:62:ab:d2:f2:7f:d4:2c:6e:3d:
         88:4f:96:f3:d7:8a:0b:28:fc:4c:44:8a:bd:75:ed:0c:d1:93:
         1c:b1:b9:da:28:4b:7f:1e:13:9b:99:06:45:87:ac:cf:33:c7:
         4f:b1:65:5d:66:00:0c:0f:d5:ff:85:37:a3:16:b5:fc:17:bd:
         0f:f6:21:91:52:47:43:6b:49:85:51:3a:48:ac:ac:c9:8f:58:
         cb:5e:fc:f7:71:74:6f:7f:60:72:7e:c0:a9:12:63:dd:37:8e:
         49:2b:2c:fb
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgIDF5eWMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGNi
ZDIyYWE0MzVjYjI4ZDQ0N2VkZTI2NWFkZjUxYmZlYWFiYTg2YzUwHhcNMjMwNTI3
MTY1NjU3WhcNMjUwNTI4MTY1NjU3WjAzMTEwLwYDVQQDEygxMDY3YjE2OWY5OTU1
YjQ2YTczYjMwZmZjODgxNDY1ZGZlZmM2NWU3MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAiBmV13KJhtRegheXX+YsyrQ09gTuxLc4PnZEyekaN8qs0mKw
XFCI4wLD8j1jjwsL7F2iguEcjiXXDKiGKvRZu5r/E2wLS8Y0P238nU30F0uwgGW+
wskv1DMOrTakldLw4QnJ+zEUQhtYTbjMN6nXOhBtF5XSmvmnWp2dyrdWubi5CV+X
sJ9ZHAzxXtSOrKB6WG5McrWyUxwy1ayBeQZVBtdm/TehAsrtsn4UPOuoAg2axVjv
JJshD6ErxeYxhNXePhcv63rKcp/EOt20Tx8pJYZ37shiBbWnVqW66mP+W37w3/lK
Ol4D/rMKtafZXRny88mq28nidKkxxscBfTCQ3wIDAQABo4ICajCCAmYwHQYDVR0O
BBYEFD/ZmSK3fwQf8iIH5BV7F9PyOs1lMB8GA1UdIwQYMBaAFNUlLAsNBkaARhdY
7GSyKOVOrLe7MA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvY2JkMjJh
YTQzNWNiMjhkNDQ3ZWRlMjY1YWRmNTFiZmVhYWJhODZjNS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvOWQ5NDYyYTgtOWYzYy00NTI3LWJiNDYtYzFlOTM0
NmE5ZmViLzEwNjdiMTY5Zjk5NTViNDZhNzNiMzBmZmM4ODE0NjVkZmVmYzY1ZTcu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy85ZDk0NjJhOC05ZjNjLTQ1MjctYmI0Ni1jMWU5
MzQ2YTlmZWIvY2JkMjJhYTQzNWNiMjhkNDQ3ZWRlMjY1YWRmNTFiZmVhYWJhODZj
NS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQf
MB0wDAQCAAEwBgMEAi3uFDANBAIAAjAHAwUAKAP0oDANBgkqhkiG9w0BAQsFAAOC
AQEAYtw81VHB1+b77vX9qtEeR8bz6SsGcQqcDuDqkIm38aejsL7OFoMrWMuJN8Cw
xzP/J8Nk1n3WbDrW3fImTBGJvNlOyLFzeMu//oMM1VpOPulAD8173F75aMOfyn4I
eK51xNSTpLu2sKOWC3D4hRPng13fGt77b9wQ/XAQNeyP7NrSnfMt7NCrNAHpUyQI
1fuqdfL2IOH3YqcTYqvS8n/ULG49iE+W89eKCyj8TESKvXXtDNGTHLG52ihLfx4T
m5kGRYeszzPHT7FlXWYADA/V/4U3oxa1/Be9D/YhkVJHQ2tJhVE6SKysyY9Yy178
93F0b39gcn7AqRJj3TeOSSss+w==
-----END CERTIFICATE-----
Generated at Fri Feb 23 05:06:45 2024 by rpki-client on console-ams.rpki-client.org