Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/9ee7de7f-a80b-4e35-98cf-ba5b5d2f7f2e/804b4b58d1faca8d061af4d4948830f96c0c3f0c.roa
File:                     804b4b58d1faca8d061af4d4948830f96c0c3f0c.roa (raw, json)
Hash identifier:          T5Nza9csUtBk0b8PxAWkbm1dprhxOWcLK3yNSDP/VMc=
Subject key identifier:   EA:0F:54:4E:B3:18:CB:13:44:8C:07:C0:AE:BA:6B:82:62:89:C0:9E
Certificate issuer:       /CN=f169baa864aba6bc96d4cf7ef2a12e0f69a3259a
Certificate serial:       0B098A
Authority key identifier: EF:46:1C:52:7E:70:85:D1:94:10:B8:6D:60:42:0E:F4:DE:19:43:15
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/f169baa864aba6bc96d4cf7ef2a12e0f69a3259a.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/9ee7de7f-a80b-4e35-98cf-ba5b5d2f7f2e/804b4b58d1faca8d061af4d4948830f96c0c3f0c.roa
Signing time:             Wed 24 Mar 2021 14:38:26 +0000
ROA not before:           Wed 24 Mar 2021 14:38:25 +0000
ROA not after:            Tue 24 Mar 2026 14:38:25 +0000
asID:                     269868
IP address blocks:        45.190.192.0/22 maxlen: 24
                          2803:88e0::/32 maxlen: 48

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/9ee7de7f-a80b-4e35-98cf-ba5b5d2f7f2e/f169baa864aba6bc96d4cf7ef2a12e0f69a3259a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/9ee7de7f-a80b-4e35-98cf-ba5b5d2f7f2e/f169baa864aba6bc96d4cf7ef2a12e0f69a3259a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/f169baa864aba6bc96d4cf7ef2a12e0f69a3259a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 18 Mar 2023 02:22:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 723338 (0xb098a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f169baa864aba6bc96d4cf7ef2a12e0f69a3259a
        Validity
            Not Before: Mar 24 14:38:25 2021 GMT
            Not After : Mar 24 14:38:25 2026 GMT
        Subject: CN=804b4b58d1faca8d061af4d4948830f96c0c3f0c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:64:42:12:46:5d:4e:05:81:c5:e9:01:02:5d:
                    55:e7:17:99:74:5f:f1:0a:33:0a:68:c9:5e:d1:1e:
                    e5:d0:5b:4a:5e:57:36:39:bf:9c:38:ff:e3:df:c4:
                    a9:8c:7a:c7:19:63:1c:50:28:c2:df:93:3c:dc:a0:
                    4e:41:a6:f0:f6:12:6c:a2:d3:25:4b:43:9f:89:57:
                    bc:0b:e6:ee:5e:4f:ee:83:ff:34:5f:78:bf:f4:22:
                    2a:9f:44:cb:30:64:a4:0d:1e:26:62:b8:5a:9e:56:
                    b1:5e:1e:2e:49:bb:20:6f:4d:7f:91:a1:b0:9b:27:
                    71:d6:b3:41:98:b3:3d:0c:ee:36:81:ca:23:a3:ff:
                    a9:00:78:1f:b7:ee:38:dc:ad:22:fe:a4:86:8d:c4:
                    5c:7e:16:99:b4:58:c6:fe:1e:d5:6d:67:46:12:59:
                    a5:96:9b:ba:d8:77:8f:e8:32:4a:95:64:02:79:e3:
                    9e:95:01:3a:b0:fa:63:97:1b:9f:92:c4:f2:97:bf:
                    97:d3:7e:80:36:ea:f1:d0:bf:ea:a8:70:e1:28:bd:
                    2f:f8:73:67:bb:11:ca:2b:7b:f9:cf:98:a4:bb:88:
                    21:b2:f9:8d:3a:36:0a:d9:39:b9:02:3b:84:cc:7c:
                    ad:0b:9e:d5:09:de:f8:04:bc:f7:a0:24:66:ad:42:
                    a2:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                EA:0F:54:4E:B3:18:CB:13:44:8C:07:C0:AE:BA:6B:82:62:89:C0:9E
            X509v3 Authority Key Identifier: 
                keyid:EF:46:1C:52:7E:70:85:D1:94:10:B8:6D:60:42:0E:F4:DE:19:43:15

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/f169baa864aba6bc96d4cf7ef2a12e0f69a3259a.cer

            Subject Information Access: 
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/9ee7de7f-a80b-4e35-98cf-ba5b5d2f7f2e/804b4b58d1faca8d061af4d4948830f96c0c3f0c.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/9ee7de7f-a80b-4e35-98cf-ba5b5d2f7f2e/f169baa864aba6bc96d4cf7ef2a12e0f69a3259a.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.190.192.0/22
                IPv6:
                  2803:88e0::/32

    Signature Algorithm: sha256WithRSAEncryption
         47:b1:ba:b1:80:4f:81:44:84:87:3b:55:1f:d1:58:a9:16:b6:
         18:03:d0:d4:9e:63:66:2c:4b:66:e4:39:27:0f:80:19:f2:64:
         0c:1f:c3:3d:10:72:a0:83:c1:34:18:e5:e6:6c:94:7d:06:9f:
         c1:ee:73:06:fb:70:df:2b:c2:21:e8:08:02:62:d7:ca:7d:d9:
         5c:cd:c7:91:87:ff:e8:14:30:8c:11:e5:9d:ff:ad:e9:ef:87:
         17:cd:fb:99:16:b7:e3:4b:0c:11:54:37:f2:88:aa:35:77:61:
         ae:59:99:3e:fe:0a:fb:a3:8c:d0:6f:04:48:7f:4d:4c:cc:62:
         f3:d3:db:dd:87:ec:81:86:fd:aa:a1:f8:69:72:1c:bb:7f:64:
         5c:37:06:8f:67:cf:4a:f3:b0:e1:96:c4:f4:bd:0f:f5:6e:ff:
         64:b7:e4:84:10:c6:28:6d:7b:9f:90:aa:dc:13:a3:07:8f:ab:
         a2:0d:9e:c2:37:33:9f:b3:9b:0e:f3:2a:5e:a4:e2:5c:4a:c7:
         2a:ae:fc:94:94:a4:3b:81:1a:5d:d1:fb:34:97:e9:92:44:50:
         3a:e2:1f:92:e1:5c:a1:c0:25:4d:13:9b:a1:d1:2c:be:3f:92:
         98:f5:ef:34:fb:dc:ff:0c:43:07:b9:73:32:32:65:14:ef:5d:
         d6:53:18:f1
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgIDCwmKMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGYx
NjliYWE4NjRhYmE2YmM5NmQ0Y2Y3ZWYyYTEyZTBmNjlhMzI1OWEwHhcNMjEwMzI0
MTQzODI1WhcNMjYwMzI0MTQzODI1WjAzMTEwLwYDVQQDEyg4MDRiNGI1OGQxZmFj
YThkMDYxYWY0ZDQ5NDg4MzBmOTZjMGMzZjBjMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAjGRCEkZdTgWBxekBAl1V5xeZdF/xCjMKaMle0R7l0FtKXlc2
Ob+cOP/j38SpjHrHGWMcUCjC35M83KBOQabw9hJsotMlS0OfiVe8C+buXk/ug/80
X3i/9CIqn0TLMGSkDR4mYrhanlaxXh4uSbsgb01/kaGwmydx1rNBmLM9DO42gcoj
o/+pAHgft+443K0i/qSGjcRcfhaZtFjG/h7VbWdGElmllpu62HeP6DJKlWQCeeOe
lQE6sPpjlxufksTyl7+X036ANurx0L/qqHDhKL0v+HNnuxHKK3v5z5iku4ghsvmN
OjYK2Tm5AjuEzHytC57VCd74BLz3oCRmrUKiQQIDAQABo4ICajCCAmYwHQYDVR0O
BBYEFOoPVE6zGMsTRIwHwK66a4JiicCeMB8GA1UdIwQYMBaAFO9GHFJ+cIXRlBC4
bWBCDvTeGUMVMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvZjE2OWJh
YTg2NGFiYTZiYzk2ZDRjZjdlZjJhMTJlMGY2OWEzMjU5YS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvOWVlN2RlN2YtYTgwYi00ZTM1LTk4Y2YtYmE1YjVk
MmY3ZjJlLzgwNGI0YjU4ZDFmYWNhOGQwNjFhZjRkNDk0ODgzMGY5NmMwYzNmMGMu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy85ZWU3ZGU3Zi1hODBiLTRlMzUtOThjZi1iYTVi
NWQyZjdmMmUvZjE2OWJhYTg2NGFiYTZiYzk2ZDRjZjdlZjJhMTJlMGY2OWEzMjU5
YS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQf
MB0wDAQCAAEwBgMEAi2+wDANBAIAAjAHAwUAKAOI4DANBgkqhkiG9w0BAQsFAAOC
AQEAR7G6sYBPgUSEhztVH9FYqRa2GAPQ1J5jZixLZuQ5Jw+AGfJkDB/DPRByoIPB
NBjl5myUfQafwe5zBvtw3yvCIegIAmLXyn3ZXM3HkYf/6BQwjBHlnf+t6e+HF837
mRa340sMEVQ38oiqNXdhrlmZPv4K+6OM0G8ESH9NTMxi89Pb3YfsgYb9qqH4aXIc
u39kXDcGj2fPSvOw4ZbE9L0P9W7/ZLfkhBDGKG17n5Cq3BOjB4+rog2ewjczn7Ob
DvMqXqTiXErHKq78lJSkO4EaXdH7NJfpkkRQOuIfkuFcocAlTRObodEsvj+SmPXv
NPvc/wxDB7lzMjJlFO9d1lMY8Q==
-----END CERTIFICATE-----
Generated at Wed Mar 15 11:35:01 2023 by rpki-client on console-ams.rpki-client.org