Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/9f96dbc5-b6e6-4e1c-9cf3-7dd0065f944e/633b2e45d0d314ad76a4ff119560a959417ba554.roa
File:                     633b2e45d0d314ad76a4ff119560a959417ba554.roa (raw, json)
Hash identifier:          9XyvZ904m3vnWtT8mdwVR2/ywdtjBzSj/7Sd5PKItO0=
Subject key identifier:   0D:4B:58:B1:AB:42:16:7A:4F:40:8A:94:4F:B0:9C:F5:E6:50:C7:B4
Certificate issuer:       /CN=db69e9d926a8fd56475445765b011adad2f2d430
Certificate serial:       0D235F
Authority key identifier: 73:31:E7:AE:AE:29:D6:9F:96:AB:D4:EF:80:B2:8B:C0:3F:30:DC:70
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/db69e9d926a8fd56475445765b011adad2f2d430.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/9f96dbc5-b6e6-4e1c-9cf3-7dd0065f944e/633b2e45d0d314ad76a4ff119560a959417ba554.roa
Signing time:             Wed 24 Mar 2021 14:31:11 +0000
ROA not before:           Wed 24 Mar 2021 14:31:11 +0000
ROA not after:            Tue 24 Mar 2026 14:31:11 +0000
asID:                     266872
IP address blocks:        45.160.28.0/22 maxlen: 22
                          2803:6aa0::/32 maxlen: 32

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/9f96dbc5-b6e6-4e1c-9cf3-7dd0065f944e/db69e9d926a8fd56475445765b011adad2f2d430.crl
                          rsync://repository.lacnic.net/rpki/lacnic/9f96dbc5-b6e6-4e1c-9cf3-7dd0065f944e/db69e9d926a8fd56475445765b011adad2f2d430.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/db69e9d926a8fd56475445765b011adad2f2d430.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Tue 27 Feb 2024 12:23:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 861023 (0xd235f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=db69e9d926a8fd56475445765b011adad2f2d430
        Validity
            Not Before: Mar 24 14:31:11 2021 GMT
            Not After : Mar 24 14:31:11 2026 GMT
        Subject: CN=633b2e45d0d314ad76a4ff119560a959417ba554
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:76:99:a8:38:02:43:1d:b8:9d:69:04:0b:25:
                    b1:91:3f:9e:a9:21:a9:51:5c:3c:86:8f:c5:6c:cb:
                    a0:d9:a3:48:6f:f5:04:6c:a1:a1:03:c9:ee:e7:ae:
                    fe:45:16:1b:dc:d2:2a:68:50:e8:e0:9a:a0:64:03:
                    d5:1d:6b:b0:06:0d:51:ec:06:00:ec:49:f4:c1:3b:
                    95:7b:62:69:4c:59:98:70:91:f6:ef:52:de:41:6d:
                    3c:9d:05:cf:c6:52:f1:4a:57:7c:de:94:28:6e:48:
                    37:28:37:e8:74:87:4d:49:25:c3:7a:d6:80:12:7c:
                    3a:50:69:f5:e9:3a:8c:b7:9a:66:ec:bf:ea:39:78:
                    c3:02:fe:26:ab:9e:2d:99:59:09:5d:04:5d:ce:19:
                    c4:9d:8a:17:04:3b:b1:6b:09:bf:14:7e:bd:0d:65:
                    64:12:51:32:7a:36:d9:47:ea:30:2d:6d:24:5b:59:
                    5b:eb:d5:9c:54:e8:67:9a:67:a3:9f:86:f7:0e:5e:
                    41:30:5a:99:0c:81:31:1e:c7:ae:d2:93:94:87:76:
                    ce:69:d1:91:16:1c:d9:98:bb:52:80:47:08:10:96:
                    00:4b:0a:f4:0e:d2:d2:6f:fc:53:7f:4d:d4:7b:a4:
                    a4:5a:31:1b:57:9a:33:b6:d1:3a:2c:1f:65:1f:06:
                    71:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:4B:58:B1:AB:42:16:7A:4F:40:8A:94:4F:B0:9C:F5:E6:50:C7:B4
            X509v3 Authority Key Identifier:
                keyid:73:31:E7:AE:AE:29:D6:9F:96:AB:D4:EF:80:B2:8B:C0:3F:30:DC:70

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/db69e9d926a8fd56475445765b011adad2f2d430.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/9f96dbc5-b6e6-4e1c-9cf3-7dd0065f944e/633b2e45d0d314ad76a4ff119560a959417ba554.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/9f96dbc5-b6e6-4e1c-9cf3-7dd0065f944e/db69e9d926a8fd56475445765b011adad2f2d430.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.160.28.0/22
                IPv6:
                  2803:6aa0::/32

    Signature Algorithm: sha256WithRSAEncryption
         45:dc:54:4f:a0:6c:9c:8a:fa:ae:74:33:67:14:9e:e2:3f:51:
         05:58:f7:1e:27:84:30:ef:c0:5a:e1:b9:89:d6:ec:ae:8f:8b:
         4f:e3:28:0c:88:d8:41:02:f6:46:e8:66:52:e4:6c:08:5f:6b:
         ce:22:c7:11:28:87:6b:22:39:48:2e:31:19:1f:fc:4b:fd:70:
         08:7f:db:ca:90:70:0e:47:c0:f8:4f:c4:59:11:67:7b:b2:de:
         09:56:7e:8f:be:3b:17:3f:30:30:71:65:e0:1e:2a:67:fe:65:
         f6:3b:13:82:ac:5f:72:5a:e6:7b:7c:c4:dc:e1:e1:d8:6a:1d:
         68:4f:33:6c:bd:cb:26:42:f8:30:79:37:9f:f5:89:45:79:cf:
         82:ef:d9:6f:fd:6e:c1:93:2e:05:1c:57:1b:be:a3:b4:84:76:
         57:8a:c8:22:f0:df:9c:b2:cc:e8:ba:5a:da:df:c7:41:e1:e9:
         5b:c2:ed:cf:08:fc:07:5f:54:ad:3f:86:47:42:19:37:5b:1a:
         1a:d9:81:29:32:9a:64:6b:16:40:34:cb:2c:4e:bf:81:e5:23:
         9c:cc:da:51:35:36:77:b3:d9:b6:37:7d:9a:dd:f8:6b:bb:e3:
         bf:82:ef:67:89:dc:c1:17:af:71:40:05:fd:2a:ad:84:83:5a:
         1e:57:3f:b5
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgIDDSNfMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGRi
NjllOWQ5MjZhOGZkNTY0NzU0NDU3NjViMDExYWRhZDJmMmQ0MzAwHhcNMjEwMzI0
MTQzMTExWhcNMjYwMzI0MTQzMTExWjAzMTEwLwYDVQQDEyg2MzNiMmU0NWQwZDMx
NGFkNzZhNGZmMTE5NTYwYTk1OTQxN2JhNTU0MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA03aZqDgCQx24nWkECyWxkT+eqSGpUVw8ho/FbMug2aNIb/UE
bKGhA8nu567+RRYb3NIqaFDo4JqgZAPVHWuwBg1R7AYA7En0wTuVe2JpTFmYcJH2
71LeQW08nQXPxlLxSld83pQobkg3KDfodIdNSSXDetaAEnw6UGn16TqMt5pm7L/q
OXjDAv4mq54tmVkJXQRdzhnEnYoXBDuxawm/FH69DWVkElEyejbZR+owLW0kW1lb
69WcVOhnmmejn4b3Dl5BMFqZDIExHseu0pOUh3bOadGRFhzZmLtSgEcIEJYASwr0
DtLSb/xTf03Ue6SkWjEbV5ozttE6LB9lHwZxewIDAQABo4ICajCCAmYwHQYDVR0O
BBYEFA1LWLGrQhZ6T0CKlE+wnPXmUMe0MB8GA1UdIwQYMBaAFHMx566uKdaflqvU
74Cyi8A/MNxwMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvZGI2OWU5
ZDkyNmE4ZmQ1NjQ3NTQ0NTc2NWIwMTFhZGFkMmYyZDQzMC5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvOWY5NmRiYzUtYjZlNi00ZTFjLTljZjMtN2RkMDA2
NWY5NDRlLzYzM2IyZTQ1ZDBkMzE0YWQ3NmE0ZmYxMTk1NjBhOTU5NDE3YmE1NTQu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy85Zjk2ZGJjNS1iNmU2LTRlMWMtOWNmMy03ZGQw
MDY1Zjk0NGUvZGI2OWU5ZDkyNmE4ZmQ1NjQ3NTQ0NTc2NWIwMTFhZGFkMmYyZDQz
MC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQf
MB0wDAQCAAEwBgMEAi2gHDANBAIAAjAHAwUAKANqoDANBgkqhkiG9w0BAQsFAAOC
AQEARdxUT6BsnIr6rnQzZxSe4j9RBVj3HieEMO/AWuG5idbsro+LT+MoDIjYQQL2
RuhmUuRsCF9rziLHESiHayI5SC4xGR/8S/1wCH/bypBwDkfA+E/EWRFne7LeCVZ+
j747Fz8wMHFl4B4qZ/5l9jsTgqxfclrme3zE3OHh2GodaE8zbL3LJkL4MHk3n/WJ
RXnPgu/Zb/1uwZMuBRxXG76jtIR2V4rIIvDfnLLM6Lpa2t/HQeHpW8Ltzwj8B19U
rT+GR0IZN1saGtmBKTKaZGsWQDTLLE6/geUjnMzaUTU2d7PZtjd9mt34a7vjv4Lv
Z4ncwRevcUAF/SqthINaHlc/tQ==
-----END CERTIFICATE-----
Generated at Sat Feb 24 21:47:12 2024 by rpki-client on console-ams.rpki-client.org