Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/9f96dbc5-b6e6-4e1c-9cf3-7dd0065f944e/a5e231f5906051f524024fa16bf6d3d01302333b.roa
File:                     a5e231f5906051f524024fa16bf6d3d01302333b.roa (raw, json)
Hash identifier:          05Js7AgrUoELKx0m/CqfLul+4p9COo0EAeIhqEPYsus=
Subject key identifier:   0B:44:C8:64:A5:9C:E4:1D:02:19:8C:AF:F0:4D:F3:3E:0A:9A:B4:52
Certificate issuer:       /CN=db69e9d926a8fd56475445765b011adad2f2d430
Certificate serial:       1EF870
Authority key identifier: 73:31:E7:AE:AE:29:D6:9F:96:AB:D4:EF:80:B2:8B:C0:3F:30:DC:70
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/db69e9d926a8fd56475445765b011adad2f2d430.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/9f96dbc5-b6e6-4e1c-9cf3-7dd0065f944e/a5e231f5906051f524024fa16bf6d3d01302333b.roa
Signing time:             Fri 24 Mar 2023 08:30:47 +0000
ROA not before:           Thu 23 Mar 2023 08:30:47 +0000
ROA not after:            Sat 22 Mar 2025 08:30:47 +0000
asID:                     266872
IP address blocks:        45.160.28.0/23 maxlen: 23
                          45.160.28.0/24 maxlen: 24
                          45.160.29.0/24 maxlen: 24
                          45.160.30.0/23 maxlen: 23
                          45.160.30.0/24 maxlen: 24
                          45.160.31.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/9f96dbc5-b6e6-4e1c-9cf3-7dd0065f944e/db69e9d926a8fd56475445765b011adad2f2d430.crl
                          rsync://repository.lacnic.net/rpki/lacnic/9f96dbc5-b6e6-4e1c-9cf3-7dd0065f944e/db69e9d926a8fd56475445765b011adad2f2d430.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/db69e9d926a8fd56475445765b011adad2f2d430.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 03 Mar 2024 01:34:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2029680 (0x1ef870)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=db69e9d926a8fd56475445765b011adad2f2d430
        Validity
            Not Before: Mar 23 08:30:47 2023 GMT
            Not After : Mar 22 08:30:47 2025 GMT
        Subject: CN=a5e231f5906051f524024fa16bf6d3d01302333b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:13:89:62:93:c3:f9:fa:4d:a3:5d:ba:ee:e4:
                    9c:50:c5:14:ad:25:a2:a8:2b:a4:3f:d1:dc:60:30:
                    fe:b7:cc:09:1c:2d:2c:82:f2:f3:67:01:b4:35:26:
                    6a:36:1a:99:89:11:c2:f7:4d:5c:c1:5c:5b:3c:fd:
                    1e:c4:c7:21:99:2d:58:24:21:53:55:25:77:76:e3:
                    e5:a7:06:9a:65:b9:f9:6e:f6:21:4a:f5:69:fb:a7:
                    3b:86:5d:a7:73:c3:32:43:1c:38:02:7b:ce:ce:41:
                    de:f8:99:b4:59:27:4d:18:a0:73:cb:86:d2:25:7c:
                    d6:64:84:38:a7:5b:e7:77:7f:2c:cf:d2:1d:83:ca:
                    69:a5:6f:c6:42:95:c3:e0:33:57:af:3e:53:34:ff:
                    9f:c5:d5:fc:4e:9f:a4:71:95:e5:2d:bd:04:4f:bb:
                    01:bc:98:c4:ef:fd:a9:15:29:c0:47:e4:94:0a:3d:
                    cf:ad:05:3b:79:40:c7:ff:6d:b6:92:d9:c1:f1:3f:
                    e1:40:19:ab:37:fa:b0:e4:56:6d:13:ba:1e:a8:98:
                    d9:c4:dc:85:7d:4a:5c:82:50:f7:b0:4b:3a:ec:02:
                    19:15:b9:e2:8a:52:5e:51:ed:2e:97:50:78:85:f3:
                    f2:ec:5a:ac:75:ac:7e:57:c4:8a:a7:6d:1f:c0:1e:
                    84:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0B:44:C8:64:A5:9C:E4:1D:02:19:8C:AF:F0:4D:F3:3E:0A:9A:B4:52
            X509v3 Authority Key Identifier:
                keyid:73:31:E7:AE:AE:29:D6:9F:96:AB:D4:EF:80:B2:8B:C0:3F:30:DC:70

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/db69e9d926a8fd56475445765b011adad2f2d430.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/9f96dbc5-b6e6-4e1c-9cf3-7dd0065f944e/a5e231f5906051f524024fa16bf6d3d01302333b.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/9f96dbc5-b6e6-4e1c-9cf3-7dd0065f944e/db69e9d926a8fd56475445765b011adad2f2d430.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.160.28.0/22

    Signature Algorithm: sha256WithRSAEncryption
         46:65:95:3e:a9:3e:85:c2:ba:21:29:05:39:b5:10:84:3c:b0:
         14:ec:71:0b:36:5a:ad:fd:56:2c:26:51:37:dd:ca:11:ca:16:
         36:05:55:6f:8c:75:c1:8c:31:e6:63:35:3c:ce:b3:33:91:89:
         0b:ee:f1:71:4b:85:68:22:3b:2e:4d:4a:52:7b:00:bf:6a:94:
         58:2c:d7:e6:d5:f5:a3:66:9b:96:2a:73:65:2f:1d:5b:4b:51:
         f5:10:8a:57:ca:b4:4a:ab:d1:ab:1b:58:36:59:e1:62:2e:e6:
         dd:dd:24:f7:26:79:cd:84:6c:c0:42:c4:b8:39:5c:59:24:75:
         74:f8:3a:2d:92:75:02:64:05:30:0e:ad:e6:82:b5:eb:ce:92:
         d1:45:84:9a:69:f7:fd:ef:99:84:7f:20:c6:65:80:7f:04:b1:
         5b:29:17:49:de:83:ff:33:99:98:db:64:45:f5:22:93:f4:1c:
         2e:25:48:17:48:5c:fd:f2:43:fa:0d:a8:13:4f:5a:47:17:88:
         41:40:a5:3a:5b:eb:b2:7f:d1:3d:e0:e3:aa:5a:98:82:c8:8d:
         51:f1:ce:22:80:f5:25:96:35:29:db:ef:21:56:6e:8b:52:d8:
         0e:8d:fc:23:13:c6:3a:17:60:fe:b1:e2:1b:ba:9a:69:2d:f3:
         71:11:d1:a2
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDHvhwMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGRi
NjllOWQ5MjZhOGZkNTY0NzU0NDU3NjViMDExYWRhZDJmMmQ0MzAwHhcNMjMwMzIz
MDgzMDQ3WhcNMjUwMzIyMDgzMDQ3WjAzMTEwLwYDVQQDEyhhNWUyMzFmNTkwNjA1
MWY1MjQwMjRmYTE2YmY2ZDNkMDEzMDIzMzNiMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAqxOJYpPD+fpNo1267uScUMUUrSWiqCukP9HcYDD+t8wJHC0s
gvLzZwG0NSZqNhqZiRHC901cwVxbPP0exMchmS1YJCFTVSV3duPlpwaaZbn5bvYh
SvVp+6c7hl2nc8MyQxw4AnvOzkHe+Jm0WSdNGKBzy4bSJXzWZIQ4p1vnd38sz9Id
g8pppW/GQpXD4DNXrz5TNP+fxdX8Tp+kcZXlLb0ET7sBvJjE7/2pFSnAR+SUCj3P
rQU7eUDH/222ktnB8T/hQBmrN/qw5FZtE7oeqJjZxNyFfUpcglD3sEs67AIZFbni
ilJeUe0ul1B4hfPy7Fqsdax+V8SKp20fwB6EswIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFAtEyGSlnOQdAhmMr/BN8z4KmrRSMB8GA1UdIwQYMBaAFHMx566uKdaflqvU
74Cyi8A/MNxwMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvZGI2OWU5
ZDkyNmE4ZmQ1NjQ3NTQ0NTc2NWIwMTFhZGFkMmYyZDQzMC5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvOWY5NmRiYzUtYjZlNi00ZTFjLTljZjMtN2RkMDA2
NWY5NDRlL2E1ZTIzMWY1OTA2MDUxZjUyNDAyNGZhMTZiZjZkM2QwMTMwMjMzM2Iu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy85Zjk2ZGJjNS1iNmU2LTRlMWMtOWNmMy03ZGQw
MDY1Zjk0NGUvZGI2OWU5ZDkyNmE4ZmQ1NjQ3NTQ0NTc2NWIwMTFhZGFkMmYyZDQz
MC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAi2gHDANBgkqhkiG9w0BAQsFAAOCAQEARmWVPqk+hcK6ISkF
ObUQhDywFOxxCzZarf1WLCZRN93KEcoWNgVVb4x1wYwx5mM1PM6zM5GJC+7xcUuF
aCI7Lk1KUnsAv2qUWCzX5tX1o2ablipzZS8dW0tR9RCKV8q0SqvRqxtYNlnhYi7m
3d0k9yZ5zYRswELEuDlcWSR1dPg6LZJ1AmQFMA6t5oK1686S0UWEmmn3/e+ZhH8g
xmWAfwSxWykXSd6D/zOZmNtkRfUik/QcLiVIF0hc/fJD+g2oE09aRxeIQUClOlvr
sn/RPeDjqlqYgsiNUfHOIoD1JZY1KdvvIVZui1LYDo38IxPGOhdg/rHiG7qaaS3z
cRHRog==
-----END CERTIFICATE-----
Generated at Thu Feb 29 02:44:54 2024 by rpki-client on console-ams.rpki-client.org