Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/a133021f-9ef7-4081-bbaf-b430161f270f/60a60fc839cd665b74c08d6e95e73add9912407b.roa
File:                     60a60fc839cd665b74c08d6e95e73add9912407b.roa (raw, json)
Hash identifier:          7P0Uhxu17U8dzQM4A5GqgX+/tRVMZ/Bvvs75/5CGFfo=
Subject key identifier:   B5:7E:EC:69:D8:73:27:04:91:AA:67:0D:81:8D:46:0C:CC:FD:F4:53
Certificate issuer:       /CN=204ad8fc6b3a56871d09ceb332c932ad175a605b
Certificate serial:       0DD0D4
Authority key identifier: 95:0A:A4:35:8F:E9:BD:E7:96:BF:B1:9E:6F:CD:4C:A4:46:A8:0F:EC
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/204ad8fc6b3a56871d09ceb332c932ad175a605b.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/a133021f-9ef7-4081-bbaf-b430161f270f/60a60fc839cd665b74c08d6e95e73add9912407b.roa
Signing time:             Wed 24 Mar 2021 14:30:35 +0000
ROA not before:           Wed 24 Mar 2021 14:30:35 +0000
ROA not after:            Tue 24 Mar 2026 14:30:35 +0000
asID:                     265692
IP address blocks:        45.7.124.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/a133021f-9ef7-4081-bbaf-b430161f270f/204ad8fc6b3a56871d09ceb332c932ad175a605b.crl
                          rsync://repository.lacnic.net/rpki/lacnic/a133021f-9ef7-4081-bbaf-b430161f270f/204ad8fc6b3a56871d09ceb332c932ad175a605b.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/204ad8fc6b3a56871d09ceb332c932ad175a605b.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 19:38:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 905428 (0xdd0d4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=204ad8fc6b3a56871d09ceb332c932ad175a605b
        Validity
            Not Before: Mar 24 14:30:35 2021 GMT
            Not After : Mar 24 14:30:35 2026 GMT
        Subject: CN=60a60fc839cd665b74c08d6e95e73add9912407b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:3d:0f:42:4b:f7:92:4c:06:e9:8e:e1:ec:f5:
                    90:6c:9d:d4:7f:83:10:32:02:de:e2:a7:37:51:f5:
                    5d:de:d3:6e:a1:6c:56:2a:24:9f:ff:7a:4d:85:2c:
                    a3:40:a7:da:d2:be:0a:b4:bf:d5:b8:23:f7:90:6c:
                    84:3d:89:9c:66:ea:b2:33:53:a1:57:86:0c:8b:e7:
                    bf:69:36:86:a6:7c:e1:ca:3c:50:d4:62:46:15:8a:
                    e3:b7:d9:2b:bb:f2:b7:e4:64:1d:76:8f:91:7b:ce:
                    3b:b1:14:d7:3d:0e:1a:fc:0f:93:77:25:c2:1a:d1:
                    a6:58:95:f5:42:18:81:12:16:66:1a:50:ab:d1:52:
                    04:be:08:43:72:e0:54:5f:1a:e0:82:a1:b5:65:8f:
                    1a:19:8b:78:58:af:61:f8:c9:02:b7:2f:96:4b:2c:
                    de:73:43:69:dc:2a:3c:4d:b7:f3:86:de:48:d7:cb:
                    1f:71:ad:2e:bd:2d:15:f7:ed:76:0e:26:65:11:35:
                    f3:1f:15:ec:5a:8c:05:6f:59:18:ec:42:9d:8a:25:
                    2b:31:9e:68:80:26:fe:3f:57:2a:ef:55:70:7b:65:
                    d2:59:4f:92:de:d6:f1:6f:46:ee:09:88:c3:06:d8:
                    44:cd:da:c4:7a:6d:4f:e5:ac:21:4d:f0:21:c6:93:
                    fe:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B5:7E:EC:69:D8:73:27:04:91:AA:67:0D:81:8D:46:0C:CC:FD:F4:53
            X509v3 Authority Key Identifier:
                keyid:95:0A:A4:35:8F:E9:BD:E7:96:BF:B1:9E:6F:CD:4C:A4:46:A8:0F:EC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/204ad8fc6b3a56871d09ceb332c932ad175a605b.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/a133021f-9ef7-4081-bbaf-b430161f270f/60a60fc839cd665b74c08d6e95e73add9912407b.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/a133021f-9ef7-4081-bbaf-b430161f270f/204ad8fc6b3a56871d09ceb332c932ad175a605b.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.7.124.0/22

    Signature Algorithm: sha256WithRSAEncryption
         10:78:fc:0a:39:0d:fa:1c:55:78:1f:26:5d:bd:30:3e:2b:9d:
         7b:be:8a:26:b0:7e:c7:3c:9b:f6:5d:21:b7:97:65:4f:d3:69:
         23:50:07:56:b1:77:b1:56:2e:2d:b1:f4:54:4f:f3:cf:ed:13:
         0c:e9:bb:04:12:bc:67:9d:39:4e:f8:b1:94:45:05:62:df:83:
         34:59:57:d3:bf:a1:c4:d0:3b:60:1f:bd:23:98:61:a3:cf:fe:
         60:35:50:4f:04:0a:1f:2c:90:d6:17:1e:4c:a4:a9:f7:d0:80:
         c4:8a:c6:3e:aa:44:b6:46:3e:ad:94:6f:d4:1e:d3:17:87:bd:
         27:29:69:23:4b:a4:a2:b7:34:f3:14:78:4e:ae:92:6f:09:13:
         1a:d1:8c:a9:fa:dc:2b:4d:f6:3a:44:14:63:6b:69:ca:eb:7f:
         84:c8:a2:35:a3:b4:d8:48:f7:f8:ab:1a:92:f9:26:21:dc:7a:
         48:96:3e:77:aa:75:b5:76:3b:f9:d8:ed:f1:8c:ee:7d:0c:84:
         f5:49:96:33:11:d4:58:28:a2:47:09:01:d7:71:27:d4:1d:1f:
         44:a1:a4:b4:ee:6b:f4:6e:a5:93:5b:15:37:0f:34:a8:33:c0:
         e4:77:19:68:3a:74:11:5e:0b:91:37:81:42:7c:e1:e3:6a:a9:
         21:be:c7:7e
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDDdDUMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDIw
NGFkOGZjNmIzYTU2ODcxZDA5Y2ViMzMyYzkzMmFkMTc1YTYwNWIwHhcNMjEwMzI0
MTQzMDM1WhcNMjYwMzI0MTQzMDM1WjAzMTEwLwYDVQQDEyg2MGE2MGZjODM5Y2Q2
NjViNzRjMDhkNmU5NWU3M2FkZDk5MTI0MDdiMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAkT0PQkv3kkwG6Y7h7PWQbJ3Uf4MQMgLe4qc3UfVd3tNuoWxW
KiSf/3pNhSyjQKfa0r4KtL/VuCP3kGyEPYmcZuqyM1OhV4YMi+e/aTaGpnzhyjxQ
1GJGFYrjt9kru/K35GQddo+Re847sRTXPQ4a/A+TdyXCGtGmWJX1QhiBEhZmGlCr
0VIEvghDcuBUXxrggqG1ZY8aGYt4WK9h+MkCty+WSyzec0Np3Co8Tbfzht5I18sf
ca0uvS0V9+12DiZlETXzHxXsWowFb1kY7EKdiiUrMZ5ogCb+P1cq71Vwe2XSWU+S
3tbxb0buCYjDBthEzdrEem1P5awhTfAhxpP+fQIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFLV+7GnYcycEkapnDYGNRgzM/fRTMB8GA1UdIwQYMBaAFJUKpDWP6b3nlr+x
nm/NTKRGqA/sMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvMjA0YWQ4
ZmM2YjNhNTY4NzFkMDljZWIzMzJjOTMyYWQxNzVhNjA1Yi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvYTEzMzAyMWYtOWVmNy00MDgxLWJiYWYtYjQzMDE2
MWYyNzBmLzYwYTYwZmM4MzljZDY2NWI3NGMwOGQ2ZTk1ZTczYWRkOTkxMjQwN2Iu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9hMTMzMDIxZi05ZWY3LTQwODEtYmJhZi1iNDMw
MTYxZjI3MGYvMjA0YWQ4ZmM2YjNhNTY4NzFkMDljZWIzMzJjOTMyYWQxNzVhNjA1
Yi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAi0HfDANBgkqhkiG9w0BAQsFAAOCAQEAEHj8CjkN+hxVeB8m
Xb0wPiude76KJrB+xzyb9l0ht5dlT9NpI1AHVrF3sVYuLbH0VE/zz+0TDOm7BBK8
Z505TvixlEUFYt+DNFlX07+hxNA7YB+9I5hho8/+YDVQTwQKHyyQ1hceTKSp99CA
xIrGPqpEtkY+rZRv1B7TF4e9JylpI0ukorc08xR4Tq6SbwkTGtGMqfrcK032OkQU
Y2tpyut/hMiiNaO02Ej3+KsakvkmIdx6SJY+d6p1tXY7+djt8YzufQyE9UmWMxHU
WCiiRwkB13En1B0fRKGktO5r9G6lk1sVNw80qDPA5HcZaDp0EV4LkTeBQnzh42qp
Ib7Hfg==
-----END CERTIFICATE-----
Generated at Thu Mar 28 22:53:06 2024 by rpki-client on console-ams.rpki-client.org