Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/a17a848e-6bd6-41f7-8406-7d6894c3591f/893ce56a3fe713ec973eaa106de41a216e4e724a.roa
File:                     893ce56a3fe713ec973eaa106de41a216e4e724a.roa (raw, json)
Hash identifier:          jjmXHiEs56kozhPoYSmrE11gJ9vPrtCrnSTpJjCvwjg=
Subject key identifier:   33:4E:8A:BE:4B:0C:0E:BA:A0:5E:55:AF:12:5A:74:C5:36:DB:F9:FB
Certificate issuer:       /CN=43dce57cdffb676b89eeb458cc86d9a67fbdd104
Certificate serial:       0CF226
Authority key identifier: C6:3F:FA:90:62:DD:B5:47:59:52:B1:15:39:EE:64:BD:A9:B7:F9:D6
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/43dce57cdffb676b89eeb458cc86d9a67fbdd104.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/a17a848e-6bd6-41f7-8406-7d6894c3591f/893ce56a3fe713ec973eaa106de41a216e4e724a.roa
Signing time:             Wed 24 Mar 2021 14:34:23 +0000
ROA not before:           Wed 24 Mar 2021 14:34:23 +0000
ROA not after:            Tue 24 Mar 2026 14:34:23 +0000
asID:                     266870
IP address blocks:        45.160.12.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/a17a848e-6bd6-41f7-8406-7d6894c3591f/43dce57cdffb676b89eeb458cc86d9a67fbdd104.crl
                          rsync://repository.lacnic.net/rpki/lacnic/a17a848e-6bd6-41f7-8406-7d6894c3591f/43dce57cdffb676b89eeb458cc86d9a67fbdd104.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/43dce57cdffb676b89eeb458cc86d9a67fbdd104.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 19:38:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 848422 (0xcf226)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=43dce57cdffb676b89eeb458cc86d9a67fbdd104
        Validity
            Not Before: Mar 24 14:34:23 2021 GMT
            Not After : Mar 24 14:34:23 2026 GMT
        Subject: CN=893ce56a3fe713ec973eaa106de41a216e4e724a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:49:17:b8:a4:4c:68:1e:49:0e:1b:06:51:83:
                    a6:29:3f:61:94:60:22:65:60:41:83:d8:9c:c2:02:
                    ae:c0:72:d4:2c:8e:4c:ba:66:9d:f7:51:e8:e0:62:
                    c1:a5:23:0c:af:52:38:a7:0e:9b:cd:81:7f:ac:f5:
                    02:59:25:72:47:d0:f2:a5:24:27:83:ae:70:32:6e:
                    af:90:5c:17:25:bb:77:84:ed:5f:75:3f:6d:16:e6:
                    0a:48:73:94:be:64:ac:63:92:49:4c:6c:a8:8c:5e:
                    78:a5:8b:96:a4:12:d3:5b:e2:5a:02:6f:42:95:2e:
                    76:22:8b:81:be:6e:9c:c3:75:a7:34:5a:fa:f2:a4:
                    bc:90:c2:d4:a5:79:4b:2d:7c:fe:34:75:0a:2b:f8:
                    7d:04:20:5f:0b:39:00:d4:f9:9d:fa:e7:98:29:47:
                    73:18:81:7d:3b:6a:d1:fb:75:16:3b:6f:cd:b3:2a:
                    c4:cb:c5:44:0f:b4:b4:61:6d:1f:4d:32:70:f7:86:
                    1c:0a:ee:66:51:b2:e0:e0:d8:03:dc:3c:f1:07:39:
                    66:76:66:24:18:01:d7:37:68:46:54:6d:a4:c2:1a:
                    27:c3:07:a5:29:38:ee:4c:1c:87:72:bc:f4:ba:08:
                    2e:4b:ca:1f:db:41:64:02:61:60:56:41:ca:ab:f9:
                    9e:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                33:4E:8A:BE:4B:0C:0E:BA:A0:5E:55:AF:12:5A:74:C5:36:DB:F9:FB
            X509v3 Authority Key Identifier:
                keyid:C6:3F:FA:90:62:DD:B5:47:59:52:B1:15:39:EE:64:BD:A9:B7:F9:D6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/43dce57cdffb676b89eeb458cc86d9a67fbdd104.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/a17a848e-6bd6-41f7-8406-7d6894c3591f/893ce56a3fe713ec973eaa106de41a216e4e724a.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/a17a848e-6bd6-41f7-8406-7d6894c3591f/43dce57cdffb676b89eeb458cc86d9a67fbdd104.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.160.12.0/22

    Signature Algorithm: sha256WithRSAEncryption
         3a:6e:31:6b:58:5a:27:8c:43:cd:78:10:b7:f2:67:61:34:56:
         4e:ad:6f:21:ef:f7:ff:a6:b1:d0:53:ea:14:71:64:8b:da:d0:
         6a:15:88:92:b7:ee:9c:9d:a0:0b:14:8d:ee:18:12:39:0e:d1:
         75:95:79:9e:a7:c3:7a:dd:6f:da:55:20:56:b1:b3:f2:bd:9d:
         e5:07:da:c6:38:d6:23:89:e0:30:69:ae:10:dd:24:bc:d1:cc:
         5e:c1:8f:da:6c:cc:25:08:e6:7c:12:f3:00:66:64:9b:88:3e:
         a5:cf:c5:30:70:93:8f:5e:27:15:41:68:8c:ca:17:a9:25:1e:
         55:74:4f:19:a8:d5:f1:05:77:50:af:9d:de:e3:c4:f1:6e:f5:
         d3:10:f3:4f:dd:2c:21:01:4c:59:c9:10:b1:62:9e:e1:fa:44:
         94:e0:17:f7:28:00:80:cd:6c:a0:48:bc:1e:a8:2e:85:52:0b:
         35:8b:1a:8e:d5:03:dc:96:3f:12:8c:2f:74:56:25:cf:e3:31:
         0f:3f:9a:00:69:53:0e:fe:aa:65:93:ec:4a:22:be:92:9d:7a:
         f3:45:3d:bd:a2:9a:8b:0d:e9:24:26:30:de:6e:9b:94:8d:d0:
         03:e3:f9:8e:ec:ca:ff:4f:12:35:9b:ab:7d:81:bb:e8:31:02:
         c6:65:eb:6d
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDDPImMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDQz
ZGNlNTdjZGZmYjY3NmI4OWVlYjQ1OGNjODZkOWE2N2ZiZGQxMDQwHhcNMjEwMzI0
MTQzNDIzWhcNMjYwMzI0MTQzNDIzWjAzMTEwLwYDVQQDEyg4OTNjZTU2YTNmZTcx
M2VjOTczZWFhMTA2ZGU0MWEyMTZlNGU3MjRhMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAjEkXuKRMaB5JDhsGUYOmKT9hlGAiZWBBg9icwgKuwHLULI5M
umad91Ho4GLBpSMMr1I4pw6bzYF/rPUCWSVyR9DypSQng65wMm6vkFwXJbt3hO1f
dT9tFuYKSHOUvmSsY5JJTGyojF54pYuWpBLTW+JaAm9ClS52IouBvm6cw3WnNFr6
8qS8kMLUpXlLLXz+NHUKK/h9BCBfCzkA1Pmd+ueYKUdzGIF9O2rR+3UWO2/NsyrE
y8VED7S0YW0fTTJw94YcCu5mUbLg4NgD3DzxBzlmdmYkGAHXN2hGVG2kwhonwwel
KTjuTByHcrz0ugguS8of20FkAmFgVkHKq/meSQIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFDNOir5LDA66oF5VrxJadMU22/n7MB8GA1UdIwQYMBaAFMY/+pBi3bVHWVKx
FTnuZL2pt/nWMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvNDNkY2U1
N2NkZmZiNjc2Yjg5ZWViNDU4Y2M4NmQ5YTY3ZmJkZDEwNC5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvYTE3YTg0OGUtNmJkNi00MWY3LTg0MDYtN2Q2ODk0
YzM1OTFmLzg5M2NlNTZhM2ZlNzEzZWM5NzNlYWExMDZkZTQxYTIxNmU0ZTcyNGEu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9hMTdhODQ4ZS02YmQ2LTQxZjctODQwNi03ZDY4
OTRjMzU5MWYvNDNkY2U1N2NkZmZiNjc2Yjg5ZWViNDU4Y2M4NmQ5YTY3ZmJkZDEw
NC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAi2gDDANBgkqhkiG9w0BAQsFAAOCAQEAOm4xa1haJ4xDzXgQ
t/JnYTRWTq1vIe/3/6ax0FPqFHFki9rQahWIkrfunJ2gCxSN7hgSOQ7RdZV5nqfD
et1v2lUgVrGz8r2d5QfaxjjWI4ngMGmuEN0kvNHMXsGP2mzMJQjmfBLzAGZkm4g+
pc/FMHCTj14nFUFojMoXqSUeVXRPGajV8QV3UK+d3uPE8W710xDzT90sIQFMWckQ
sWKe4fpElOAX9ygAgM1soEi8HqguhVILNYsajtUD3JY/EowvdFYlz+MxDz+aAGlT
Dv6qZZPsSiK+kp1680U9vaKaiw3pJCYw3m6blI3QA+P5juzK/08SNZurfYG76DEC
xmXrbQ==
-----END CERTIFICATE-----
Generated at Thu Mar 28 22:20:22 2024 by rpki-client on console-fra.rpki-client.org