Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/a208d5b9-380b-4da1-a45a-01eba51ee139/0f251e2be5dca03921bc83e44cc019a25c1f0bea.roa
File:                     0f251e2be5dca03921bc83e44cc019a25c1f0bea.roa (raw, json)
Hash identifier:          4PmlUkKj+C96ieXV0o4gCFXlhY9fvXtJub44jqMEJP4=
Subject key identifier:   CC:D1:D7:51:C5:90:CA:89:80:25:00:81:8D:69:B7:DA:55:3F:F0:01
Certificate issuer:       /CN=55040cfb32568a53c16b8ccd785750a784554ebd
Certificate serial:       0DAEA5
Authority key identifier: 54:18:B3:A7:9C:04:4B:FE:8B:36:CB:6B:9B:E5:A1:22:91:D5:A9:C8
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/55040cfb32568a53c16b8ccd785750a784554ebd.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/a208d5b9-380b-4da1-a45a-01eba51ee139/0f251e2be5dca03921bc83e44cc019a25c1f0bea.roa
Signing time:             Wed 24 Mar 2021 14:31:49 +0000
ROA not before:           Wed 24 Mar 2021 14:31:48 +0000
ROA not after:            Tue 24 Mar 2026 14:31:48 +0000
asID:                     263757
IP address blocks:        138.117.48.0/22 maxlen: 24
                          2803:4840::/32 maxlen: 32

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/a208d5b9-380b-4da1-a45a-01eba51ee139/55040cfb32568a53c16b8ccd785750a784554ebd.crl
                          rsync://repository.lacnic.net/rpki/lacnic/a208d5b9-380b-4da1-a45a-01eba51ee139/55040cfb32568a53c16b8ccd785750a784554ebd.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/55040cfb32568a53c16b8ccd785750a784554ebd.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Wed 06 Mar 2024 06:24:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 896677 (0xdaea5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=55040cfb32568a53c16b8ccd785750a784554ebd
        Validity
            Not Before: Mar 24 14:31:48 2021 GMT
            Not After : Mar 24 14:31:48 2026 GMT
        Subject: CN=0f251e2be5dca03921bc83e44cc019a25c1f0bea
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:de:12:52:79:f7:a1:2e:9a:dd:c6:8b:67:5b:
                    45:ea:0d:2b:ff:86:78:26:ed:5d:77:1e:ec:23:2c:
                    eb:cd:09:67:c8:9f:fe:0b:d7:35:e7:71:c0:49:67:
                    a3:a9:7e:62:7d:c2:f5:49:5d:0b:e4:1d:6d:73:f1:
                    95:ec:5c:af:1d:45:21:c2:07:d3:10:22:ba:f1:01:
                    39:52:b0:d8:da:4b:09:df:e5:3e:77:ee:c0:02:63:
                    6e:36:d8:94:e7:90:62:eb:00:ac:96:5a:78:be:c8:
                    0c:d5:07:a5:ae:67:12:18:ae:c6:5b:66:71:ff:4f:
                    25:ef:53:d5:f6:d8:75:f3:5e:ff:cc:e5:5e:0e:a5:
                    54:f8:b4:66:77:73:65:e7:78:5a:33:82:ae:68:a7:
                    ad:c1:83:ff:8a:b3:f4:b8:6c:71:dc:a9:b6:24:b1:
                    fc:df:35:ef:77:1e:4f:0f:c8:91:90:1c:04:64:d8:
                    54:98:03:af:9a:1c:b5:ee:34:82:50:c8:4e:a2:9f:
                    17:21:20:a0:12:5d:81:48:cd:53:82:2e:ef:35:68:
                    bc:37:ff:07:11:11:9c:60:a9:89:a1:fe:a7:b3:93:
                    da:7d:fd:f3:d5:01:08:a6:18:af:17:c5:dd:7e:b6:
                    90:f5:92:31:d0:82:c5:61:fd:50:59:2e:9c:11:71:
                    c3:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CC:D1:D7:51:C5:90:CA:89:80:25:00:81:8D:69:B7:DA:55:3F:F0:01
            X509v3 Authority Key Identifier:
                keyid:54:18:B3:A7:9C:04:4B:FE:8B:36:CB:6B:9B:E5:A1:22:91:D5:A9:C8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/55040cfb32568a53c16b8ccd785750a784554ebd.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/a208d5b9-380b-4da1-a45a-01eba51ee139/0f251e2be5dca03921bc83e44cc019a25c1f0bea.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/a208d5b9-380b-4da1-a45a-01eba51ee139/55040cfb32568a53c16b8ccd785750a784554ebd.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  138.117.48.0/22
                IPv6:
                  2803:4840::/32

    Signature Algorithm: sha256WithRSAEncryption
         f0:93:09:ff:80:d9:26:81:bc:49:d5:08:5a:b1:50:89:65:a0:
         9f:28:db:f2:b8:9c:71:bc:81:0a:50:ba:6c:99:0b:42:62:11:
         33:4e:3a:70:16:52:01:ed:53:0c:02:ad:a3:ee:88:fe:e7:6c:
         30:02:18:b8:eb:fc:e3:f5:c7:87:fd:3b:1e:51:c7:07:fd:6f:
         10:b4:34:a7:51:99:2d:fa:3f:62:1f:87:f1:bc:6d:bd:20:2d:
         cb:87:35:5c:0c:c2:b5:8d:8c:54:74:48:1c:cd:65:a8:8f:35:
         f0:41:4b:e5:e1:22:fb:4d:b7:f7:03:d5:a6:56:3c:1f:72:ca:
         18:2a:1b:37:60:99:d6:b4:82:b2:60:e0:83:03:47:9d:46:59:
         67:2e:4d:d9:19:52:66:d8:1d:39:d5:21:be:df:97:c2:72:de:
         ea:a5:65:f6:46:1c:bd:f1:df:0c:71:34:5c:6e:0c:2f:4e:5e:
         b5:f8:a6:bb:b8:d3:d4:75:87:61:23:29:81:91:2f:55:b1:85:
         09:37:f4:67:b6:fa:3a:7d:8f:49:3c:36:a0:d3:b6:df:66:cf:
         aa:c1:64:ca:96:45:9e:23:a0:0a:6e:52:a6:ac:54:5b:c4:1f:
         7a:0b:7c:ed:13:3e:f6:4d:c4:55:6f:01:52:02:46:3a:09:a5:
         f7:91:f3:be
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgIDDa6lMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDU1
MDQwY2ZiMzI1NjhhNTNjMTZiOGNjZDc4NTc1MGE3ODQ1NTRlYmQwHhcNMjEwMzI0
MTQzMTQ4WhcNMjYwMzI0MTQzMTQ4WjAzMTEwLwYDVQQDEygwZjI1MWUyYmU1ZGNh
MDM5MjFiYzgzZTQ0Y2MwMTlhMjVjMWYwYmVhMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAjN4SUnn3oS6a3caLZ1tF6g0r/4Z4Ju1ddx7sIyzrzQlnyJ/+
C9c153HASWejqX5ifcL1SV0L5B1tc/GV7FyvHUUhwgfTECK68QE5UrDY2ksJ3+U+
d+7AAmNuNtiU55Bi6wCsllp4vsgM1QelrmcSGK7GW2Zx/08l71PV9th1817/zOVe
DqVU+LRmd3Nl53haM4KuaKetwYP/irP0uGxx3Km2JLH83zXvdx5PD8iRkBwEZNhU
mAOvmhy17jSCUMhOop8XISCgEl2BSM1Tgi7vNWi8N/8HERGcYKmJof6ns5Paff3z
1QEIphivF8XdfraQ9ZIx0ILFYf1QWS6cEXHDbQIDAQABo4ICajCCAmYwHQYDVR0O
BBYEFMzR11HFkMqJgCUAgY1pt9pVP/ABMB8GA1UdIwQYMBaAFFQYs6ecBEv+izbL
a5vloSKR1anIMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvNTUwNDBj
ZmIzMjU2OGE1M2MxNmI4Y2NkNzg1NzUwYTc4NDU1NGViZC5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvYTIwOGQ1YjktMzgwYi00ZGExLWE0NWEtMDFlYmE1
MWVlMTM5LzBmMjUxZTJiZTVkY2EwMzkyMWJjODNlNDRjYzAxOWEyNWMxZjBiZWEu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9hMjA4ZDViOS0zODBiLTRkYTEtYTQ1YS0wMWVi
YTUxZWUxMzkvNTUwNDBjZmIzMjU2OGE1M2MxNmI4Y2NkNzg1NzUwYTc4NDU1NGVi
ZC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQf
MB0wDAQCAAEwBgMEAop1MDANBAIAAjAHAwUAKANIQDANBgkqhkiG9w0BAQsFAAOC
AQEA8JMJ/4DZJoG8SdUIWrFQiWWgnyjb8riccbyBClC6bJkLQmIRM046cBZSAe1T
DAKto+6I/udsMAIYuOv84/XHh/07HlHHB/1vELQ0p1GZLfo/Yh+H8bxtvSAty4c1
XAzCtY2MVHRIHM1lqI818EFL5eEi+0239wPVplY8H3LKGCobN2CZ1rSCsmDggwNH
nUZZZy5N2RlSZtgdOdUhvt+XwnLe6qVl9kYcvfHfDHE0XG4ML05etfimu7jT1HWH
YSMpgZEvVbGFCTf0Z7b6On2PSTw2oNO232bPqsFkypZFniOgCm5SpqxUW8Qfegt8
7RM+9k3EVW8BUgJGOgml95Hzvg==
-----END CERTIFICATE-----
Generated at Sun Mar 3 09:56:54 2024 by rpki-client on console-ams.rpki-client.org