Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/a441f9ee-2f02-4847-b8c9-473962c940c9/b050a21044e1a43efbfdbf0b12e952732e177502.roa
File:                     b050a21044e1a43efbfdbf0b12e952732e177502.roa (raw, json)
Hash identifier:          /EAOxLE9Bg0rTsSJhQG8LcrEY5RcwDHe+nacMmdHURA=
Subject key identifier:   EC:61:9B:BB:6C:06:78:44:50:7A:21:CC:D3:0D:A7:3E:00:F7:8A:84
Certificate issuer:       /CN=18d0028df75dac2013960042cbffb91920caaed3
Certificate serial:       0BB330
Authority key identifier: 55:EE:BB:E7:B5:FE:6E:F8:2A:FF:CE:26:E5:B4:22:3A:20:0A:0D:AA
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/18d0028df75dac2013960042cbffb91920caaed3.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/a441f9ee-2f02-4847-b8c9-473962c940c9/b050a21044e1a43efbfdbf0b12e952732e177502.roa
Signing time:             Wed 24 Mar 2021 14:46:26 +0000
ROA not before:           Wed 24 Mar 2021 14:46:26 +0000
ROA not after:            Tue 24 Mar 2026 14:46:26 +0000
asID:                     267795
IP address blocks:        45.172.228.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/a441f9ee-2f02-4847-b8c9-473962c940c9/18d0028df75dac2013960042cbffb91920caaed3.crl
                          rsync://repository.lacnic.net/rpki/lacnic/a441f9ee-2f02-4847-b8c9-473962c940c9/18d0028df75dac2013960042cbffb91920caaed3.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/18d0028df75dac2013960042cbffb91920caaed3.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 12:22:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 766768 (0xbb330)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=18d0028df75dac2013960042cbffb91920caaed3
        Validity
            Not Before: Mar 24 14:46:26 2021 GMT
            Not After : Mar 24 14:46:26 2026 GMT
        Subject: CN=b050a21044e1a43efbfdbf0b12e952732e177502
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:81:fc:02:1f:9b:ee:9d:d9:2b:15:4e:0b:89:dc:
                    38:f4:c6:65:ab:77:7a:33:c0:1b:12:0e:86:9d:17:
                    83:ee:7a:07:d1:cb:70:2b:dc:a9:6b:d8:4c:2b:41:
                    77:0d:35:54:73:06:70:bb:33:cf:23:56:09:ba:d8:
                    bb:45:41:71:4d:d3:8c:65:34:74:7f:70:4c:77:4c:
                    80:e9:08:f7:cc:cc:08:82:95:49:46:d1:27:65:3e:
                    02:71:69:82:cb:04:c2:0f:18:ce:ce:56:59:67:5e:
                    c0:a1:2e:fb:6f:8a:6b:a7:6e:76:22:2b:21:50:b7:
                    4f:3b:00:b6:7e:b5:5e:15:91:54:52:d0:ba:d6:19:
                    6b:a9:30:98:d5:1b:d8:82:c8:4a:60:ef:82:41:e0:
                    a8:9e:99:a3:31:d9:8a:18:27:d0:fb:56:f9:ee:e8:
                    2e:c0:bf:49:ee:70:d6:f1:0a:b1:38:2b:bd:86:cf:
                    9a:39:5f:d5:c7:13:97:45:fe:4d:55:26:3d:de:a7:
                    4b:d5:b2:c7:0a:2f:76:23:e0:4f:e6:ea:69:ca:c4:
                    50:9c:cd:b1:56:0b:67:14:1b:9b:9b:07:d2:d9:63:
                    eb:76:4e:f0:7a:df:5e:e9:7d:34:0c:9e:65:35:25:
                    aa:f5:68:01:47:68:9f:b2:1e:f3:d8:06:f2:95:b5:
                    b0:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EC:61:9B:BB:6C:06:78:44:50:7A:21:CC:D3:0D:A7:3E:00:F7:8A:84
            X509v3 Authority Key Identifier:
                keyid:55:EE:BB:E7:B5:FE:6E:F8:2A:FF:CE:26:E5:B4:22:3A:20:0A:0D:AA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/18d0028df75dac2013960042cbffb91920caaed3.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/a441f9ee-2f02-4847-b8c9-473962c940c9/b050a21044e1a43efbfdbf0b12e952732e177502.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/a441f9ee-2f02-4847-b8c9-473962c940c9/18d0028df75dac2013960042cbffb91920caaed3.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.172.228.0/22

    Signature Algorithm: sha256WithRSAEncryption
         4b:7f:d2:c3:77:fe:54:4c:5b:71:17:05:d2:60:b8:d0:51:06:
         07:5c:c7:60:64:3d:2a:cd:3f:a3:4b:d7:03:cc:d6:81:20:c6:
         c4:ab:bc:96:4b:fd:aa:24:a7:e9:03:a8:c0:7e:1d:28:78:5b:
         f1:88:12:12:a2:3e:29:31:fd:40:eb:a2:33:5f:9b:75:b4:ec:
         b3:08:b4:12:67:b3:60:58:90:47:d0:e8:bc:1e:08:bd:76:58:
         9c:13:c3:b1:b7:20:0d:0f:b3:8b:8a:57:c0:11:43:e1:36:ea:
         f3:8c:fc:53:52:97:35:34:2e:30:cb:4c:6d:62:be:16:fe:08:
         04:26:e5:b9:db:cd:a9:b8:c6:69:91:87:0c:28:1e:be:14:50:
         0e:48:1c:58:e6:0c:a6:ae:2b:f6:48:d2:f7:c2:80:de:fa:2e:
         ff:f0:75:47:01:c9:9d:c9:42:5c:5e:b9:d2:12:22:86:e9:1e:
         a2:43:5f:55:44:ed:a6:40:76:5a:82:2b:5a:d0:60:7b:83:21:
         23:96:1e:66:23:35:13:eb:a2:fd:b8:c8:5b:12:ff:2a:9b:bd:
         7b:01:3b:01:2f:ef:a1:26:9c:e4:3c:33:6d:8d:b1:db:56:b0:
         07:e4:0f:fb:14:3e:00:da:0e:59:f4:f0:19:e8:5e:1b:85:2f:
         27:6d:ed:5f
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDC7MwMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDE4
ZDAwMjhkZjc1ZGFjMjAxMzk2MDA0MmNiZmZiOTE5MjBjYWFlZDMwHhcNMjEwMzI0
MTQ0NjI2WhcNMjYwMzI0MTQ0NjI2WjAzMTEwLwYDVQQDEyhiMDUwYTIxMDQ0ZTFh
NDNlZmJmZGJmMGIxMmU5NTI3MzJlMTc3NTAyMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAgfwCH5vundkrFU4Lidw49MZlq3d6M8AbEg6GnReD7noH0ctw
K9ypa9hMK0F3DTVUcwZwuzPPI1YJuti7RUFxTdOMZTR0f3BMd0yA6Qj3zMwIgpVJ
RtEnZT4CcWmCywTCDxjOzlZZZ17AoS77b4prp252IishULdPOwC2frVeFZFUUtC6
1hlrqTCY1RvYgshKYO+CQeConpmjMdmKGCfQ+1b57uguwL9J7nDW8QqxOCu9hs+a
OV/VxxOXRf5NVSY93qdL1bLHCi92I+BP5uppysRQnM2xVgtnFBubmwfS2WPrdk7w
et9e6X00DJ5lNSWq9WgBR2ifsh7z2AbylbWwzwIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFOxhm7tsBnhEUHohzNMNpz4A94qEMB8GA1UdIwQYMBaAFFXuu+e1/m74Kv/O
JuW0IjogCg2qMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvMThkMDAy
OGRmNzVkYWMyMDEzOTYwMDQyY2JmZmI5MTkyMGNhYWVkMy5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvYTQ0MWY5ZWUtMmYwMi00ODQ3LWI4YzktNDczOTYy
Yzk0MGM5L2IwNTBhMjEwNDRlMWE0M2VmYmZkYmYwYjEyZTk1MjczMmUxNzc1MDIu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9hNDQxZjllZS0yZjAyLTQ4NDctYjhjOS00NzM5
NjJjOTQwYzkvMThkMDAyOGRmNzVkYWMyMDEzOTYwMDQyY2JmZmI5MTkyMGNhYWVk
My5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAi2s5DANBgkqhkiG9w0BAQsFAAOCAQEAS3/Sw3f+VExbcRcF
0mC40FEGB1zHYGQ9Ks0/o0vXA8zWgSDGxKu8lkv9qiSn6QOowH4dKHhb8YgSEqI+
KTH9QOuiM1+bdbTsswi0EmezYFiQR9DovB4IvXZYnBPDsbcgDQ+zi4pXwBFD4Tbq
84z8U1KXNTQuMMtMbWK+Fv4IBCbludvNqbjGaZGHDCgevhRQDkgcWOYMpq4r9kjS
98KA3vou//B1RwHJnclCXF650hIihukeokNfVUTtpkB2WoIrWtBge4MhI5YeZiM1
E+ui/bjIWxL/Kpu9ewE7AS/voSac5DwzbY2x21awB+QP+xQ+ANoOWfTwGeheG4Uv
J23tXw==
-----END CERTIFICATE-----
Generated at Thu Mar 28 14:02:51 2024 by rpki-client on console-fra.rpki-client.org