Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/a65848fe-1463-4488-be2c-2daf76af068a/9f699fc608487cfcf2910310dc15e73bd599bc45.roa
File:                     9f699fc608487cfcf2910310dc15e73bd599bc45.roa (raw, json)
Hash identifier:          QnHsBSf2R5YkniSrkcLdpw4yPu08HKt57SECECCzYDI=
Subject key identifier:   66:DF:91:F5:77:B0:77:64:45:9A:6F:1C:CC:8E:2A:4A:2A:A3:FE:18
Certificate issuer:       /CN=b5d933e43bb68e4aa0afa4157c889b4b406113c5
Certificate serial:       0BBAEC
Authority key identifier: B3:37:DF:2A:CC:B3:F7:ED:65:5C:18:67:7B:E3:DB:1E:D5:AC:59:B6
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/b5d933e43bb68e4aa0afa4157c889b4b406113c5.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/a65848fe-1463-4488-be2c-2daf76af068a/9f699fc608487cfcf2910310dc15e73bd599bc45.roa
Signing time:             Wed 24 Mar 2021 14:42:28 +0000
ROA not before:           Wed 24 Mar 2021 14:42:27 +0000
ROA not after:            Tue 24 Mar 2026 14:42:27 +0000
asID:                     20299
IP address blocks:        161.0.192.0/19 maxlen: 19
                          186.32.128.0/19 maxlen: 19
                          186.32.224.0/20 maxlen: 21
                          186.32.240.0/21 maxlen: 21
                          190.53.48.0/20 maxlen: 24
                          190.53.64.0/19 maxlen: 23
                          190.53.192.0/18 maxlen: 24
                          190.99.0.0/20 maxlen: 20
                          190.99.16.0/21 maxlen: 22
                          190.181.192.0/18 maxlen: 21

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/a65848fe-1463-4488-be2c-2daf76af068a/b5d933e43bb68e4aa0afa4157c889b4b406113c5.crl
                          rsync://repository.lacnic.net/rpki/lacnic/a65848fe-1463-4488-be2c-2daf76af068a/b5d933e43bb68e4aa0afa4157c889b4b406113c5.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/b5d933e43bb68e4aa0afa4157c889b4b406113c5.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 19:38:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 768748 (0xbbaec)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5d933e43bb68e4aa0afa4157c889b4b406113c5
        Validity
            Not Before: Mar 24 14:42:27 2021 GMT
            Not After : Mar 24 14:42:27 2026 GMT
        Subject: CN=9f699fc608487cfcf2910310dc15e73bd599bc45
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:a2:bf:e3:eb:24:be:a6:a5:31:b6:6e:7d:2e:
                    aa:f1:38:64:9e:5e:93:db:76:7b:46:90:1d:3f:03:
                    ea:29:55:a2:72:98:d0:b2:1a:57:3e:03:f2:df:32:
                    88:8d:8c:5f:76:3e:df:11:25:85:7d:07:13:99:c7:
                    15:e3:43:f9:05:0d:d1:eb:08:cf:36:62:26:59:57:
                    42:56:98:18:30:f0:74:bf:68:2a:73:ac:c6:09:a0:
                    3b:13:9a:65:f1:dc:95:ef:1b:6a:5c:77:22:5e:86:
                    a7:d8:0d:a2:60:22:c9:70:8c:30:8c:64:62:5a:81:
                    11:48:8d:c4:9d:a3:53:38:8c:c1:03:af:b4:0b:38:
                    a0:d0:71:01:50:de:06:bf:65:be:08:ad:77:e3:40:
                    a7:d7:b1:bd:d1:b0:9f:4a:c2:a7:18:39:52:0e:8f:
                    d8:2e:92:ad:f6:85:fb:b0:b9:f6:40:e7:50:d7:cb:
                    c9:21:5e:33:a5:99:13:ba:97:b1:9d:b5:20:1a:b1:
                    3a:1f:39:0d:8f:a6:e9:57:3c:2c:5b:e4:5e:c5:ff:
                    09:81:cb:1f:24:c0:6a:9e:36:c3:f0:7d:67:1b:93:
                    58:8b:ec:b4:b3:4c:af:c4:7a:57:c7:85:d3:2e:b0:
                    bf:23:a1:e0:0d:a6:09:b4:a2:c5:7b:ee:86:ae:b2:
                    bb:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                66:DF:91:F5:77:B0:77:64:45:9A:6F:1C:CC:8E:2A:4A:2A:A3:FE:18
            X509v3 Authority Key Identifier:
                keyid:B3:37:DF:2A:CC:B3:F7:ED:65:5C:18:67:7B:E3:DB:1E:D5:AC:59:B6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/b5d933e43bb68e4aa0afa4157c889b4b406113c5.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/a65848fe-1463-4488-be2c-2daf76af068a/9f699fc608487cfcf2910310dc15e73bd599bc45.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/a65848fe-1463-4488-be2c-2daf76af068a/b5d933e43bb68e4aa0afa4157c889b4b406113c5.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  161.0.192.0/19
                  186.32.128.0/19
                  186.32.224.0-186.32.247.255
                  190.53.48.0-190.53.95.255
                  190.53.192.0/18
                  190.99.0.0-190.99.23.255
                  190.181.192.0/18

    Signature Algorithm: sha256WithRSAEncryption
         14:ad:1b:94:58:d3:c3:e1:6e:66:23:2d:e0:e1:b9:be:01:b6:
         22:7b:78:fa:a4:7e:b5:ac:54:ab:5f:93:e0:9c:7b:43:60:f9:
         1a:04:a3:8f:f2:5f:d9:c7:41:a6:54:dc:93:50:a6:cf:a6:30:
         64:24:a8:7c:e4:dd:17:d3:f2:22:21:0b:9a:ce:23:1f:59:90:
         6e:53:b8:ac:85:fb:91:64:c6:f2:0c:5a:46:a3:68:57:a2:ef:
         a5:1d:47:8b:fb:ab:19:d6:0f:d0:59:49:8f:8e:13:ec:5c:aa:
         af:14:0e:f3:cd:4f:b3:6e:b0:07:1b:04:93:f3:42:e5:90:c5:
         f1:37:71:fc:d2:34:b3:f9:af:e5:83:c3:26:dd:99:14:5a:96:
         4f:9a:24:c9:7c:29:0a:21:f8:41:b9:20:1e:c2:de:2c:ca:0f:
         05:af:83:b2:9f:7a:f7:8e:20:29:5c:8e:06:a3:12:6f:bc:ae:
         1e:e4:82:f7:a3:54:a8:96:52:27:a0:c9:df:fc:6f:1b:43:8b:
         43:af:0a:a3:db:87:84:e5:6e:1d:df:ff:ac:9f:02:ad:9d:b2:
         a5:8d:d9:3e:09:6f:23:7e:e9:c3:3a:56:66:3c:0f:52:6a:a2:
         5d:1c:9a:1c:dd:f2:97:d3:94:39:0e:a9:4c:6d:02:c4:32:65:
         0b:73:f0:69
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgIDC7rsMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGI1
ZDkzM2U0M2JiNjhlNGFhMGFmYTQxNTdjODg5YjRiNDA2MTEzYzUwHhcNMjEwMzI0
MTQ0MjI3WhcNMjYwMzI0MTQ0MjI3WjAzMTEwLwYDVQQDEyg5ZjY5OWZjNjA4NDg3
Y2ZjZjI5MTAzMTBkYzE1ZTczYmQ1OTliYzQ1MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAn6K/4+skvqalMbZufS6q8Thknl6T23Z7RpAdPwPqKVWicpjQ
shpXPgPy3zKIjYxfdj7fESWFfQcTmccV40P5BQ3R6wjPNmImWVdCVpgYMPB0v2gq
c6zGCaA7E5pl8dyV7xtqXHciXoan2A2iYCLJcIwwjGRiWoERSI3EnaNTOIzBA6+0
Czig0HEBUN4Gv2W+CK1340Cn17G90bCfSsKnGDlSDo/YLpKt9oX7sLn2QOdQ18vJ
IV4zpZkTupexnbUgGrE6HzkNj6bpVzwsW+Rexf8JgcsfJMBqnjbD8H1nG5NYi+y0
s0yvxHpXx4XTLrC/I6HgDaYJtKLFe+6GrrK7AQIDAQABo4ICljCCApIwHQYDVR0O
BBYEFGbfkfV3sHdkRZpvHMyOKkoqo/4YMB8GA1UdIwQYMBaAFLM33yrMs/ftZVwY
Z3vj2x7VrFm2MA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYjVkOTMz
ZTQzYmI2OGU0YWEwYWZhNDE1N2M4ODliNGI0MDYxMTNjNS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvYTY1ODQ4ZmUtMTQ2My00NDg4LWJlMmMtMmRhZjc2
YWYwNjhhLzlmNjk5ZmM2MDg0ODdjZmNmMjkxMDMxMGRjMTVlNzNiZDU5OWJjNDUu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9hNjU4NDhmZS0xNDYzLTQ0ODgtYmUyYy0yZGFm
NzZhZjA2OGEvYjVkOTMzZTQzYmI2OGU0YWEwYWZhNDE1N2M4ODliNGI0MDYxMTNj
NS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBggrBgEFBQcBBwEB/wRL
MEkwRwQCAAEwQQMEBaEAwAMEBboggDAMAwQFuiDgAwQDuiDwMAwDBAS+NTADBAW+
NUADBAa+NcAwCwMDAL5jAwQDvmMQAwQGvrXAMA0GCSqGSIb3DQEBCwUAA4IBAQAU
rRuUWNPD4W5mIy3g4bm+AbYie3j6pH61rFSrX5PgnHtDYPkaBKOP8l/Zx0GmVNyT
UKbPpjBkJKh85N0X0/IiIQuaziMfWZBuU7ishfuRZMbyDFpGo2hXou+lHUeL+6sZ
1g/QWUmPjhPsXKqvFA7zzU+zbrAHGwST80LlkMXxN3H80jSz+a/lg8Mm3ZkUWpZP
miTJfCkKIfhBuSAewt4syg8Fr4Oyn3r3jiApXI4GoxJvvK4e5IL3o1SollInoMnf
/G8bQ4tDrwqj24eE5W4d3/+snwKtnbKljdk+CW8jfunDOlZmPA9SaqJdHJoc3fKX
05Q5DqlMbQLEMmULc/Bp
-----END CERTIFICATE-----
Generated at Thu Mar 28 21:30:53 2024 by rpki-client on console-ams.rpki-client.org