Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/a82edb24-4759-49d7-b7ec-ae1ebc06d7bd/c12f91df37be74697deb4851ac003ee78ff8c750.roa
File:                     c12f91df37be74697deb4851ac003ee78ff8c750.roa (raw, json)
Hash identifier:          OyuZc6cEcOWtDDOyG9sRbDD+QR2bEPv5NS/knB1iVgQ=
Subject key identifier:   F1:97:B1:05:7A:76:BE:98:3F:E6:EE:B1:2E:66:70:71:04:47:09:AA
Certificate issuer:       /CN=ab57d54156e5b7a6448196353f5962b21f4afd05
Certificate serial:       0D1471
Authority key identifier: 95:60:E8:2E:4B:52:84:17:18:9A:1E:05:2B:5D:2B:CF:7A:00:AE:11
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ab57d54156e5b7a6448196353f5962b21f4afd05.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/a82edb24-4759-49d7-b7ec-ae1ebc06d7bd/c12f91df37be74697deb4851ac003ee78ff8c750.roa
Signing time:             Wed 24 Mar 2021 14:33:44 +0000
ROA not before:           Wed 24 Mar 2021 14:33:44 +0000
ROA not after:            Tue 24 Mar 2026 14:33:44 +0000
asID:                     264730
IP address blocks:        170.233.153.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/a82edb24-4759-49d7-b7ec-ae1ebc06d7bd/ab57d54156e5b7a6448196353f5962b21f4afd05.crl
                          rsync://repository.lacnic.net/rpki/lacnic/a82edb24-4759-49d7-b7ec-ae1ebc06d7bd/ab57d54156e5b7a6448196353f5962b21f4afd05.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ab57d54156e5b7a6448196353f5962b21f4afd05.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 01:58:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 857201 (0xd1471)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ab57d54156e5b7a6448196353f5962b21f4afd05
        Validity
            Not Before: Mar 24 14:33:44 2021 GMT
            Not After : Mar 24 14:33:44 2026 GMT
        Subject: CN=c12f91df37be74697deb4851ac003ee78ff8c750
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:66:66:11:77:2d:0c:87:e1:ec:50:46:02:fb:
                    5b:79:57:e8:0a:6c:a8:9a:8c:dc:36:56:a4:04:a7:
                    10:89:35:d6:3b:0e:61:dc:ee:ef:91:7a:57:65:0e:
                    b8:25:c2:68:e9:e5:7a:b5:23:9a:62:82:55:17:f6:
                    b1:45:21:30:bd:ce:39:9d:55:5a:35:d7:59:62:48:
                    44:86:69:84:ce:d3:00:7a:c5:d1:61:66:10:1c:04:
                    d4:33:dc:07:3e:d0:14:47:09:c1:8d:11:1e:aa:20:
                    9b:19:c9:eb:07:93:c6:ad:c1:68:a5:d0:a0:65:85:
                    65:0d:00:8c:3b:52:41:28:62:91:22:65:2d:de:98:
                    a5:14:8d:ea:10:b1:1c:d0:11:89:62:65:0b:60:c0:
                    0c:b9:81:0b:3a:27:32:e3:fa:87:b6:03:3c:76:12:
                    99:e5:3a:24:89:02:3d:16:bd:47:1c:58:da:42:a9:
                    26:b9:6a:f5:83:52:30:fa:3e:01:1d:a0:0c:cf:35:
                    cc:cb:ac:c8:7a:91:d2:25:9d:b9:30:6b:15:67:f4:
                    86:be:24:33:3e:a1:70:d3:3c:70:3c:5f:74:7f:73:
                    87:79:cd:72:66:cf:99:2a:76:b9:f4:11:50:41:8c:
                    b1:9a:a6:dc:40:33:e4:eb:22:b1:40:23:e3:6b:73:
                    3c:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F1:97:B1:05:7A:76:BE:98:3F:E6:EE:B1:2E:66:70:71:04:47:09:AA
            X509v3 Authority Key Identifier:
                keyid:95:60:E8:2E:4B:52:84:17:18:9A:1E:05:2B:5D:2B:CF:7A:00:AE:11

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ab57d54156e5b7a6448196353f5962b21f4afd05.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/a82edb24-4759-49d7-b7ec-ae1ebc06d7bd/c12f91df37be74697deb4851ac003ee78ff8c750.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/a82edb24-4759-49d7-b7ec-ae1ebc06d7bd/ab57d54156e5b7a6448196353f5962b21f4afd05.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  170.233.153.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5b:1b:f1:ba:8d:9e:ea:da:97:f2:29:10:64:c6:7b:b1:86:67:
         1c:bc:91:50:8b:58:2c:1d:31:3e:5d:b0:fc:f4:92:69:93:ac:
         24:3e:61:68:c4:04:86:97:92:7a:08:eb:89:00:a2:87:d2:97:
         9d:e2:ff:28:14:1d:8c:77:a3:1f:f6:67:0e:80:cc:ac:f5:50:
         fe:9d:67:97:d1:60:bb:ed:24:83:e7:f4:5b:42:4b:ad:6e:5f:
         12:d2:1c:68:41:0c:23:dd:cc:60:f5:45:c9:10:56:91:a4:eb:
         55:57:cb:72:84:a4:25:cb:c0:db:44:a8:cb:d4:ad:51:f6:c0:
         03:f1:49:9d:c8:6a:47:f7:3c:ab:0c:af:18:43:f4:8e:c7:95:
         b3:bd:90:86:3d:d8:ab:bf:e6:6e:d2:fb:3f:fd:e0:51:a9:50:
         88:9e:64:3a:0b:40:70:2f:9a:40:a5:02:a9:b9:f6:7a:5f:90:
         97:be:04:66:c7:9c:d9:0d:b5:93:79:a5:69:44:65:a2:ed:e6:
         e7:4b:94:69:f2:11:54:e1:a2:f4:0a:a2:1d:bb:f2:23:b3:4b:
         2b:ed:92:35:eb:6a:58:b4:44:1c:34:29:81:11:35:e9:7a:f4:
         14:40:03:f1:4f:38:7e:68:c6:f9:79:f2:56:de:bc:d3:ad:21:
         86:b1:9d:35
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDDRRxMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGFi
NTdkNTQxNTZlNWI3YTY0NDgxOTYzNTNmNTk2MmIyMWY0YWZkMDUwHhcNMjEwMzI0
MTQzMzQ0WhcNMjYwMzI0MTQzMzQ0WjAzMTEwLwYDVQQDEyhjMTJmOTFkZjM3YmU3
NDY5N2RlYjQ4NTFhYzAwM2VlNzhmZjhjNzUwMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAwWZmEXctDIfh7FBGAvtbeVfoCmyomozcNlakBKcQiTXWOw5h
3O7vkXpXZQ64JcJo6eV6tSOaYoJVF/axRSEwvc45nVVaNddZYkhEhmmEztMAesXR
YWYQHATUM9wHPtAURwnBjREeqiCbGcnrB5PGrcFopdCgZYVlDQCMO1JBKGKRImUt
3pilFI3qELEc0BGJYmULYMAMuYELOicy4/qHtgM8dhKZ5TokiQI9Fr1HHFjaQqkm
uWr1g1Iw+j4BHaAMzzXMy6zIepHSJZ25MGsVZ/SGviQzPqFw0zxwPF90f3OHec1y
Zs+ZKna59BFQQYyxmqbcQDPk6yKxQCPja3M8AwIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFPGXsQV6dr6YP+busS5mcHEERwmqMB8GA1UdIwQYMBaAFJVg6C5LUoQXGJoe
BStdK896AK4RMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYWI1N2Q1
NDE1NmU1YjdhNjQ0ODE5NjM1M2Y1OTYyYjIxZjRhZmQwNS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvYTgyZWRiMjQtNDc1OS00OWQ3LWI3ZWMtYWUxZWJj
MDZkN2JkL2MxMmY5MWRmMzdiZTc0Njk3ZGViNDg1MWFjMDAzZWU3OGZmOGM3NTAu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9hODJlZGIyNC00NzU5LTQ5ZDctYjdlYy1hZTFl
YmMwNmQ3YmQvYWI1N2Q1NDE1NmU1YjdhNjQ0ODE5NjM1M2Y1OTYyYjIxZjRhZmQw
NS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAKrpmTANBgkqhkiG9w0BAQsFAAOCAQEAWxvxuo2e6tqX8ikQ
ZMZ7sYZnHLyRUItYLB0xPl2w/PSSaZOsJD5haMQEhpeSegjriQCih9KXneL/KBQd
jHejH/ZnDoDMrPVQ/p1nl9Fgu+0kg+f0W0JLrW5fEtIcaEEMI93MYPVFyRBWkaTr
VVfLcoSkJcvA20Soy9StUfbAA/FJnchqR/c8qwyvGEP0jseVs72Qhj3Yq7/mbtL7
P/3gUalQiJ5kOgtAcC+aQKUCqbn2el+Ql74EZsec2Q21k3mlaURlou3m50uUafIR
VOGi9AqiHbvyI7NLK+2SNetqWLREHDQpgRE16Xr0FEAD8U84fmjG+XnyVt68060h
hrGdNQ==
-----END CERTIFICATE-----
Generated at Thu Mar 28 03:11:38 2024 by rpki-client on console-fra.rpki-client.org