Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/aca713f5-6cac-486e-a016-a3e8b31bf029/12833804f7f0d0c358b553e04f1bc343647a31b5.roa
File:                     12833804f7f0d0c358b553e04f1bc343647a31b5.roa (raw, json)
Hash identifier:          6YHqp/DvbgYx/a0+beRJpNzDgRFaQsKAj65Jx4c5NN8=
Subject key identifier:   E0:3F:4A:5B:36:83:4B:94:C6:F4:8E:36:8B:FA:60:62:DD:93:8C:64
Certificate issuer:       /CN=1059e1e3317704575f2c0b750ee73b166a39cd37
Certificate serial:       0E70BD
Authority key identifier: 80:F0:C7:27:4F:82:24:D1:E9:76:F3:80:E6:EF:32:CF:10:F8:9D:D3
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/1059e1e3317704575f2c0b750ee73b166a39cd37.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/aca713f5-6cac-486e-a016-a3e8b31bf029/12833804f7f0d0c358b553e04f1bc343647a31b5.roa
Signing time:             Wed 24 Mar 2021 14:38:32 +0000
ROA not before:           Wed 24 Mar 2021 14:38:31 +0000
ROA not after:            Tue 24 Mar 2026 14:38:31 +0000
asID:                     28006
IP address blocks:        201.219.43.0/24 maxlen: 24
                          201.219.56.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/aca713f5-6cac-486e-a016-a3e8b31bf029/1059e1e3317704575f2c0b750ee73b166a39cd37.crl
                          rsync://repository.lacnic.net/rpki/lacnic/aca713f5-6cac-486e-a016-a3e8b31bf029/1059e1e3317704575f2c0b750ee73b166a39cd37.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/1059e1e3317704575f2c0b750ee73b166a39cd37.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 03:49:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 946365 (0xe70bd)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1059e1e3317704575f2c0b750ee73b166a39cd37
        Validity
            Not Before: Mar 24 14:38:31 2021 GMT
            Not After : Mar 24 14:38:31 2026 GMT
        Subject: CN=12833804f7f0d0c358b553e04f1bc343647a31b5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:db:69:2b:4a:85:f8:c5:9b:ea:2a:a6:c9:79:
                    9d:96:7d:79:8e:eb:a3:97:dd:fb:69:ab:73:c6:c4:
                    4b:f6:b4:86:4a:83:48:1a:6c:a8:bf:a3:84:fc:cb:
                    ce:6d:5b:07:4e:5f:9c:ef:20:96:5c:9d:aa:0a:e3:
                    77:1e:86:83:5c:fd:1d:6a:60:d8:b7:01:c6:e4:63:
                    e4:8a:ec:76:7d:cc:1e:1b:8f:86:72:7d:41:f9:9b:
                    4a:be:d5:ce:6a:7c:fd:9a:eb:14:9b:48:11:15:90:
                    db:59:36:84:20:f8:0a:51:3f:79:3c:f6:9f:7b:93:
                    a8:62:ef:c7:7a:81:04:41:30:d5:4b:92:94:5a:22:
                    56:ff:29:d9:62:6a:c0:f0:2d:a4:a6:03:1a:29:d9:
                    b6:8e:e1:80:84:53:5f:bb:1d:da:71:a9:0c:8e:66:
                    70:67:e5:ab:ca:46:4c:bc:4e:cb:68:bb:b8:9e:59:
                    bb:2c:93:79:4d:69:89:bd:1c:1a:ff:58:f9:00:ec:
                    77:2c:f4:12:99:08:c5:ce:2b:b6:f8:e8:b3:b8:f1:
                    e9:b1:f3:67:2e:10:68:7f:f3:95:00:a9:e1:25:19:
                    9d:72:ad:c8:fd:58:59:41:1e:96:1d:07:41:5e:90:
                    df:69:67:d7:7e:25:9b:c6:93:53:01:a4:27:54:8b:
                    4a:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E0:3F:4A:5B:36:83:4B:94:C6:F4:8E:36:8B:FA:60:62:DD:93:8C:64
            X509v3 Authority Key Identifier:
                keyid:80:F0:C7:27:4F:82:24:D1:E9:76:F3:80:E6:EF:32:CF:10:F8:9D:D3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/1059e1e3317704575f2c0b750ee73b166a39cd37.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/aca713f5-6cac-486e-a016-a3e8b31bf029/12833804f7f0d0c358b553e04f1bc343647a31b5.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/aca713f5-6cac-486e-a016-a3e8b31bf029/1059e1e3317704575f2c0b750ee73b166a39cd37.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  201.219.43.0/24
                  201.219.56.0/24

    Signature Algorithm: sha256WithRSAEncryption
         04:5a:32:e3:bd:27:78:a8:8c:81:d8:64:52:7c:a1:77:fe:a3:
         ea:83:23:3b:45:23:1d:eb:b4:8b:96:68:17:0d:b3:33:9b:5f:
         21:da:c8:f3:f1:5c:8e:ed:e2:bc:67:6d:36:ee:cb:a3:e6:6d:
         5a:1d:9c:06:9b:0c:01:aa:a4:f8:57:d3:b1:8d:2c:0f:c5:4b:
         47:e7:44:05:a9:1e:49:cf:d5:b5:a8:c0:a2:20:f3:fe:4a:e8:
         d0:84:2e:6c:27:02:10:fb:25:d3:75:22:3b:d7:78:2b:04:7b:
         b9:c7:29:b7:56:eb:6e:82:74:16:66:2a:ee:89:39:8a:b2:59:
         e4:f9:3d:17:22:c9:fa:94:10:d8:36:09:14:cb:2d:94:f7:9d:
         c5:c6:53:4c:96:35:bb:52:79:ef:23:31:ed:48:b4:9a:b6:45:
         2d:8d:3d:a7:da:41:3f:dd:46:7e:24:a5:e5:26:f6:de:95:00:
         fe:0b:ae:be:db:14:5a:e2:e4:7d:b4:6e:da:06:44:d3:55:2b:
         68:50:c0:68:17:ca:01:8a:ec:19:a0:72:3a:9d:8d:52:70:9e:
         77:2e:59:a0:8b:80:7a:76:73:07:3f:27:59:1a:e6:fc:fd:37:
         43:77:74:1d:90:d7:40:8f:57:b9:da:b5:23:ff:6f:44:5b:a6:
         86:29:87:79
-----BEGIN CERTIFICATE-----
MIIFRjCCBC6gAwIBAgIDDnC9MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDEw
NTllMWUzMzE3NzA0NTc1ZjJjMGI3NTBlZTczYjE2NmEzOWNkMzcwHhcNMjEwMzI0
MTQzODMxWhcNMjYwMzI0MTQzODMxWjAzMTEwLwYDVQQDEygxMjgzMzgwNGY3ZjBk
MGMzNThiNTUzZTA0ZjFiYzM0MzY0N2EzMWI1MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAy9tpK0qF+MWb6iqmyXmdln15juujl937aatzxsRL9rSGSoNI
Gmyov6OE/MvObVsHTl+c7yCWXJ2qCuN3HoaDXP0damDYtwHG5GPkiux2fcweG4+G
cn1B+ZtKvtXOanz9musUm0gRFZDbWTaEIPgKUT95PPafe5OoYu/HeoEEQTDVS5KU
WiJW/ynZYmrA8C2kpgMaKdm2juGAhFNfux3acakMjmZwZ+WrykZMvE7LaLu4nlm7
LJN5TWmJvRwa/1j5AOx3LPQSmQjFziu2+OizuPHpsfNnLhBof/OVAKnhJRmdcq3I
/VhZQR6WHQdBXpDfaWfXfiWbxpNTAaQnVItKUwIDAQABo4ICYTCCAl0wHQYDVR0O
BBYEFOA/Sls2g0uUxvSONov6YGLdk4xkMB8GA1UdIwQYMBaAFIDwxydPgiTR6Xbz
gObvMs8Q+J3TMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvMTA1OWUx
ZTMzMTc3MDQ1NzVmMmMwYjc1MGVlNzNiMTY2YTM5Y2QzNy5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvYWNhNzEzZjUtNmNhYy00ODZlLWEwMTYtYTNlOGIz
MWJmMDI5LzEyODMzODA0ZjdmMGQwYzM1OGI1NTNlMDRmMWJjMzQzNjQ3YTMxYjUu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9hY2E3MTNmNS02Y2FjLTQ4NmUtYTAxNi1hM2U4
YjMxYmYwMjkvMTA1OWUxZTMzMTc3MDQ1NzVmMmMwYjc1MGVlNzNiMTY2YTM5Y2Qz
Ny5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQW
MBQwEgQCAAEwDAMEAMnbKwMEAMnbODANBgkqhkiG9w0BAQsFAAOCAQEABFoy470n
eKiMgdhkUnyhd/6j6oMjO0UjHeu0i5ZoFw2zM5tfIdrI8/Fcju3ivGdtNu7Lo+Zt
Wh2cBpsMAaqk+FfTsY0sD8VLR+dEBakeSc/VtajAoiDz/kro0IQubCcCEPsl03Ui
O9d4KwR7uccpt1brboJ0FmYq7ok5irJZ5Pk9FyLJ+pQQ2DYJFMstlPedxcZTTJY1
u1J57yMx7Ui0mrZFLY09p9pBP91GfiSl5Sb23pUA/guuvtsUWuLkfbRu2gZE01Ur
aFDAaBfKAYrsGaByOp2NUnCedy5ZoIuAenZzBz8nWRrm/P03Q3d0HZDXQI9Xudq1
I/9vRFumhimHeQ==
-----END CERTIFICATE-----
Generated at Thu Mar 28 03:26:10 2024 by rpki-client on console-ams.rpki-client.org