Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/af428568-fa34-47c2-a3b4-af3236f8789c/44f0cd35c75d729d4c6bd1a443a189a50bd85d9a.roa
File:                     44f0cd35c75d729d4c6bd1a443a189a50bd85d9a.roa (raw, json)
Hash identifier:          wovmTbNyp75ulcP3vHtL9f453VCII2icoqqbP2fQ9K0=
Subject key identifier:   8D:B1:01:E1:A9:C3:1B:7D:38:3B:5E:28:1F:76:9F:EE:F2:2E:7D:51
Certificate issuer:       /CN=0e2555d6d6cd9849fdcea4cd3f4d423880fbd420
Certificate serial:       096CE8
Authority key identifier: 38:2C:BB:1B:5E:B4:5B:2C:41:12:FB:09:8A:5D:5A:FE:89:5B:B3:D7
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/0e2555d6d6cd9849fdcea4cd3f4d423880fbd420.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/af428568-fa34-47c2-a3b4-af3236f8789c/44f0cd35c75d729d4c6bd1a443a189a50bd85d9a.roa
Signing time:             Wed 24 Mar 2021 14:29:34 +0000
ROA not before:           Wed 24 Mar 2021 14:29:34 +0000
ROA not after:            Tue 24 Mar 2026 14:29:34 +0000
asID:                     52271
IP address blocks:        167.250.208.0/22 maxlen: 22
                          170.239.48.0/22 maxlen: 22
                          190.112.56.0/21 maxlen: 21

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/af428568-fa34-47c2-a3b4-af3236f8789c/0e2555d6d6cd9849fdcea4cd3f4d423880fbd420.crl
                          rsync://repository.lacnic.net/rpki/lacnic/af428568-fa34-47c2-a3b4-af3236f8789c/0e2555d6d6cd9849fdcea4cd3f4d423880fbd420.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/0e2555d6d6cd9849fdcea4cd3f4d423880fbd420.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 19:38:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 617704 (0x96ce8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0e2555d6d6cd9849fdcea4cd3f4d423880fbd420
        Validity
            Not Before: Mar 24 14:29:34 2021 GMT
            Not After : Mar 24 14:29:34 2026 GMT
        Subject: CN=44f0cd35c75d729d4c6bd1a443a189a50bd85d9a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:02:da:3f:6e:15:73:54:2e:49:3e:3a:26:b5:
                    2d:f4:b0:45:99:63:d8:2f:6f:6e:91:16:4c:38:3e:
                    2d:47:96:70:34:5d:4b:cf:3d:2b:ba:6a:a6:1a:5e:
                    46:78:53:ea:5c:41:ef:82:53:1c:5f:7b:78:23:17:
                    c0:2a:63:7a:e8:5d:d2:a3:0c:5a:9c:7a:cb:e1:f1:
                    56:6a:81:f0:0f:10:a5:0c:8c:02:97:6d:99:58:b5:
                    27:53:71:33:0e:45:bc:8b:b6:ec:9f:a4:3c:a9:21:
                    69:c7:c8:59:6d:ac:67:b7:8b:08:65:6c:60:4c:19:
                    c2:8d:2f:95:16:9b:d7:8d:d1:3b:32:78:ca:89:e0:
                    9b:be:88:50:2c:9b:a4:e1:3b:a0:45:06:16:ce:0b:
                    84:0d:b4:e1:8e:bc:16:c5:2b:4e:77:e2:8a:a3:53:
                    c7:56:ed:0d:c9:94:95:59:c7:fe:90:01:ed:a6:57:
                    da:52:7d:3d:71:e9:45:14:10:d2:bf:48:7d:be:82:
                    9c:dd:a1:b6:9f:71:76:ee:eb:c2:cf:82:41:38:a2:
                    b3:7c:65:0f:46:03:6a:2f:c1:14:7d:83:50:b7:8b:
                    cf:03:f9:47:0b:1e:b9:1d:58:74:b7:de:a0:45:cc:
                    d5:ac:30:a0:86:81:1e:b5:c2:e2:3f:bd:9e:75:2e:
                    03:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8D:B1:01:E1:A9:C3:1B:7D:38:3B:5E:28:1F:76:9F:EE:F2:2E:7D:51
            X509v3 Authority Key Identifier:
                keyid:38:2C:BB:1B:5E:B4:5B:2C:41:12:FB:09:8A:5D:5A:FE:89:5B:B3:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/0e2555d6d6cd9849fdcea4cd3f4d423880fbd420.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/af428568-fa34-47c2-a3b4-af3236f8789c/44f0cd35c75d729d4c6bd1a443a189a50bd85d9a.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/af428568-fa34-47c2-a3b4-af3236f8789c/0e2555d6d6cd9849fdcea4cd3f4d423880fbd420.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  167.250.208.0/22
                  170.239.48.0/22
                  190.112.56.0/21

    Signature Algorithm: sha256WithRSAEncryption
         81:81:c2:bb:10:ef:97:27:3f:e2:05:d7:85:54:f9:11:cb:64:
         50:76:15:0e:fc:41:dc:de:0c:89:42:ea:8f:94:59:74:61:2a:
         e8:ad:55:19:39:4e:27:43:76:53:78:e5:e3:93:0e:aa:c2:38:
         74:87:e9:22:98:a0:8b:81:83:71:e6:de:ca:ea:c8:af:a9:68:
         5b:68:42:07:35:36:46:c9:79:9a:88:0f:50:06:07:a4:cc:52:
         b7:5c:6c:8e:e7:cc:6a:94:3f:db:79:65:1c:c4:15:06:eb:96:
         38:94:27:fe:69:da:13:81:5f:29:22:3a:a7:d0:18:c1:6c:c0:
         b8:ac:6b:d7:04:78:8d:2d:49:f0:fe:70:5a:f6:34:18:5d:8f:
         92:ee:ee:40:9a:d4:03:87:de:56:41:64:26:7e:35:93:1a:73:
         92:dd:b6:89:f4:f6:04:de:e1:8b:06:57:c2:88:d5:27:b1:65:
         4f:96:10:54:4c:4f:4e:46:09:84:be:7f:47:68:68:e1:49:7d:
         cd:7f:0b:dc:0e:14:f5:f8:09:92:5f:30:6c:9b:3e:f2:73:40:
         aa:bd:e5:b6:45:61:63:f2:e7:dc:30:77:f3:ab:60:c8:fc:48:
         de:10:41:d9:6c:20:e6:99:3b:c3:b7:4d:98:80:f3:3d:bb:2a:
         cd:67:96:d1
-----BEGIN CERTIFICATE-----
MIIFTDCCBDSgAwIBAgIDCWzoMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDBl
MjU1NWQ2ZDZjZDk4NDlmZGNlYTRjZDNmNGQ0MjM4ODBmYmQ0MjAwHhcNMjEwMzI0
MTQyOTM0WhcNMjYwMzI0MTQyOTM0WjAzMTEwLwYDVQQDEyg0NGYwY2QzNWM3NWQ3
MjlkNGM2YmQxYTQ0M2ExODlhNTBiZDg1ZDlhMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA0wLaP24Vc1QuST46JrUt9LBFmWPYL29ukRZMOD4tR5ZwNF1L
zz0rumqmGl5GeFPqXEHvglMcX3t4IxfAKmN66F3SowxanHrL4fFWaoHwDxClDIwC
l22ZWLUnU3EzDkW8i7bsn6Q8qSFpx8hZbaxnt4sIZWxgTBnCjS+VFpvXjdE7MnjK
ieCbvohQLJuk4TugRQYWzguEDbThjrwWxStOd+KKo1PHVu0NyZSVWcf+kAHtplfa
Un09celFFBDSv0h9voKc3aG2n3F27uvCz4JBOKKzfGUPRgNqL8EUfYNQt4vPA/lH
Cx65HVh0t96gRczVrDCghoEetcLiP72edS4DXwIDAQABo4ICZzCCAmMwHQYDVR0O
BBYEFI2xAeGpwxt9ODteKB92n+7yLn1RMB8GA1UdIwQYMBaAFDgsuxtetFssQRL7
CYpdWv6JW7PXMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvMGUyNTU1
ZDZkNmNkOTg0OWZkY2VhNGNkM2Y0ZDQyMzg4MGZiZDQyMC5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvYWY0Mjg1NjgtZmEzNC00N2MyLWEzYjQtYWYzMjM2
Zjg3ODljLzQ0ZjBjZDM1Yzc1ZDcyOWQ0YzZiZDFhNDQzYTE4OWE1MGJkODVkOWEu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9hZjQyODU2OC1mYTM0LTQ3YzItYTNiNC1hZjMy
MzZmODc4OWMvMGUyNTU1ZDZkNmNkOTg0OWZkY2VhNGNkM2Y0ZDQyMzg4MGZiZDQy
MC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjArBggrBgEFBQcBBwEB/wQc
MBowGAQCAAEwEgMEAqf60AMEAqrvMAMEA75wODANBgkqhkiG9w0BAQsFAAOCAQEA
gYHCuxDvlyc/4gXXhVT5EctkUHYVDvxB3N4MiULqj5RZdGEq6K1VGTlOJ0N2U3jl
45MOqsI4dIfpIpigi4GDcebeyurIr6loW2hCBzU2Rsl5mogPUAYHpMxSt1xsjufM
apQ/23llHMQVBuuWOJQn/mnaE4FfKSI6p9AYwWzAuKxr1wR4jS1J8P5wWvY0GF2P
ku7uQJrUA4feVkFkJn41kxpzkt22ifT2BN7hiwZXwojVJ7FlT5YQVExPTkYJhL5/
R2ho4Ul9zX8L3A4U9fgJkl8wbJs+8nNAqr3ltkVhY/Ln3DB386tgyPxI3hBB2Wwg
5pk7w7dNmIDzPbsqzWeW0Q==
-----END CERTIFICATE-----
Generated at Fri Mar 29 02:33:41 2024 by rpki-client on console-fra.rpki-client.org