Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/b10ae9bb-2607-49b9-9a34-470136a28c37/209240412f06ba3d8acf5b57d0eee4aeeb4f8e8d.roa
File:                     209240412f06ba3d8acf5b57d0eee4aeeb4f8e8d.roa (raw, json)
Hash identifier:          9GHRH9y8AeaHxFswJl2WdGX73RG59CQg7bExE+ccVek=
Subject key identifier:   C6:55:E1:35:58:8F:BC:BB:39:F0:0C:34:CD:2F:0A:9C:15:8A:37:64
Certificate issuer:       /CN=2f4a3be8029a1d8312afd2c1162ec258f1294c7e
Certificate serial:       03A2
Authority key identifier: C6:BC:97:11:DF:4E:0D:8A:6F:7C:2C:DB:6A:56:FB:65:01:50:88:86
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/2f4a3be8029a1d8312afd2c1162ec258f1294c7e.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/b10ae9bb-2607-49b9-9a34-470136a28c37/209240412f06ba3d8acf5b57d0eee4aeeb4f8e8d.roa
Signing time:             Tue 12 Jul 2022 15:18:52 +0000
ROA not before:           Tue 12 Jul 2022 03:00:00 +0000
ROA not after:            Fri 12 Jul 2024 03:00:00 +0000
asID:                     265879
IP address blocks:        45.227.32.0/22 maxlen: 24
                          2803:de20::/32 maxlen: 32

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/b10ae9bb-2607-49b9-9a34-470136a28c37/2f4a3be8029a1d8312afd2c1162ec258f1294c7e.crl
                          rsync://repository.lacnic.net/rpki/lacnic/b10ae9bb-2607-49b9-9a34-470136a28c37/2f4a3be8029a1d8312afd2c1162ec258f1294c7e.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/2f4a3be8029a1d8312afd2c1162ec258f1294c7e.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 19:38:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 930 (0x3a2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2f4a3be8029a1d8312afd2c1162ec258f1294c7e
        Validity
            Not Before: Jul 12 03:00:00 2022 GMT
            Not After : Jul 12 03:00:00 2024 GMT
        Subject: CN=209240412f06ba3d8acf5b57d0eee4aeeb4f8e8d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:d7:96:ed:49:d0:9f:98:13:f3:84:f7:46:8e:
                    3a:f0:42:ea:b7:2a:8a:59:d1:e0:28:b5:be:ae:67:
                    80:7b:0f:cb:1b:6a:33:c9:69:8a:14:a3:30:71:5d:
                    f4:6d:b3:8a:c5:64:da:11:26:67:d4:08:b8:d2:96:
                    24:81:6d:94:83:3a:f9:76:0e:d4:59:d0:98:2a:1c:
                    68:d2:f2:45:42:21:7d:a3:70:80:80:74:1f:1c:f7:
                    40:4d:82:8a:17:62:07:fe:8e:23:e8:3a:57:d2:6d:
                    c9:7f:87:70:c2:a7:a8:bf:7c:00:4c:5a:72:80:60:
                    94:ea:ae:27:f1:ce:fc:05:96:c2:df:fb:25:46:08:
                    71:49:04:87:55:a8:0f:1b:00:61:6a:e0:d2:0e:9e:
                    fb:b9:70:03:5a:c3:7d:6d:0e:c0:fc:ff:4e:fd:27:
                    30:6f:67:11:4a:88:a7:5a:37:4a:2c:0b:c2:b3:f2:
                    3d:6c:73:b3:db:7f:d1:c0:52:ff:2d:37:38:8b:7d:
                    b2:9d:8c:a3:0a:16:16:83:cb:27:57:42:84:f0:dd:
                    1d:1d:0b:46:65:d8:e6:17:8a:28:9b:b0:42:58:00:
                    fd:11:49:15:8c:06:b0:52:c7:59:aa:1e:72:88:97:
                    ad:97:b8:17:38:9a:d2:d2:6f:7a:d5:72:a2:4d:a6:
                    2d:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C6:55:E1:35:58:8F:BC:BB:39:F0:0C:34:CD:2F:0A:9C:15:8A:37:64
            X509v3 Authority Key Identifier:
                keyid:C6:BC:97:11:DF:4E:0D:8A:6F:7C:2C:DB:6A:56:FB:65:01:50:88:86

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/2f4a3be8029a1d8312afd2c1162ec258f1294c7e.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/b10ae9bb-2607-49b9-9a34-470136a28c37/209240412f06ba3d8acf5b57d0eee4aeeb4f8e8d.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/b10ae9bb-2607-49b9-9a34-470136a28c37/2f4a3be8029a1d8312afd2c1162ec258f1294c7e.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.227.32.0/22
                IPv6:
                  2803:de20::/32

    Signature Algorithm: sha256WithRSAEncryption
         39:14:55:05:c8:89:93:eb:e0:18:f6:78:35:09:fc:6e:74:a7:
         05:a7:da:9c:ce:68:c5:15:e2:be:0b:e9:17:3a:2d:e2:d0:80:
         f4:54:b5:5e:40:01:51:d8:02:4a:0d:29:53:6e:2a:6e:86:02:
         ce:e6:22:8b:c5:d2:31:ad:dd:05:88:41:75:a6:e3:40:0b:e0:
         d7:9a:e7:46:f3:3e:24:ea:b5:0a:5a:1c:5b:63:8e:da:e1:c5:
         5d:a2:c6:bd:20:92:02:35:b5:ac:af:37:b1:76:7c:8d:de:f5:
         5e:51:13:5d:ea:ea:55:6f:47:75:1c:1f:ca:01:a9:06:0c:60:
         24:f4:6d:39:af:1e:12:fe:46:fc:a5:7b:6d:6f:18:de:65:e9:
         fe:be:24:c5:8d:25:05:6e:0a:8d:c5:6b:f8:a8:be:4c:6a:6c:
         ec:2b:04:7c:82:5e:0a:f9:25:d3:e3:dc:0c:09:40:15:71:2e:
         d1:77:ed:e4:b1:95:c5:d4:09:3b:c8:c3:59:30:37:c5:e7:d4:
         fa:3f:65:6e:1e:e5:93:15:ae:f9:a9:ca:d7:64:52:d9:89:3c:
         d9:db:65:7d:6a:80:4a:22:f9:77:31:7c:de:eb:12:df:bc:86:
         7f:41:a3:95:6e:9c:1d:4b:8e:65:bf:66:50:9f:f8:df:a9:e8:
         f1:c1:9b:ad
-----BEGIN CERTIFICATE-----
MIIFTjCCBDagAwIBAgICA6IwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMmY0
YTNiZTgwMjlhMWQ4MzEyYWZkMmMxMTYyZWMyNThmMTI5NGM3ZTAeFw0yMjA3MTIw
MzAwMDBaFw0yNDA3MTIwMzAwMDBaMDMxMTAvBgNVBAMTKDIwOTI0MDQxMmYwNmJh
M2Q4YWNmNWI1N2QwZWVlNGFlZWI0ZjhlOGQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDN15btSdCfmBPzhPdGjjrwQuq3KopZ0eAotb6uZ4B7D8sbajPJ
aYoUozBxXfRts4rFZNoRJmfUCLjSliSBbZSDOvl2DtRZ0JgqHGjS8kVCIX2jcICA
dB8c90BNgooXYgf+jiPoOlfSbcl/h3DCp6i/fABMWnKAYJTqrifxzvwFlsLf+yVG
CHFJBIdVqA8bAGFq4NIOnvu5cANaw31tDsD8/079JzBvZxFKiKdaN0osC8Kz8j1s
c7Pbf9HAUv8tNziLfbKdjKMKFhaDyydXQoTw3R0dC0Zl2OYXiiibsEJYAP0RSRWM
BrBSx1mqHnKIl62XuBc4mtLSb3rVcqJNpi1nAgMBAAGjggJqMIICZjAdBgNVHQ4E
FgQUxlXhNViPvLs58Aw0zS8KnBWKN2QwHwYDVR0jBBgwFoAUxryXEd9ODYpvfCzb
alb7ZQFQiIYwDgYDVR0PAQH/BAQDAgeAMIGaBggrBgEFBQcBAQSBjTCBijCBhwYI
KwYBBQUHMAKGe3JzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jwa2kvbGFj
bmljLzQ4ZjA4M2JiLWY2MDMtNDg5My05OTkwLTAyODRjMDRjZWI4NS8yZjRhM2Jl
ODAyOWExZDgzMTJhZmQyYzExNjJlYzI1OGYxMjk0YzdlLmNlcjCBmgYIKwYBBQUH
AQsEgY0wgYowgYcGCCsGAQUFBzALhntyc3luYzovL3JlcG9zaXRvcnkubGFjbmlj
Lm5ldC9ycGtpL2xhY25pYy9iMTBhZTliYi0yNjA3LTQ5YjktOWEzNC00NzAxMzZh
MjhjMzcvMjA5MjQwNDEyZjA2YmEzZDhhY2Y1YjU3ZDBlZWU0YWVlYjRmOGU4ZC5y
b2EwgY8GA1UdHwSBhzCBhDCBgaB/oH2Ge3JzeW5jOi8vcmVwb3NpdG9yeS5sYWNu
aWMubmV0L3Jwa2kvbGFjbmljL2IxMGFlOWJiLTI2MDctNDliOS05YTM0LTQ3MDEz
NmEyOGMzNy8yZjRhM2JlODAyOWExZDgzMTJhZmQyYzExNjJlYzI1OGYxMjk0Yzdl
LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8w
HTAMBAIAATAGAwQCLeMgMA0EAgACMAcDBQAoA94gMA0GCSqGSIb3DQEBCwUAA4IB
AQA5FFUFyImT6+AY9ng1CfxudKcFp9qczmjFFeK+C+kXOi3i0ID0VLVeQAFR2AJK
DSlTbipuhgLO5iKLxdIxrd0FiEF1puNAC+DXmudG8z4k6rUKWhxbY47a4cVdosa9
IJICNbWsrzexdnyN3vVeURNd6upVb0d1HB/KAakGDGAk9G05rx4S/kb8pXttbxje
Zen+viTFjSUFbgqNxWv4qL5MamzsKwR8gl4K+SXT49wMCUAVcS7Rd+3ksZXF1Ak7
yMNZMDfF59T6P2VuHuWTFa75qcrXZFLZiTzZ22V9aoBKIvl3MXze6xLfvIZ/QaOV
bpwdS45lv2ZQn/jfqejxwZut
-----END CERTIFICATE-----
Generated at Fri Mar 29 03:23:57 2024 by rpki-client on console-ams.rpki-client.org