Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/b1f2c3b5-6c91-4aa2-9543-f982d3f165c1/722c8466ea1a53d69ae10a4259c371317d62a7cb.roa
File:                     722c8466ea1a53d69ae10a4259c371317d62a7cb.roa (raw, json)
Hash identifier:          ZXeXjajlyY2Hs6ff/8hqmdW+I2L+wS83neoVi3NshA4=
Subject key identifier:   3C:54:56:5F:19:33:25:7E:16:7D:5B:36:5B:83:E8:76:62:7D:7F:7B
Certificate issuer:       /CN=3ec2580c7b1428c52b125216e3788d1f223af85f
Certificate serial:       17573A
Authority key identifier: D1:17:91:28:50:01:02:52:FE:D7:CD:F1:D3:6D:F5:FA:E3:8E:1D:15
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/3ec2580c7b1428c52b125216e3788d1f223af85f.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/b1f2c3b5-6c91-4aa2-9543-f982d3f165c1/722c8466ea1a53d69ae10a4259c371317d62a7cb.roa
Signing time:             Sat 29 Jul 2023 08:30:00 +0000
ROA not before:           Fri 28 Jul 2023 08:30:00 +0000
ROA not after:            Sun 27 Jul 2025 08:30:00 +0000
asID:                     262186
IP address blocks:        138.0.116.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/b1f2c3b5-6c91-4aa2-9543-f982d3f165c1/3ec2580c7b1428c52b125216e3788d1f223af85f.crl
                          rsync://repository.lacnic.net/rpki/lacnic/b1f2c3b5-6c91-4aa2-9543-f982d3f165c1/3ec2580c7b1428c52b125216e3788d1f223af85f.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/3ec2580c7b1428c52b125216e3788d1f223af85f.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 25 Feb 2024 20:21:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1529658 (0x17573a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3ec2580c7b1428c52b125216e3788d1f223af85f
        Validity
            Not Before: Jul 28 08:30:00 2023 GMT
            Not After : Jul 27 08:30:00 2025 GMT
        Subject: CN=722c8466ea1a53d69ae10a4259c371317d62a7cb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:b5:49:00:27:63:6e:52:67:78:5e:69:d3:88:
                    cc:dc:11:09:43:51:75:93:09:c9:88:7a:06:d7:2e:
                    36:5e:dc:2a:e2:53:36:8c:59:e7:98:c1:95:07:fe:
                    58:7f:74:db:71:2f:e3:5c:f8:12:c0:69:62:19:61:
                    7c:65:96:79:50:67:df:de:93:a9:1c:ed:12:40:60:
                    3d:73:ae:70:80:25:c6:b6:3b:77:ee:b4:fe:4a:83:
                    56:29:d1:2e:93:6e:9b:6d:1a:2e:22:02:16:03:72:
                    b7:03:71:2c:0c:a4:85:02:a1:5e:ed:31:12:a8:62:
                    dc:a6:ca:ac:0e:54:52:51:58:49:59:1b:ee:a8:cb:
                    10:7d:a4:8c:0b:09:af:08:7a:57:67:11:91:4d:3c:
                    7f:97:3b:df:ca:42:3d:79:93:85:99:fd:41:05:40:
                    1e:ca:bd:2b:f7:f5:40:9a:3d:af:c3:7b:3c:07:47:
                    f5:1a:7b:18:9e:db:ba:36:77:e6:45:a8:f9:b1:05:
                    36:26:17:0b:50:1a:17:d3:79:6a:e9:11:a1:e2:d9:
                    c9:0c:84:67:f4:38:54:2c:59:3b:e7:e6:c9:25:d5:
                    73:eb:e8:82:33:9f:c6:2b:7b:96:8d:c3:5b:97:d9:
                    46:d6:c3:40:d6:98:0f:54:d9:77:5d:88:6d:d0:05:
                    e7:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3C:54:56:5F:19:33:25:7E:16:7D:5B:36:5B:83:E8:76:62:7D:7F:7B
            X509v3 Authority Key Identifier:
                keyid:D1:17:91:28:50:01:02:52:FE:D7:CD:F1:D3:6D:F5:FA:E3:8E:1D:15

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/3ec2580c7b1428c52b125216e3788d1f223af85f.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/b1f2c3b5-6c91-4aa2-9543-f982d3f165c1/722c8466ea1a53d69ae10a4259c371317d62a7cb.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/b1f2c3b5-6c91-4aa2-9543-f982d3f165c1/3ec2580c7b1428c52b125216e3788d1f223af85f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  138.0.116.0/22

    Signature Algorithm: sha256WithRSAEncryption
         3b:b6:8d:c7:5a:6b:88:54:b3:32:c7:3a:8b:f3:4c:28:b7:f7:
         cd:29:b7:f0:82:be:16:78:a7:5f:9b:92:50:a7:5d:6a:86:c8:
         9d:eb:c1:86:e9:84:8d:6c:a6:85:87:2a:ea:9e:bc:3d:2c:3c:
         6c:18:5d:ee:60:fd:61:d1:3d:73:24:a2:f8:15:27:63:dc:58:
         c0:48:02:f5:62:46:5c:8c:62:36:73:50:94:25:71:ef:57:cb:
         f8:0e:10:a8:57:2a:ed:d6:d8:35:c2:ff:c1:49:64:ce:11:5c:
         74:21:f4:75:db:20:09:ba:1b:86:4e:51:a7:b8:ac:00:45:49:
         ab:c4:f3:7d:cc:81:97:7c:91:87:7e:e5:ab:27:48:da:88:24:
         ad:a7:74:d3:07:fc:78:b5:2e:2e:07:3b:fb:40:2e:4f:c1:a0:
         47:c7:d3:1e:f3:9c:aa:df:37:cb:27:53:76:e5:93:a3:a9:90:
         e5:aa:b5:41:de:4f:59:ff:cc:35:77:b3:df:00:e4:8a:a7:20:
         aa:63:d4:70:ec:7b:7b:38:da:55:9c:1c:f0:ed:bb:a2:3e:99:
         6a:b6:78:6c:fc:ff:a5:47:70:67:4f:bb:c0:30:10:ce:af:cd:
         79:58:25:b3:5c:b5:59:74:ea:24:8b:e8:54:73:90:d4:e4:f9:
         26:13:8a:b1
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDF1c6MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDNl
YzI1ODBjN2IxNDI4YzUyYjEyNTIxNmUzNzg4ZDFmMjIzYWY4NWYwHhcNMjMwNzI4
MDgzMDAwWhcNMjUwNzI3MDgzMDAwWjAzMTEwLwYDVQQDEyg3MjJjODQ2NmVhMWE1
M2Q2OWFlMTBhNDI1OWMzNzEzMTdkNjJhN2NiMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAr7VJACdjblJneF5p04jM3BEJQ1F1kwnJiHoG1y42Xtwq4lM2
jFnnmMGVB/5Yf3TbcS/jXPgSwGliGWF8ZZZ5UGff3pOpHO0SQGA9c65wgCXGtjt3
7rT+SoNWKdEuk26bbRouIgIWA3K3A3EsDKSFAqFe7TESqGLcpsqsDlRSUVhJWRvu
qMsQfaSMCwmvCHpXZxGRTTx/lzvfykI9eZOFmf1BBUAeyr0r9/VAmj2vw3s8B0f1
GnsYntu6NnfmRaj5sQU2JhcLUBoX03lq6RGh4tnJDIRn9DhULFk75+bJJdVz6+iC
M5/GK3uWjcNbl9lG1sNA1pgPVNl3XYht0AXn2wIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFDxUVl8ZMyV+Fn1bNluD6HZifX97MB8GA1UdIwQYMBaAFNEXkShQAQJS/tfN
8dNt9frjjh0VMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvM2VjMjU4
MGM3YjE0MjhjNTJiMTI1MjE2ZTM3ODhkMWYyMjNhZjg1Zi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvYjFmMmMzYjUtNmM5MS00YWEyLTk1NDMtZjk4MmQz
ZjE2NWMxLzcyMmM4NDY2ZWExYTUzZDY5YWUxMGE0MjU5YzM3MTMxN2Q2MmE3Y2Iu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9iMWYyYzNiNS02YzkxLTRhYTItOTU0My1mOTgy
ZDNmMTY1YzEvM2VjMjU4MGM3YjE0MjhjNTJiMTI1MjE2ZTM3ODhkMWYyMjNhZjg1
Zi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAooAdDANBgkqhkiG9w0BAQsFAAOCAQEAO7aNx1priFSzMsc6
i/NMKLf3zSm38IK+FninX5uSUKddaobInevBhumEjWymhYcq6p68PSw8bBhd7mD9
YdE9cySi+BUnY9xYwEgC9WJGXIxiNnNQlCVx71fL+A4QqFcq7dbYNcL/wUlkzhFc
dCH0ddsgCbobhk5Rp7isAEVJq8TzfcyBl3yRh37lqydI2ogkrad00wf8eLUuLgc7
+0AuT8GgR8fTHvOcqt83yydTduWTo6mQ5aq1Qd5PWf/MNXez3wDkiqcgqmPUcOx7
ezjaVZwc8O27oj6ZarZ4bPz/pUdwZ0+7wDAQzq/NeVgls1y1WXTqJIvoVHOQ1OT5
JhOKsQ==
-----END CERTIFICATE-----
Generated at Fri Feb 23 05:14:20 2024 by rpki-client on console-fra.rpki-client.org