Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/b2fe289e-d505-4f3d-850e-9212052f00fc/8a983e337dcbade30037df6ce662c05be8bb52c5.roa
File:                     8a983e337dcbade30037df6ce662c05be8bb52c5.roa (raw, json)
Hash identifier:          CqyrHfnlVqgV9ENiQDAcNrRjW22t5HuuJfu5am8YPiQ=
Subject key identifier:   E9:DF:60:B0:74:7D:8C:56:BD:0B:14:17:C1:1C:3E:19:23:31:71:15
Certificate issuer:       /CN=eedf2a0d6e5100957ef88c9fe578a8326f0b74d1
Certificate serial:       0D3FA9
Authority key identifier: E0:B9:00:27:94:1B:AF:46:48:5F:40:CF:4A:8C:4E:D9:15:32:9B:C3
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/eedf2a0d6e5100957ef88c9fe578a8326f0b74d1.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/b2fe289e-d505-4f3d-850e-9212052f00fc/8a983e337dcbade30037df6ce662c05be8bb52c5.roa
Signing time:             Wed 24 Mar 2021 14:33:08 +0000
ROA not before:           Wed 24 Mar 2021 14:33:08 +0000
ROA not after:            Tue 24 Mar 2026 14:33:08 +0000
asID:                     265703
IP address blocks:        160.20.188.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/b2fe289e-d505-4f3d-850e-9212052f00fc/eedf2a0d6e5100957ef88c9fe578a8326f0b74d1.crl
                          rsync://repository.lacnic.net/rpki/lacnic/b2fe289e-d505-4f3d-850e-9212052f00fc/eedf2a0d6e5100957ef88c9fe578a8326f0b74d1.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/eedf2a0d6e5100957ef88c9fe578a8326f0b74d1.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 12:22:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 868265 (0xd3fa9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=eedf2a0d6e5100957ef88c9fe578a8326f0b74d1
        Validity
            Not Before: Mar 24 14:33:08 2021 GMT
            Not After : Mar 24 14:33:08 2026 GMT
        Subject: CN=8a983e337dcbade30037df6ce662c05be8bb52c5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:a2:fe:4c:a0:d4:28:66:86:4c:08:4b:94:59:
                    94:88:48:07:14:e0:23:a7:f3:0d:bd:05:db:c2:dd:
                    15:3b:97:4f:f5:fc:e3:fe:b9:62:aa:75:cd:60:47:
                    53:d8:2b:aa:2b:38:42:2c:5b:61:fd:5f:fe:07:5b:
                    7f:4c:ab:f2:8b:ef:de:f2:e6:03:e0:83:1b:03:c9:
                    de:42:21:73:03:fa:53:76:20:5c:b5:07:e5:04:7f:
                    85:de:b6:be:27:21:8f:c1:7c:35:c1:d8:1d:14:8b:
                    6f:6f:8a:98:a8:e2:1e:9f:2f:6b:66:f1:a7:88:d0:
                    c0:a9:5d:1d:53:ac:13:67:5a:46:f4:48:4a:fd:08:
                    3b:74:76:b8:e9:79:b4:45:8e:a9:fb:d2:91:85:a6:
                    54:14:65:62:77:9f:f6:ee:b6:b3:59:44:d3:9b:7a:
                    54:d8:e6:9a:81:c7:89:b0:90:f9:d1:c8:59:f4:99:
                    39:a7:d0:bf:bd:a4:74:6b:cf:ac:a8:ac:4e:75:76:
                    a1:99:91:92:f8:e6:9a:65:0f:a7:47:26:e5:25:c9:
                    f4:b3:d5:cc:d2:d1:57:df:41:ee:67:1a:27:f5:c6:
                    08:e6:65:9c:a8:f0:e5:7a:d0:68:5d:a9:05:e1:f2:
                    32:60:c4:0d:90:84:23:e4:9a:ee:fc:7d:db:33:49:
                    27:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E9:DF:60:B0:74:7D:8C:56:BD:0B:14:17:C1:1C:3E:19:23:31:71:15
            X509v3 Authority Key Identifier:
                keyid:E0:B9:00:27:94:1B:AF:46:48:5F:40:CF:4A:8C:4E:D9:15:32:9B:C3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/eedf2a0d6e5100957ef88c9fe578a8326f0b74d1.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/b2fe289e-d505-4f3d-850e-9212052f00fc/8a983e337dcbade30037df6ce662c05be8bb52c5.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/b2fe289e-d505-4f3d-850e-9212052f00fc/eedf2a0d6e5100957ef88c9fe578a8326f0b74d1.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  160.20.188.0/22

    Signature Algorithm: sha256WithRSAEncryption
         1c:63:6b:e2:ff:20:6d:eb:be:57:8a:c5:2f:22:67:a1:4b:f1:
         9e:5b:e8:c8:4b:d7:68:de:0e:09:37:9e:48:58:b6:36:a5:93:
         51:63:14:40:20:31:38:ab:d6:62:03:e7:d0:71:20:22:19:e7:
         a4:84:f3:b1:a8:36:51:7c:9c:e4:b9:ac:2b:2e:10:22:eb:5e:
         20:3e:9b:e7:b6:32:71:0c:2e:5d:f6:d3:c7:64:93:fa:03:ab:
         75:89:3b:e4:17:5d:91:92:1b:41:e6:47:fa:a3:13:84:20:a6:
         1c:b1:46:c6:73:5e:a7:b8:2e:2e:b2:dd:b6:be:54:33:b4:44:
         bd:a1:22:b5:f8:1b:94:a8:ed:8f:91:93:3d:09:03:b9:32:6c:
         7d:c6:70:97:b2:de:1a:98:d1:d1:95:c8:fb:c6:5c:46:99:ed:
         c9:86:1c:09:1f:fa:88:cf:8f:77:f9:3e:10:c1:9f:04:42:5e:
         ad:88:31:b6:6f:c9:49:61:47:bd:ac:75:3d:0f:b4:b6:29:e6:
         c8:71:c6:78:6b:67:6a:c5:ff:9a:85:7e:4c:d2:1f:ba:ab:4a:
         e5:27:b6:19:1c:6c:11:12:20:4a:59:20:88:9a:05:f7:7a:e1:
         73:e0:56:2b:ca:65:8b:ed:d7:d8:ab:ad:5c:40:41:99:43:61:
         e2:81:38:e0
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDDT+pMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGVl
ZGYyYTBkNmU1MTAwOTU3ZWY4OGM5ZmU1NzhhODMyNmYwYjc0ZDEwHhcNMjEwMzI0
MTQzMzA4WhcNMjYwMzI0MTQzMzA4WjAzMTEwLwYDVQQDEyg4YTk4M2UzMzdkY2Jh
ZGUzMDAzN2RmNmNlNjYyYzA1YmU4YmI1MmM1MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAh6L+TKDUKGaGTAhLlFmUiEgHFOAjp/MNvQXbwt0VO5dP9fzj
/rliqnXNYEdT2CuqKzhCLFth/V/+B1t/TKvyi+/e8uYD4IMbA8neQiFzA/pTdiBc
tQflBH+F3ra+JyGPwXw1wdgdFItvb4qYqOIeny9rZvGniNDAqV0dU6wTZ1pG9EhK
/Qg7dHa46Xm0RY6p+9KRhaZUFGVid5/27razWUTTm3pU2OaagceJsJD50chZ9Jk5
p9C/vaR0a8+sqKxOdXahmZGS+OaaZQ+nRyblJcn0s9XM0tFX30HuZxon9cYI5mWc
qPDletBoXakF4fIyYMQNkIQj5Jru/H3bM0knHQIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFOnfYLB0fYxWvQsUF8EcPhkjMXEVMB8GA1UdIwQYMBaAFOC5ACeUG69GSF9A
z0qMTtkVMpvDMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvZWVkZjJh
MGQ2ZTUxMDA5NTdlZjg4YzlmZTU3OGE4MzI2ZjBiNzRkMS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvYjJmZTI4OWUtZDUwNS00ZjNkLTg1MGUtOTIxMjA1
MmYwMGZjLzhhOTgzZTMzN2RjYmFkZTMwMDM3ZGY2Y2U2NjJjMDViZThiYjUyYzUu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9iMmZlMjg5ZS1kNTA1LTRmM2QtODUwZS05MjEy
MDUyZjAwZmMvZWVkZjJhMGQ2ZTUxMDA5NTdlZjg4YzlmZTU3OGE4MzI2ZjBiNzRk
MS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAqAUvDANBgkqhkiG9w0BAQsFAAOCAQEAHGNr4v8gbeu+V4rF
LyJnoUvxnlvoyEvXaN4OCTeeSFi2NqWTUWMUQCAxOKvWYgPn0HEgIhnnpITzsag2
UXyc5LmsKy4QIuteID6b57YycQwuXfbTx2ST+gOrdYk75BddkZIbQeZH+qMThCCm
HLFGxnNep7guLrLdtr5UM7REvaEitfgblKjtj5GTPQkDuTJsfcZwl7LeGpjR0ZXI
+8ZcRpntyYYcCR/6iM+Pd/k+EMGfBEJerYgxtm/JSWFHvax1PQ+0tinmyHHGeGtn
asX/moV+TNIfuqtK5Se2GRxsERIgSlkgiJoF93rhc+BWK8pli+3X2KutXEBBmUNh
4oE44A==
-----END CERTIFICATE-----
Generated at Thu Mar 28 13:29:25 2024 by rpki-client on console-ams.rpki-client.org