Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/b3e70dc7-e6c5-4ddf-bc23-67c3431a5c8b/73f6219d320e1ff7d9659b64be96356e5904f097.roa
File:                     73f6219d320e1ff7d9659b64be96356e5904f097.roa (raw, json)
Hash identifier:          54nGqkUBvVlo4a5CH0R+nTqDTYTWk0rpCqcVt/sdyyo=
Subject key identifier:   90:5F:5C:2F:9E:3C:4A:B6:C6:7D:EE:79:55:93:B8:29:8A:20:3C:1D
Certificate issuer:       /CN=ad07c8481ccb5b74f16af0bc75ce2378907e26eb
Certificate serial:       0757
Authority key identifier: 3E:3F:16:6F:DB:8E:FE:AC:71:9B:0C:5A:DD:F3:A4:9E:96:85:7A:3B
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ad07c8481ccb5b74f16af0bc75ce2378907e26eb.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/b3e70dc7-e6c5-4ddf-bc23-67c3431a5c8b/73f6219d320e1ff7d9659b64be96356e5904f097.roa
Signing time:             Mon 11 Jul 2022 21:15:10 +0000
ROA not before:           Mon 11 Jul 2022 03:00:00 +0000
ROA not after:            Thu 11 Jul 2024 03:00:00 +0000
asID:                     272080
IP address blocks:        181.224.196.0/24 maxlen: 24
                          2801:11:9800::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/b3e70dc7-e6c5-4ddf-bc23-67c3431a5c8b/ad07c8481ccb5b74f16af0bc75ce2378907e26eb.crl
                          rsync://repository.lacnic.net/rpki/lacnic/b3e70dc7-e6c5-4ddf-bc23-67c3431a5c8b/ad07c8481ccb5b74f16af0bc75ce2378907e26eb.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ad07c8481ccb5b74f16af0bc75ce2378907e26eb.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 24 Feb 2024 17:37:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1879 (0x757)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ad07c8481ccb5b74f16af0bc75ce2378907e26eb
        Validity
            Not Before: Jul 11 03:00:00 2022 GMT
            Not After : Jul 11 03:00:00 2024 GMT
        Subject: CN=73f6219d320e1ff7d9659b64be96356e5904f097
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:49:0f:91:29:c1:d7:8a:57:16:33:1f:ac:83:
                    65:05:1f:79:bb:10:f2:cd:81:e7:39:19:08:c2:78:
                    1e:3f:fb:8d:7e:2d:2e:28:c1:48:f5:60:08:46:a7:
                    6a:ef:95:e1:4e:91:df:c8:9c:70:57:0c:20:a0:46:
                    fe:dd:ca:ef:d9:3b:99:1d:73:da:39:5a:15:e3:ee:
                    9d:30:e1:f8:96:d8:25:00:d6:3b:6a:ce:fa:5a:34:
                    16:75:9c:ee:fa:d1:ee:a0:c4:a9:a9:80:06:7b:12:
                    ce:e2:78:79:f9:f0:97:dc:96:35:83:ab:66:38:08:
                    6a:6a:81:d4:a8:e6:9b:48:2c:57:b5:b7:e8:ae:5f:
                    8c:33:7d:1c:22:01:af:fc:37:72:36:e2:69:1b:17:
                    66:7c:aa:c5:3e:93:75:26:5c:30:8d:af:9a:39:75:
                    0d:da:6e:ce:8e:3a:a4:bf:84:13:50:ba:1e:10:28:
                    17:7d:94:7d:12:22:a9:6f:9e:06:b4:c5:9f:59:f6:
                    66:bb:8b:dd:10:ef:d1:c1:e5:47:6b:22:0f:b1:be:
                    c4:30:0c:08:7d:92:77:9f:77:77:53:3e:1f:cd:c7:
                    a2:0e:cf:76:aa:a5:3c:35:6c:89:14:f5:c1:47:01:
                    27:b5:27:2c:25:e7:73:11:64:9f:75:42:90:6d:93:
                    70:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                90:5F:5C:2F:9E:3C:4A:B6:C6:7D:EE:79:55:93:B8:29:8A:20:3C:1D
            X509v3 Authority Key Identifier:
                keyid:3E:3F:16:6F:DB:8E:FE:AC:71:9B:0C:5A:DD:F3:A4:9E:96:85:7A:3B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ad07c8481ccb5b74f16af0bc75ce2378907e26eb.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/b3e70dc7-e6c5-4ddf-bc23-67c3431a5c8b/73f6219d320e1ff7d9659b64be96356e5904f097.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/b3e70dc7-e6c5-4ddf-bc23-67c3431a5c8b/ad07c8481ccb5b74f16af0bc75ce2378907e26eb.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  181.224.196.0/24
                IPv6:
                  2801:11:9800::/48

    Signature Algorithm: sha256WithRSAEncryption
         54:1e:19:e5:a4:dd:91:e1:37:8c:c5:e0:53:87:4a:97:f3:14:
         6a:7a:90:74:02:c1:54:8c:c2:43:83:1f:fa:65:30:d5:4f:98:
         13:d1:3e:a3:be:62:66:25:72:21:a5:63:f7:c3:aa:0e:f0:60:
         5c:b2:d6:7b:31:43:c6:cd:9e:a0:f8:ab:69:26:49:7d:81:8a:
         72:0b:ef:80:4e:43:cd:c3:d5:e4:5d:43:1f:80:65:76:65:fa:
         41:d6:58:2c:c1:1c:76:bb:a3:75:1f:8d:7d:8e:2d:26:b8:0b:
         a9:e8:2e:c6:92:1a:6f:35:43:49:e2:ff:4c:b0:7d:f6:15:ae:
         81:0c:e5:1c:da:11:c5:ce:b7:a1:c0:25:9d:be:b5:a5:9a:d7:
         b5:e2:3e:9e:3a:99:5d:64:93:2e:eb:ac:94:25:d1:9f:d7:8a:
         d1:3a:0e:b1:9f:a1:65:f0:fd:19:3b:58:31:77:bd:81:8f:74:
         be:96:a4:d2:9a:a5:44:0c:cb:81:d8:5d:21:0e:93:bb:26:d8:
         16:f7:1c:01:a1:86:4e:87:c0:a3:18:19:0f:e3:30:9f:f6:63:
         d7:c5:17:31:50:6f:39:94:1d:09:21:73:25:18:1a:96:16:68:
         f0:d9:94:66:d2:aa:3e:27:49:64:11:ac:b8:8f:47:50:36:66:
         bc:df:b9:8a
-----BEGIN CERTIFICATE-----
MIIFUDCCBDigAwIBAgICB1cwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoYWQw
N2M4NDgxY2NiNWI3NGYxNmFmMGJjNzVjZTIzNzg5MDdlMjZlYjAeFw0yMjA3MTEw
MzAwMDBaFw0yNDA3MTEwMzAwMDBaMDMxMTAvBgNVBAMTKDczZjYyMTlkMzIwZTFm
ZjdkOTY1OWI2NGJlOTYzNTZlNTkwNGYwOTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCeSQ+RKcHXilcWMx+sg2UFH3m7EPLNgec5GQjCeB4/+41+LS4o
wUj1YAhGp2rvleFOkd/InHBXDCCgRv7dyu/ZO5kdc9o5WhXj7p0w4fiW2CUA1jtq
zvpaNBZ1nO760e6gxKmpgAZ7Es7ieHn58JfcljWDq2Y4CGpqgdSo5ptILFe1t+iu
X4wzfRwiAa/8N3I24mkbF2Z8qsU+k3UmXDCNr5o5dQ3abs6OOqS/hBNQuh4QKBd9
lH0SIqlvnga0xZ9Z9ma7i90Q79HB5UdrIg+xvsQwDAh9knefd3dTPh/Nx6IOz3aq
pTw1bIkU9cFHASe1Jywl53MRZJ91QpBtk3DPAgMBAAGjggJsMIICaDAdBgNVHQ4E
FgQUkF9cL548SrbGfe55VZO4KYogPB0wHwYDVR0jBBgwFoAUPj8Wb9uO/qxxmwxa
3fOknpaFejswDgYDVR0PAQH/BAQDAgeAMIGaBggrBgEFBQcBAQSBjTCBijCBhwYI
KwYBBQUHMAKGe3JzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jwa2kvbGFj
bmljLzQ4ZjA4M2JiLWY2MDMtNDg5My05OTkwLTAyODRjMDRjZWI4NS9hZDA3Yzg0
ODFjY2I1Yjc0ZjE2YWYwYmM3NWNlMjM3ODkwN2UyNmViLmNlcjCBmgYIKwYBBQUH
AQsEgY0wgYowgYcGCCsGAQUFBzALhntyc3luYzovL3JlcG9zaXRvcnkubGFjbmlj
Lm5ldC9ycGtpL2xhY25pYy9iM2U3MGRjNy1lNmM1LTRkZGYtYmMyMy02N2MzNDMx
YTVjOGIvNzNmNjIxOWQzMjBlMWZmN2Q5NjU5YjY0YmU5NjM1NmU1OTA0ZjA5Ny5y
b2EwgY8GA1UdHwSBhzCBhDCBgaB/oH2Ge3JzeW5jOi8vcmVwb3NpdG9yeS5sYWNu
aWMubmV0L3Jwa2kvbGFjbmljL2IzZTcwZGM3LWU2YzUtNGRkZi1iYzIzLTY3YzM0
MzFhNWM4Yi9hZDA3Yzg0ODFjY2I1Yjc0ZjE2YWYwYmM3NWNlMjM3ODkwN2UyNmVi
LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEw
HzAMBAIAATAGAwQAteDEMA8EAgACMAkDBwAoAQARmAAwDQYJKoZIhvcNAQELBQAD
ggEBAFQeGeWk3ZHhN4zF4FOHSpfzFGp6kHQCwVSMwkODH/plMNVPmBPRPqO+YmYl
ciGlY/fDqg7wYFyy1nsxQ8bNnqD4q2kmSX2BinIL74BOQ83D1eRdQx+AZXZl+kHW
WCzBHHa7o3UfjX2OLSa4C6noLsaSGm81Q0ni/0ywffYVroEM5RzaEcXOt6HAJZ2+
taWa17XiPp46mV1kky7rrJQl0Z/XitE6DrGfoWXw/Rk7WDF3vYGPdL6WpNKapUQM
y4HYXSEOk7sm2Bb3HAGhhk6HwKMYGQ/jMJ/2Y9fFFzFQbzmUHQkhcyUYGpYWaPDZ
lGbSqj4nSWQRrLiPR1A2ZrzfuYo=
-----END CERTIFICATE-----
Generated at Wed Feb 21 20:21:07 2024 by rpki-client on console-fra.rpki-client.org