Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/b565a079-f5da-4db2-9b4a-2d09ad6b68c8/38dc1424a7621b42c00a9cda612c68de7ad62b0d.roa
File:                     38dc1424a7621b42c00a9cda612c68de7ad62b0d.roa (raw, json)
Hash identifier:          ZauoOMnpqCMrFbhQTLVcD25ZtbkGmfgCNgj4e63JsSs=
Subject key identifier:   98:B5:47:17:02:BE:78:62:8B:6E:01:E9:40:CA:94:48:0B:F1:39:31
Certificate issuer:       /CN=a021501bf713ce344873efb6d039b5bf1e030235
Certificate serial:       0F8A1E
Authority key identifier: 04:B8:C4:EA:F7:79:2E:CF:D6:C2:01:3D:72:7D:1C:CB:51:E0:0A:D0
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/a021501bf713ce344873efb6d039b5bf1e030235.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/b565a079-f5da-4db2-9b4a-2d09ad6b68c8/38dc1424a7621b42c00a9cda612c68de7ad62b0d.roa
Signing time:             Mon 21 Jun 2021 14:21:43 +0000
ROA not before:           Wed 24 Mar 2021 03:00:00 +0000
ROA not after:            Tue 24 Mar 2026 03:00:00 +0000
asID:                     267699
IP address blocks:        170.254.28.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/b565a079-f5da-4db2-9b4a-2d09ad6b68c8/a021501bf713ce344873efb6d039b5bf1e030235.crl
                          rsync://repository.lacnic.net/rpki/lacnic/b565a079-f5da-4db2-9b4a-2d09ad6b68c8/a021501bf713ce344873efb6d039b5bf1e030235.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/a021501bf713ce344873efb6d039b5bf1e030235.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 03:49:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1018398 (0xf8a1e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a021501bf713ce344873efb6d039b5bf1e030235
        Validity
            Not Before: Mar 24 03:00:00 2021 GMT
            Not After : Mar 24 03:00:00 2026 GMT
        Subject: CN=38dc1424a7621b42c00a9cda612c68de7ad62b0d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:11:29:d7:aa:a7:4d:04:63:56:a3:6d:87:61:
                    ba:f9:40:b4:1e:ba:01:64:33:7d:3e:8e:a8:f8:63:
                    a0:a7:c7:a9:fe:f3:78:3b:8a:20:81:81:4c:d6:a7:
                    da:5f:76:65:b9:8e:32:46:17:f4:d6:1e:52:ed:1e:
                    34:70:a5:90:51:d5:28:9c:4b:47:ca:a2:be:6b:40:
                    50:00:c4:8d:46:74:eb:16:61:61:14:56:c2:d8:f0:
                    fb:9e:79:a9:ab:e2:eb:a4:a1:e2:4e:c3:41:2a:cf:
                    f5:c1:c5:f1:eb:05:32:86:62:79:26:23:9d:db:ed:
                    7c:e2:65:e3:6e:f7:28:1b:8b:5c:dc:67:60:6d:54:
                    fe:62:95:c9:80:62:b8:88:01:5a:bf:4f:92:21:b2:
                    b9:b7:e4:02:09:3e:08:46:9e:65:bd:a6:e7:67:96:
                    dd:b1:1f:4c:28:50:58:eb:99:bc:0b:9a:cb:fb:fd:
                    8d:39:ad:f7:62:08:a9:6e:4f:f6:6f:81:a8:be:3e:
                    27:d9:3b:9a:0b:50:a9:b3:e4:6f:d1:76:3a:e5:03:
                    46:5d:a5:17:c3:38:ef:46:b0:0b:8d:8a:7c:55:31:
                    3c:f4:91:18:1d:d7:99:4e:a9:34:a8:1b:82:f0:88:
                    9c:2c:d7:df:e4:f1:dd:80:90:c7:1c:2b:2a:93:7c:
                    b8:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                98:B5:47:17:02:BE:78:62:8B:6E:01:E9:40:CA:94:48:0B:F1:39:31
            X509v3 Authority Key Identifier:
                keyid:04:B8:C4:EA:F7:79:2E:CF:D6:C2:01:3D:72:7D:1C:CB:51:E0:0A:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/a021501bf713ce344873efb6d039b5bf1e030235.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/b565a079-f5da-4db2-9b4a-2d09ad6b68c8/38dc1424a7621b42c00a9cda612c68de7ad62b0d.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/b565a079-f5da-4db2-9b4a-2d09ad6b68c8/a021501bf713ce344873efb6d039b5bf1e030235.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  170.254.28.0/22

    Signature Algorithm: sha256WithRSAEncryption
         53:4e:ba:2e:43:a4:e1:8e:72:f4:42:1b:b2:37:cd:05:ae:de:
         36:60:8f:ef:a0:3f:b4:88:b5:42:f3:cd:98:48:12:a7:e6:6d:
         8b:3f:2f:0c:a3:df:1b:4f:c3:bc:e9:c4:d5:83:e8:db:cc:84:
         93:23:53:90:f6:d2:9a:4d:83:5f:e5:f4:17:9f:48:6e:f9:06:
         eb:42:2d:3d:a4:01:bf:b2:66:fb:90:d5:2d:e4:2f:98:a6:a4:
         8b:77:14:6b:18:e7:0a:39:d1:7e:23:bb:14:c1:e0:ed:b1:1d:
         95:17:80:16:85:21:94:5a:ff:63:55:28:f8:00:de:1e:8f:bc:
         ec:b0:db:96:67:8a:08:78:1f:04:bf:9b:25:72:97:f1:70:18:
         13:36:f4:3a:55:f7:40:b5:f5:48:70:66:fe:5e:56:bc:41:74:
         63:fd:0f:e6:ba:70:0e:f2:3c:de:57:90:f1:78:45:13:05:8d:
         57:d3:4d:b6:0f:ee:e7:04:d8:f6:ba:1c:9b:56:bb:98:7f:18:
         da:75:18:b3:b5:31:0d:00:d6:fc:06:0d:5a:af:73:d5:03:07:
         88:29:44:c0:6b:bc:b7:f6:92:89:c7:6e:06:c4:3c:24:78:01:
         f7:3a:9b:43:4e:86:d3:d7:78:df:91:1f:2a:af:a2:79:df:22:
         67:6e:ba:3d
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDD4oeMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGEw
MjE1MDFiZjcxM2NlMzQ0ODczZWZiNmQwMzliNWJmMWUwMzAyMzUwHhcNMjEwMzI0
MDMwMDAwWhcNMjYwMzI0MDMwMDAwWjAzMTEwLwYDVQQDEygzOGRjMTQyNGE3NjIx
YjQyYzAwYTljZGE2MTJjNjhkZTdhZDYyYjBkMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAwREp16qnTQRjVqNth2G6+UC0HroBZDN9Po6o+GOgp8ep/vN4
O4oggYFM1qfaX3ZluY4yRhf01h5S7R40cKWQUdUonEtHyqK+a0BQAMSNRnTrFmFh
FFbC2PD7nnmpq+LrpKHiTsNBKs/1wcXx6wUyhmJ5JiOd2+184mXjbvcoG4tc3Gdg
bVT+YpXJgGK4iAFav0+SIbK5t+QCCT4IRp5lvabnZ5bdsR9MKFBY65m8C5rL+/2N
Oa33Ygipbk/2b4Govj4n2TuaC1Cps+Rv0XY65QNGXaUXwzjvRrALjYp8VTE89JEY
HdeZTqk0qBuC8IicLNff5PHdgJDHHCsqk3y4IQIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFJi1RxcCvnhii24B6UDKlEgL8TkxMB8GA1UdIwQYMBaAFAS4xOr3eS7P1sIB
PXJ9HMtR4ArQMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYTAyMTUw
MWJmNzEzY2UzNDQ4NzNlZmI2ZDAzOWI1YmYxZTAzMDIzNS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvYjU2NWEwNzktZjVkYS00ZGIyLTliNGEtMmQwOWFk
NmI2OGM4LzM4ZGMxNDI0YTc2MjFiNDJjMDBhOWNkYTYxMmM2OGRlN2FkNjJiMGQu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9iNTY1YTA3OS1mNWRhLTRkYjItOWI0YS0yZDA5
YWQ2YjY4YzgvYTAyMTUwMWJmNzEzY2UzNDQ4NzNlZmI2ZDAzOWI1YmYxZTAzMDIz
NS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAqr+HDANBgkqhkiG9w0BAQsFAAOCAQEAU066LkOk4Y5y9EIb
sjfNBa7eNmCP76A/tIi1QvPNmEgSp+Ztiz8vDKPfG0/DvOnE1YPo28yEkyNTkPbS
mk2DX+X0F59IbvkG60ItPaQBv7Jm+5DVLeQvmKaki3cUaxjnCjnRfiO7FMHg7bEd
lReAFoUhlFr/Y1Uo+ADeHo+87LDblmeKCHgfBL+bJXKX8XAYEzb0OlX3QLX1SHBm
/l5WvEF0Y/0P5rpwDvI83leQ8XhFEwWNV9NNtg/u5wTY9rocm1a7mH8Y2nUYs7Ux
DQDW/AYNWq9z1QMHiClEwGu8t/aSicduBsQ8JHgB9zqbQ06G09d435EfKq+ied8i
Z266PQ==
-----END CERTIFICATE-----
Generated at Thu Mar 28 10:47:14 2024 by rpki-client on console-ams.rpki-client.org