Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/b69f6dfd-bc4d-45cc-8354-7802abb6454d/3546dd0ad5036fa0dfcf84da89ee2b40a50d4b09.roa
File:                     3546dd0ad5036fa0dfcf84da89ee2b40a50d4b09.roa (raw, json)
Hash identifier:          X63ku5uJweXTTl4kaFdpISo0EgQwQkU6emq17CznQUs=
Subject key identifier:   74:31:6C:6D:F6:99:F8:55:EC:C7:AD:7C:8E:1B:4E:C7:BF:7B:05:9F
Certificate issuer:       /CN=92f99288a81ebe400af2542cf1335efd001a7734
Certificate serial:       23A03B
Authority key identifier: 48:EB:CE:32:EB:E8:D3:56:71:5F:74:23:E9:91:02:5E:16:3B:39:31
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/92f99288a81ebe400af2542cf1335efd001a7734.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/b69f6dfd-bc4d-45cc-8354-7802abb6454d/3546dd0ad5036fa0dfcf84da89ee2b40a50d4b09.roa
Signing time:             Fri 22 Sep 2023 19:25:28 +0000
ROA not before:           Thu 21 Sep 2023 19:25:28 +0000
ROA not after:            Mon 22 Sep 2025 19:25:28 +0000
asID:                     265696
IP address blocks:        45.5.172.0/22 maxlen: 23
                          2801:18:3000::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/b69f6dfd-bc4d-45cc-8354-7802abb6454d/92f99288a81ebe400af2542cf1335efd001a7734.crl
                          rsync://repository.lacnic.net/rpki/lacnic/b69f6dfd-bc4d-45cc-8354-7802abb6454d/92f99288a81ebe400af2542cf1335efd001a7734.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/92f99288a81ebe400af2542cf1335efd001a7734.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Wed 28 Feb 2024 07:55:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2334779 (0x23a03b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=92f99288a81ebe400af2542cf1335efd001a7734
        Validity
            Not Before: Sep 21 19:25:28 2023 GMT
            Not After : Sep 22 19:25:28 2025 GMT
        Subject: CN=3546dd0ad5036fa0dfcf84da89ee2b40a50d4b09
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:21:b4:eb:3c:22:c6:1a:6d:91:00:20:ad:e8:
                    0b:52:24:2f:37:e3:a6:78:8f:d7:b7:3b:58:7c:7e:
                    60:c1:64:e9:94:76:38:f6:22:ea:24:c6:74:c6:92:
                    9c:8b:f4:96:cc:df:17:41:4e:c0:af:6d:08:e3:1e:
                    4b:8e:53:32:8e:0a:9b:9d:0f:5e:26:20:8c:37:cc:
                    0c:a0:be:c4:10:d4:d1:56:f1:e1:19:e5:d5:eb:90:
                    b3:4e:b4:c4:8b:16:a9:78:05:e2:79:62:e7:b4:0d:
                    33:0e:53:a7:49:fb:96:2c:2c:10:ef:0c:7d:c0:a2:
                    a1:f3:12:13:2b:6d:4e:8c:b2:02:cd:36:1c:0b:14:
                    8d:c1:2e:4a:62:13:73:9e:8b:9b:a9:a3:ac:5c:d8:
                    6b:90:d1:64:23:fb:81:78:71:5b:eb:ad:36:8f:67:
                    8e:3c:76:6c:56:cf:d8:92:d6:98:5b:26:d7:a8:c1:
                    4e:a6:6d:e9:48:04:94:40:80:5b:0d:39:a1:4e:05:
                    d4:e8:44:cf:6d:e4:b4:dd:23:8f:79:ec:2d:db:ff:
                    91:41:4e:90:7d:13:fe:93:e1:10:d0:8a:1a:eb:e1:
                    03:ff:4b:df:9e:bf:c6:bd:83:4b:2e:db:35:2e:59:
                    0c:fa:5c:7b:7c:67:6a:20:e4:b7:cf:0d:a7:3d:e8:
                    04:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                74:31:6C:6D:F6:99:F8:55:EC:C7:AD:7C:8E:1B:4E:C7:BF:7B:05:9F
            X509v3 Authority Key Identifier:
                keyid:48:EB:CE:32:EB:E8:D3:56:71:5F:74:23:E9:91:02:5E:16:3B:39:31

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/92f99288a81ebe400af2542cf1335efd001a7734.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/b69f6dfd-bc4d-45cc-8354-7802abb6454d/3546dd0ad5036fa0dfcf84da89ee2b40a50d4b09.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/b69f6dfd-bc4d-45cc-8354-7802abb6454d/92f99288a81ebe400af2542cf1335efd001a7734.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.5.172.0/22
                IPv6:
                  2801:18:3000::/48

    Signature Algorithm: sha256WithRSAEncryption
         1f:16:c1:3b:dd:ed:91:48:40:de:58:f3:4d:6f:49:0e:b2:47:
         f1:04:4a:bb:12:9e:b1:1a:d6:77:3b:00:11:0d:f7:b9:d2:49:
         6e:29:f8:17:b5:5d:c7:02:c2:d8:b2:9b:12:9e:e6:03:0e:7b:
         45:ea:e1:4a:ce:53:3c:4b:cc:9f:e4:09:f0:d6:06:e0:4b:f2:
         e9:b8:3a:8d:1b:05:b9:a7:de:79:c8:42:17:50:bf:75:7a:76:
         f8:fb:42:80:76:08:d3:d5:ab:5e:ca:3b:53:fb:5f:41:f1:7f:
         a4:f9:5d:d6:da:e6:55:a8:ee:49:2c:d8:ba:bc:54:ac:08:16:
         47:c3:64:fb:72:81:7b:70:84:fe:fe:2e:2a:8d:a4:ad:29:8a:
         40:54:d6:f0:81:8a:26:8a:a4:71:cc:13:75:04:16:97:2c:08:
         b0:e3:83:43:93:0a:a9:60:70:18:0f:2e:15:94:31:0d:87:d7:
         70:67:cd:7e:d3:f9:74:8d:bc:38:a2:a1:d7:2b:4b:1e:f0:03:
         ae:e2:68:05:fe:44:ba:b7:9a:dc:7e:42:19:fe:c3:e9:d1:90:
         a2:bc:44:7f:75:e8:ec:6e:56:64:f0:d5:8d:54:c0:d5:a1:31:
         75:fa:aa:58:db:3c:82:36:6d:ea:e3:47:7a:04:d4:b0:98:eb:
         20:4b:2f:cb
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgIDI6A7MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDky
Zjk5Mjg4YTgxZWJlNDAwYWYyNTQyY2YxMzM1ZWZkMDAxYTc3MzQwHhcNMjMwOTIx
MTkyNTI4WhcNMjUwOTIyMTkyNTI4WjAzMTEwLwYDVQQDEygzNTQ2ZGQwYWQ1MDM2
ZmEwZGZjZjg0ZGE4OWVlMmI0MGE1MGQ0YjA5MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAkyG06zwixhptkQAgregLUiQvN+OmeI/XtztYfH5gwWTplHY4
9iLqJMZ0xpKci/SWzN8XQU7Ar20I4x5LjlMyjgqbnQ9eJiCMN8wMoL7EENTRVvHh
GeXV65CzTrTEixapeAXieWLntA0zDlOnSfuWLCwQ7wx9wKKh8xITK21OjLICzTYc
CxSNwS5KYhNznoubqaOsXNhrkNFkI/uBeHFb6602j2eOPHZsVs/YktaYWybXqMFO
pm3pSASUQIBbDTmhTgXU6ETPbeS03SOPeewt2/+RQU6QfRP+k+EQ0Ioa6+ED/0vf
nr/GvYNLLts1LlkM+lx7fGdqIOS3zw2nPegEwwIDAQABo4ICbDCCAmgwHQYDVR0O
BBYEFHQxbG32mfhV7MetfI4bTse/ewWfMB8GA1UdIwQYMBaAFEjrzjLr6NNWcV90
I+mRAl4WOzkxMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvOTJmOTky
ODhhODFlYmU0MDBhZjI1NDJjZjEzMzVlZmQwMDFhNzczNC5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvYjY5ZjZkZmQtYmM0ZC00NWNjLTgzNTQtNzgwMmFi
YjY0NTRkLzM1NDZkZDBhZDUwMzZmYTBkZmNmODRkYTg5ZWUyYjQwYTUwZDRiMDku
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9iNjlmNmRmZC1iYzRkLTQ1Y2MtODM1NC03ODAy
YWJiNjQ1NGQvOTJmOTkyODhhODFlYmU0MDBhZjI1NDJjZjEzMzVlZmQwMDFhNzcz
NC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAwBggrBgEFBQcBBwEB/wQh
MB8wDAQCAAEwBgMEAi0FrDAPBAIAAjAJAwcAKAEAGDAAMA0GCSqGSIb3DQEBCwUA
A4IBAQAfFsE73e2RSEDeWPNNb0kOskfxBEq7Ep6xGtZ3OwARDfe50kluKfgXtV3H
AsLYspsSnuYDDntF6uFKzlM8S8yf5Anw1gbgS/LpuDqNGwW5p955yEIXUL91enb4
+0KAdgjT1ateyjtT+19B8X+k+V3W2uZVqO5JLNi6vFSsCBZHw2T7coF7cIT+/i4q
jaStKYpAVNbwgYomiqRxzBN1BBaXLAiw44NDkwqpYHAYDy4VlDENh9dwZ81+0/l0
jbw4oqHXK0se8AOu4mgF/kS6t5rcfkIZ/sPp0ZCivER/dejsblZk8NWNVMDVoTF1
+qpY2zyCNm3q40d6BNSwmOsgSy/L
-----END CERTIFICATE-----
Generated at Sun Feb 25 10:14:53 2024 by rpki-client on console-fra.rpki-client.org