Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/b75a2b49-1457-4d1e-a633-44115e86909a/bdcb908c615a111a2979844f6b7a7d177cde6104.roa
File:                     bdcb908c615a111a2979844f6b7a7d177cde6104.roa (raw, json)
Hash identifier:          2JLo1rvN3G2YXdXiPngJDTbxL7znumjVQRaXXssGvuQ=
Subject key identifier:   1C:37:50:02:89:9E:15:75:39:6A:44:B0:FC:28:B1:D8:82:15:50:E4
Certificate issuer:       /CN=b39e9213a27f038d3701817402c0abd4741eeae8
Certificate serial:       22E65C
Authority key identifier: 99:79:99:98:C9:5F:87:1F:BB:3E:E7:AF:2C:AA:BF:1F:F9:F3:9F:9E
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/b39e9213a27f038d3701817402c0abd4741eeae8.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/b75a2b49-1457-4d1e-a633-44115e86909a/bdcb908c615a111a2979844f6b7a7d177cde6104.roa
Signing time:             Tue 05 Sep 2023 21:51:34 +0000
ROA not before:           Mon 04 Sep 2023 21:51:34 +0000
ROA not after:            Fri 05 Sep 2025 21:51:34 +0000
asID:                     265781
IP address blocks:        164.163.56.0/22 maxlen: 22
                          2803:1fc0::/32 maxlen: 32

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/b75a2b49-1457-4d1e-a633-44115e86909a/b39e9213a27f038d3701817402c0abd4741eeae8.crl
                          rsync://repository.lacnic.net/rpki/lacnic/b75a2b49-1457-4d1e-a633-44115e86909a/b39e9213a27f038d3701817402c0abd4741eeae8.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/b39e9213a27f038d3701817402c0abd4741eeae8.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 03 Mar 2024 01:34:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2287196 (0x22e65c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b39e9213a27f038d3701817402c0abd4741eeae8
        Validity
            Not Before: Sep  4 21:51:34 2023 GMT
            Not After : Sep  5 21:51:34 2025 GMT
        Subject: CN=bdcb908c615a111a2979844f6b7a7d177cde6104
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:74:65:59:09:53:92:e0:be:40:5c:da:9b:56:
                    49:35:87:13:4a:5c:f7:6e:24:c4:35:9b:a5:4a:05:
                    d3:45:f1:40:0b:50:78:f2:97:cf:51:1d:1a:1d:dd:
                    98:da:02:ed:26:b6:e8:b3:37:47:13:93:d5:d1:eb:
                    ae:57:d1:43:24:a7:ab:e5:41:f1:6e:75:26:9d:cb:
                    20:43:78:ad:83:18:83:99:70:7d:2f:1e:bd:bc:3d:
                    2d:c6:d9:16:ca:36:bf:9b:05:49:9e:42:f5:11:fc:
                    57:83:86:9a:ea:d0:32:b3:62:7e:4c:de:00:21:90:
                    e7:b4:f1:71:29:67:8f:f4:3a:12:3c:7f:60:cc:44:
                    37:00:02:40:fc:a6:53:7f:3a:e5:49:6b:33:b8:19:
                    e6:ff:a3:64:b5:30:16:8b:17:69:34:f5:08:d9:29:
                    f4:70:2d:1f:9e:d9:35:8b:1f:ab:28:f1:b3:a7:bb:
                    a5:fe:a5:ac:32:5a:83:ef:b6:ae:1e:a5:a1:d8:4a:
                    8c:ab:f1:b1:b1:c0:95:bf:b2:1f:19:10:17:71:57:
                    b0:82:21:36:bd:fd:cc:4f:91:a4:f1:64:b4:a0:9d:
                    4b:43:f7:6c:55:87:a6:ef:22:7f:38:0a:88:eb:9b:
                    bc:f1:61:eb:c7:9e:85:3c:7a:f9:d4:cb:0c:7a:bc:
                    8e:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1C:37:50:02:89:9E:15:75:39:6A:44:B0:FC:28:B1:D8:82:15:50:E4
            X509v3 Authority Key Identifier:
                keyid:99:79:99:98:C9:5F:87:1F:BB:3E:E7:AF:2C:AA:BF:1F:F9:F3:9F:9E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/b39e9213a27f038d3701817402c0abd4741eeae8.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/b75a2b49-1457-4d1e-a633-44115e86909a/bdcb908c615a111a2979844f6b7a7d177cde6104.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/b75a2b49-1457-4d1e-a633-44115e86909a/b39e9213a27f038d3701817402c0abd4741eeae8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  164.163.56.0/22
                IPv6:
                  2803:1fc0::/32

    Signature Algorithm: sha256WithRSAEncryption
         3c:40:91:62:d0:d1:cd:84:20:f0:2a:f4:be:f8:e0:df:6b:65:
         52:48:6f:3a:a8:29:d2:25:d2:5e:7b:f2:38:bc:69:cf:83:26:
         d7:5f:07:9b:e8:6b:d1:2f:55:bd:b8:5c:f6:92:d4:c9:da:a1:
         28:21:5e:68:b9:48:bb:77:b1:ea:5b:b5:8f:1f:71:5d:a7:7a:
         f8:66:21:fc:13:43:8c:64:f5:e1:c8:48:bc:ab:8c:38:98:dd:
         5f:d1:89:54:5b:cf:e4:3f:f6:dd:2d:52:55:90:d0:88:a7:34:
         af:a4:16:d5:0e:6c:8d:ed:a4:7a:66:02:b9:21:06:1a:cd:72:
         c1:dc:d0:38:b0:18:65:67:5f:af:c1:78:c1:95:8e:63:9e:dc:
         54:f3:91:bd:c5:e0:81:4b:83:f2:dd:ab:ba:49:94:f0:f1:0b:
         e8:5c:77:1b:5c:f1:ac:e2:1e:3c:fa:6d:e8:e3:93:76:9d:ad:
         5a:af:a1:88:bf:81:63:ec:68:47:92:aa:72:d9:c9:fa:a0:5f:
         7a:7e:fc:3c:0c:0c:e7:8b:24:73:72:8e:d5:41:60:7d:d7:b9:
         84:6b:77:43:4a:9e:ce:79:0c:47:63:13:31:69:25:cd:39:20:
         31:2b:05:d2:d1:1e:00:48:46:b9:a0:5b:e0:ba:5f:9a:19:87:
         5a:52:cd:b0
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgIDIuZcMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGIz
OWU5MjEzYTI3ZjAzOGQzNzAxODE3NDAyYzBhYmQ0NzQxZWVhZTgwHhcNMjMwOTA0
MjE1MTM0WhcNMjUwOTA1MjE1MTM0WjAzMTEwLwYDVQQDEyhiZGNiOTA4YzYxNWEx
MTFhMjk3OTg0NGY2YjdhN2QxNzdjZGU2MTA0MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAnHRlWQlTkuC+QFzam1ZJNYcTSlz3biTENZulSgXTRfFAC1B4
8pfPUR0aHd2Y2gLtJrboszdHE5PV0euuV9FDJKer5UHxbnUmncsgQ3itgxiDmXB9
Lx69vD0txtkWyja/mwVJnkL1EfxXg4aa6tAys2J+TN4AIZDntPFxKWeP9DoSPH9g
zEQ3AAJA/KZTfzrlSWszuBnm/6NktTAWixdpNPUI2Sn0cC0fntk1ix+rKPGzp7ul
/qWsMlqD77auHqWh2EqMq/GxscCVv7IfGRAXcVewgiE2vf3MT5Gk8WS0oJ1LQ/ds
VYem7yJ/OAqI65u88WHrx56FPHr51MsMeryOXwIDAQABo4ICajCCAmYwHQYDVR0O
BBYEFBw3UAKJnhV1OWpEsPwosdiCFVDkMB8GA1UdIwQYMBaAFJl5mZjJX4cfuz7n
ryyqvx/585+eMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYjM5ZTky
MTNhMjdmMDM4ZDM3MDE4MTc0MDJjMGFiZDQ3NDFlZWFlOC5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvYjc1YTJiNDktMTQ1Ny00ZDFlLWE2MzMtNDQxMTVl
ODY5MDlhL2JkY2I5MDhjNjE1YTExMWEyOTc5ODQ0ZjZiN2E3ZDE3N2NkZTYxMDQu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9iNzVhMmI0OS0xNDU3LTRkMWUtYTYzMy00NDEx
NWU4NjkwOWEvYjM5ZTkyMTNhMjdmMDM4ZDM3MDE4MTc0MDJjMGFiZDQ3NDFlZWFl
OC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQf
MB0wDAQCAAEwBgMEAqSjODANBAIAAjAHAwUAKAMfwDANBgkqhkiG9w0BAQsFAAOC
AQEAPECRYtDRzYQg8Cr0vvjg32tlUkhvOqgp0iXSXnvyOLxpz4Mm118Hm+hr0S9V
vbhc9pLUydqhKCFeaLlIu3ex6lu1jx9xXad6+GYh/BNDjGT14chIvKuMOJjdX9GJ
VFvP5D/23S1SVZDQiKc0r6QW1Q5sje2kemYCuSEGGs1ywdzQOLAYZWdfr8F4wZWO
Y57cVPORvcXggUuD8t2rukmU8PEL6Fx3G1zxrOIePPpt6OOTdp2tWq+hiL+BY+xo
R5KqctnJ+qBfen78PAwM54skc3KO1UFgfde5hGt3Q0qeznkMR2MTMWklzTkgMSsF
0tEeAEhGuaBb4LpfmhmHWlLNsA==
-----END CERTIFICATE-----
Generated at Thu Feb 29 02:36:58 2024 by rpki-client on console-fra.rpki-client.org