Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/b75f692f-7c16-469c-8457-292cbca3a7f6/43a76e1f27362c8bd8de561e81b1718bc9d2f520.roa
File:                     43a76e1f27362c8bd8de561e81b1718bc9d2f520.roa (raw, json)
Hash identifier:          pkUB9e2ZIDJhrVGXzRNwG1A5THiCNN1iB52wghkzprY=
Subject key identifier:   94:F8:F3:51:C4:38:D1:16:72:BE:78:5F:44:38:79:3E:63:2D:CF:50
Certificate issuer:       /CN=1c27c52ff62cb7930012ce072df399f1fb5db92a
Certificate serial:       0D5247
Authority key identifier: D7:27:C5:98:10:CA:AF:6F:DD:0E:A5:FA:2B:0B:B6:64:B6:03:D1:D6
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/1c27c52ff62cb7930012ce072df399f1fb5db92a.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/b75f692f-7c16-469c-8457-292cbca3a7f6/43a76e1f27362c8bd8de561e81b1718bc9d2f520.roa
Signing time:             Wed 24 Mar 2021 14:46:46 +0000
ROA not before:           Wed 24 Mar 2021 14:46:45 +0000
ROA not after:            Tue 24 Mar 2026 14:46:45 +0000
asID:                     27729
IP address blocks:        138.219.12.0/22 maxlen: 24
                          168.90.108.0/22 maxlen: 24
                          2803:d640::/32 maxlen: 48

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/b75f692f-7c16-469c-8457-292cbca3a7f6/1c27c52ff62cb7930012ce072df399f1fb5db92a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/b75f692f-7c16-469c-8457-292cbca3a7f6/1c27c52ff62cb7930012ce072df399f1fb5db92a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/1c27c52ff62cb7930012ce072df399f1fb5db92a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Fri 01 Mar 2024 12:01:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 873031 (0xd5247)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1c27c52ff62cb7930012ce072df399f1fb5db92a
        Validity
            Not Before: Mar 24 14:46:45 2021 GMT
            Not After : Mar 24 14:46:45 2026 GMT
        Subject: CN=43a76e1f27362c8bd8de561e81b1718bc9d2f520
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:1e:13:61:50:c8:39:46:91:51:4a:f7:68:d8:
                    56:ff:2d:15:88:03:bd:17:e1:f4:2a:2f:09:2a:03:
                    62:40:34:12:6e:f3:db:29:ba:e1:ec:5e:46:eb:d3:
                    73:a2:f0:e3:11:db:6e:d0:73:90:2b:ad:f5:2c:4f:
                    dc:11:c4:3a:2c:7e:20:a3:c3:b7:2b:a6:a7:71:f6:
                    c0:ef:87:40:45:64:6c:1c:ea:19:56:f8:e3:dc:60:
                    2d:5f:85:2e:4e:3a:ee:02:2f:43:fb:e8:ee:48:2c:
                    6d:26:53:05:d5:37:f2:54:64:06:77:5b:53:54:a5:
                    05:90:c1:f9:1c:a5:0d:d1:9e:67:f7:da:34:0a:d4:
                    08:6d:da:98:3e:df:2f:46:e1:cb:d0:45:91:f2:fa:
                    7b:87:3c:b0:e7:fe:dc:67:95:24:f5:77:ae:5d:0a:
                    c2:3d:25:9a:48:28:07:c1:a8:65:48:d0:5f:a8:ea:
                    e2:90:af:1f:0e:80:f9:9a:fd:6a:37:3c:94:7e:63:
                    89:dc:0f:2d:12:f3:fa:1c:7d:f8:95:6a:68:af:66:
                    88:e0:9b:5d:ea:ab:a4:ca:b3:37:59:7f:64:e5:b3:
                    c2:2e:e0:56:eb:3f:99:75:23:71:4d:4f:8b:7d:df:
                    17:8d:a5:9f:05:9f:f9:5d:98:30:8a:fc:45:5e:7b:
                    eb:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                94:F8:F3:51:C4:38:D1:16:72:BE:78:5F:44:38:79:3E:63:2D:CF:50
            X509v3 Authority Key Identifier:
                keyid:D7:27:C5:98:10:CA:AF:6F:DD:0E:A5:FA:2B:0B:B6:64:B6:03:D1:D6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/1c27c52ff62cb7930012ce072df399f1fb5db92a.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/b75f692f-7c16-469c-8457-292cbca3a7f6/43a76e1f27362c8bd8de561e81b1718bc9d2f520.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/b75f692f-7c16-469c-8457-292cbca3a7f6/1c27c52ff62cb7930012ce072df399f1fb5db92a.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  138.219.12.0/22
                  168.90.108.0/22
                IPv6:
                  2803:d640::/32

    Signature Algorithm: sha256WithRSAEncryption
         26:8c:93:9c:4a:e9:5f:90:4c:aa:a1:6a:36:44:d2:52:1e:f9:
         1f:e9:98:7d:70:37:74:2d:37:2d:8f:de:db:5e:44:a1:ec:84:
         c0:e8:6a:b4:c0:d0:fe:fd:2b:f7:f3:02:d3:71:fb:96:95:96:
         5d:55:7d:96:76:e8:58:04:9d:31:91:c2:f7:68:f2:74:2d:7d:
         4d:02:20:d4:f0:77:9c:69:8d:83:2d:da:a3:87:fe:e3:af:5f:
         90:f5:7d:b8:c1:4d:ed:11:f4:40:f1:b1:0f:b4:c6:94:6c:2d:
         6b:62:e6:eb:8e:e1:26:91:a7:52:d8:a6:43:84:22:4c:24:fe:
         cb:d1:8b:be:ea:81:4d:02:8e:2d:22:57:6a:53:dc:55:59:06:
         4b:a2:eb:73:7f:68:5c:70:dc:89:c3:e9:a7:34:ba:4c:95:15:
         87:02:65:fe:6f:d9:a6:9d:90:3c:8e:c4:12:5e:59:6f:02:75:
         2b:cf:b5:b0:a6:54:46:9e:79:33:5a:0c:b1:49:3c:33:9b:fb:
         b0:76:5e:ac:79:88:ad:e7:86:cf:ea:8f:34:b2:74:0f:3b:5c:
         de:41:f1:37:ff:17:e3:4c:e5:bd:33:0b:be:71:4f:38:8f:14:
         76:9c:ed:50:32:6f:6a:dc:4d:94:90:b5:a3:47:1e:04:8f:14:
         53:e3:c7:da
-----BEGIN CERTIFICATE-----
MIIFVTCCBD2gAwIBAgIDDVJHMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDFj
MjdjNTJmZjYyY2I3OTMwMDEyY2UwNzJkZjM5OWYxZmI1ZGI5MmEwHhcNMjEwMzI0
MTQ0NjQ1WhcNMjYwMzI0MTQ0NjQ1WjAzMTEwLwYDVQQDEyg0M2E3NmUxZjI3MzYy
YzhiZDhkZTU2MWU4MWIxNzE4YmM5ZDJmNTIwMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAmh4TYVDIOUaRUUr3aNhW/y0ViAO9F+H0Ki8JKgNiQDQSbvPb
Kbrh7F5G69NzovDjEdtu0HOQK631LE/cEcQ6LH4go8O3K6ancfbA74dARWRsHOoZ
Vvjj3GAtX4UuTjruAi9D++juSCxtJlMF1TfyVGQGd1tTVKUFkMH5HKUN0Z5n99o0
CtQIbdqYPt8vRuHL0EWR8vp7hzyw5/7cZ5Uk9XeuXQrCPSWaSCgHwahlSNBfqOri
kK8fDoD5mv1qNzyUfmOJ3A8tEvP6HH34lWpor2aI4Jtd6qukyrM3WX9k5bPCLuBW
6z+ZdSNxTU+Lfd8XjaWfBZ/5XZgwivxFXnvrlwIDAQABo4ICcDCCAmwwHQYDVR0O
BBYEFJT481HEONEWcr54X0Q4eT5jLc9QMB8GA1UdIwQYMBaAFNcnxZgQyq9v3Q6l
+isLtmS2A9HWMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvMWMyN2M1
MmZmNjJjYjc5MzAwMTJjZTA3MmRmMzk5ZjFmYjVkYjkyYS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvYjc1ZjY5MmYtN2MxNi00NjljLTg0NTctMjkyY2Jj
YTNhN2Y2LzQzYTc2ZTFmMjczNjJjOGJkOGRlNTYxZTgxYjE3MThiYzlkMmY1MjAu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9iNzVmNjkyZi03YzE2LTQ2OWMtODQ1Ny0yOTJj
YmNhM2E3ZjYvMWMyN2M1MmZmNjJjYjc5MzAwMTJjZTA3MmRmMzk5ZjFmYjVkYjky
YS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0BggrBgEFBQcBBwEB/wQl
MCMwEgQCAAEwDAMEAorbDAMEAqhabDANBAIAAjAHAwUAKAPWQDANBgkqhkiG9w0B
AQsFAAOCAQEAJoyTnErpX5BMqqFqNkTSUh75H+mYfXA3dC03LY/e215EoeyEwOhq
tMDQ/v0r9/MC03H7lpWWXVV9lnboWASdMZHC92jydC19TQIg1PB3nGmNgy3ao4f+
469fkPV9uMFN7RH0QPGxD7TGlGwta2Lm647hJpGnUtimQ4QiTCT+y9GLvuqBTQKO
LSJXalPcVVkGS6Lrc39oXHDcicPppzS6TJUVhwJl/m/Zpp2QPI7EEl5ZbwJ1K8+1
sKZURp55M1oMsUk8M5v7sHZerHmIreeGz+qPNLJ0Dztc3kHxN/8X40zlvTMLvnFP
OI8UdpztUDJvatxNlJC1o0ceBI8UU+PH2g==
-----END CERTIFICATE-----
Generated at Tue Feb 27 14:04:21 2024 by rpki-client on console-ams.rpki-client.org