Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/b9b1dd7e-24cb-4c9d-938c-13cb4d1156a6/fadbf2d629c025801804bf5eba7002c81e189f99.roa
File:                     fadbf2d629c025801804bf5eba7002c81e189f99.roa (raw, json)
Hash identifier:          9rdZmu8IQOjcqJ0PYXoJo+uqev2vUAmDVqxwdJ7m50E=
Subject key identifier:   11:8C:F2:74:64:41:F1:59:DE:63:C9:02:79:02:62:AF:08:97:C3:66
Certificate issuer:       /CN=01be7e7c38df126b8fc7e82d65b4dfc5f1f64c36
Certificate serial:       176FC4
Authority key identifier: 90:79:F9:B1:64:5C:04:00:B4:CE:78:CA:A8:8A:34:15:33:86:B1:CA
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/01be7e7c38df126b8fc7e82d65b4dfc5f1f64c36.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/b9b1dd7e-24cb-4c9d-938c-13cb4d1156a6/fadbf2d629c025801804bf5eba7002c81e189f99.roa
Signing time:             Thu 23 Jun 2022 22:20:03 +0000
ROA not before:           Thu 23 Jun 2022 03:00:00 +0000
ROA not after:            Sun 23 Jun 2024 03:00:00 +0000
asID:                     265661
IP address blocks:        45.4.252.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/b9b1dd7e-24cb-4c9d-938c-13cb4d1156a6/01be7e7c38df126b8fc7e82d65b4dfc5f1f64c36.crl
                          rsync://repository.lacnic.net/rpki/lacnic/b9b1dd7e-24cb-4c9d-938c-13cb4d1156a6/01be7e7c38df126b8fc7e82d65b4dfc5f1f64c36.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/01be7e7c38df126b8fc7e82d65b4dfc5f1f64c36.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 03:49:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1535940 (0x176fc4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=01be7e7c38df126b8fc7e82d65b4dfc5f1f64c36
        Validity
            Not Before: Jun 23 03:00:00 2022 GMT
            Not After : Jun 23 03:00:00 2024 GMT
        Subject: CN=fadbf2d629c025801804bf5eba7002c81e189f99
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:37:fe:74:ea:d1:ac:d4:b8:a7:90:78:47:c3:
                    95:7a:88:a3:a4:a8:4e:0a:f6:b4:b6:34:c8:a1:1a:
                    ee:0c:fd:f5:27:8d:62:f5:49:05:29:97:31:fb:90:
                    24:82:7e:c0:87:bf:b5:9a:b5:19:94:0e:3f:23:29:
                    46:da:1c:74:2d:31:3e:e9:fd:e3:ac:37:99:fa:67:
                    16:35:02:94:87:3d:92:ca:09:ba:01:75:fb:92:af:
                    18:6d:06:d3:0c:ae:73:d0:1b:c9:ca:1a:24:a9:87:
                    cf:04:51:c3:26:08:6e:cd:12:50:56:d5:15:dc:6d:
                    1b:a8:b8:b4:09:eb:86:d6:5e:37:2f:11:a7:b4:fb:
                    6b:c9:9c:cf:30:e7:ba:9a:8f:3c:c5:97:dc:c1:d3:
                    df:79:84:d0:20:a7:80:a8:e3:74:e4:52:97:7c:19:
                    76:d9:72:85:f0:d7:80:ff:ad:aa:59:3f:8c:86:a4:
                    c5:ca:56:d6:bd:0b:52:54:ce:f8:a9:e3:18:ae:7c:
                    92:c2:e0:72:3e:ca:5d:90:20:53:58:9b:cb:f3:fa:
                    8d:71:73:b3:22:3e:98:e2:41:b7:51:e3:fc:29:7e:
                    24:98:86:cb:33:6a:c8:21:69:65:97:92:07:5b:4e:
                    4d:d5:47:48:9e:3d:25:f1:e3:ea:8b:a3:45:47:aa:
                    43:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                11:8C:F2:74:64:41:F1:59:DE:63:C9:02:79:02:62:AF:08:97:C3:66
            X509v3 Authority Key Identifier:
                keyid:90:79:F9:B1:64:5C:04:00:B4:CE:78:CA:A8:8A:34:15:33:86:B1:CA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/01be7e7c38df126b8fc7e82d65b4dfc5f1f64c36.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/b9b1dd7e-24cb-4c9d-938c-13cb4d1156a6/fadbf2d629c025801804bf5eba7002c81e189f99.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/b9b1dd7e-24cb-4c9d-938c-13cb4d1156a6/01be7e7c38df126b8fc7e82d65b4dfc5f1f64c36.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.4.252.0/22

    Signature Algorithm: sha256WithRSAEncryption
         3b:c6:86:6a:e5:71:2b:51:ed:19:f6:25:23:30:5a:e3:7e:75:
         15:2d:a9:82:41:d2:c5:8f:dd:e3:cf:b7:08:97:7b:b7:88:b4:
         c5:74:03:4d:cf:c4:0d:64:a6:1c:a9:3c:87:ee:3e:1f:ba:a1:
         38:e8:7d:33:08:2e:c6:36:c4:84:da:03:e8:31:e7:f8:f8:03:
         27:32:f8:f9:2d:89:0a:22:56:22:59:0f:6d:d0:79:f6:55:0b:
         d1:11:dd:0c:d0:29:b5:3d:60:ba:3e:6b:7b:f3:55:fe:38:1a:
         da:7e:d1:f7:3a:37:6c:d1:b6:d8:92:8e:a8:55:7b:5c:b8:5e:
         7f:ab:bf:85:55:53:42:ff:80:ec:37:9a:87:e0:7f:64:17:d0:
         77:df:e4:a6:9f:6a:5f:a0:a3:dd:36:ad:de:2b:d9:42:16:b8:
         74:8f:9b:ef:bc:81:b2:f1:b5:60:48:67:64:8e:3a:14:ac:e3:
         fb:e4:21:f5:49:00:e3:4e:b2:b6:d0:86:35:5f:a5:71:0e:9f:
         d8:bf:54:25:1b:6b:26:07:25:17:6f:e3:b9:22:c1:9a:75:4a:
         dc:67:e1:c6:7e:20:7f:dd:ce:ef:99:ce:b6:1f:f5:7b:d9:54:
         f1:3a:d2:84:4b:f9:74:8c:ce:b0:28:de:c2:8d:f4:2b:3c:e0:
         63:46:f3:22
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDF2/EMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDAx
YmU3ZTdjMzhkZjEyNmI4ZmM3ZTgyZDY1YjRkZmM1ZjFmNjRjMzYwHhcNMjIwNjIz
MDMwMDAwWhcNMjQwNjIzMDMwMDAwWjAzMTEwLwYDVQQDEyhmYWRiZjJkNjI5YzAy
NTgwMTgwNGJmNWViYTcwMDJjODFlMTg5Zjk5MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAszf+dOrRrNS4p5B4R8OVeoijpKhOCva0tjTIoRruDP31J41i
9UkFKZcx+5Akgn7Ah7+1mrUZlA4/IylG2hx0LTE+6f3jrDeZ+mcWNQKUhz2Sygm6
AXX7kq8YbQbTDK5z0BvJyhokqYfPBFHDJghuzRJQVtUV3G0bqLi0CeuG1l43LxGn
tPtryZzPMOe6mo88xZfcwdPfeYTQIKeAqON05FKXfBl22XKF8NeA/62qWT+MhqTF
ylbWvQtSVM74qeMYrnySwuByPspdkCBTWJvL8/qNcXOzIj6Y4kG3UeP8KX4kmIbL
M2rIIWlll5IHW05N1UdInj0l8ePqi6NFR6pDGwIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFBGM8nRkQfFZ3mPJAnkCYq8Il8NmMB8GA1UdIwQYMBaAFJB5+bFkXAQAtM54
yqiKNBUzhrHKMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvMDFiZTdl
N2MzOGRmMTI2YjhmYzdlODJkNjViNGRmYzVmMWY2NGMzNi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvYjliMWRkN2UtMjRjYi00YzlkLTkzOGMtMTNjYjRk
MTE1NmE2L2ZhZGJmMmQ2MjljMDI1ODAxODA0YmY1ZWJhNzAwMmM4MWUxODlmOTku
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9iOWIxZGQ3ZS0yNGNiLTRjOWQtOTM4Yy0xM2Ni
NGQxMTU2YTYvMDFiZTdlN2MzOGRmMTI2YjhmYzdlODJkNjViNGRmYzVmMWY2NGMz
Ni5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAi0E/DANBgkqhkiG9w0BAQsFAAOCAQEAO8aGauVxK1HtGfYl
IzBa4351FS2pgkHSxY/d48+3CJd7t4i0xXQDTc/EDWSmHKk8h+4+H7qhOOh9Mwgu
xjbEhNoD6DHn+PgDJzL4+S2JCiJWIlkPbdB59lUL0RHdDNAptT1guj5re/NV/jga
2n7R9zo3bNG22JKOqFV7XLhef6u/hVVTQv+A7Deah+B/ZBfQd9/kpp9qX6Cj3Tat
3ivZQha4dI+b77yBsvG1YEhnZI46FKzj++Qh9UkA406yttCGNV+lcQ6f2L9UJRtr
JgclF2/juSLBmnVK3Gfhxn4gf93O75nOth/1e9lU8TrShEv5dIzOsCjewo30Kzzg
Y0bzIg==
-----END CERTIFICATE-----
Generated at Thu Mar 28 06:01:08 2024 by rpki-client on console-fra.rpki-client.org