Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/b9c7e2c6-a0d3-44db-bbf0-c194d576f88c/cc23fda9e554ec6216e585514e6f0820cfc81ad4.roa
File:                     cc23fda9e554ec6216e585514e6f0820cfc81ad4.roa (raw, json)
Hash identifier:          T17n7bh11IyqsVZndY4NTLj4ka6BzfGbaQEzZ3aUzMA=
Subject key identifier:   96:AF:1E:5F:CE:AD:48:43:95:07:B5:F2:76:CC:D9:B5:E0:C1:AE:8B
Certificate issuer:       /CN=30855b14b9a043ea2127093be7f867b091f60231
Certificate serial:       20A305
Authority key identifier: 2A:F0:2A:C0:4A:03:65:65:77:24:46:AD:9B:A9:03:43:2F:00:64:F9
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/30855b14b9a043ea2127093be7f867b091f60231.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/b9c7e2c6-a0d3-44db-bbf0-c194d576f88c/cc23fda9e554ec6216e585514e6f0820cfc81ad4.roa
Signing time:             Fri 19 May 2023 12:45:16 +0000
ROA not before:           Thu 18 May 2023 12:45:16 +0000
ROA not after:            Mon 19 May 2025 12:45:16 +0000
asID:                     264646
IP address blocks:        138.0.88.0/22 maxlen: 24
                          2803:1780:8000::/46 maxlen: 48
                          2803:1780::/45 maxlen: 48

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/b9c7e2c6-a0d3-44db-bbf0-c194d576f88c/30855b14b9a043ea2127093be7f867b091f60231.crl
                          rsync://repository.lacnic.net/rpki/lacnic/b9c7e2c6-a0d3-44db-bbf0-c194d576f88c/30855b14b9a043ea2127093be7f867b091f60231.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/30855b14b9a043ea2127093be7f867b091f60231.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Wed 06 Mar 2024 06:24:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2138885 (0x20a305)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=30855b14b9a043ea2127093be7f867b091f60231
        Validity
            Not Before: May 18 12:45:16 2023 GMT
            Not After : May 19 12:45:16 2025 GMT
        Subject: CN=cc23fda9e554ec6216e585514e6f0820cfc81ad4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:3a:5b:0f:a7:9b:9b:0b:24:4a:96:da:57:ef:
                    e7:bb:cf:23:b0:a2:02:70:44:76:59:e3:6d:e1:58:
                    8b:3c:f4:11:f5:22:5d:4a:4f:ea:11:3f:b8:c0:5f:
                    ca:ed:ca:9a:b7:51:02:cd:da:ff:5e:b8:40:1a:bb:
                    6d:11:b7:1a:e7:c4:f6:2e:74:d9:66:6d:f4:21:43:
                    8b:df:a8:61:2c:60:0e:26:31:3a:96:9a:d9:0b:d9:
                    52:da:9e:69:a9:9c:72:1b:e8:96:6b:17:de:c7:2e:
                    20:a4:90:d8:9c:2e:7e:33:f4:14:b4:b3:e7:d0:b2:
                    c7:57:94:95:db:e0:b1:d0:a1:cf:87:54:06:b7:42:
                    2d:2c:e4:18:c4:69:74:cb:b1:4e:b1:7c:68:87:21:
                    a8:58:22:0f:c9:7d:32:66:fe:d0:c9:a5:c6:91:a2:
                    8d:22:8d:35:d4:42:db:a0:c9:2d:94:9a:ce:f6:57:
                    79:0b:0e:bc:0c:0c:5c:ec:7b:3c:79:67:23:23:a6:
                    e9:6e:ca:37:e7:2a:0f:41:7b:d6:32:a8:63:76:8b:
                    d6:2e:42:e8:15:82:48:87:b4:cc:d8:25:bb:6a:0d:
                    5b:b9:c9:d7:00:f7:04:b7:f4:38:3f:9e:ee:41:05:
                    8a:31:c9:43:82:88:7d:0e:f8:ba:6a:b6:9d:52:99:
                    9f:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                96:AF:1E:5F:CE:AD:48:43:95:07:B5:F2:76:CC:D9:B5:E0:C1:AE:8B
            X509v3 Authority Key Identifier:
                keyid:2A:F0:2A:C0:4A:03:65:65:77:24:46:AD:9B:A9:03:43:2F:00:64:F9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/30855b14b9a043ea2127093be7f867b091f60231.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/b9c7e2c6-a0d3-44db-bbf0-c194d576f88c/cc23fda9e554ec6216e585514e6f0820cfc81ad4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/b9c7e2c6-a0d3-44db-bbf0-c194d576f88c/30855b14b9a043ea2127093be7f867b091f60231.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  138.0.88.0/22
                IPv6:
                  2803:1780::/45
                  2803:1780:8000::/46

    Signature Algorithm: sha256WithRSAEncryption
         1d:c1:55:47:c2:71:ff:19:db:68:13:9e:43:96:e5:2d:9d:3f:
         15:b8:59:ba:5f:93:e0:1d:09:1b:e9:65:1c:fd:f7:bf:c1:9d:
         b4:c0:58:58:66:bc:e1:9c:28:37:42:8c:16:97:bf:07:82:d1:
         6c:1b:0a:2a:ad:3a:dd:7f:8f:95:3b:b8:e0:f4:05:04:cb:fd:
         b1:8b:61:d1:84:67:3f:a4:59:45:72:5e:08:2e:9c:dd:71:b9:
         34:f0:77:11:a9:3e:30:e4:1f:71:29:c6:7a:c2:68:b4:42:1d:
         87:84:69:ee:26:d6:16:9f:3d:cd:b3:5d:4e:66:2a:29:cb:51:
         62:3e:81:79:b7:af:9e:ea:63:5d:c2:48:ba:95:47:bb:a7:9e:
         0c:4a:66:4f:28:77:b6:8a:7a:c3:c3:7b:b3:1c:4f:bf:02:69:
         e4:ed:c9:ab:c8:1f:c6:17:98:bb:3d:a8:bf:e5:36:35:9f:8c:
         b4:f4:26:bf:bf:00:98:21:a4:06:bc:9e:20:f0:b6:b9:ad:b9:
         ca:09:6e:00:55:f3:14:11:4a:23:dd:e1:df:30:6d:a6:8a:08:
         cc:dd:f0:89:d6:b0:2f:e2:19:d3:8c:8f:82:2c:47:81:ec:e1:
         55:e7:e1:04:db:7b:8c:f7:b0:ae:e1:12:f8:00:91:b0:1a:27:
         ce:a4:a9:d7
-----BEGIN CERTIFICATE-----
MIIFWjCCBEKgAwIBAgIDIKMFMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDMw
ODU1YjE0YjlhMDQzZWEyMTI3MDkzYmU3Zjg2N2IwOTFmNjAyMzEwHhcNMjMwNTE4
MTI0NTE2WhcNMjUwNTE5MTI0NTE2WjAzMTEwLwYDVQQDEyhjYzIzZmRhOWU1NTRl
YzYyMTZlNTg1NTE0ZTZmMDgyMGNmYzgxYWQ0MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAiTpbD6ebmwskSpbaV+/nu88jsKICcER2WeNt4ViLPPQR9SJd
Sk/qET+4wF/K7cqat1ECzdr/XrhAGrttEbca58T2LnTZZm30IUOL36hhLGAOJjE6
lprZC9lS2p5pqZxyG+iWaxfexy4gpJDYnC5+M/QUtLPn0LLHV5SV2+Cx0KHPh1QG
t0ItLOQYxGl0y7FOsXxohyGoWCIPyX0yZv7QyaXGkaKNIo011ELboMktlJrO9ld5
Cw68DAxc7Hs8eWcjI6bpbso35yoPQXvWMqhjdovWLkLoFYJIh7TM2CW7ag1bucnX
APcEt/Q4P57uQQWKMclDgoh9Dvi6aradUpmf2QIDAQABo4ICdTCCAnEwHQYDVR0O
BBYEFJavHl/OrUhDlQe18nbM2bXgwa6LMB8GA1UdIwQYMBaAFCrwKsBKA2VldyRG
rZupA0MvAGT5MA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvMzA4NTVi
MTRiOWEwNDNlYTIxMjcwOTNiZTdmODY3YjA5MWY2MDIzMS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvYjljN2UyYzYtYTBkMy00NGRiLWJiZjAtYzE5NGQ1
NzZmODhjL2NjMjNmZGE5ZTU1NGVjNjIxNmU1ODU1MTRlNmYwODIwY2ZjODFhZDQu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9iOWM3ZTJjNi1hMGQzLTQ0ZGItYmJmMC1jMTk0
ZDU3NmY4OGMvMzA4NTViMTRiOWEwNDNlYTIxMjcwOTNiZTdmODY3YjA5MWY2MDIz
MS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA5BggrBgEFBQcBBwEB/wQq
MCgwDAQCAAEwBgMEAooAWDAYBAIAAjASAwcDKAMXgAAAAwcCKAMXgIAAMA0GCSqG
SIb3DQEBCwUAA4IBAQAdwVVHwnH/GdtoE55DluUtnT8VuFm6X5PgHQkb6WUc/fe/
wZ20wFhYZrzhnCg3QowWl78HgtFsGwoqrTrdf4+VO7jg9AUEy/2xi2HRhGc/pFlF
cl4ILpzdcbk08HcRqT4w5B9xKcZ6wmi0Qh2HhGnuJtYWnz3Ns11OZiopy1FiPoF5
t6+e6mNdwki6lUe7p54MSmZPKHe2inrDw3uzHE+/Amnk7cmryB/GF5i7Pai/5TY1
n4y09Ca/vwCYIaQGvJ4g8La5rbnKCW4AVfMUEUoj3eHfMG2migjM3fCJ1rAv4hnT
jI+CLEeB7OFV5+EE23uM97Cu4RL4AJGwGifOpKnX
-----END CERTIFICATE-----
Generated at Sun Mar 3 13:25:59 2024 by rpki-client on console-ams.rpki-client.org