Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/ba373a1b-387b-41d1-8540-c1758dfe3cf3/a586753fb36917dab1bb38566ea2627c46939c1a.roa
File:                     a586753fb36917dab1bb38566ea2627c46939c1a.roa (raw, json)
Hash identifier:          oC6pNzVnEOMLdybOPxlNiYcB2n0O7StE8Q0eTLC9jOs=
Subject key identifier:   F0:42:4C:70:C9:6A:68:7A:51:28:AA:A4:10:B4:AC:EF:32:FC:0C:C4
Certificate issuer:       /CN=87b7f548b0d643ffa768da76ef82c2b3680dff0d
Certificate serial:       09B35C
Authority key identifier: A5:7D:43:76:BE:81:6F:39:76:17:86:E0:01:33:1B:08:1E:42:DD:18
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/87b7f548b0d643ffa768da76ef82c2b3680dff0d.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/ba373a1b-387b-41d1-8540-c1758dfe3cf3/a586753fb36917dab1bb38566ea2627c46939c1a.roa
Signing time:             Tue 09 May 2023 14:38:17 +0000
ROA not before:           Mon 08 May 2023 14:38:16 +0000
ROA not after:            Fri 09 May 2025 14:38:16 +0000
asID:                     27947
IP address blocks:        181.224.197.0/24 maxlen: 24
                          2801:16:9800::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/ba373a1b-387b-41d1-8540-c1758dfe3cf3/87b7f548b0d643ffa768da76ef82c2b3680dff0d.crl
                          rsync://repository.lacnic.net/rpki/lacnic/ba373a1b-387b-41d1-8540-c1758dfe3cf3/87b7f548b0d643ffa768da76ef82c2b3680dff0d.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/87b7f548b0d643ffa768da76ef82c2b3680dff0d.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 12:22:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 635740 (0x9b35c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=87b7f548b0d643ffa768da76ef82c2b3680dff0d
        Validity
            Not Before: May  8 14:38:16 2023 GMT
            Not After : May  9 14:38:16 2025 GMT
        Subject: CN=a586753fb36917dab1bb38566ea2627c46939c1a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:dc:89:2a:fc:78:c4:c2:c7:6e:c9:bb:18:84:
                    e1:a3:34:0e:68:e6:7d:7d:dc:e9:79:59:3d:4e:22:
                    f8:ae:d4:15:3b:2c:b1:15:4d:c2:f1:32:a2:c0:19:
                    91:e6:2a:42:77:b3:b0:34:60:62:58:b1:ca:ab:d4:
                    15:81:a3:dd:34:bb:17:d6:3e:31:c8:4e:dd:61:4b:
                    b8:e6:a2:e4:7d:dd:42:7b:cc:7f:0d:4c:7a:8a:e5:
                    31:78:71:79:55:25:6e:e8:c8:e2:7d:f7:8a:f3:f5:
                    0f:44:6f:d9:35:99:41:7e:29:e5:49:f5:82:79:cd:
                    c7:bc:f5:07:c4:f3:fc:b4:70:5f:8a:03:a2:0c:f8:
                    c6:3c:4f:53:e0:5b:18:b7:19:d6:96:bd:8d:fd:13:
                    1c:a1:15:d6:fa:d7:1d:ec:cf:16:a7:87:c0:db:fe:
                    e1:33:ae:88:6c:e4:05:b9:f2:7d:e6:b9:9e:53:0d:
                    77:73:af:59:6b:14:97:9e:04:25:57:39:4f:97:3d:
                    30:a6:d1:f9:ae:19:cc:96:ef:2f:a2:bb:a3:d2:00:
                    39:84:06:45:e6:21:75:cf:89:23:08:94:c2:24:0a:
                    8b:99:1d:c2:23:19:e9:af:b1:f2:25:d5:04:38:86:
                    e6:ab:b9:f5:22:17:f3:fd:92:4b:20:7f:96:fb:5b:
                    71:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F0:42:4C:70:C9:6A:68:7A:51:28:AA:A4:10:B4:AC:EF:32:FC:0C:C4
            X509v3 Authority Key Identifier:
                keyid:A5:7D:43:76:BE:81:6F:39:76:17:86:E0:01:33:1B:08:1E:42:DD:18

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/87b7f548b0d643ffa768da76ef82c2b3680dff0d.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/ba373a1b-387b-41d1-8540-c1758dfe3cf3/a586753fb36917dab1bb38566ea2627c46939c1a.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/ba373a1b-387b-41d1-8540-c1758dfe3cf3/87b7f548b0d643ffa768da76ef82c2b3680dff0d.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  181.224.197.0/24
                IPv6:
                  2801:16:9800::/48

    Signature Algorithm: sha256WithRSAEncryption
         97:84:47:3a:a9:3a:51:3c:25:ae:8c:e8:a6:e8:75:39:c3:b8:
         f2:f2:72:78:a2:86:0d:55:82:8e:21:9a:fa:42:2a:51:09:3a:
         04:e7:d5:ad:4a:be:6a:ac:5e:61:3b:e3:79:6a:cd:be:c2:12:
         5b:4f:ae:7c:50:f2:89:bd:b0:cf:dd:35:00:00:d1:d1:56:05:
         93:7f:40:5f:d5:4d:0e:bc:73:6d:3d:e1:72:a4:d9:cf:c1:c1:
         5b:f5:de:65:d8:a8:f4:b2:d6:53:c3:b8:52:13:00:ee:a8:37:
         d1:cc:63:70:d3:95:3d:2b:3f:ce:9a:62:3f:bf:7d:b9:63:04:
         cd:f5:19:d2:f7:fb:a5:a9:3a:b9:7b:1a:62:1a:2c:4b:fc:3f:
         07:ed:02:d3:08:cf:35:a1:9c:4e:95:8a:6b:28:7c:7b:4b:7f:
         38:01:f7:a7:79:97:d2:49:11:39:78:2a:f7:06:d8:b3:a6:c2:
         14:2f:79:fc:47:a2:ff:b6:e6:58:ea:25:d8:c4:96:b4:6c:86:
         e6:88:28:89:20:da:49:96:2f:e3:6b:a2:10:96:78:3c:cc:b1:
         66:a7:1b:18:05:5e:de:9a:a4:72:e2:e4:d6:b5:ba:ef:ff:ce:
         18:df:90:29:05:e0:a4:1a:0f:08:a4:79:78:52:48:07:1f:77:
         0c:ef:bf:b8
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgIDCbNcMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDg3
YjdmNTQ4YjBkNjQzZmZhNzY4ZGE3NmVmODJjMmIzNjgwZGZmMGQwHhcNMjMwNTA4
MTQzODE2WhcNMjUwNTA5MTQzODE2WjAzMTEwLwYDVQQDEyhhNTg2NzUzZmIzNjkx
N2RhYjFiYjM4NTY2ZWEyNjI3YzQ2OTM5YzFhMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAstyJKvx4xMLHbsm7GIThozQOaOZ9fdzpeVk9TiL4rtQVOyyx
FU3C8TKiwBmR5ipCd7OwNGBiWLHKq9QVgaPdNLsX1j4xyE7dYUu45qLkfd1Ce8x/
DUx6iuUxeHF5VSVu6MjiffeK8/UPRG/ZNZlBfinlSfWCec3HvPUHxPP8tHBfigOi
DPjGPE9T4FsYtxnWlr2N/RMcoRXW+tcd7M8Wp4fA2/7hM66IbOQFufJ95rmeUw13
c69ZaxSXngQlVzlPlz0wptH5rhnMlu8voruj0gA5hAZF5iF1z4kjCJTCJAqLmR3C
Ixnpr7HyJdUEOIbmq7n1Ihfz/ZJLIH+W+1txxQIDAQABo4ICbDCCAmgwHQYDVR0O
BBYEFPBCTHDJamh6USiqpBC0rO8y/AzEMB8GA1UdIwQYMBaAFKV9Q3a+gW85dheG
4AEzGwgeQt0YMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvODdiN2Y1
NDhiMGQ2NDNmZmE3NjhkYTc2ZWY4MmMyYjM2ODBkZmYwZC5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvYmEzNzNhMWItMzg3Yi00MWQxLTg1NDAtYzE3NThk
ZmUzY2YzL2E1ODY3NTNmYjM2OTE3ZGFiMWJiMzg1NjZlYTI2MjdjNDY5MzljMWEu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9iYTM3M2ExYi0zODdiLTQxZDEtODU0MC1jMTc1
OGRmZTNjZjMvODdiN2Y1NDhiMGQ2NDNmZmE3NjhkYTc2ZWY4MmMyYjM2ODBkZmYw
ZC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAwBggrBgEFBQcBBwEB/wQh
MB8wDAQCAAEwBgMEALXgxTAPBAIAAjAJAwcAKAEAFpgAMA0GCSqGSIb3DQEBCwUA
A4IBAQCXhEc6qTpRPCWujOim6HU5w7jy8nJ4ooYNVYKOIZr6QipRCToE59WtSr5q
rF5hO+N5as2+whJbT658UPKJvbDP3TUAANHRVgWTf0Bf1U0OvHNtPeFypNnPwcFb
9d5l2Kj0stZTw7hSEwDuqDfRzGNw05U9Kz/OmmI/v325YwTN9RnS9/ulqTq5expi
GixL/D8H7QLTCM81oZxOlYprKHx7S384AfeneZfSSRE5eCr3BtizpsIUL3n8R6L/
tuZY6iXYxJa0bIbmiCiJINpJli/ja6IQlng8zLFmpxsYBV7emqRy4uTWtbrv/84Y
35ApBeCkGg8IpHl4UkgHH3cM77+4
-----END CERTIFICATE-----
Generated at Thu Mar 28 19:40:40 2024 by rpki-client on console-fra.rpki-client.org