Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/ba4dcbef-7f58-4411-bdfd-f3680390146f/ba18b39a339cc0b075410d792264b7397982eae9.roa
File:                     ba18b39a339cc0b075410d792264b7397982eae9.roa (raw, json)
Hash identifier:          OLKoAV3TSs++8AqeK5yO4Yolw1z4A+hvPGJ6Wj5mlD4=
Subject key identifier:   A6:99:1B:10:5D:78:9E:8F:22:6E:EC:36:61:51:BC:FD:46:D0:D5:81
Certificate issuer:       /CN=b4b2c2fe3a00f50a1e90d692950bdd43704615e4
Certificate serial:       0B9FD3
Authority key identifier: 27:AB:23:2C:0A:55:36:EA:37:A5:50:A4:D4:1D:E5:4C:BA:34:1F:B1
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/b4b2c2fe3a00f50a1e90d692950bdd43704615e4.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/ba4dcbef-7f58-4411-bdfd-f3680390146f/ba18b39a339cc0b075410d792264b7397982eae9.roa
Signing time:             Wed 24 Mar 2021 14:29:52 +0000
ROA not before:           Wed 24 Mar 2021 14:29:52 +0000
ROA not after:            Tue 24 Mar 2026 14:29:52 +0000
asID:                     52496
IP address blocks:        45.188.188.0/22 maxlen: 24
                          2803:2f60::/32 maxlen: 48

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/ba4dcbef-7f58-4411-bdfd-f3680390146f/b4b2c2fe3a00f50a1e90d692950bdd43704615e4.crl
                          rsync://repository.lacnic.net/rpki/lacnic/ba4dcbef-7f58-4411-bdfd-f3680390146f/b4b2c2fe3a00f50a1e90d692950bdd43704615e4.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/b4b2c2fe3a00f50a1e90d692950bdd43704615e4.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 12:22:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 761811 (0xb9fd3)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b4b2c2fe3a00f50a1e90d692950bdd43704615e4
        Validity
            Not Before: Mar 24 14:29:52 2021 GMT
            Not After : Mar 24 14:29:52 2026 GMT
        Subject: CN=ba18b39a339cc0b075410d792264b7397982eae9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:3d:90:1f:a2:2a:3e:ad:8c:73:fd:3c:f9:c0:
                    34:e4:d9:d6:75:22:df:1c:9f:d3:2e:71:e9:a4:f0:
                    af:58:8d:91:b0:82:20:c1:ee:79:83:cc:25:d9:4e:
                    af:5d:0d:3a:d3:26:b8:74:6d:53:f1:35:0c:fd:48:
                    aa:40:8f:e3:18:9c:dc:7c:5b:6e:f3:ae:00:ec:d6:
                    b7:20:79:b2:14:40:70:b0:2e:dd:c9:7b:d9:ac:d1:
                    0a:29:da:75:0b:38:ff:74:88:ee:a7:01:d8:92:60:
                    09:83:37:3a:2a:40:81:cc:55:e7:8d:06:08:49:51:
                    43:cc:ab:df:a5:11:cd:1f:15:7d:5e:02:ae:0f:46:
                    64:42:7e:43:59:6d:a6:e0:f0:f0:8f:13:ce:7d:f6:
                    c3:cc:9f:9f:0d:55:ab:6d:66:9a:10:c1:32:6a:87:
                    e1:c7:0c:e5:36:3c:e2:ee:46:58:3c:8b:d8:af:6a:
                    a9:1f:f6:ec:18:b7:26:28:ec:ec:48:02:ea:da:29:
                    0b:6d:18:e0:11:00:91:2c:22:f0:66:1e:20:75:a6:
                    74:4f:a6:e1:9b:33:7c:85:c1:a3:20:4b:15:4b:02:
                    64:19:20:0f:79:2d:7d:70:83:21:bc:39:65:9b:d6:
                    36:63:ba:eb:3d:08:ac:7a:54:96:23:e6:76:57:ea:
                    f6:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A6:99:1B:10:5D:78:9E:8F:22:6E:EC:36:61:51:BC:FD:46:D0:D5:81
            X509v3 Authority Key Identifier:
                keyid:27:AB:23:2C:0A:55:36:EA:37:A5:50:A4:D4:1D:E5:4C:BA:34:1F:B1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/b4b2c2fe3a00f50a1e90d692950bdd43704615e4.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/ba4dcbef-7f58-4411-bdfd-f3680390146f/ba18b39a339cc0b075410d792264b7397982eae9.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/ba4dcbef-7f58-4411-bdfd-f3680390146f/b4b2c2fe3a00f50a1e90d692950bdd43704615e4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.188.188.0/22
                IPv6:
                  2803:2f60::/32

    Signature Algorithm: sha256WithRSAEncryption
         29:ea:7d:2f:b6:6a:fe:f9:02:44:d9:e5:b0:47:ff:5c:59:f2:
         4b:6e:7c:b1:b7:43:97:af:e0:a0:f4:54:0c:ea:59:a1:1b:e4:
         00:ad:93:7b:4c:3c:7c:8c:64:95:fa:f3:e8:aa:9d:62:e0:97:
         39:af:9e:a5:aa:e6:fd:bc:3d:ed:48:ab:42:1c:11:c1:ca:c5:
         bb:03:73:ba:16:ef:fa:4e:ce:8c:23:a5:da:ea:8b:bb:4f:7d:
         3a:8a:de:29:9b:05:9b:5a:83:7e:03:2a:bd:00:b8:ec:7a:10:
         f8:57:86:1a:49:7b:3e:6c:04:b1:34:22:3e:80:ea:78:10:26:
         79:dc:a0:52:4a:83:92:3c:56:3a:ea:fa:c8:65:05:d5:7e:27:
         7b:8b:b2:76:a3:49:d4:d0:a9:7a:69:2e:2c:3f:59:75:1c:ab:
         4e:dd:7b:0d:14:b1:64:a8:7f:78:61:ff:f6:82:c3:0a:b6:b1:
         72:9c:c6:d4:46:23:ad:09:3c:dc:2d:5c:aa:3b:d6:de:e6:ce:
         b3:76:90:b5:31:07:a3:8a:4e:58:27:3f:4e:5c:a8:91:66:93:
         f2:90:e7:91:97:ee:4f:c5:0a:68:f0:1a:bb:69:50:ce:7d:3d:
         a0:70:6f:84:58:63:db:78:5d:04:07:06:3f:7f:07:81:d6:9f:
         4b:7e:4b:6d
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgIDC5/TMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGI0
YjJjMmZlM2EwMGY1MGExZTkwZDY5Mjk1MGJkZDQzNzA0NjE1ZTQwHhcNMjEwMzI0
MTQyOTUyWhcNMjYwMzI0MTQyOTUyWjAzMTEwLwYDVQQDEyhiYTE4YjM5YTMzOWNj
MGIwNzU0MTBkNzkyMjY0YjczOTc5ODJlYWU5MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAzj2QH6IqPq2Mc/08+cA05NnWdSLfHJ/TLnHppPCvWI2RsIIg
we55g8wl2U6vXQ060ya4dG1T8TUM/UiqQI/jGJzcfFtu864A7Na3IHmyFEBwsC7d
yXvZrNEKKdp1Czj/dIjupwHYkmAJgzc6KkCBzFXnjQYISVFDzKvfpRHNHxV9XgKu
D0ZkQn5DWW2m4PDwjxPOffbDzJ+fDVWrbWaaEMEyaofhxwzlNjzi7kZYPIvYr2qp
H/bsGLcmKOzsSALq2ikLbRjgEQCRLCLwZh4gdaZ0T6bhmzN8hcGjIEsVSwJkGSAP
eS19cIMhvDllm9Y2Y7rrPQiselSWI+Z2V+r2qQIDAQABo4ICajCCAmYwHQYDVR0O
BBYEFKaZGxBdeJ6PIm7sNmFRvP1G0NWBMB8GA1UdIwQYMBaAFCerIywKVTbqN6VQ
pNQd5Uy6NB+xMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYjRiMmMy
ZmUzYTAwZjUwYTFlOTBkNjkyOTUwYmRkNDM3MDQ2MTVlNC5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvYmE0ZGNiZWYtN2Y1OC00NDExLWJkZmQtZjM2ODAz
OTAxNDZmL2JhMThiMzlhMzM5Y2MwYjA3NTQxMGQ3OTIyNjRiNzM5Nzk4MmVhZTku
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9iYTRkY2JlZi03ZjU4LTQ0MTEtYmRmZC1mMzY4
MDM5MDE0NmYvYjRiMmMyZmUzYTAwZjUwYTFlOTBkNjkyOTUwYmRkNDM3MDQ2MTVl
NC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQf
MB0wDAQCAAEwBgMEAi28vDANBAIAAjAHAwUAKAMvYDANBgkqhkiG9w0BAQsFAAOC
AQEAKep9L7Zq/vkCRNnlsEf/XFnyS258sbdDl6/goPRUDOpZoRvkAK2Te0w8fIxk
lfrz6KqdYuCXOa+eparm/bw97UirQhwRwcrFuwNzuhbv+k7OjCOl2uqLu099Oore
KZsFm1qDfgMqvQC47HoQ+FeGGkl7PmwEsTQiPoDqeBAmedygUkqDkjxWOur6yGUF
1X4ne4uydqNJ1NCpemkuLD9ZdRyrTt17DRSxZKh/eGH/9oLDCraxcpzG1EYjrQk8
3C1cqjvW3ubOs3aQtTEHo4pOWCc/TlyokWaT8pDnkZfuT8UKaPAau2lQzn09oHBv
hFhj23hdBAcGP38HgdafS35LbQ==
-----END CERTIFICATE-----
Generated at Thu Mar 28 16:43:55 2024 by rpki-client on console-fra.rpki-client.org