Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/ba5a158c-27b7-48a6-8e96-bbf902c20408/5d48de03fca37e0f751db33df4d4e7b75b123c95.roa
File:                     5d48de03fca37e0f751db33df4d4e7b75b123c95.roa (raw, json)
Hash identifier:          vxHF1XJgTLIus70672tvYCeNsQ1FEseHnTg4U1bqaAE=
Subject key identifier:   42:8B:B7:76:29:E1:95:BE:80:07:9B:AB:3C:6A:94:33:EE:3F:9C:41
Certificate issuer:       /CN=3a642f0f5bf1f426c14ab984a5eec5cc1219f4a8
Certificate serial:       19E953
Authority key identifier: C5:95:24:B5:C8:D5:68:1E:4A:E5:E7:6A:72:31:62:8B:87:82:41:88
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/3a642f0f5bf1f426c14ab984a5eec5cc1219f4a8.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/ba5a158c-27b7-48a6-8e96-bbf902c20408/5d48de03fca37e0f751db33df4d4e7b75b123c95.roa
Signing time:             Tue 26 Jul 2022 18:53:19 +0000
ROA not before:           Wed 15 Jun 2022 03:00:00 +0000
ROA not after:            Sat 15 Jun 2024 03:00:00 +0000
asID:                     61470
IP address blocks:        131.0.232.0/22 maxlen: 24
                          2803:f580::/32 maxlen: 48

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/ba5a158c-27b7-48a6-8e96-bbf902c20408/3a642f0f5bf1f426c14ab984a5eec5cc1219f4a8.crl
                          rsync://repository.lacnic.net/rpki/lacnic/ba5a158c-27b7-48a6-8e96-bbf902c20408/3a642f0f5bf1f426c14ab984a5eec5cc1219f4a8.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/3a642f0f5bf1f426c14ab984a5eec5cc1219f4a8.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 03:49:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1698131 (0x19e953)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3a642f0f5bf1f426c14ab984a5eec5cc1219f4a8
        Validity
            Not Before: Jun 15 03:00:00 2022 GMT
            Not After : Jun 15 03:00:00 2024 GMT
        Subject: CN=5d48de03fca37e0f751db33df4d4e7b75b123c95
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:3f:d3:19:78:af:54:e7:2e:f3:c7:44:8a:33:
                    a2:0f:e7:f9:08:f9:01:a6:48:cd:98:60:80:df:b1:
                    0c:67:b7:90:d6:be:36:fc:01:cd:e5:99:32:db:4e:
                    de:42:2d:8b:a4:cb:80:7b:60:e5:20:25:df:69:6f:
                    c7:eb:35:13:f2:c8:8e:46:fb:18:6b:45:f1:74:0b:
                    e5:15:96:bf:bc:45:4f:52:7f:11:fb:59:ff:25:e9:
                    0d:af:99:e3:e4:ff:54:b1:ee:d9:86:f6:be:71:ca:
                    84:4f:0c:b3:4e:3c:e6:76:c9:ab:20:5c:c5:ef:cf:
                    e5:d2:e3:e6:2f:06:ef:bf:d1:30:ee:42:4f:c4:bc:
                    b9:52:0b:ad:5b:53:cf:cd:76:6d:6a:64:bf:71:00:
                    d7:cf:05:75:6e:fd:a6:04:b3:f7:64:d0:cb:93:2e:
                    e7:b4:3f:29:3f:f1:bd:ef:92:d6:77:b8:8b:2f:4e:
                    26:3e:ad:ee:48:a9:56:3f:e9:bf:df:f5:19:e3:fd:
                    8c:c9:ea:3f:94:9a:ff:2d:5e:96:a9:0e:45:c1:3b:
                    f6:fb:32:6a:a2:91:07:43:5f:89:81:9d:20:e3:6c:
                    cc:fc:57:19:e8:43:f9:49:51:79:6c:47:15:25:27:
                    08:58:1b:1b:a2:4d:2c:95:c7:70:ec:c1:d3:ab:f1:
                    0f:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                42:8B:B7:76:29:E1:95:BE:80:07:9B:AB:3C:6A:94:33:EE:3F:9C:41
            X509v3 Authority Key Identifier:
                keyid:C5:95:24:B5:C8:D5:68:1E:4A:E5:E7:6A:72:31:62:8B:87:82:41:88

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/3a642f0f5bf1f426c14ab984a5eec5cc1219f4a8.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/ba5a158c-27b7-48a6-8e96-bbf902c20408/5d48de03fca37e0f751db33df4d4e7b75b123c95.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/ba5a158c-27b7-48a6-8e96-bbf902c20408/3a642f0f5bf1f426c14ab984a5eec5cc1219f4a8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  131.0.232.0/22
                IPv6:
                  2803:f580::/32

    Signature Algorithm: sha256WithRSAEncryption
         2e:cd:4d:1d:a3:0c:39:63:8f:51:04:a2:5b:26:87:54:27:ff:
         fe:21:a1:aa:f3:80:ec:dd:93:15:a2:d2:1f:d5:e4:24:3a:57:
         36:33:9d:29:8c:b4:57:f8:03:31:e6:20:3f:56:1f:b9:99:34:
         44:89:38:43:ab:f5:cd:d0:5a:2f:fe:f8:46:24:c5:cb:85:f4:
         f0:8f:8d:92:4a:7a:3a:98:9a:3f:30:fd:34:f3:42:97:4a:47:
         0e:d1:7b:b8:21:b2:57:c9:ac:35:2b:bd:91:20:65:b6:93:79:
         e4:04:01:ea:7c:c5:2d:0d:7e:8d:3e:e2:62:5d:d6:3a:2e:87:
         7c:65:ba:ce:b5:c6:c3:c1:ee:b2:ba:bd:1b:97:e1:28:6b:44:
         02:d6:44:58:73:b5:81:48:2b:52:c1:dd:14:46:08:c6:f8:05:
         55:11:d4:73:ad:d3:d5:b1:ba:4b:fb:19:fb:75:e8:12:a4:3b:
         a1:d6:f3:cf:7f:18:5e:af:d9:98:e3:b4:97:23:78:77:74:5b:
         8b:47:3c:3c:f9:83:e1:1d:6c:69:2d:a3:a5:31:1c:c8:cf:1b:
         83:4e:eb:38:dc:35:c0:17:ce:97:04:1f:b7:3a:7f:0b:47:13:
         ca:50:0c:6d:9e:da:43:27:f1:bb:68:f2:7b:2e:64:3f:0d:ad:
         7d:84:26:fa
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgIDGelTMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDNh
NjQyZjBmNWJmMWY0MjZjMTRhYjk4NGE1ZWVjNWNjMTIxOWY0YTgwHhcNMjIwNjE1
MDMwMDAwWhcNMjQwNjE1MDMwMDAwWjAzMTEwLwYDVQQDEyg1ZDQ4ZGUwM2ZjYTM3
ZTBmNzUxZGIzM2RmNGQ0ZTdiNzViMTIzYzk1MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAnD/TGXivVOcu88dEijOiD+f5CPkBpkjNmGCA37EMZ7eQ1r42
/AHN5Zky207eQi2LpMuAe2DlICXfaW/H6zUT8siORvsYa0XxdAvlFZa/vEVPUn8R
+1n/JekNr5nj5P9Use7Zhva+ccqETwyzTjzmdsmrIFzF78/l0uPmLwbvv9Ew7kJP
xLy5UgutW1PPzXZtamS/cQDXzwV1bv2mBLP3ZNDLky7ntD8pP/G975LWd7iLL04m
Pq3uSKlWP+m/3/UZ4/2Myeo/lJr/LV6WqQ5FwTv2+zJqopEHQ1+JgZ0g42zM/FcZ
6EP5SVF5bEcVJScIWBsbok0slcdw7MHTq/EPRQIDAQABo4ICajCCAmYwHQYDVR0O
BBYEFEKLt3Yp4ZW+gAebqzxqlDPuP5xBMB8GA1UdIwQYMBaAFMWVJLXI1WgeSuXn
anIxYouHgkGIMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvM2E2NDJm
MGY1YmYxZjQyNmMxNGFiOTg0YTVlZWM1Y2MxMjE5ZjRhOC5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvYmE1YTE1OGMtMjdiNy00OGE2LThlOTYtYmJmOTAy
YzIwNDA4LzVkNDhkZTAzZmNhMzdlMGY3NTFkYjMzZGY0ZDRlN2I3NWIxMjNjOTUu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9iYTVhMTU4Yy0yN2I3LTQ4YTYtOGU5Ni1iYmY5
MDJjMjA0MDgvM2E2NDJmMGY1YmYxZjQyNmMxNGFiOTg0YTVlZWM1Y2MxMjE5ZjRh
OC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQf
MB0wDAQCAAEwBgMEAoMA6DANBAIAAjAHAwUAKAP1gDANBgkqhkiG9w0BAQsFAAOC
AQEALs1NHaMMOWOPUQSiWyaHVCf//iGhqvOA7N2TFaLSH9XkJDpXNjOdKYy0V/gD
MeYgP1YfuZk0RIk4Q6v1zdBaL/74RiTFy4X08I+Nkkp6OpiaPzD9NPNCl0pHDtF7
uCGyV8msNSu9kSBltpN55AQB6nzFLQ1+jT7iYl3WOi6HfGW6zrXGw8Husrq9G5fh
KGtEAtZEWHO1gUgrUsHdFEYIxvgFVRHUc63T1bG6S/sZ+3XoEqQ7odbzz38YXq/Z
mOO0lyN4d3Rbi0c8PPmD4R1saS2jpTEcyM8bg07rONw1wBfOlwQftzp/C0cTylAM
bZ7aQyfxu2jyey5kPw2tfYQm+g==
-----END CERTIFICATE-----
Generated at Thu Mar 28 04:54:57 2024 by rpki-client on console-ams.rpki-client.org