Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/ba9d5ca8-7397-403c-bb7a-2654b0083210/5da80400819ef31beb2d71182accaf53a2f7b5b4.roa
File:                     5da80400819ef31beb2d71182accaf53a2f7b5b4.roa (raw, json)
Hash identifier:          OSOK9F2FI2Tn56uviU1qnrS9S0q6jJSB8vF0VkXX4S0=
Subject key identifier:   75:F0:AE:DD:75:03:43:7E:5C:7B:CC:74:13:B2:33:B6:E8:DD:5E:11
Certificate issuer:       /CN=7a86d7b138d974a1f0c70838eb6fb2a10ae1ab5b
Certificate serial:       05DB83
Authority key identifier: A4:00:D3:7E:74:56:FD:28:CC:9F:E3:3E:2A:CF:4E:9B:4E:84:BB:EF
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/7a86d7b138d974a1f0c70838eb6fb2a10ae1ab5b.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/ba9d5ca8-7397-403c-bb7a-2654b0083210/5da80400819ef31beb2d71182accaf53a2f7b5b4.roa
Signing time:             Wed 26 Apr 2023 22:28:26 +0000
ROA not before:           Tue 25 Apr 2023 22:28:26 +0000
ROA not after:            Sat 26 Apr 2025 22:28:26 +0000
asID:                     52361
IP address blocks:        45.4.216.0/22 maxlen: 24
                          2803:c1c0::/32 maxlen: 32

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/ba9d5ca8-7397-403c-bb7a-2654b0083210/7a86d7b138d974a1f0c70838eb6fb2a10ae1ab5b.crl
                          rsync://repository.lacnic.net/rpki/lacnic/ba9d5ca8-7397-403c-bb7a-2654b0083210/7a86d7b138d974a1f0c70838eb6fb2a10ae1ab5b.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/7a86d7b138d974a1f0c70838eb6fb2a10ae1ab5b.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 04 Mar 2024 08:17:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 383875 (0x5db83)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7a86d7b138d974a1f0c70838eb6fb2a10ae1ab5b
        Validity
            Not Before: Apr 25 22:28:26 2023 GMT
            Not After : Apr 26 22:28:26 2025 GMT
        Subject: CN=5da80400819ef31beb2d71182accaf53a2f7b5b4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:48:1d:d3:94:f9:41:ea:ac:f3:e1:7f:af:eb:
                    4f:f5:80:d7:9a:4c:9e:89:0f:03:77:27:48:4f:e9:
                    ad:ec:87:91:56:7e:43:96:53:31:23:7e:a7:02:6a:
                    de:12:29:ed:3b:74:50:4f:32:2c:43:29:58:c4:fe:
                    87:07:33:be:89:36:05:d3:87:fa:d3:2b:d0:0c:56:
                    b9:ca:f4:20:39:e1:b6:79:7e:e9:41:21:51:eb:7d:
                    ba:67:68:f8:0e:12:9e:c6:4b:db:f3:0a:b9:98:4e:
                    04:b9:61:e3:8f:59:46:f6:24:35:8f:c8:1f:80:a7:
                    00:65:d6:54:56:f4:af:84:70:dd:07:72:92:bb:26:
                    79:1e:77:ed:da:ed:59:22:31:4a:eb:9e:05:91:13:
                    32:e1:51:3a:bc:36:b2:bd:9f:57:1f:72:be:67:1a:
                    6f:dd:8d:23:57:a9:50:49:0e:94:ad:03:25:e4:2a:
                    29:a8:0e:9c:43:be:fb:35:13:58:74:b8:40:51:3a:
                    7e:16:f4:78:0a:2b:3f:dc:f3:04:13:00:67:dc:85:
                    1a:a5:0d:4b:4b:f4:9c:8f:b8:0a:9e:8e:2d:5d:60:
                    a7:e9:6d:61:55:78:4d:9a:0d:9a:b9:3f:b8:9a:74:
                    0a:ca:2f:1f:01:14:89:0d:ee:02:c0:94:d7:25:ad:
                    2e:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                75:F0:AE:DD:75:03:43:7E:5C:7B:CC:74:13:B2:33:B6:E8:DD:5E:11
            X509v3 Authority Key Identifier:
                keyid:A4:00:D3:7E:74:56:FD:28:CC:9F:E3:3E:2A:CF:4E:9B:4E:84:BB:EF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/7a86d7b138d974a1f0c70838eb6fb2a10ae1ab5b.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/ba9d5ca8-7397-403c-bb7a-2654b0083210/5da80400819ef31beb2d71182accaf53a2f7b5b4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/ba9d5ca8-7397-403c-bb7a-2654b0083210/7a86d7b138d974a1f0c70838eb6fb2a10ae1ab5b.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.4.216.0/22
                IPv6:
                  2803:c1c0::/32

    Signature Algorithm: sha256WithRSAEncryption
         67:68:86:6a:d7:0e:bc:7c:66:8e:b4:81:97:2f:c9:1e:67:8a:
         f1:7a:54:b3:f0:5f:de:c9:06:e5:f7:a2:23:5b:db:e3:2a:56:
         ec:60:e2:a6:a4:5b:37:59:9b:71:31:cf:0f:35:11:d8:42:fe:
         36:b9:0b:d2:9e:8e:91:72:30:2d:8d:6d:d4:95:66:9a:2e:fa:
         87:33:94:a6:80:fc:31:48:6d:9f:23:b1:c0:92:fc:2a:d4:2d:
         40:f7:46:be:e0:ee:bd:12:ca:2b:03:b2:eb:fd:ac:af:04:11:
         7c:69:94:7c:ac:a2:d2:5b:8b:5d:61:0c:b7:88:6a:e9:8c:83:
         62:dc:6f:2a:7c:2b:2b:90:60:df:0d:4a:45:93:5b:50:f3:c0:
         e6:09:ed:b6:87:c6:ff:ec:72:e3:61:10:3e:1e:51:98:c5:4a:
         fd:90:87:98:83:fc:7b:eb:6e:77:9c:be:80:17:54:67:e2:b3:
         71:24:f6:fe:d1:02:0d:a3:18:80:70:cd:67:2d:1e:4c:46:f4:
         f2:ca:58:f4:d1:42:35:04:27:57:03:ea:7a:9d:64:ab:aa:1f:
         09:7f:97:f6:66:43:5c:5f:27:79:8f:94:17:e4:35:33:d6:a2:
         02:b0:46:96:34:2b:12:e0:c6:a5:ab:da:bf:0b:b7:9a:fb:b1:
         3f:6a:2c:bd
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgIDBduDMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDdh
ODZkN2IxMzhkOTc0YTFmMGM3MDgzOGViNmZiMmExMGFlMWFiNWIwHhcNMjMwNDI1
MjIyODI2WhcNMjUwNDI2MjIyODI2WjAzMTEwLwYDVQQDEyg1ZGE4MDQwMDgxOWVm
MzFiZWIyZDcxMTgyYWNjYWY1M2EyZjdiNWI0MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAvkgd05T5Qeqs8+F/r+tP9YDXmkyeiQ8DdydIT+mt7IeRVn5D
llMxI36nAmreEintO3RQTzIsQylYxP6HBzO+iTYF04f60yvQDFa5yvQgOeG2eX7p
QSFR6326Z2j4DhKexkvb8wq5mE4EuWHjj1lG9iQ1j8gfgKcAZdZUVvSvhHDdB3KS
uyZ5Hnft2u1ZIjFK654FkRMy4VE6vDayvZ9XH3K+Zxpv3Y0jV6lQSQ6UrQMl5Cop
qA6cQ777NRNYdLhAUTp+FvR4Cis/3PMEEwBn3IUapQ1LS/Scj7gKno4tXWCn6W1h
VXhNmg2auT+4mnQKyi8fARSJDe4CwJTXJa0u9wIDAQABo4ICajCCAmYwHQYDVR0O
BBYEFHXwrt11A0N+XHvMdBOyM7bo3V4RMB8GA1UdIwQYMBaAFKQA0350Vv0ozJ/j
PirPTptOhLvvMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvN2E4NmQ3
YjEzOGQ5NzRhMWYwYzcwODM4ZWI2ZmIyYTEwYWUxYWI1Yi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvYmE5ZDVjYTgtNzM5Ny00MDNjLWJiN2EtMjY1NGIw
MDgzMjEwLzVkYTgwNDAwODE5ZWYzMWJlYjJkNzExODJhY2NhZjUzYTJmN2I1YjQu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9iYTlkNWNhOC03Mzk3LTQwM2MtYmI3YS0yNjU0
YjAwODMyMTAvN2E4NmQ3YjEzOGQ5NzRhMWYwYzcwODM4ZWI2ZmIyYTEwYWUxYWI1
Yi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQf
MB0wDAQCAAEwBgMEAi0E2DANBAIAAjAHAwUAKAPBwDANBgkqhkiG9w0BAQsFAAOC
AQEAZ2iGatcOvHxmjrSBly/JHmeK8XpUs/Bf3skG5feiI1vb4ypW7GDipqRbN1mb
cTHPDzUR2EL+NrkL0p6OkXIwLY1t1JVmmi76hzOUpoD8MUhtnyOxwJL8KtQtQPdG
vuDuvRLKKwOy6/2srwQRfGmUfKyi0luLXWEMt4hq6YyDYtxvKnwrK5Bg3w1KRZNb
UPPA5gnttofG/+xy42EQPh5RmMVK/ZCHmIP8e+tud5y+gBdUZ+KzcST2/tECDaMY
gHDNZy0eTEb08spY9NFCNQQnVwPqep1kq6ofCX+X9mZDXF8neY+UF+Q1M9aiArBG
ljQrEuDGpavavwu3mvuxP2osvQ==
-----END CERTIFICATE-----
Generated at Fri Mar 1 11:47:51 2024 by rpki-client on console-ams.rpki-client.org