Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/bb9ab262-5f72-421b-9192-10fb9e1d82d7/fe211704fe6edf041da0af27f8f146fdcbe665d0.roa
File:                     fe211704fe6edf041da0af27f8f146fdcbe665d0.roa (raw, json)
Hash identifier:          ScNzllsVTDz2e2/mk+NvB9t5MXQW/5f7r0394UBHCLk=
Subject key identifier:   21:1A:F7:52:70:FA:27:89:E4:C8:87:0E:E0:F8:8D:AC:73:CB:F7:58
Certificate issuer:       /CN=fe0b0d85a662e82a6e6c375cd9fefe2eac17df60
Certificate serial:       078447
Authority key identifier: 0D:4E:32:84:41:E0:13:36:F5:BB:98:BC:CE:42:26:97:14:2E:B8:30
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/fe0b0d85a662e82a6e6c375cd9fefe2eac17df60.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/bb9ab262-5f72-421b-9192-10fb9e1d82d7/fe211704fe6edf041da0af27f8f146fdcbe665d0.roa
Signing time:             Wed 24 Mar 2021 14:30:42 +0000
ROA not before:           Wed 24 Mar 2021 14:30:42 +0000
ROA not after:            Tue 24 Mar 2026 14:30:42 +0000
asID:                     267819
IP address blocks:        160.238.63.0/24 maxlen: 24
                          2803:c860::/32 maxlen: 32

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/bb9ab262-5f72-421b-9192-10fb9e1d82d7/fe0b0d85a662e82a6e6c375cd9fefe2eac17df60.crl
                          rsync://repository.lacnic.net/rpki/lacnic/bb9ab262-5f72-421b-9192-10fb9e1d82d7/fe0b0d85a662e82a6e6c375cd9fefe2eac17df60.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/fe0b0d85a662e82a6e6c375cd9fefe2eac17df60.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 19:38:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 492615 (0x78447)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fe0b0d85a662e82a6e6c375cd9fefe2eac17df60
        Validity
            Not Before: Mar 24 14:30:42 2021 GMT
            Not After : Mar 24 14:30:42 2026 GMT
        Subject: CN=fe211704fe6edf041da0af27f8f146fdcbe665d0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:47:f8:ab:fe:5d:ca:0d:e5:a8:88:4d:ad:6a:
                    dc:16:e9:82:88:69:aa:87:4d:fc:04:5f:d5:0f:1d:
                    26:55:37:69:7a:50:c0:57:30:10:d7:66:1e:45:f7:
                    f2:15:76:36:8a:05:b6:66:0f:2f:6b:d0:63:b6:75:
                    b9:5a:4c:db:5d:98:be:5e:6c:20:c6:7a:cd:92:26:
                    a9:86:0f:3c:2a:fb:5e:9a:07:77:ce:04:ad:2c:41:
                    5b:09:e7:13:6d:d3:25:c1:44:ba:db:ce:e5:34:fa:
                    0a:97:ac:00:7d:aa:14:e0:df:a1:77:b7:89:82:a9:
                    66:fc:6c:1c:86:89:4f:3d:63:86:02:e0:78:63:c3:
                    ac:58:8e:97:c9:7c:1a:91:75:77:1a:91:75:0c:cc:
                    48:75:d4:44:fb:cd:49:1b:3b:55:31:28:42:db:33:
                    d5:d6:a1:5b:65:34:78:81:d3:d3:cb:52:7a:45:4d:
                    0d:d7:59:88:b0:e0:2e:48:23:97:22:3d:75:0c:12:
                    7e:e3:76:8f:d7:03:89:ed:7e:76:1d:79:b0:f6:fc:
                    9a:30:18:9d:da:d5:a2:4a:78:d3:15:9f:3b:ec:a3:
                    c3:e2:27:1a:14:32:76:b3:24:57:f2:3a:a0:cb:44:
                    17:f8:20:29:00:6a:89:e4:7a:c2:1d:e9:d6:2a:45:
                    01:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                21:1A:F7:52:70:FA:27:89:E4:C8:87:0E:E0:F8:8D:AC:73:CB:F7:58
            X509v3 Authority Key Identifier:
                keyid:0D:4E:32:84:41:E0:13:36:F5:BB:98:BC:CE:42:26:97:14:2E:B8:30

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/fe0b0d85a662e82a6e6c375cd9fefe2eac17df60.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/bb9ab262-5f72-421b-9192-10fb9e1d82d7/fe211704fe6edf041da0af27f8f146fdcbe665d0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/bb9ab262-5f72-421b-9192-10fb9e1d82d7/fe0b0d85a662e82a6e6c375cd9fefe2eac17df60.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  160.238.63.0/24
                IPv6:
                  2803:c860::/32

    Signature Algorithm: sha256WithRSAEncryption
         15:0b:59:ca:f3:4b:7b:4a:16:d6:9d:b0:5d:07:82:19:36:1b:
         29:0a:9f:09:e1:d6:e2:f2:26:fc:8f:dd:c1:91:17:48:d8:14:
         bc:40:da:de:55:09:80:e6:34:cb:7f:9f:c0:eb:4c:90:d4:7d:
         c5:24:12:0e:8b:91:48:05:d9:be:3c:6c:a7:ed:a6:bb:64:ce:
         92:3f:2b:f4:ff:c0:19:d0:23:7d:bb:53:f5:d8:a9:3b:d3:f2:
         5b:1e:b2:7d:7c:eb:87:51:bb:be:02:e1:8d:98:f0:f6:3a:f6:
         9b:9f:97:03:a8:4a:64:74:32:e8:1f:92:e0:cc:1c:fe:87:5f:
         14:66:37:e9:9c:e4:59:b8:bd:86:7e:9b:53:3d:d4:b1:cd:be:
         84:72:16:c1:89:2c:d2:65:82:01:ca:2b:d5:b6:0c:86:a2:03:
         d7:85:b3:a1:e5:3d:10:9a:28:b0:0f:6b:06:0f:8d:5f:8d:94:
         66:af:6d:a7:d6:7a:f8:e6:ae:1c:e9:10:91:d5:42:76:3a:4c:
         23:45:e4:59:6d:b0:2d:85:83:3a:16:d9:c6:d6:de:ba:f2:9f:
         9c:3b:27:43:74:db:d1:c7:4a:31:e2:42:f8:4f:e9:45:d5:b9:
         38:d1:c3:95:4c:96:08:19:5e:8c:6f:52:35:eb:90:8c:8e:8e:
         20:61:dd:4a
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgIDB4RHMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGZl
MGIwZDg1YTY2MmU4MmE2ZTZjMzc1Y2Q5ZmVmZTJlYWMxN2RmNjAwHhcNMjEwMzI0
MTQzMDQyWhcNMjYwMzI0MTQzMDQyWjAzMTEwLwYDVQQDEyhmZTIxMTcwNGZlNmVk
ZjA0MWRhMGFmMjdmOGYxNDZmZGNiZTY2NWQwMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAkkf4q/5dyg3lqIhNrWrcFumCiGmqh038BF/VDx0mVTdpelDA
VzAQ12YeRffyFXY2igW2Zg8va9BjtnW5WkzbXZi+XmwgxnrNkiaphg88Kvtemgd3
zgStLEFbCecTbdMlwUS6287lNPoKl6wAfaoU4N+hd7eJgqlm/GwcholPPWOGAuB4
Y8OsWI6XyXwakXV3GpF1DMxIddRE+81JGztVMShC2zPV1qFbZTR4gdPTy1J6RU0N
11mIsOAuSCOXIj11DBJ+43aP1wOJ7X52HXmw9vyaMBid2tWiSnjTFZ877KPD4ica
FDJ2syRX8jqgy0QX+CApAGqJ5HrCHenWKkUBcQIDAQABo4ICajCCAmYwHQYDVR0O
BBYEFCEa91Jw+ieJ5MiHDuD4jaxzy/dYMB8GA1UdIwQYMBaAFA1OMoRB4BM29buY
vM5CJpcULrgwMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvZmUwYjBk
ODVhNjYyZTgyYTZlNmMzNzVjZDlmZWZlMmVhYzE3ZGY2MC5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvYmI5YWIyNjItNWY3Mi00MjFiLTkxOTItMTBmYjll
MWQ4MmQ3L2ZlMjExNzA0ZmU2ZWRmMDQxZGEwYWYyN2Y4ZjE0NmZkY2JlNjY1ZDAu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9iYjlhYjI2Mi01ZjcyLTQyMWItOTE5Mi0xMGZi
OWUxZDgyZDcvZmUwYjBkODVhNjYyZTgyYTZlNmMzNzVjZDlmZWZlMmVhYzE3ZGY2
MC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQf
MB0wDAQCAAEwBgMEAKDuPzANBAIAAjAHAwUAKAPIYDANBgkqhkiG9w0BAQsFAAOC
AQEAFQtZyvNLe0oW1p2wXQeCGTYbKQqfCeHW4vIm/I/dwZEXSNgUvEDa3lUJgOY0
y3+fwOtMkNR9xSQSDouRSAXZvjxsp+2mu2TOkj8r9P/AGdAjfbtT9dipO9PyWx6y
fXzrh1G7vgLhjZjw9jr2m5+XA6hKZHQy6B+S4Mwc/odfFGY36ZzkWbi9hn6bUz3U
sc2+hHIWwYks0mWCAcor1bYMhqID14WzoeU9EJoosA9rBg+NX42UZq9tp9Z6+Oau
HOkQkdVCdjpMI0XkWW2wLYWDOhbZxtbeuvKfnDsnQ3Tb0cdKMeJC+E/pRdW5ONHD
lUyWCBlejG9SNeuQjI6OIGHdSg==
-----END CERTIFICATE-----
Generated at Fri Mar 29 02:14:24 2024 by rpki-client on console-ams.rpki-client.org