Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/bc43ebad-e062-41e7-90b2-f4604e70a0c4/2948af3faf2d5c5054f0f99368d2a915d80fbcb5.roa
File:                     2948af3faf2d5c5054f0f99368d2a915d80fbcb5.roa (raw, json)
Hash identifier:          WbPHwuQ2tv59HQbLxfzRd3t9JHlNXP1hLENcI+cbrRA=
Subject key identifier:   EB:AD:99:53:78:AB:68:35:51:D6:4E:11:12:78:91:23:A8:8B:B8:B1
Certificate issuer:       /CN=c8a221969bbfbc74451f1eb376e1b95786137555
Certificate serial:       0CA4FF
Authority key identifier: 8C:C6:C2:EC:CC:AE:29:FB:0B:98:F8:DD:F5:FC:E5:16:21:0C:BA:B1
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/c8a221969bbfbc74451f1eb376e1b95786137555.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/bc43ebad-e062-41e7-90b2-f4604e70a0c4/2948af3faf2d5c5054f0f99368d2a915d80fbcb5.roa
Signing time:             Wed 24 Mar 2021 14:33:21 +0000
ROA not before:           Wed 24 Mar 2021 14:33:21 +0000
ROA not after:            Tue 24 Mar 2026 14:33:21 +0000
asID:                     264780
IP address blocks:        45.65.240.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/bc43ebad-e062-41e7-90b2-f4604e70a0c4/c8a221969bbfbc74451f1eb376e1b95786137555.crl
                          rsync://repository.lacnic.net/rpki/lacnic/bc43ebad-e062-41e7-90b2-f4604e70a0c4/c8a221969bbfbc74451f1eb376e1b95786137555.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/c8a221969bbfbc74451f1eb376e1b95786137555.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 03:49:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 828671 (0xca4ff)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c8a221969bbfbc74451f1eb376e1b95786137555
        Validity
            Not Before: Mar 24 14:33:21 2021 GMT
            Not After : Mar 24 14:33:21 2026 GMT
        Subject: CN=2948af3faf2d5c5054f0f99368d2a915d80fbcb5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:0c:85:16:85:70:07:43:4c:e9:9d:e3:c3:b7:
                    f4:4d:4b:4b:47:a5:10:1e:52:97:8a:3b:96:31:cf:
                    ca:26:67:12:c5:06:b7:05:fa:70:e5:6f:a1:aa:e8:
                    c8:91:d6:b9:ab:e9:7f:ea:3a:23:c3:22:cd:b9:66:
                    74:78:69:25:3a:65:62:26:d3:a6:76:06:1b:f9:c5:
                    cd:b1:52:51:53:a8:54:16:18:34:e8:88:a4:1c:78:
                    fc:86:a2:2a:c2:bf:fe:51:e5:cd:f1:5f:0d:5a:9d:
                    6f:38:84:90:a7:47:12:8c:d9:be:ef:08:c1:df:fc:
                    ca:e8:a9:de:61:3f:75:bf:cb:83:a3:4d:a0:92:4b:
                    80:7d:91:5f:f3:72:91:37:89:03:e9:91:51:ef:9e:
                    af:fd:54:2f:7f:1c:1c:a0:ad:ac:95:48:32:c6:b1:
                    51:5f:38:c6:cc:4d:11:b2:4d:4a:af:ca:55:68:97:
                    0b:53:3e:22:d0:99:51:c4:15:1a:d7:ee:e4:06:2f:
                    7a:25:40:77:3e:2e:82:89:ac:d5:0a:06:f2:e3:57:
                    56:c7:01:24:5a:f5:ab:51:2f:42:88:f8:06:1c:68:
                    a6:27:39:3b:ba:82:ff:22:04:b3:3d:f9:a4:5b:92:
                    91:14:63:e7:67:72:a0:cb:9c:65:03:58:ed:fc:0c:
                    af:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EB:AD:99:53:78:AB:68:35:51:D6:4E:11:12:78:91:23:A8:8B:B8:B1
            X509v3 Authority Key Identifier:
                keyid:8C:C6:C2:EC:CC:AE:29:FB:0B:98:F8:DD:F5:FC:E5:16:21:0C:BA:B1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/c8a221969bbfbc74451f1eb376e1b95786137555.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/bc43ebad-e062-41e7-90b2-f4604e70a0c4/2948af3faf2d5c5054f0f99368d2a915d80fbcb5.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/bc43ebad-e062-41e7-90b2-f4604e70a0c4/c8a221969bbfbc74451f1eb376e1b95786137555.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.65.240.0/22

    Signature Algorithm: sha256WithRSAEncryption
         7f:3a:06:0f:2f:b7:78:e0:f7:36:29:3d:7e:3a:7b:d4:c1:37:
         07:dc:a5:29:98:71:12:9a:6a:a8:ac:b3:01:34:e3:41:1f:99:
         cf:53:ee:f5:0e:fe:fc:83:38:c4:3f:53:e3:47:ef:2e:a7:bf:
         3a:f0:a1:0a:c2:28:b1:bc:b8:ad:c7:8a:0d:7a:dc:f3:c0:ac:
         ab:68:b8:d9:cf:d1:7e:8a:32:fc:44:a7:0f:92:d8:80:a5:c5:
         2a:38:57:8d:5a:e8:73:14:7e:fd:54:14:94:81:32:60:37:f3:
         9e:ab:1c:d6:5e:11:90:7f:92:52:bb:48:f5:e9:ea:0d:9c:00:
         91:3d:c8:7b:43:37:7c:fb:63:a7:ff:3d:ac:b5:a7:a4:5a:71:
         83:d2:09:80:b6:6a:50:37:80:8e:66:4b:09:88:ba:92:a1:84:
         42:3c:e3:d4:44:9b:41:a8:2b:f6:0f:79:24:a7:c6:45:68:0f:
         6e:9f:c4:67:55:39:0a:78:36:44:f1:b8:44:46:d7:f6:dc:33:
         33:9c:f1:81:5b:6a:1f:7f:8e:e3:93:2a:8a:f7:46:50:ef:9d:
         8f:6d:14:41:1b:c4:37:ba:af:63:5b:8b:7f:cd:84:d5:25:9f:
         f3:06:da:4a:9d:97:7c:f3:20:33:3e:00:16:b3:ee:f4:a4:e3:
         37:92:8e:76
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDDKT/MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGM4
YTIyMTk2OWJiZmJjNzQ0NTFmMWViMzc2ZTFiOTU3ODYxMzc1NTUwHhcNMjEwMzI0
MTQzMzIxWhcNMjYwMzI0MTQzMzIxWjAzMTEwLwYDVQQDEygyOTQ4YWYzZmFmMmQ1
YzUwNTRmMGY5OTM2OGQyYTkxNWQ4MGZiY2I1MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAkwyFFoVwB0NM6Z3jw7f0TUtLR6UQHlKXijuWMc/KJmcSxQa3
Bfpw5W+hqujIkda5q+l/6jojwyLNuWZ0eGklOmViJtOmdgYb+cXNsVJRU6hUFhg0
6IikHHj8hqIqwr/+UeXN8V8NWp1vOISQp0cSjNm+7wjB3/zK6KneYT91v8uDo02g
kkuAfZFf83KRN4kD6ZFR756v/VQvfxwcoK2slUgyxrFRXzjGzE0Rsk1Kr8pVaJcL
Uz4i0JlRxBUa1+7kBi96JUB3Pi6CiazVCgby41dWxwEkWvWrUS9CiPgGHGimJzk7
uoL/IgSzPfmkW5KRFGPnZ3Kgy5xlA1jt/AyvaQIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFOutmVN4q2g1UdZOERJ4kSOoi7ixMB8GA1UdIwQYMBaAFIzGwuzMrin7C5j4
3fX85RYhDLqxMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYzhhMjIx
OTY5YmJmYmM3NDQ1MWYxZWIzNzZlMWI5NTc4NjEzNzU1NS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvYmM0M2ViYWQtZTA2Mi00MWU3LTkwYjItZjQ2MDRl
NzBhMGM0LzI5NDhhZjNmYWYyZDVjNTA1NGYwZjk5MzY4ZDJhOTE1ZDgwZmJjYjUu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9iYzQzZWJhZC1lMDYyLTQxZTctOTBiMi1mNDYw
NGU3MGEwYzQvYzhhMjIxOTY5YmJmYmM3NDQ1MWYxZWIzNzZlMWI5NTc4NjEzNzU1
NS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAi1B8DANBgkqhkiG9w0BAQsFAAOCAQEAfzoGDy+3eOD3Nik9
fjp71ME3B9ylKZhxEppqqKyzATTjQR+Zz1Pu9Q7+/IM4xD9T40fvLqe/OvChCsIo
sby4rceKDXrc88Csq2i42c/Rfooy/ESnD5LYgKXFKjhXjVrocxR+/VQUlIEyYDfz
nqsc1l4RkH+SUrtI9enqDZwAkT3Ie0M3fPtjp/89rLWnpFpxg9IJgLZqUDeAjmZL
CYi6kqGEQjzj1ESbQagr9g95JKfGRWgPbp/EZ1U5Cng2RPG4REbX9twzM5zxgVtq
H3+O45MqivdGUO+dj20UQRvEN7qvY1uLf82E1SWf8wbaSp2XfPMgMz4AFrPu9KTj
N5KOdg==
-----END CERTIFICATE-----
Generated at Thu Mar 28 11:17:59 2024 by rpki-client on console-fra.rpki-client.org