Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/bc50b573-f1df-45fa-b3bc-f128347a745f/42accba87318cdb17cad9672918dc30b498f10c0.roa
File:                     42accba87318cdb17cad9672918dc30b498f10c0.roa (raw, json)
Hash identifier:          GJCcGpy4k1FZuBJWl4CVZOyHidLuVeU1rHoAyoAZosI=
Subject key identifier:   E2:1B:C1:7A:E3:D1:F8:27:C1:56:9D:A9:2C:DB:BC:EA:73:BA:61:87
Certificate issuer:       /CN=cc0e9110504275d10aa9400f136b4385d1733b3b
Certificate serial:       175333
Authority key identifier: FC:B1:D9:DC:8B:88:79:2D:24:C1:61:29:E3:E1:0E:09:9F:17:A1:D4
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/cc0e9110504275d10aa9400f136b4385d1733b3b.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/bc50b573-f1df-45fa-b3bc-f128347a745f/42accba87318cdb17cad9672918dc30b498f10c0.roa
Signing time:             Wed 08 Jun 2022 14:49:04 +0000
ROA not before:           Wed 24 Mar 2021 03:00:00 +0000
ROA not after:            Tue 24 Mar 2026 03:00:00 +0000
asID:                     28100
IP address blocks:        138.59.244.0/22 maxlen: 24
                          2803:6040::/32 maxlen: 64

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/bc50b573-f1df-45fa-b3bc-f128347a745f/cc0e9110504275d10aa9400f136b4385d1733b3b.crl
                          rsync://repository.lacnic.net/rpki/lacnic/bc50b573-f1df-45fa-b3bc-f128347a745f/cc0e9110504275d10aa9400f136b4385d1733b3b.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/cc0e9110504275d10aa9400f136b4385d1733b3b.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 12:22:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1528627 (0x175333)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cc0e9110504275d10aa9400f136b4385d1733b3b
        Validity
            Not Before: Mar 24 03:00:00 2021 GMT
            Not After : Mar 24 03:00:00 2026 GMT
        Subject: CN=42accba87318cdb17cad9672918dc30b498f10c0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:b0:3b:d3:82:0b:35:f3:16:19:dc:7d:e4:a2:
                    b5:84:55:41:4b:3a:0f:a0:7a:20:5e:de:9b:66:7b:
                    bf:0e:fc:07:73:73:c0:36:6e:e6:69:88:71:d6:3d:
                    49:d9:aa:a6:32:1c:09:d2:98:ae:9d:f7:cf:88:c4:
                    a9:3c:3d:c4:cc:0c:75:fa:5b:a6:00:0b:a5:0a:0b:
                    de:c5:00:8e:71:8b:9c:27:65:ec:7f:41:fa:db:60:
                    1c:5c:f5:55:17:a0:84:f5:df:53:73:3f:15:b1:69:
                    a7:a4:ba:99:6d:5f:10:d6:52:a9:2d:d4:99:f8:c0:
                    a4:d9:f9:e5:d6:b2:3f:14:72:2f:ba:6b:d6:6f:cd:
                    2f:e3:6c:07:25:99:58:00:f7:31:df:7d:34:30:c4:
                    ae:cc:74:88:91:b1:b8:7e:6e:e9:c6:22:9b:ac:ee:
                    8a:f1:0c:36:d5:65:56:58:00:a5:10:d6:53:93:ae:
                    81:03:c5:6e:7d:ba:18:17:05:cd:76:37:00:10:d2:
                    80:87:be:a7:71:9a:8a:42:2e:d6:d4:a5:87:03:75:
                    d3:d3:a6:ef:f9:c0:c9:ad:d4:cc:3f:4a:cb:fa:33:
                    b4:fe:c1:57:46:4f:58:29:67:56:c0:7d:b8:db:fd:
                    d3:0a:6d:e1:1f:6d:ca:0f:bc:6a:ab:bd:86:25:e8:
                    30:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E2:1B:C1:7A:E3:D1:F8:27:C1:56:9D:A9:2C:DB:BC:EA:73:BA:61:87
            X509v3 Authority Key Identifier:
                keyid:FC:B1:D9:DC:8B:88:79:2D:24:C1:61:29:E3:E1:0E:09:9F:17:A1:D4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/cc0e9110504275d10aa9400f136b4385d1733b3b.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/bc50b573-f1df-45fa-b3bc-f128347a745f/42accba87318cdb17cad9672918dc30b498f10c0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/bc50b573-f1df-45fa-b3bc-f128347a745f/cc0e9110504275d10aa9400f136b4385d1733b3b.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  138.59.244.0/22
                IPv6:
                  2803:6040::/32

    Signature Algorithm: sha256WithRSAEncryption
         6b:41:02:af:33:99:7c:53:c5:d1:3d:1a:60:51:a5:56:2f:35:
         6f:06:a8:35:18:cd:ad:eb:f8:21:55:bb:d6:79:25:21:15:27:
         bf:33:65:ea:ea:bf:00:17:12:8e:23:23:30:08:e1:d1:b5:a8:
         44:1a:13:f0:92:39:06:e7:f4:71:08:d7:a6:42:9e:d8:68:3b:
         0b:5b:7f:6b:ca:45:28:7e:f2:42:93:65:d5:7e:dd:3c:37:81:
         e7:72:6f:bd:4c:14:cf:57:58:27:d3:0e:94:dc:ac:3e:31:5b:
         80:1a:ae:9e:2d:26:9d:14:50:45:ae:b5:e0:b2:84:72:ad:3a:
         47:2a:73:82:73:fd:2d:e5:db:ac:21:92:dc:a1:11:0b:ab:d9:
         00:2f:61:6d:8c:ae:a0:19:64:cb:23:20:f8:b3:82:2b:87:8f:
         81:13:1d:6e:bd:79:5a:0e:9b:40:82:e9:e5:11:c6:d3:4a:b7:
         36:02:2d:40:56:82:35:0c:64:b2:2f:6a:f8:d2:5d:d4:ca:10:
         95:d1:cc:8d:e4:e5:33:94:7a:37:8b:c2:36:70:b2:88:52:34:
         22:56:54:cb:99:9b:c4:b6:7d:8c:a4:b8:12:fd:6d:c8:b2:83:
         26:aa:d2:ee:21:30:0f:43:ce:07:0c:35:68:3c:3e:1c:9f:9b:
         aa:88:88:5b
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgIDF1MzMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGNj
MGU5MTEwNTA0Mjc1ZDEwYWE5NDAwZjEzNmI0Mzg1ZDE3MzNiM2IwHhcNMjEwMzI0
MDMwMDAwWhcNMjYwMzI0MDMwMDAwWjAzMTEwLwYDVQQDEyg0MmFjY2JhODczMThj
ZGIxN2NhZDk2NzI5MThkYzMwYjQ5OGYxMGMwMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAj7A704ILNfMWGdx95KK1hFVBSzoPoHogXt6bZnu/DvwHc3PA
Nm7maYhx1j1J2aqmMhwJ0piunffPiMSpPD3EzAx1+lumAAulCgvexQCOcYucJ2Xs
f0H622AcXPVVF6CE9d9Tcz8VsWmnpLqZbV8Q1lKpLdSZ+MCk2fnl1rI/FHIvumvW
b80v42wHJZlYAPcx3300MMSuzHSIkbG4fm7pxiKbrO6K8Qw21WVWWAClENZTk66B
A8VufboYFwXNdjcAENKAh76ncZqKQi7W1KWHA3XT06bv+cDJrdTMP0rL+jO0/sFX
Rk9YKWdWwH242/3TCm3hH23KD7xqq72GJegweQIDAQABo4ICajCCAmYwHQYDVR0O
BBYEFOIbwXrj0fgnwVadqSzbvOpzumGHMB8GA1UdIwQYMBaAFPyx2dyLiHktJMFh
KePhDgmfF6HUMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvY2MwZTkx
MTA1MDQyNzVkMTBhYTk0MDBmMTM2YjQzODVkMTczM2IzYi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvYmM1MGI1NzMtZjFkZi00NWZhLWIzYmMtZjEyODM0
N2E3NDVmLzQyYWNjYmE4NzMxOGNkYjE3Y2FkOTY3MjkxOGRjMzBiNDk4ZjEwYzAu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9iYzUwYjU3My1mMWRmLTQ1ZmEtYjNiYy1mMTI4
MzQ3YTc0NWYvY2MwZTkxMTA1MDQyNzVkMTBhYTk0MDBmMTM2YjQzODVkMTczM2Iz
Yi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQf
MB0wDAQCAAEwBgMEAoo79DANBAIAAjAHAwUAKANgQDANBgkqhkiG9w0BAQsFAAOC
AQEAa0ECrzOZfFPF0T0aYFGlVi81bwaoNRjNrev4IVW71nklIRUnvzNl6uq/ABcS
jiMjMAjh0bWoRBoT8JI5Buf0cQjXpkKe2Gg7C1t/a8pFKH7yQpNl1X7dPDeB53Jv
vUwUz1dYJ9MOlNysPjFbgBquni0mnRRQRa614LKEcq06RypzgnP9LeXbrCGS3KER
C6vZAC9hbYyuoBlkyyMg+LOCK4ePgRMdbr15Wg6bQILp5RHG00q3NgItQFaCNQxk
si9q+NJd1MoQldHMjeTlM5R6N4vCNnCyiFI0IlZUy5mbxLZ9jKS4Ev1tyLKDJqrS
7iEwD0POBww1aDw+HJ+bqoiIWw==
-----END CERTIFICATE-----
Generated at Thu Mar 28 16:43:55 2024 by rpki-client on console-fra.rpki-client.org