Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/bd7e366d-725f-4ab3-9652-857e4a39f4d6/85148ab3c2eddcb91c77a8eb7c8f08aec4e5278a.roa
File:                     85148ab3c2eddcb91c77a8eb7c8f08aec4e5278a.roa (raw, json)
Hash identifier:          da/fBPSIoForrR1zofI8BiBokkuo8JfmPq7Zp4rTmyI=
Subject key identifier:   06:85:D3:8A:01:0A:02:5C:3F:FE:C4:43:02:15:B7:1A:CB:09:C2:7A
Certificate issuer:       /CN=406959ed89b2c2889660cebedf0db49b63c24ea7
Certificate serial:       0D3BDD
Authority key identifier: FB:77:B8:46:A1:91:C8:5B:6E:19:8F:D0:0A:75:B5:BA:3D:DA:45:66
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/406959ed89b2c2889660cebedf0db49b63c24ea7.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/bd7e366d-725f-4ab3-9652-857e4a39f4d6/85148ab3c2eddcb91c77a8eb7c8f08aec4e5278a.roa
Signing time:             Wed 24 Mar 2021 14:36:49 +0000
ROA not before:           Wed 24 Mar 2021 14:36:48 +0000
ROA not after:            Tue 24 Mar 2026 14:36:48 +0000
asID:                     265696
IP address blocks:        131.196.212.0/22 maxlen: 24
                          2801:15:3000::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/bd7e366d-725f-4ab3-9652-857e4a39f4d6/406959ed89b2c2889660cebedf0db49b63c24ea7.crl
                          rsync://repository.lacnic.net/rpki/lacnic/bd7e366d-725f-4ab3-9652-857e4a39f4d6/406959ed89b2c2889660cebedf0db49b63c24ea7.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/406959ed89b2c2889660cebedf0db49b63c24ea7.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 18 Mar 2023 09:50:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 867293 (0xd3bdd)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=406959ed89b2c2889660cebedf0db49b63c24ea7
        Validity
            Not Before: Mar 24 14:36:48 2021 GMT
            Not After : Mar 24 14:36:48 2026 GMT
        Subject: CN=85148ab3c2eddcb91c77a8eb7c8f08aec4e5278a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:18:e3:77:8b:3d:cb:7d:9b:40:54:84:dd:34:
                    a1:79:2e:ff:2c:25:4e:62:1a:23:1d:d1:95:dd:7e:
                    20:64:08:f4:2a:60:6c:c8:90:85:35:40:31:21:22:
                    07:12:81:2b:21:29:22:81:3d:33:fd:ae:da:8a:32:
                    25:df:f8:ff:73:9c:e4:10:4d:a8:b7:0d:a4:16:25:
                    17:2a:db:5e:e8:e4:c3:f5:a3:ce:b6:33:8e:d4:18:
                    ba:23:0f:a5:11:34:6e:92:9e:95:4a:a0:cc:ed:89:
                    50:2c:a0:f1:32:96:9e:46:8a:1d:90:f4:51:07:03:
                    09:fa:ab:ef:04:1e:21:ee:33:8a:4e:5e:b0:27:21:
                    a7:0d:87:2e:7b:ee:e0:69:c8:df:e2:c3:20:f4:0e:
                    a8:47:52:57:0d:e9:40:83:28:9f:ae:d2:66:4a:f9:
                    30:cc:1e:ed:16:61:5c:f2:bd:27:d8:ab:26:33:10:
                    82:58:32:ee:a8:64:34:ad:61:69:ae:22:32:cf:2d:
                    b5:ba:e2:03:0d:e9:2d:be:11:b2:27:f2:85:bc:c3:
                    b8:8f:34:77:5f:7e:6f:fa:c1:3c:cf:aa:8e:fb:7c:
                    3e:ef:d0:f0:97:34:84:75:61:df:ce:a0:18:65:4a:
                    89:fd:2e:1e:53:d6:48:9e:6e:a8:02:20:58:57:12:
                    3d:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                06:85:D3:8A:01:0A:02:5C:3F:FE:C4:43:02:15:B7:1A:CB:09:C2:7A
            X509v3 Authority Key Identifier: 
                keyid:FB:77:B8:46:A1:91:C8:5B:6E:19:8F:D0:0A:75:B5:BA:3D:DA:45:66

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/406959ed89b2c2889660cebedf0db49b63c24ea7.cer

            Subject Information Access: 
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/bd7e366d-725f-4ab3-9652-857e4a39f4d6/85148ab3c2eddcb91c77a8eb7c8f08aec4e5278a.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/bd7e366d-725f-4ab3-9652-857e4a39f4d6/406959ed89b2c2889660cebedf0db49b63c24ea7.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  131.196.212.0/22
                IPv6:
                  2801:15:3000::/48

    Signature Algorithm: sha256WithRSAEncryption
         c3:80:a9:af:e3:b0:85:d7:c4:90:7d:4c:f1:d7:c0:6b:70:d2:
         e8:fa:b0:6e:a6:9f:f6:04:dc:32:45:f3:4a:40:0a:af:9b:3e:
         ce:50:d4:4b:0b:1f:7e:ea:cd:6a:6f:2e:62:25:59:77:1b:62:
         59:93:ce:63:0f:a9:0d:07:7d:5d:08:90:2a:da:3b:af:ce:e8:
         5f:63:91:4b:60:d7:78:4b:55:10:14:0d:75:bd:34:ca:3e:5a:
         12:85:81:ab:d1:80:8f:3b:49:60:1c:1d:7f:3e:ab:03:f6:8c:
         7d:33:bc:46:b6:76:6d:ef:f9:34:d5:d5:1f:ac:e9:93:fb:80:
         9d:37:12:b2:e2:38:9f:fe:a1:fe:fc:57:83:3c:47:b4:bb:de:
         b2:ef:84:30:65:64:87:e3:0a:01:d5:4f:51:5e:19:98:86:65:
         49:9c:b1:5e:06:06:0c:20:5b:d2:63:56:ab:8b:cc:eb:09:56:
         04:c6:a8:e9:fa:77:92:07:ce:a1:ef:e7:28:83:80:82:db:2a:
         ac:e1:6d:b9:be:44:2d:3a:76:28:cb:b7:a4:ab:89:11:49:83:
         64:fc:a5:b4:02:48:6e:cd:63:7f:0d:4e:58:b2:7b:b0:41:87:
         7e:d8:3d:95:da:f3:79:bd:32:75:ed:a2:a0:65:37:50:4e:64:
         7c:55:a6:4f
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgIDDTvdMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDQw
Njk1OWVkODliMmMyODg5NjYwY2ViZWRmMGRiNDliNjNjMjRlYTcwHhcNMjEwMzI0
MTQzNjQ4WhcNMjYwMzI0MTQzNjQ4WjAzMTEwLwYDVQQDEyg4NTE0OGFiM2MyZWRk
Y2I5MWM3N2E4ZWI3YzhmMDhhZWM0ZTUyNzhhMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAsRjjd4s9y32bQFSE3TSheS7/LCVOYhojHdGV3X4gZAj0KmBs
yJCFNUAxISIHEoErISkigT0z/a7aijIl3/j/c5zkEE2otw2kFiUXKtte6OTD9aPO
tjOO1Bi6Iw+lETRukp6VSqDM7YlQLKDxMpaeRoodkPRRBwMJ+qvvBB4h7jOKTl6w
JyGnDYcue+7gacjf4sMg9A6oR1JXDelAgyifrtJmSvkwzB7tFmFc8r0n2KsmMxCC
WDLuqGQ0rWFpriIyzy21uuIDDektvhGyJ/KFvMO4jzR3X35v+sE8z6qO+3w+79Dw
lzSEdWHfzqAYZUqJ/S4eU9ZInm6oAiBYVxI9PQIDAQABo4ICbDCCAmgwHQYDVR0O
BBYEFAaF04oBCgJcP/7EQwIVtxrLCcJ6MB8GA1UdIwQYMBaAFPt3uEahkchbbhmP
0Ap1tbo92kVmMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvNDA2OTU5
ZWQ4OWIyYzI4ODk2NjBjZWJlZGYwZGI0OWI2M2MyNGVhNy5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvYmQ3ZTM2NmQtNzI1Zi00YWIzLTk2NTItODU3ZTRh
MzlmNGQ2Lzg1MTQ4YWIzYzJlZGRjYjkxYzc3YThlYjdjOGYwOGFlYzRlNTI3OGEu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9iZDdlMzY2ZC03MjVmLTRhYjMtOTY1Mi04NTdl
NGEzOWY0ZDYvNDA2OTU5ZWQ4OWIyYzI4ODk2NjBjZWJlZGYwZGI0OWI2M2MyNGVh
Ny5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAwBggrBgEFBQcBBwEB/wQh
MB8wDAQCAAEwBgMEAoPE1DAPBAIAAjAJAwcAKAEAFTAAMA0GCSqGSIb3DQEBCwUA
A4IBAQDDgKmv47CF18SQfUzx18BrcNLo+rBupp/2BNwyRfNKQAqvmz7OUNRLCx9+
6s1qby5iJVl3G2JZk85jD6kNB31dCJAq2juvzuhfY5FLYNd4S1UQFA11vTTKPloS
hYGr0YCPO0lgHB1/PqsD9ox9M7xGtnZt7/k01dUfrOmT+4CdNxKy4jif/qH+/FeD
PEe0u96y74QwZWSH4woB1U9RXhmYhmVJnLFeBgYMIFvSY1ari8zrCVYExqjp+neS
B86h7+cog4CC2yqs4W25vkQtOnYoy7ekq4kRSYNk/KW0AkhuzWN/DU5YsnuwQYd+
2D2V2vN5vTJ17aKgZTdQTmR8VaZP
-----END CERTIFICATE-----
Generated at Wed Mar 15 11:46:53 2023 by rpki-client on console-fra.rpki-client.org