Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/c1950632-2706-4492-aa2b-7547b1789fcd/e59e9fdf8c9be02aef17b33d5a6da75767d3a819.roa
File:                     e59e9fdf8c9be02aef17b33d5a6da75767d3a819.roa (raw, json)
Hash identifier:          mQr0ejpUn6sEzP0nfXvttj6CP+OhBkoUqMOtRiqEHR4=
Subject key identifier:   74:3D:BD:D5:B1:8D:77:09:3F:11:30:6B:61:46:4E:08:74:71:00:D6
Certificate issuer:       /CN=6e441519e30664b9a2cdf15d20d8d69bd047094c
Certificate serial:       0DBCF2
Authority key identifier: 1E:C7:DD:A2:F2:D1:31:03:71:3E:37:DE:2B:7B:9A:D4:0F:5A:20:AA
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/6e441519e30664b9a2cdf15d20d8d69bd047094c.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/c1950632-2706-4492-aa2b-7547b1789fcd/e59e9fdf8c9be02aef17b33d5a6da75767d3a819.roa
Signing time:             Wed 24 Mar 2021 14:38:25 +0000
ROA not before:           Wed 24 Mar 2021 14:38:25 +0000
ROA not after:            Tue 24 Mar 2026 14:38:25 +0000
asID:                     12066
IP address blocks:        131.221.4.0/22 maxlen: 22

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/c1950632-2706-4492-aa2b-7547b1789fcd/6e441519e30664b9a2cdf15d20d8d69bd047094c.crl
                          rsync://repository.lacnic.net/rpki/lacnic/c1950632-2706-4492-aa2b-7547b1789fcd/6e441519e30664b9a2cdf15d20d8d69bd047094c.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/6e441519e30664b9a2cdf15d20d8d69bd047094c.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 02:32:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 900338 (0xdbcf2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6e441519e30664b9a2cdf15d20d8d69bd047094c
        Validity
            Not Before: Mar 24 14:38:25 2021 GMT
            Not After : Mar 24 14:38:25 2026 GMT
        Subject: CN=e59e9fdf8c9be02aef17b33d5a6da75767d3a819
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:60:98:da:3c:ad:00:4d:5f:f1:20:1a:23:07:
                    1a:1c:a0:78:29:d7:43:ad:db:56:91:ff:96:eb:eb:
                    66:2a:9c:7d:74:30:02:e2:35:4d:d2:43:4f:4b:74:
                    40:ca:60:60:a9:6a:86:68:3b:0c:ee:c5:56:20:e3:
                    45:56:ad:dc:c3:65:e8:6d:2c:c4:52:af:63:7d:c2:
                    61:f5:49:c1:b3:98:fd:f8:b9:e7:06:c6:94:70:43:
                    1c:30:bd:fc:b1:fd:24:9f:b1:62:5d:ba:b8:ed:1e:
                    96:bd:92:95:f5:71:25:82:b9:a1:40:14:66:15:fc:
                    66:6e:af:13:b5:69:77:96:ad:de:98:63:3c:5f:18:
                    5a:49:9d:16:53:24:cc:05:32:70:14:75:25:e1:bd:
                    4b:c9:f3:d0:60:24:1f:e2:36:b6:a2:2a:ba:7f:8f:
                    e7:83:63:ac:c2:6f:58:9c:b9:13:b9:13:20:ec:61:
                    bb:57:d9:0f:b2:d3:bf:ff:78:bb:69:03:26:d1:49:
                    aa:cf:58:67:cd:ee:1e:04:e4:cc:bc:60:90:82:4d:
                    6a:6d:ed:e2:39:98:ad:9c:4a:2d:8a:9e:46:1f:c9:
                    ae:38:46:1f:9f:b6:52:5e:d2:3b:c6:73:56:61:bc:
                    92:b7:75:96:fc:32:b3:3c:32:3a:ab:78:1b:bb:8a:
                    26:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                74:3D:BD:D5:B1:8D:77:09:3F:11:30:6B:61:46:4E:08:74:71:00:D6
            X509v3 Authority Key Identifier:
                keyid:1E:C7:DD:A2:F2:D1:31:03:71:3E:37:DE:2B:7B:9A:D4:0F:5A:20:AA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/6e441519e30664b9a2cdf15d20d8d69bd047094c.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/c1950632-2706-4492-aa2b-7547b1789fcd/e59e9fdf8c9be02aef17b33d5a6da75767d3a819.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/c1950632-2706-4492-aa2b-7547b1789fcd/6e441519e30664b9a2cdf15d20d8d69bd047094c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  131.221.4.0/22

    Signature Algorithm: sha256WithRSAEncryption
         08:2e:00:25:71:65:f2:b6:0b:ac:8f:ce:3c:c8:43:cb:fa:cb:
         80:27:fb:3c:64:76:4f:ce:4b:c5:23:27:0f:d1:17:d9:21:7f:
         2d:ca:9f:55:e6:3f:b6:f1:7d:f5:9c:35:45:20:ae:81:ae:da:
         e3:de:fa:f3:81:ef:06:6b:e3:cc:cf:40:40:f0:cb:2c:c6:13:
         0c:94:6c:a9:5a:cd:0d:02:7e:6d:bb:a6:01:91:b7:8e:9f:d2:
         37:30:1a:d7:90:05:b7:69:f7:6b:00:b2:ac:3b:cd:c9:bb:7c:
         9a:8b:41:e8:e5:7c:85:61:15:8b:8a:3e:cf:bf:77:c1:7f:00:
         f4:fe:de:b3:2e:b7:c9:36:2b:51:4a:54:fe:80:64:ca:6d:83:
         6e:f5:ac:c9:3b:6d:3a:fe:c8:69:2e:31:37:c6:d8:b6:3f:8b:
         31:88:5d:78:97:08:fd:a8:35:de:79:94:15:7f:fe:e1:be:e4:
         c9:a0:de:da:bc:45:75:26:10:2c:96:b7:40:ae:5a:e2:55:05:
         20:79:1e:a1:39:2d:c0:84:73:83:c3:0f:cf:ee:c7:91:84:ed:
         d3:b1:32:19:55:7f:4e:e8:4a:f5:71:59:0b:a1:d9:9e:79:25:
         83:93:ec:d5:ae:f9:17:11:b0:9f:db:7c:39:c3:e8:98:e1:0f:
         fc:4c:58:e9
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDDbzyMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDZl
NDQxNTE5ZTMwNjY0YjlhMmNkZjE1ZDIwZDhkNjliZDA0NzA5NGMwHhcNMjEwMzI0
MTQzODI1WhcNMjYwMzI0MTQzODI1WjAzMTEwLwYDVQQDEyhlNTllOWZkZjhjOWJl
MDJhZWYxN2IzM2Q1YTZkYTc1NzY3ZDNhODE5MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA5WCY2jytAE1f8SAaIwcaHKB4KddDrdtWkf+W6+tmKpx9dDAC
4jVN0kNPS3RAymBgqWqGaDsM7sVWIONFVq3cw2XobSzEUq9jfcJh9UnBs5j9+Lnn
BsaUcEMcML38sf0kn7FiXbq47R6WvZKV9XElgrmhQBRmFfxmbq8TtWl3lq3emGM8
XxhaSZ0WUyTMBTJwFHUl4b1LyfPQYCQf4ja2oiq6f4/ng2Oswm9YnLkTuRMg7GG7
V9kPstO//3i7aQMm0Umqz1hnze4eBOTMvGCQgk1qbe3iOZitnEotip5GH8muOEYf
n7ZSXtI7xnNWYbySt3WW/DKzPDI6q3gbu4omLwIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFHQ9vdWxjXcJPxEwa2FGTgh0cQDWMB8GA1UdIwQYMBaAFB7H3aLy0TEDcT43
3it7mtQPWiCqMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvNmU0NDE1
MTllMzA2NjRiOWEyY2RmMTVkMjBkOGQ2OWJkMDQ3MDk0Yy5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvYzE5NTA2MzItMjcwNi00NDkyLWFhMmItNzU0N2Ix
Nzg5ZmNkL2U1OWU5ZmRmOGM5YmUwMmFlZjE3YjMzZDVhNmRhNzU3NjdkM2E4MTku
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9jMTk1MDYzMi0yNzA2LTQ0OTItYWEyYi03NTQ3
YjE3ODlmY2QvNmU0NDE1MTllMzA2NjRiOWEyY2RmMTVkMjBkOGQ2OWJkMDQ3MDk0
Yy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAoPdBDANBgkqhkiG9w0BAQsFAAOCAQEACC4AJXFl8rYLrI/O
PMhDy/rLgCf7PGR2T85LxSMnD9EX2SF/LcqfVeY/tvF99Zw1RSCuga7a497684Hv
BmvjzM9AQPDLLMYTDJRsqVrNDQJ+bbumAZG3jp/SNzAa15AFt2n3awCyrDvNybt8
motB6OV8hWEVi4o+z793wX8A9P7esy63yTYrUUpU/oBkym2DbvWsyTttOv7IaS4x
N8bYtj+LMYhdeJcI/ag13nmUFX/+4b7kyaDe2rxFdSYQLJa3QK5a4lUFIHkeoTkt
wIRzg8MPz+7HkYTt07EyGVV/TuhK9XFZC6HZnnklg5Ps1a75FxGwn9t8OcPomOEP
/ExY6Q==
-----END CERTIFICATE-----
Generated at Thu Mar 28 03:26:11 2024 by rpki-client on console-ams.rpki-client.org