Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/c1a9648b-2c3c-44b8-a2bb-efc86be085a4/d271379b1d7c5c544be924dfcc6f5cdee87cfbfa.roa
File:                     d271379b1d7c5c544be924dfcc6f5cdee87cfbfa.roa (raw, json)
Hash identifier:          z6NVj8o1TWDW/etSLkN2igzSWnBCBPARwMdxoKhYawo=
Subject key identifier:   36:F1:44:55:7C:CE:F7:5A:FB:08:98:AE:3E:4C:8E:B2:99:9D:C7:0A
Certificate issuer:       /CN=85a74cdb6dca351741001ea3a0848fa05a709c38
Certificate serial:       0DB8C3
Authority key identifier: 9E:59:D7:6B:1F:EB:67:CB:74:B9:C1:36:07:9F:3A:13:4C:39:8D:19
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/85a74cdb6dca351741001ea3a0848fa05a709c38.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/c1a9648b-2c3c-44b8-a2bb-efc86be085a4/d271379b1d7c5c544be924dfcc6f5cdee87cfbfa.roa
Signing time:             Wed 24 Mar 2021 14:29:42 +0000
ROA not before:           Wed 24 Mar 2021 14:29:42 +0000
ROA not after:            Tue 24 Mar 2026 14:29:42 +0000
asID:                     263827
IP address blocks:        138.186.252.0/22 maxlen: 24
                          2803:7a40::/32 maxlen: 48

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/c1a9648b-2c3c-44b8-a2bb-efc86be085a4/85a74cdb6dca351741001ea3a0848fa05a709c38.crl
                          rsync://repository.lacnic.net/rpki/lacnic/c1a9648b-2c3c-44b8-a2bb-efc86be085a4/85a74cdb6dca351741001ea3a0848fa05a709c38.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/85a74cdb6dca351741001ea3a0848fa05a709c38.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 01 Apr 2024 05:58:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 899267 (0xdb8c3)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=85a74cdb6dca351741001ea3a0848fa05a709c38
        Validity
            Not Before: Mar 24 14:29:42 2021 GMT
            Not After : Mar 24 14:29:42 2026 GMT
        Subject: CN=d271379b1d7c5c544be924dfcc6f5cdee87cfbfa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:ec:2d:9d:3b:b4:c2:6d:d1:01:b8:f9:f4:eb:
                    12:94:7b:c9:cc:0b:f6:41:97:3c:a4:fc:dd:7e:a8:
                    6d:0f:4b:d9:9f:08:22:84:66:bd:06:b1:54:59:01:
                    56:4c:c1:75:85:64:13:36:72:b1:fe:be:5f:e5:ae:
                    a5:94:08:7d:1e:0c:0f:4c:a8:5a:6a:22:f8:0f:21:
                    64:eb:1b:6d:f0:3a:05:06:33:c6:fa:dc:d9:34:d8:
                    1e:9a:9a:29:40:9f:74:17:9e:ba:3a:9c:f6:6a:81:
                    3e:0a:7e:7c:23:45:7b:da:14:de:27:da:99:d3:7c:
                    c1:e2:89:d5:6e:b4:46:71:55:1d:01:e7:e4:56:f6:
                    5b:be:7d:4d:84:d7:44:94:22:92:33:41:46:3e:2b:
                    dd:4a:37:94:2a:0d:d4:d0:e0:9d:cf:90:58:6a:07:
                    40:6b:5d:d7:b0:5d:37:f4:14:c2:34:e4:5b:a1:91:
                    9c:7e:03:49:ba:25:8f:89:60:a8:74:d1:86:bf:d8:
                    62:b0:b6:62:f8:f5:89:1e:ce:4f:46:93:34:2d:f7:
                    6d:96:b6:37:45:f5:2d:31:1b:8e:b7:20:b1:d0:77:
                    78:94:d0:53:5f:eb:42:d4:40:4c:f4:19:c9:b4:67:
                    d1:98:1d:cd:2c:3b:e6:00:06:b2:cf:ae:4e:40:00:
                    9e:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                36:F1:44:55:7C:CE:F7:5A:FB:08:98:AE:3E:4C:8E:B2:99:9D:C7:0A
            X509v3 Authority Key Identifier:
                keyid:9E:59:D7:6B:1F:EB:67:CB:74:B9:C1:36:07:9F:3A:13:4C:39:8D:19

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/85a74cdb6dca351741001ea3a0848fa05a709c38.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/c1a9648b-2c3c-44b8-a2bb-efc86be085a4/d271379b1d7c5c544be924dfcc6f5cdee87cfbfa.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/c1a9648b-2c3c-44b8-a2bb-efc86be085a4/85a74cdb6dca351741001ea3a0848fa05a709c38.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  138.186.252.0/22
                IPv6:
                  2803:7a40::/32

    Signature Algorithm: sha256WithRSAEncryption
         34:d7:2e:11:be:9f:37:bf:8a:be:18:43:2f:5d:4d:92:4e:06:
         68:ea:16:35:94:16:a9:2e:65:47:1c:b0:6e:b8:50:05:61:47:
         a6:a6:e7:f9:12:2a:78:9c:b9:ed:f5:37:3b:34:a5:2c:8d:63:
         00:9b:2e:51:da:ac:8a:55:ec:8d:59:10:4d:6a:8a:d3:5e:09:
         27:93:85:ac:d4:59:36:b5:ed:6c:19:8e:41:16:1d:84:6e:05:
         a5:c1:62:6e:e6:3f:cb:dc:95:ff:90:63:5c:9d:e4:89:59:57:
         c9:19:f9:05:d2:3c:0a:1d:59:66:8f:6b:8d:45:5b:d8:00:ef:
         07:85:ab:88:c7:79:2c:8c:9d:57:27:db:b9:8d:c8:b0:8e:cd:
         76:b2:8c:9a:8f:a5:a4:9a:72:5b:8f:44:cd:af:10:9e:06:44:
         81:27:c4:15:ec:61:69:b8:bf:3a:50:59:02:25:08:45:f9:b6:
         80:c5:fc:17:e4:07:c9:e7:ae:92:2d:62:a5:84:b2:68:26:22:
         ce:76:7b:f5:b2:68:37:74:0c:b9:45:43:4c:3c:5b:cc:eb:2a:
         15:2e:19:5c:59:44:f9:55:fd:30:a3:a7:fd:18:30:23:ea:92:
         38:25:b7:78:fd:27:5f:bf:7e:aa:e8:cf:b3:ab:b4:51:c6:d2:
         81:13:38:96
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgIDDbjDMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDg1
YTc0Y2RiNmRjYTM1MTc0MTAwMWVhM2EwODQ4ZmEwNWE3MDljMzgwHhcNMjEwMzI0
MTQyOTQyWhcNMjYwMzI0MTQyOTQyWjAzMTEwLwYDVQQDEyhkMjcxMzc5YjFkN2M1
YzU0NGJlOTI0ZGZjYzZmNWNkZWU4N2NmYmZhMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAsuwtnTu0wm3RAbj59OsSlHvJzAv2QZc8pPzdfqhtD0vZnwgi
hGa9BrFUWQFWTMF1hWQTNnKx/r5f5a6llAh9HgwPTKhaaiL4DyFk6xtt8DoFBjPG
+tzZNNgempopQJ90F566Opz2aoE+Cn58I0V72hTeJ9qZ03zB4onVbrRGcVUdAefk
VvZbvn1NhNdElCKSM0FGPivdSjeUKg3U0OCdz5BYagdAa13XsF039BTCNORboZGc
fgNJuiWPiWCodNGGv9hisLZi+PWJHs5PRpM0LfdtlrY3RfUtMRuOtyCx0Hd4lNBT
X+tC1EBM9BnJtGfRmB3NLDvmAAayz65OQACe7wIDAQABo4ICajCCAmYwHQYDVR0O
BBYEFDbxRFV8zvda+wiYrj5MjrKZnccKMB8GA1UdIwQYMBaAFJ5Z12sf62fLdLnB
NgefOhNMOY0ZMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvODVhNzRj
ZGI2ZGNhMzUxNzQxMDAxZWEzYTA4NDhmYTA1YTcwOWMzOC5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvYzFhOTY0OGItMmMzYy00NGI4LWEyYmItZWZjODZi
ZTA4NWE0L2QyNzEzNzliMWQ3YzVjNTQ0YmU5MjRkZmNjNmY1Y2RlZTg3Y2ZiZmEu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9jMWE5NjQ4Yi0yYzNjLTQ0YjgtYTJiYi1lZmM4
NmJlMDg1YTQvODVhNzRjZGI2ZGNhMzUxNzQxMDAxZWEzYTA4NDhmYTA1YTcwOWMz
OC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQf
MB0wDAQCAAEwBgMEAoq6/DANBAIAAjAHAwUAKAN6QDANBgkqhkiG9w0BAQsFAAOC
AQEANNcuEb6fN7+KvhhDL11Nkk4GaOoWNZQWqS5lRxywbrhQBWFHpqbn+RIqeJy5
7fU3OzSlLI1jAJsuUdqsilXsjVkQTWqK014JJ5OFrNRZNrXtbBmOQRYdhG4FpcFi
buY/y9yV/5BjXJ3kiVlXyRn5BdI8Ch1ZZo9rjUVb2ADvB4WriMd5LIydVyfbuY3I
sI7NdrKMmo+lpJpyW49Eza8QngZEgSfEFexhabi/OlBZAiUIRfm2gMX8F+QHyeeu
ki1ipYSyaCYiznZ79bJoN3QMuUVDTDxbzOsqFS4ZXFlE+VX9MKOn/RgwI+qSOCW3
eP0nX79+qujPs6u0UcbSgRM4lg==
-----END CERTIFICATE-----
Generated at Fri Mar 29 08:55:31 2024 by rpki-client on console-fra.rpki-client.org