Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/c1b5cd0c-cfcd-4d54-8df6-4d8f7aab486f/4e07651c96956c08605b4a31c7f0ba064a6c8cd3.roa
File:                     4e07651c96956c08605b4a31c7f0ba064a6c8cd3.roa (raw, json)
Hash identifier:          ynjjgQrHsJ1Ky6NyT3E2tYDYyVa0JuQgJnGjnBzQ44M=
Subject key identifier:   B6:31:DF:60:51:28:FB:0C:98:40:1D:17:01:B3:A5:44:6C:DE:B4:89
Certificate issuer:       /CN=4c3cd5f9f99449a9d5c415bb976bf368d87776d9
Certificate serial:       0CF9D2
Authority key identifier: 23:B6:77:C3:D9:DE:AB:E9:70:47:31:32:DA:13:9A:7E:28:FF:35:4D
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/4c3cd5f9f99449a9d5c415bb976bf368d87776d9.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/c1b5cd0c-cfcd-4d54-8df6-4d8f7aab486f/4e07651c96956c08605b4a31c7f0ba064a6c8cd3.roa
Signing time:             Wed 24 Mar 2021 14:31:52 +0000
ROA not before:           Wed 24 Mar 2021 14:31:51 +0000
ROA not after:            Tue 24 Mar 2026 14:31:51 +0000
asID:                     267679
IP address blocks:        45.162.60.0/22 maxlen: 22
                          2803:6ea0::/32 maxlen: 32

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/c1b5cd0c-cfcd-4d54-8df6-4d8f7aab486f/4c3cd5f9f99449a9d5c415bb976bf368d87776d9.crl
                          rsync://repository.lacnic.net/rpki/lacnic/c1b5cd0c-cfcd-4d54-8df6-4d8f7aab486f/4c3cd5f9f99449a9d5c415bb976bf368d87776d9.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/4c3cd5f9f99449a9d5c415bb976bf368d87776d9.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 19:38:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 850386 (0xcf9d2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4c3cd5f9f99449a9d5c415bb976bf368d87776d9
        Validity
            Not Before: Mar 24 14:31:51 2021 GMT
            Not After : Mar 24 14:31:51 2026 GMT
        Subject: CN=4e07651c96956c08605b4a31c7f0ba064a6c8cd3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e9:4d:42:92:45:de:2d:c7:b8:35:c4:d6:3a:fb:
                    b5:1a:b8:46:89:60:29:ac:ab:93:e5:85:8b:1f:9b:
                    a9:d0:6b:13:c3:36:e7:df:d8:b0:e6:e4:76:59:d0:
                    b0:3f:9a:49:60:a3:b0:e7:9d:09:ee:ed:19:96:f4:
                    34:97:f7:76:42:68:61:b0:c0:5b:64:1a:ab:3e:f6:
                    82:62:1b:dc:07:02:4e:7b:9c:a5:a4:5e:fb:7f:a1:
                    dd:82:59:ab:ff:e5:76:be:24:96:3b:93:01:ac:ee:
                    e2:38:b2:93:f2:66:e6:22:d3:86:81:48:89:d6:e1:
                    89:97:3c:17:f1:bb:d7:fc:28:5b:89:15:c4:25:2e:
                    fa:11:2e:8b:12:30:5b:a4:f1:12:66:43:39:52:6c:
                    10:23:9e:7a:8e:79:9e:00:1b:4b:89:9b:34:e2:da:
                    a6:14:41:8d:1f:f6:76:f4:82:c9:3e:61:31:21:09:
                    97:2e:fa:77:e9:c2:39:29:94:77:66:cf:04:85:e3:
                    1e:71:99:02:d4:13:2f:4f:22:0e:33:bb:8f:a2:30:
                    44:e1:e1:be:69:4f:e0:04:83:a1:f4:1c:88:de:18:
                    2d:ce:94:1b:24:a2:c0:e1:4e:0f:f4:0e:b1:73:1a:
                    00:fb:2e:a9:73:4d:c2:e6:aa:8e:ed:05:5d:c8:e7:
                    fe:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B6:31:DF:60:51:28:FB:0C:98:40:1D:17:01:B3:A5:44:6C:DE:B4:89
            X509v3 Authority Key Identifier:
                keyid:23:B6:77:C3:D9:DE:AB:E9:70:47:31:32:DA:13:9A:7E:28:FF:35:4D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/4c3cd5f9f99449a9d5c415bb976bf368d87776d9.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/c1b5cd0c-cfcd-4d54-8df6-4d8f7aab486f/4e07651c96956c08605b4a31c7f0ba064a6c8cd3.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/c1b5cd0c-cfcd-4d54-8df6-4d8f7aab486f/4c3cd5f9f99449a9d5c415bb976bf368d87776d9.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.162.60.0/22
                IPv6:
                  2803:6ea0::/32

    Signature Algorithm: sha256WithRSAEncryption
         3b:03:60:3d:16:2b:a9:30:4f:f2:90:68:2d:4f:fd:ba:98:7b:
         96:46:77:8a:53:fc:85:86:0e:88:e8:0f:4c:b1:ce:05:fd:e3:
         70:9a:51:ef:78:09:e7:e3:ec:70:7e:a2:46:58:0a:a0:83:99:
         5a:f3:44:81:53:fa:8c:19:ba:c9:e9:16:46:a2:80:8d:44:54:
         b1:46:11:21:ed:2b:3d:b9:d5:f4:fc:08:b9:dc:47:bb:54:e6:
         de:d1:b9:4d:19:ea:97:8e:97:9f:97:c7:3c:d5:8d:68:94:2a:
         a8:d2:3c:5d:bf:20:f4:62:fc:bc:89:0b:01:30:0f:0e:dd:ec:
         7b:f4:02:1d:a6:8e:e3:88:6e:5d:c1:5b:61:3d:54:de:65:30:
         d2:54:d7:1e:10:21:10:51:24:03:97:e4:14:b7:fe:ea:65:f0:
         81:1e:a3:a8:c8:4b:86:33:2c:c6:16:02:dd:b8:ff:99:29:b7:
         14:2a:8b:1b:5a:92:12:dc:1e:d8:bb:6f:0e:2f:dc:c9:b7:e8:
         46:4d:d2:cc:7b:01:91:a5:ad:bb:91:51:64:cb:be:84:10:57:
         c7:f8:e2:3f:bf:b2:e7:f2:0e:21:52:18:e2:61:0f:16:c4:d4:
         6c:84:2e:0d:60:65:d6:cd:9d:ec:5a:96:2f:94:83:36:ca:08:
         6f:ab:a7:6c
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgIDDPnSMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDRj
M2NkNWY5Zjk5NDQ5YTlkNWM0MTViYjk3NmJmMzY4ZDg3Nzc2ZDkwHhcNMjEwMzI0
MTQzMTUxWhcNMjYwMzI0MTQzMTUxWjAzMTEwLwYDVQQDEyg0ZTA3NjUxYzk2OTU2
YzA4NjA1YjRhMzFjN2YwYmEwNjRhNmM4Y2QzMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA6U1CkkXeLce4NcTWOvu1GrhGiWAprKuT5YWLH5up0GsTwzbn
39iw5uR2WdCwP5pJYKOw550J7u0ZlvQ0l/d2QmhhsMBbZBqrPvaCYhvcBwJOe5yl
pF77f6Hdglmr/+V2viSWO5MBrO7iOLKT8mbmItOGgUiJ1uGJlzwX8bvX/ChbiRXE
JS76ES6LEjBbpPESZkM5UmwQI556jnmeABtLiZs04tqmFEGNH/Z29ILJPmExIQmX
Lvp36cI5KZR3Zs8EheMecZkC1BMvTyIOM7uPojBE4eG+aU/gBIOh9ByI3hgtzpQb
JKLA4U4P9A6xcxoA+y6pc03C5qqO7QVdyOf+BwIDAQABo4ICajCCAmYwHQYDVR0O
BBYEFLYx32BRKPsMmEAdFwGzpURs3rSJMB8GA1UdIwQYMBaAFCO2d8PZ3qvpcEcx
MtoTmn4o/zVNMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvNGMzY2Q1
ZjlmOTk0NDlhOWQ1YzQxNWJiOTc2YmYzNjhkODc3NzZkOS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvYzFiNWNkMGMtY2ZjZC00ZDU0LThkZjYtNGQ4Zjdh
YWI0ODZmLzRlMDc2NTFjOTY5NTZjMDg2MDViNGEzMWM3ZjBiYTA2NGE2YzhjZDMu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9jMWI1Y2QwYy1jZmNkLTRkNTQtOGRmNi00ZDhm
N2FhYjQ4NmYvNGMzY2Q1ZjlmOTk0NDlhOWQ1YzQxNWJiOTc2YmYzNjhkODc3NzZk
OS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQf
MB0wDAQCAAEwBgMEAi2iPDANBAIAAjAHAwUAKANuoDANBgkqhkiG9w0BAQsFAAOC
AQEAOwNgPRYrqTBP8pBoLU/9uph7lkZ3ilP8hYYOiOgPTLHOBf3jcJpR73gJ5+Ps
cH6iRlgKoIOZWvNEgVP6jBm6yekWRqKAjURUsUYRIe0rPbnV9PwIudxHu1Tm3tG5
TRnql46Xn5fHPNWNaJQqqNI8Xb8g9GL8vIkLATAPDt3se/QCHaaO44huXcFbYT1U
3mUw0lTXHhAhEFEkA5fkFLf+6mXwgR6jqMhLhjMsxhYC3bj/mSm3FCqLG1qSEtwe
2LtvDi/cybfoRk3SzHsBkaWtu5FRZMu+hBBXx/jiP7+y5/IOIVIY4mEPFsTUbIQu
DWBl1s2d7FqWL5SDNsoIb6unbA==
-----END CERTIFICATE-----
Generated at Fri Mar 29 04:20:47 2024 by rpki-client on console-fra.rpki-client.org