Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/c2c73861-0b6d-4b7f-ab89-bb0028926b2b/7b88fe8dc95f9d5468b7a7a81aa0fc219c9721a4.roa
File:                     7b88fe8dc95f9d5468b7a7a81aa0fc219c9721a4.roa (raw, json)
Hash identifier:          ccFiUVZmbHaiwzwFDSxOL9IYMOe/tnAUZeHO54BThK8=
Subject key identifier:   A5:70:0C:ED:2F:35:36:24:55:E1:3E:26:0D:09:66:22:ED:95:8D:98
Certificate issuer:       /CN=e01beb7b5724962b523bab88501aada8ca7ed730
Certificate serial:       0BF57F
Authority key identifier: 5B:E6:92:8B:07:F3:45:27:57:C7:7E:9F:3E:DA:F6:BA:8E:04:F8:2B
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/e01beb7b5724962b523bab88501aada8ca7ed730.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/c2c73861-0b6d-4b7f-ab89-bb0028926b2b/7b88fe8dc95f9d5468b7a7a81aa0fc219c9721a4.roa
Signing time:             Wed 24 Mar 2021 14:38:22 +0000
ROA not before:           Wed 24 Mar 2021 14:38:21 +0000
ROA not after:            Tue 24 Mar 2026 14:38:21 +0000
asID:                     264750
IP address blocks:        192.141.128.0/22 maxlen: 22
                          2803:e820::/32 maxlen: 32

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/c2c73861-0b6d-4b7f-ab89-bb0028926b2b/e01beb7b5724962b523bab88501aada8ca7ed730.crl
                          rsync://repository.lacnic.net/rpki/lacnic/c2c73861-0b6d-4b7f-ab89-bb0028926b2b/e01beb7b5724962b523bab88501aada8ca7ed730.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/e01beb7b5724962b523bab88501aada8ca7ed730.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Fri 01 Mar 2024 15:12:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 783743 (0xbf57f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e01beb7b5724962b523bab88501aada8ca7ed730
        Validity
            Not Before: Mar 24 14:38:21 2021 GMT
            Not After : Mar 24 14:38:21 2026 GMT
        Subject: CN=7b88fe8dc95f9d5468b7a7a81aa0fc219c9721a4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:37:0d:0d:05:59:c8:7c:88:e7:d2:cb:7c:62:
                    04:19:d0:b3:3e:38:15:1c:37:73:a6:3b:88:a6:56:
                    08:d2:a6:42:1d:3a:46:09:4c:2d:10:90:42:ca:89:
                    b0:35:cf:ba:16:ef:43:e6:7d:15:17:e5:a1:79:88:
                    f1:c7:99:d2:dd:87:77:cd:76:ef:42:19:d8:12:a0:
                    ae:b4:68:21:1a:5e:9e:5e:46:96:d0:17:c8:92:e0:
                    d1:80:e4:f7:ce:86:cb:1d:b8:03:1b:07:6b:77:46:
                    48:d9:ed:95:61:32:ed:94:b7:26:07:c6:d5:99:08:
                    3d:86:93:c3:49:52:db:bc:40:ca:11:22:fb:80:38:
                    38:f3:19:9f:f6:e2:52:66:b2:25:ce:28:d7:66:8c:
                    f3:06:30:b2:86:75:02:fb:2c:51:11:a4:ec:bf:22:
                    7e:c7:e4:77:7e:0a:6a:0d:b7:22:e0:e3:2b:f8:ca:
                    9d:00:90:11:09:1d:23:7b:fd:cf:d4:93:f0:8c:e5:
                    b4:ad:39:ff:f2:0e:18:60:24:f5:e2:f2:84:84:ce:
                    1f:fa:02:1b:0f:55:fc:46:ad:9d:9b:c8:5d:c2:2d:
                    94:98:5d:e7:e3:79:1c:b1:9c:c9:d1:30:1b:98:ff:
                    98:8f:54:89:10:b9:18:a6:15:9f:1a:75:c6:40:ae:
                    bc:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A5:70:0C:ED:2F:35:36:24:55:E1:3E:26:0D:09:66:22:ED:95:8D:98
            X509v3 Authority Key Identifier:
                keyid:5B:E6:92:8B:07:F3:45:27:57:C7:7E:9F:3E:DA:F6:BA:8E:04:F8:2B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/e01beb7b5724962b523bab88501aada8ca7ed730.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/c2c73861-0b6d-4b7f-ab89-bb0028926b2b/7b88fe8dc95f9d5468b7a7a81aa0fc219c9721a4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/c2c73861-0b6d-4b7f-ab89-bb0028926b2b/e01beb7b5724962b523bab88501aada8ca7ed730.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  192.141.128.0/22
                IPv6:
                  2803:e820::/32

    Signature Algorithm: sha256WithRSAEncryption
         1b:22:1a:1a:bf:f5:f2:2c:a5:c6:53:4f:1a:2a:60:70:a4:0e:
         fb:b4:83:c0:3f:7f:71:cc:6e:09:95:b3:f6:70:84:e4:86:e9:
         3e:07:e8:b7:ec:16:d3:1e:dc:52:1e:97:d2:05:a2:ae:f5:a1:
         20:bc:65:10:c0:d4:3e:5d:c0:9a:61:51:9f:2e:fc:ed:e9:3f:
         9a:10:85:81:70:8b:c9:0e:52:65:e1:42:d6:69:5a:fd:8e:d6:
         16:ed:ec:19:1b:b1:09:37:12:f8:df:1b:09:e3:52:b0:b5:8d:
         76:88:64:79:49:32:f9:4e:aa:97:1e:d1:b8:a5:70:65:b7:d7:
         30:c8:d7:75:79:9b:11:fc:26:90:7e:46:01:4a:b4:47:6a:83:
         b3:0d:3b:6f:91:38:cd:cc:77:b4:c6:28:c0:a0:80:8c:9c:f3:
         f8:c0:53:04:99:52:3c:f2:16:84:57:2e:d2:63:21:9a:e0:75:
         a6:dd:39:05:0e:36:86:a2:3e:9c:fd:0e:e2:5d:a7:0c:07:25:
         b6:cf:d3:11:cb:78:8a:22:fe:94:d7:01:e6:80:e9:99:7b:b9:
         48:8f:d8:f5:2b:2e:24:bc:15:5b:46:37:b3:84:95:4e:1d:95:
         15:b4:de:cf:c9:80:ad:fa:c5:78:05:fd:6e:0c:1d:42:21:03:
         a3:70:86:55
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgIDC/V/MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGUw
MWJlYjdiNTcyNDk2MmI1MjNiYWI4ODUwMWFhZGE4Y2E3ZWQ3MzAwHhcNMjEwMzI0
MTQzODIxWhcNMjYwMzI0MTQzODIxWjAzMTEwLwYDVQQDEyg3Yjg4ZmU4ZGM5NWY5
ZDU0NjhiN2E3YTgxYWEwZmMyMTljOTcyMWE0MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA0TcNDQVZyHyI59LLfGIEGdCzPjgVHDdzpjuIplYI0qZCHTpG
CUwtEJBCyomwNc+6Fu9D5n0VF+WheYjxx5nS3Yd3zXbvQhnYEqCutGghGl6eXkaW
0BfIkuDRgOT3zobLHbgDGwdrd0ZI2e2VYTLtlLcmB8bVmQg9hpPDSVLbvEDKESL7
gDg48xmf9uJSZrIlzijXZozzBjCyhnUC+yxREaTsvyJ+x+R3fgpqDbci4OMr+Mqd
AJARCR0je/3P1JPwjOW0rTn/8g4YYCT14vKEhM4f+gIbD1X8Rq2dm8hdwi2UmF3n
43kcsZzJ0TAbmP+Yj1SJELkYphWfGnXGQK68PQIDAQABo4ICajCCAmYwHQYDVR0O
BBYEFKVwDO0vNTYkVeE+Jg0JZiLtlY2YMB8GA1UdIwQYMBaAFFvmkosH80UnV8d+
nz7a9rqOBPgrMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvZTAxYmVi
N2I1NzI0OTYyYjUyM2JhYjg4NTAxYWFkYThjYTdlZDczMC5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvYzJjNzM4NjEtMGI2ZC00YjdmLWFiODktYmIwMDI4
OTI2YjJiLzdiODhmZThkYzk1ZjlkNTQ2OGI3YTdhODFhYTBmYzIxOWM5NzIxYTQu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9jMmM3Mzg2MS0wYjZkLTRiN2YtYWI4OS1iYjAw
Mjg5MjZiMmIvZTAxYmViN2I1NzI0OTYyYjUyM2JhYjg4NTAxYWFkYThjYTdlZDcz
MC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQf
MB0wDAQCAAEwBgMEAsCNgDANBAIAAjAHAwUAKAPoIDANBgkqhkiG9w0BAQsFAAOC
AQEAGyIaGr/18iylxlNPGipgcKQO+7SDwD9/ccxuCZWz9nCE5IbpPgfot+wW0x7c
Uh6X0gWirvWhILxlEMDUPl3AmmFRny787ek/mhCFgXCLyQ5SZeFC1mla/Y7WFu3s
GRuxCTcS+N8bCeNSsLWNdohkeUky+U6qlx7RuKVwZbfXMMjXdXmbEfwmkH5GAUq0
R2qDsw07b5E4zcx3tMYowKCAjJzz+MBTBJlSPPIWhFcu0mMhmuB1pt05BQ42hqI+
nP0O4l2nDAclts/TEct4iiL+lNcB5oDpmXu5SI/Y9SsuJLwVW0Y3s4SVTh2VFbTe
z8mArfrFeAX9bgwdQiEDo3CGVQ==
-----END CERTIFICATE-----
Generated at Tue Feb 27 20:07:37 2024 by rpki-client on console-ams.rpki-client.org