Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/c33a0118-0655-414e-a7dc-0e8f24b76d15/d73634c9fd78a97012e4285fe3641a575377e29b.roa
File:                     d73634c9fd78a97012e4285fe3641a575377e29b.roa (raw, json)
Hash identifier:          x1R4UGKz59N4DiL2Srvej/JnZmrhg+qRGr0oAPMT6vU=
Subject key identifier:   DB:A4:91:82:2D:0D:F9:76:EA:57:8D:E4:FB:16:5A:44:FF:B8:D8:9D
Certificate issuer:       /CN=9f38530271142a50ccefbe64df571c9b0e259487
Certificate serial:       1E8916
Authority key identifier: 99:A2:EC:1F:36:42:13:6D:C3:B8:90:70:A7:3F:78:50:C1:5F:61:8F
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/9f38530271142a50ccefbe64df571c9b0e259487.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/c33a0118-0655-414e-a7dc-0e8f24b76d15/d73634c9fd78a97012e4285fe3641a575377e29b.roa
Signing time:             Mon 20 Feb 2023 15:53:02 +0000
ROA not before:           Mon 22 Mar 2021 14:34:50 +0000
ROA not after:            Tue 24 Mar 2026 14:34:50 +0000
asID:                     269822
IP address blocks:        45.65.232.0/22 maxlen: 24
                          190.102.120.0/22 maxlen: 24
                          190.102.124.0/22 maxlen: 24
                          103.212.83.0/24 maxlen: 24
                          103.219.234.0/23 maxlen: 24
                          223.27.115.0/24 maxlen: 24
                          2803:15c0::/32 maxlen: 36

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/c33a0118-0655-414e-a7dc-0e8f24b76d15/9f38530271142a50ccefbe64df571c9b0e259487.crl
                          rsync://repository.lacnic.net/rpki/lacnic/c33a0118-0655-414e-a7dc-0e8f24b76d15/9f38530271142a50ccefbe64df571c9b0e259487.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/9f38530271142a50ccefbe64df571c9b0e259487.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 26 Feb 2024 14:04:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2001174 (0x1e8916)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9f38530271142a50ccefbe64df571c9b0e259487
        Validity
            Not Before: Mar 22 14:34:50 2021 GMT
            Not After : Mar 24 14:34:50 2026 GMT
        Subject: CN=d73634c9fd78a97012e4285fe3641a575377e29b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:c6:83:bb:96:72:ff:cf:d6:4f:02:ad:8d:65:
                    57:3e:52:68:15:6a:46:98:cf:60:39:65:02:ff:4d:
                    5a:b6:b8:75:59:3f:bd:aa:4e:2b:61:23:e6:b0:46:
                    bf:89:07:8b:ea:1d:34:37:21:fd:60:42:0d:44:64:
                    c4:52:92:66:00:b3:69:62:7e:cb:7e:66:cd:f5:6c:
                    0a:60:f9:b2:62:bd:87:89:a1:9c:bf:ad:ff:78:38:
                    68:73:a0:fe:d4:d6:aa:ff:98:3d:0d:8c:b6:e3:2a:
                    d5:1a:0d:27:c0:e3:f0:81:76:1e:d7:b1:3b:7d:59:
                    a8:99:6c:77:75:68:b5:75:cb:6f:25:d1:5d:7f:5b:
                    23:f1:41:b6:88:08:67:c1:85:df:b1:ce:46:49:35:
                    cb:e1:ba:7e:4e:cc:59:1a:84:32:32:58:bf:ea:5c:
                    1c:b1:db:09:b8:40:08:d5:3f:4f:b3:ed:07:1b:7b:
                    ef:0c:1c:58:7c:4e:bd:37:7f:24:dc:ef:68:4f:1b:
                    85:e1:e2:66:ca:c1:11:d1:93:7b:ef:0a:75:d1:fb:
                    b1:6a:9e:cd:be:b1:b3:98:11:ff:e5:2d:b1:4f:49:
                    7f:16:84:ee:70:1f:03:53:55:01:f6:2e:ef:43:2b:
                    61:33:4f:c1:35:07:0d:14:cc:4d:64:b5:42:e5:b7:
                    fb:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DB:A4:91:82:2D:0D:F9:76:EA:57:8D:E4:FB:16:5A:44:FF:B8:D8:9D
            X509v3 Authority Key Identifier:
                keyid:99:A2:EC:1F:36:42:13:6D:C3:B8:90:70:A7:3F:78:50:C1:5F:61:8F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/9f38530271142a50ccefbe64df571c9b0e259487.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/c33a0118-0655-414e-a7dc-0e8f24b76d15/d73634c9fd78a97012e4285fe3641a575377e29b.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/c33a0118-0655-414e-a7dc-0e8f24b76d15/9f38530271142a50ccefbe64df571c9b0e259487.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.65.232.0/22
                  103.212.83.0/24
                  103.219.234.0/23
                  190.102.120.0/21
                  223.27.115.0/24
                IPv6:
                  2803:15c0::/32

    Signature Algorithm: sha256WithRSAEncryption
         35:9f:7c:0c:3a:72:02:ce:6b:4f:d4:19:c1:0b:3a:01:64:7a:
         5c:c7:3b:91:da:48:6d:b8:4c:9f:aa:01:c8:e5:96:53:04:05:
         4f:cf:24:85:4d:30:4d:6c:22:c9:ea:85:04:67:dc:18:ae:0a:
         ad:30:41:73:3f:0d:50:0b:26:c8:91:9f:cf:12:c8:66:5b:97:
         79:dd:1a:4e:22:fa:a8:9d:fa:46:70:34:7a:e4:1e:72:5b:a7:
         87:07:18:2c:66:7b:73:6c:a9:b9:cb:a1:79:3c:00:92:8e:80:
         00:17:15:86:7a:10:02:a9:97:05:35:4a:2b:bf:8a:df:57:5d:
         d9:a2:e9:3d:2f:f6:75:40:e9:c7:b5:69:0c:ad:95:a9:b6:90:
         52:b6:9e:0c:eb:55:6a:a1:2b:48:c6:13:c5:0f:b8:ba:83:28:
         6c:87:7b:78:31:f1:1d:97:b4:bf:0f:57:a3:44:55:c2:6b:d8:
         f5:82:6a:28:81:76:24:f2:a7:38:b9:68:5d:58:62:1a:5b:89:
         1b:f6:5b:c6:13:89:4d:5d:56:44:f3:e0:df:e5:71:30:04:cf:
         5c:cd:3d:66:a4:94:46:5b:0e:ac:ca:b2:15:de:e3:a7:d7:14:
         18:7e:2b:e1:f6:e0:9a:f6:48:75:02:40:12:06:e5:7d:87:aa:
         15:ea:7d:ed
-----BEGIN CERTIFICATE-----
MIIFZzCCBE+gAwIBAgIDHokWMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDlm
Mzg1MzAyNzExNDJhNTBjY2VmYmU2NGRmNTcxYzliMGUyNTk0ODcwHhcNMjEwMzIy
MTQzNDUwWhcNMjYwMzI0MTQzNDUwWjAzMTEwLwYDVQQDEyhkNzM2MzRjOWZkNzhh
OTcwMTJlNDI4NWZlMzY0MWE1NzUzNzdlMjliMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAnsaDu5Zy/8/WTwKtjWVXPlJoFWpGmM9gOWUC/01atrh1WT+9
qk4rYSPmsEa/iQeL6h00NyH9YEINRGTEUpJmALNpYn7LfmbN9WwKYPmyYr2HiaGc
v63/eDhoc6D+1Naq/5g9DYy24yrVGg0nwOPwgXYe17E7fVmomWx3dWi1dctvJdFd
f1sj8UG2iAhnwYXfsc5GSTXL4bp+TsxZGoQyMli/6lwcsdsJuEAI1T9Ps+0HG3vv
DBxYfE69N38k3O9oTxuF4eJmysER0ZN77wp10fuxap7NvrGzmBH/5S2xT0l/FoTu
cB8DU1UB9i7vQythM0/BNQcNFMxNZLVC5bf7oQIDAQABo4ICgjCCAn4wHQYDVR0O
BBYEFNukkYItDfl26leN5PsWWkT/uNidMB8GA1UdIwQYMBaAFJmi7B82QhNtw7iQ
cKc/eFDBX2GPMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvOWYzODUz
MDI3MTE0MmE1MGNjZWZiZTY0ZGY1NzFjOWIwZTI1OTQ4Ny5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvYzMzYTAxMTgtMDY1NS00MTRlLWE3ZGMtMGU4ZjI0
Yjc2ZDE1L2Q3MzYzNGM5ZmQ3OGE5NzAxMmU0Mjg1ZmUzNjQxYTU3NTM3N2UyOWIu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9jMzNhMDExOC0wNjU1LTQxNGUtYTdkYy0wZThm
MjRiNzZkMTUvOWYzODUzMDI3MTE0MmE1MGNjZWZiZTY0ZGY1NzFjOWIwZTI1OTQ4
Ny5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBGBggrBgEFBQcBBwEB/wQ3
MDUwJAQCAAEwHgMEAi1B6AMEAGfUUwMEAWfb6gMEA75meAMEAN8bczANBAIAAjAH
AwUAKAMVwDANBgkqhkiG9w0BAQsFAAOCAQEANZ98DDpyAs5rT9QZwQs6AWR6XMc7
kdpIbbhMn6oByOWWUwQFT88khU0wTWwiyeqFBGfcGK4KrTBBcz8NUAsmyJGfzxLI
ZluXed0aTiL6qJ36RnA0euQeclunhwcYLGZ7c2ypucuheTwAko6AABcVhnoQAqmX
BTVKK7+K31dd2aLpPS/2dUDpx7VpDK2VqbaQUraeDOtVaqErSMYTxQ+4uoMobId7
eDHxHZe0vw9Xo0RVwmvY9YJqKIF2JPKnOLloXVhiGluJG/ZbxhOJTV1WRPPg3+Vx
MATPXM09ZqSURlsOrMqyFd7jp9cUGH4r4fbgmvZIdQJAEgblfYeqFep97Q==
-----END CERTIFICATE-----
Generated at Fri Feb 23 14:20:55 2024 by rpki-client on console-fra.rpki-client.org