Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/c72615e5-555b-4a7c-93ab-ce8a963a7c75/95147fdc0c7ea44b2fbcf1046a1633777d168df7.roa
File:                     95147fdc0c7ea44b2fbcf1046a1633777d168df7.roa (raw, json)
Hash identifier:          dIACH63E+aIQ7aY7K9cPg0vgMfJ/Mm6L+OP39VC0iBo=
Subject key identifier:   7B:67:C8:00:B5:D3:94:05:4E:7D:CA:39:4E:A2:E4:C9:7A:0E:9B:07
Certificate issuer:       /CN=4a1b531b01cd5446453179b34a5c11c87131d8df
Certificate serial:       0D8C04
Authority key identifier: E1:99:4A:3F:A4:BE:CF:9A:77:5C:77:77:63:FF:E7:6B:FA:2C:A4:BA
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/4a1b531b01cd5446453179b34a5c11c87131d8df.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/c72615e5-555b-4a7c-93ab-ce8a963a7c75/95147fdc0c7ea44b2fbcf1046a1633777d168df7.roa
Signing time:             Wed 24 Mar 2021 14:41:28 +0000
ROA not before:           Wed 24 Mar 2021 14:41:28 +0000
ROA not after:            Tue 24 Mar 2026 14:41:28 +0000
asID:                     264668
IP address blocks:        45.71.112.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/c72615e5-555b-4a7c-93ab-ce8a963a7c75/4a1b531b01cd5446453179b34a5c11c87131d8df.crl
                          rsync://repository.lacnic.net/rpki/lacnic/c72615e5-555b-4a7c-93ab-ce8a963a7c75/4a1b531b01cd5446453179b34a5c11c87131d8df.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/4a1b531b01cd5446453179b34a5c11c87131d8df.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 12:22:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 887812 (0xd8c04)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4a1b531b01cd5446453179b34a5c11c87131d8df
        Validity
            Not Before: Mar 24 14:41:28 2021 GMT
            Not After : Mar 24 14:41:28 2026 GMT
        Subject: CN=95147fdc0c7ea44b2fbcf1046a1633777d168df7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:82:5a:92:ab:b0:a8:34:82:34:cc:fa:65:6c:e6:
                    d2:a8:a7:b1:a9:1c:9c:2f:17:06:b8:0e:c8:1b:0a:
                    b9:5f:a2:50:aa:31:de:20:21:f4:02:51:07:87:c2:
                    23:f2:6e:eb:6a:6a:c3:be:85:40:91:37:e9:6a:16:
                    06:90:79:2c:d6:b2:19:b3:f8:ca:75:79:12:28:b0:
                    cd:18:bb:50:50:ee:40:81:02:f2:b7:90:46:81:20:
                    08:5d:3f:77:a8:83:cc:7d:c0:13:78:02:d9:ed:cd:
                    f6:10:a9:a3:06:ea:a7:bb:69:2f:77:c7:6d:b5:9b:
                    64:4f:ce:dc:2e:6e:d4:97:23:da:49:69:fb:89:e6:
                    55:ac:05:81:8a:a1:52:90:05:eb:91:52:ad:2b:35:
                    8b:50:ce:c9:ba:8a:e0:ef:96:5e:c0:58:08:ff:e8:
                    ef:85:c3:cc:28:38:9d:e0:80:a6:54:e3:bf:ca:5d:
                    eb:6c:36:f1:a2:29:ab:a8:cb:1b:74:5f:cf:86:79:
                    25:9d:53:79:6b:00:b0:32:9b:03:b5:95:06:ec:73:
                    55:26:9b:a8:91:33:bd:c4:95:96:f9:4f:7d:45:94:
                    f4:3a:3b:a4:af:37:99:89:28:8f:63:8c:48:4c:5c:
                    85:92:7c:93:2e:21:34:0a:3c:2b:82:90:fb:5b:c1:
                    6f:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7B:67:C8:00:B5:D3:94:05:4E:7D:CA:39:4E:A2:E4:C9:7A:0E:9B:07
            X509v3 Authority Key Identifier:
                keyid:E1:99:4A:3F:A4:BE:CF:9A:77:5C:77:77:63:FF:E7:6B:FA:2C:A4:BA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/4a1b531b01cd5446453179b34a5c11c87131d8df.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/c72615e5-555b-4a7c-93ab-ce8a963a7c75/95147fdc0c7ea44b2fbcf1046a1633777d168df7.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/c72615e5-555b-4a7c-93ab-ce8a963a7c75/4a1b531b01cd5446453179b34a5c11c87131d8df.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.71.112.0/22

    Signature Algorithm: sha256WithRSAEncryption
         79:69:1e:f6:b2:79:3f:d8:c8:94:8c:cd:30:6e:02:e9:1b:07:
         a5:40:de:9d:1d:ae:2e:4a:fd:ce:8a:50:d0:37:5c:b3:19:8c:
         14:5f:c0:b6:29:7d:5a:d0:09:b0:25:3f:b0:67:f7:7d:41:d0:
         6f:c9:31:32:92:7d:b3:f2:cf:11:bd:bc:5f:6a:57:4a:ec:eb:
         be:36:d9:f9:69:af:d7:5e:ce:83:cc:46:5b:df:d6:76:97:d8:
         48:d7:06:3e:8f:09:37:8a:5c:d7:de:53:0a:21:8c:59:d4:f6:
         60:fb:60:50:bd:66:70:0c:3a:ae:45:c5:fc:ed:2d:fe:eb:2f:
         41:36:0d:cc:f2:44:5c:fb:6a:55:d8:5e:58:e6:75:3a:5b:11:
         70:f5:cb:81:74:96:f6:cc:fe:ef:19:15:c9:4a:8a:2e:db:2d:
         41:5a:90:46:04:5e:57:59:2a:03:c2:88:56:1b:99:a2:aa:b8:
         af:58:00:87:57:29:25:20:8d:50:6d:56:6e:f7:e7:4b:01:fb:
         be:91:46:d3:49:ee:a7:48:18:a5:45:dc:92:bc:36:c2:39:82:
         d8:86:50:29:15:32:99:f6:46:46:5a:d6:f0:7a:7c:20:86:22:
         8f:7f:e6:f1:48:4f:39:b6:42:8d:a0:a8:3c:29:63:2b:b4:8e:
         ed:53:79:f6
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDDYwEMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDRh
MWI1MzFiMDFjZDU0NDY0NTMxNzliMzRhNWMxMWM4NzEzMWQ4ZGYwHhcNMjEwMzI0
MTQ0MTI4WhcNMjYwMzI0MTQ0MTI4WjAzMTEwLwYDVQQDEyg5NTE0N2ZkYzBjN2Vh
NDRiMmZiY2YxMDQ2YTE2MzM3NzdkMTY4ZGY3MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAglqSq7CoNII0zPplbObSqKexqRycLxcGuA7IGwq5X6JQqjHe
ICH0AlEHh8Ij8m7ramrDvoVAkTfpahYGkHks1rIZs/jKdXkSKLDNGLtQUO5AgQLy
t5BGgSAIXT93qIPMfcATeALZ7c32EKmjBuqnu2kvd8dttZtkT87cLm7UlyPaSWn7
ieZVrAWBiqFSkAXrkVKtKzWLUM7Juorg75ZewFgI/+jvhcPMKDid4ICmVOO/yl3r
bDbxoimrqMsbdF/PhnklnVN5awCwMpsDtZUG7HNVJpuokTO9xJWW+U99RZT0Ojuk
rzeZiSiPY4xITFyFknyTLiE0CjwrgpD7W8FvvwIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFHtnyAC105QFTn3KOU6i5Ml6DpsHMB8GA1UdIwQYMBaAFOGZSj+kvs+ad1x3
d2P/52v6LKS6MA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvNGExYjUz
MWIwMWNkNTQ0NjQ1MzE3OWIzNGE1YzExYzg3MTMxZDhkZi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvYzcyNjE1ZTUtNTU1Yi00YTdjLTkzYWItY2U4YTk2
M2E3Yzc1Lzk1MTQ3ZmRjMGM3ZWE0NGIyZmJjZjEwNDZhMTYzMzc3N2QxNjhkZjcu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9jNzI2MTVlNS01NTViLTRhN2MtOTNhYi1jZThh
OTYzYTdjNzUvNGExYjUzMWIwMWNkNTQ0NjQ1MzE3OWIzNGE1YzExYzg3MTMxZDhk
Zi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAi1HcDANBgkqhkiG9w0BAQsFAAOCAQEAeWke9rJ5P9jIlIzN
MG4C6RsHpUDenR2uLkr9zopQ0DdcsxmMFF/Atil9WtAJsCU/sGf3fUHQb8kxMpJ9
s/LPEb28X2pXSuzrvjbZ+Wmv117Og8xGW9/WdpfYSNcGPo8JN4pc195TCiGMWdT2
YPtgUL1mcAw6rkXF/O0t/usvQTYNzPJEXPtqVdheWOZ1OlsRcPXLgXSW9sz+7xkV
yUqKLtstQVqQRgReV1kqA8KIVhuZoqq4r1gAh1cpJSCNUG1WbvfnSwH7vpFG00nu
p0gYpUXckrw2wjmC2IZQKRUymfZGRlrW8Hp8IIYij3/m8UhPObZCjaCoPCljK7SO
7VN59g==
-----END CERTIFICATE-----
Generated at Thu Mar 28 19:40:42 2024 by rpki-client on console-fra.rpki-client.org