Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/c9978345-6a05-4395-ba69-6b3cca446d48/1823f938e736874db7044553a87a26d050b9586a.roa
File:                     1823f938e736874db7044553a87a26d050b9586a.roa (raw, json)
Hash identifier:          byGmb/v0LrI/huEGxbpuY2/fa743bBmkKMDcGXxXKFY=
Subject key identifier:   ED:DF:0D:19:4C:6B:36:41:01:D4:75:30:A9:A6:79:B1:55:67:12:CA
Certificate issuer:       /CN=35a22b288c1e4ed251559cdd04140e06dfc07d0f
Certificate serial:       12522F
Authority key identifier: BE:F9:D4:94:52:95:E6:89:56:33:74:C1:CD:31:F1:07:66:19:30:85
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/35a22b288c1e4ed251559cdd04140e06dfc07d0f.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/c9978345-6a05-4395-ba69-6b3cca446d48/1823f938e736874db7044553a87a26d050b9586a.roa
Signing time:             Thu 18 Nov 2021 15:29:00 +0000
ROA not before:           Thu 18 Nov 2021 03:00:00 +0000
ROA not after:            Fri 18 Nov 2050 03:00:00 +0000
asID:                     267776
IP address blocks:        45.171.220.0/22 maxlen: 24
                          2803:e7a0::/32 maxlen: 48

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/c9978345-6a05-4395-ba69-6b3cca446d48/35a22b288c1e4ed251559cdd04140e06dfc07d0f.crl
                          rsync://repository.lacnic.net/rpki/lacnic/c9978345-6a05-4395-ba69-6b3cca446d48/35a22b288c1e4ed251559cdd04140e06dfc07d0f.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/35a22b288c1e4ed251559cdd04140e06dfc07d0f.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 24 Feb 2024 17:37:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1200687 (0x12522f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35a22b288c1e4ed251559cdd04140e06dfc07d0f
        Validity
            Not Before: Nov 18 03:00:00 2021 GMT
            Not After : Nov 18 03:00:00 2050 GMT
        Subject: CN=1823f938e736874db7044553a87a26d050b9586a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:bd:96:55:4c:63:29:38:4a:31:ce:bb:97:79:
                    10:0c:63:2e:ec:8d:83:65:4c:6d:fe:89:3e:2a:c4:
                    9b:0d:ea:99:71:ff:f0:be:e4:f0:1a:e7:c2:98:4c:
                    ff:19:4f:2f:83:2f:0b:0d:e5:6c:1d:7d:d8:72:cb:
                    26:a1:8c:d6:e2:c7:03:5e:65:0d:2d:21:2b:68:55:
                    ff:06:13:16:13:40:a9:d7:3a:26:61:de:8c:64:ca:
                    03:f4:9d:40:8d:4f:a1:7a:ad:fd:24:0f:47:73:98:
                    ee:b1:91:53:f5:a5:2d:f5:5c:6b:6b:5e:48:d9:b9:
                    e2:32:b5:59:cc:c4:b0:65:29:95:dd:bc:00:73:12:
                    3a:fe:31:c5:77:c1:aa:f0:0b:f8:6e:f4:9b:df:62:
                    15:52:09:4e:69:01:30:5a:b4:82:63:05:56:3d:41:
                    c7:d3:f4:58:26:bf:3f:44:99:fd:a5:30:c4:68:50:
                    f0:5d:da:bc:7c:3e:fe:4b:e6:06:f5:4f:08:90:75:
                    6a:8f:ba:d9:63:0b:11:16:7e:28:aa:10:92:67:48:
                    9e:44:2b:04:42:c2:50:22:3d:4c:3d:37:8b:bd:00:
                    fd:04:04:68:81:9c:46:c7:73:47:e1:b2:54:9e:6c:
                    c7:a2:e4:fe:1f:f8:ff:4f:3d:48:1f:73:72:52:9f:
                    67:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                ED:DF:0D:19:4C:6B:36:41:01:D4:75:30:A9:A6:79:B1:55:67:12:CA
            X509v3 Authority Key Identifier:
                keyid:BE:F9:D4:94:52:95:E6:89:56:33:74:C1:CD:31:F1:07:66:19:30:85

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/35a22b288c1e4ed251559cdd04140e06dfc07d0f.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/c9978345-6a05-4395-ba69-6b3cca446d48/1823f938e736874db7044553a87a26d050b9586a.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/c9978345-6a05-4395-ba69-6b3cca446d48/35a22b288c1e4ed251559cdd04140e06dfc07d0f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.171.220.0/22
                IPv6:
                  2803:e7a0::/32

    Signature Algorithm: sha256WithRSAEncryption
         6a:6c:9a:15:6d:cc:d5:d9:0f:a0:b7:fb:d3:c9:36:f9:a4:c7:
         06:21:07:91:51:18:12:6c:45:e8:dc:ba:62:e3:4b:f4:7e:69:
         97:65:6b:da:14:09:bb:88:e1:62:58:7e:0f:79:fb:08:d2:12:
         2a:57:11:23:af:6c:44:55:39:7c:4c:3e:dd:ac:13:ec:72:dd:
         80:23:9e:f5:1a:74:9e:b9:c3:81:76:aa:e4:7a:2f:04:2a:3c:
         13:4c:ce:43:2a:41:01:83:a2:0e:b8:c2:1d:38:0f:8f:7b:71:
         cf:de:9b:51:5f:02:44:0b:04:12:11:1b:2e:4b:49:2c:4e:9a:
         84:73:b2:29:49:90:2a:b1:33:ee:80:20:38:f9:f6:1b:c6:b1:
         69:91:a1:88:d7:ea:bb:98:47:76:ad:c5:07:a3:06:46:94:9d:
         fb:bf:8f:5c:17:26:c4:e7:c1:4a:b5:0e:32:b3:17:7e:21:fe:
         35:73:57:0f:1c:47:09:17:ca:5e:31:bf:01:f4:46:9a:15:ee:
         5c:e1:62:30:4e:7c:2f:20:ad:c2:29:ae:25:47:83:df:3a:d8:
         c2:a5:11:77:09:e5:85:e2:76:c7:90:94:a3:c4:e7:36:e0:ca:
         b3:6f:9d:5a:4c:d4:10:48:22:72:c9:7f:43:b0:57:2a:86:5d:
         e3:25:5f:50
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgIDElIvMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDM1
YTIyYjI4OGMxZTRlZDI1MTU1OWNkZDA0MTQwZTA2ZGZjMDdkMGYwIBcNMjExMTE4
MDMwMDAwWhgPMjA1MDExMTgwMzAwMDBaMDMxMTAvBgNVBAMTKDE4MjNmOTM4ZTcz
Njg3NGRiNzA0NDU1M2E4N2EyNmQwNTBiOTU4NmEwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCivZZVTGMpOEoxzruXeRAMYy7sjYNlTG3+iT4qxJsN6plx
//C+5PAa58KYTP8ZTy+DLwsN5WwdfdhyyyahjNbixwNeZQ0tIStoVf8GExYTQKnX
OiZh3oxkygP0nUCNT6F6rf0kD0dzmO6xkVP1pS31XGtrXkjZueIytVnMxLBlKZXd
vABzEjr+McV3warwC/hu9JvfYhVSCU5pATBatIJjBVY9QcfT9Fgmvz9Emf2lMMRo
UPBd2rx8Pv5L5gb1TwiQdWqPutljCxEWfiiqEJJnSJ5EKwRCwlAiPUw9N4u9AP0E
BGiBnEbHc0fhslSebMei5P4f+P9PPUgfc3JSn2fRAgMBAAGjggJqMIICZjAdBgNV
HQ4EFgQU7d8NGUxrNkEB1HUwqaZ5sVVnEsowHwYDVR0jBBgwFoAUvvnUlFKV5olW
M3TBzTHxB2YZMIUwDgYDVR0PAQH/BAQDAgeAMIGaBggrBgEFBQcBAQSBjTCBijCB
hwYIKwYBBQUHMAKGe3JzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jwa2kv
bGFjbmljLzQ4ZjA4M2JiLWY2MDMtNDg5My05OTkwLTAyODRjMDRjZWI4NS8zNWEy
MmIyODhjMWU0ZWQyNTE1NTljZGQwNDE0MGUwNmRmYzA3ZDBmLmNlcjCBmgYIKwYB
BQUHAQsEgY0wgYowgYcGCCsGAQUFBzALhntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9jOTk3ODM0NS02YTA1LTQzOTUtYmE2OS02YjNj
Y2E0NDZkNDgvMTgyM2Y5MzhlNzM2ODc0ZGI3MDQ0NTUzYTg3YTI2ZDA1MGI5NTg2
YS5yb2EwgY8GA1UdHwSBhzCBhDCBgaB/oH2Ge3JzeW5jOi8vcmVwb3NpdG9yeS5s
YWNuaWMubmV0L3Jwa2kvbGFjbmljL2M5OTc4MzQ1LTZhMDUtNDM5NS1iYTY5LTZi
M2NjYTQ0NmQ0OC8zNWEyMmIyODhjMWU0ZWQyNTE1NTljZGQwNDE0MGUwNmRmYzA3
ZDBmLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/
BB8wHTAMBAIAATAGAwQCLavcMA0EAgACMAcDBQAoA+egMA0GCSqGSIb3DQEBCwUA
A4IBAQBqbJoVbczV2Q+gt/vTyTb5pMcGIQeRURgSbEXo3Lpi40v0fmmXZWvaFAm7
iOFiWH4PefsI0hIqVxEjr2xEVTl8TD7drBPsct2AI571GnSeucOBdqrkei8EKjwT
TM5DKkEBg6IOuMIdOA+Pe3HP3ptRXwJECwQSERsuS0ksTpqEc7IpSZAqsTPugCA4
+fYbxrFpkaGI1+q7mEd2rcUHowZGlJ37v49cFybE58FKtQ4ysxd+If41c1cPHEcJ
F8peMb8B9EaaFe5c4WIwTnwvIK3CKa4lR4PfOtjCpRF3CeWF4nbHkJSjxOc24Mqz
b51aTNQQSCJyyX9DsFcqhl3jJV9Q
-----END CERTIFICATE-----
Generated at Wed Feb 21 22:41:58 2024 by rpki-client on console-ams.rpki-client.org