Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/c9cdbd63-8f01-448b-8c1e-f2e94e1c9e7b/db91594ae8ff82b63b5b52aabf5b198342c308a0.roa
File:                     db91594ae8ff82b63b5b52aabf5b198342c308a0.roa (raw, json)
Hash identifier:          G5T/+ftybU69JlpKVdVbhP34oOatAHoCP7/8TDYW7Dk=
Subject key identifier:   5C:62:60:C9:1F:BD:9F:F6:A0:75:D5:F7:84:0A:AA:7D:C2:D2:A7:8E
Certificate issuer:       /CN=520a0d5e45ba98b3623fd2e4c2f44d192076b7f8
Certificate serial:       11DE31
Authority key identifier: 85:F5:91:97:72:D7:FD:41:EA:ED:80:91:30:3C:E5:92:C6:CA:E7:6D
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/520a0d5e45ba98b3623fd2e4c2f44d192076b7f8.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/c9cdbd63-8f01-448b-8c1e-f2e94e1c9e7b/db91594ae8ff82b63b5b52aabf5b198342c308a0.roa
Signing time:             Sun 31 Oct 2021 03:02:58 +0000
ROA not before:           Sat 30 Oct 2021 03:00:00 +0000
ROA not after:            Mon 30 Oct 2023 03:00:00 +0000
asID:                     263817
IP address blocks:        138.185.28.0/24 maxlen: 24
                          138.185.30.0/24 maxlen: 24
                          138.185.31.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/c9cdbd63-8f01-448b-8c1e-f2e94e1c9e7b/520a0d5e45ba98b3623fd2e4c2f44d192076b7f8.crl
                          rsync://repository.lacnic.net/rpki/lacnic/c9cdbd63-8f01-448b-8c1e-f2e94e1c9e7b/520a0d5e45ba98b3623fd2e4c2f44d192076b7f8.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/520a0d5e45ba98b3623fd2e4c2f44d192076b7f8.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 18 Mar 2023 02:22:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1170993 (0x11de31)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=520a0d5e45ba98b3623fd2e4c2f44d192076b7f8
        Validity
            Not Before: Oct 30 03:00:00 2021 GMT
            Not After : Oct 30 03:00:00 2023 GMT
        Subject: CN=db91594ae8ff82b63b5b52aabf5b198342c308a0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:c6:34:60:07:a8:66:45:8b:78:51:67:5b:1b:
                    d7:fe:aa:3c:0e:7f:50:0d:cf:c7:96:54:f2:f3:ac:
                    6e:a0:4f:66:fd:79:96:da:ca:07:5c:e8:f7:ad:dc:
                    a4:71:1c:1b:e6:45:01:cf:35:0c:89:04:b4:82:34:
                    ec:cb:bd:13:bc:8a:6c:5f:1d:29:72:e6:5d:75:98:
                    a1:56:c2:46:d2:ed:b9:f7:7a:76:40:27:0a:c2:fb:
                    64:b3:76:14:0a:e0:61:6b:ed:20:a8:bd:4c:8c:a0:
                    49:24:99:2b:e9:5f:0a:14:7e:c7:82:e6:9c:83:0d:
                    0b:d2:e4:b8:fb:3a:cc:8c:3c:f6:20:46:2b:88:ad:
                    0e:0f:1d:cd:2d:68:4c:bb:f9:c9:60:81:46:33:74:
                    94:a9:47:f4:f7:89:b8:62:fd:29:81:e9:ac:91:aa:
                    0a:48:59:39:11:5c:10:f8:42:01:b2:50:2e:dd:d3:
                    13:ef:7e:d4:28:3a:8e:b4:9f:09:32:89:08:13:39:
                    b6:0c:93:d6:bd:21:d0:6a:84:15:8f:57:f3:1f:e1:
                    9d:97:d2:3a:78:ac:8b:99:89:07:73:c6:28:6a:e9:
                    28:7d:b3:ac:4a:63:56:02:ae:7b:7a:5e:29:c4:3e:
                    cb:28:3d:a3:62:dd:d1:89:5b:b8:a6:48:e2:c7:48:
                    78:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                5C:62:60:C9:1F:BD:9F:F6:A0:75:D5:F7:84:0A:AA:7D:C2:D2:A7:8E
            X509v3 Authority Key Identifier: 
                keyid:85:F5:91:97:72:D7:FD:41:EA:ED:80:91:30:3C:E5:92:C6:CA:E7:6D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/520a0d5e45ba98b3623fd2e4c2f44d192076b7f8.cer

            Subject Information Access: 
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/c9cdbd63-8f01-448b-8c1e-f2e94e1c9e7b/db91594ae8ff82b63b5b52aabf5b198342c308a0.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/c9cdbd63-8f01-448b-8c1e-f2e94e1c9e7b/520a0d5e45ba98b3623fd2e4c2f44d192076b7f8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  138.185.28.0/24
                  138.185.30.0/23

    Signature Algorithm: sha256WithRSAEncryption
         0a:d5:ff:6d:8b:5d:8c:7f:78:18:5e:86:8e:cd:32:f8:87:17:
         d7:32:bd:0c:55:4c:b1:9e:5a:f0:42:24:80:30:aa:23:18:9a:
         2f:47:d7:d3:fd:8d:99:ad:31:cd:bb:8e:42:4e:53:43:13:6b:
         9c:be:d8:bb:a1:40:97:57:60:9b:f2:4a:08:a1:e5:e5:c3:2f:
         fb:3c:d0:f9:be:c3:42:b3:b9:91:23:e4:86:ef:8a:0d:00:e9:
         e1:b3:92:ce:46:c0:00:b7:38:4c:c2:95:f1:60:cc:0f:f1:54:
         7c:18:e5:2d:5b:67:ba:fc:fe:4f:f1:c1:66:ea:94:d3:53:e0:
         f7:59:ed:25:e2:81:13:98:22:5d:ac:d7:93:7a:48:ad:06:18:
         31:ff:b3:79:b5:bb:3c:8c:f8:08:9b:e3:5a:e4:48:14:46:1e:
         42:4c:7e:b6:a5:1c:32:7f:3b:36:f7:f9:a0:14:65:a3:06:92:
         c1:c0:87:94:8b:94:c4:c1:a3:7a:d8:95:d7:3a:bb:c0:56:66:
         e0:c6:26:9c:1a:c4:e5:17:83:0b:b0:7b:56:d4:94:44:75:2a:
         a8:a0:76:41:dc:c5:f9:28:54:e9:2f:a8:42:9a:ff:81:40:54:
         32:aa:90:c9:b6:af:3c:d8:5b:33:6c:bc:a6:e9:d4:c0:1d:4b:
         27:3c:84:10
-----BEGIN CERTIFICATE-----
MIIFRjCCBC6gAwIBAgIDEd4xMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDUy
MGEwZDVlNDViYTk4YjM2MjNmZDJlNGMyZjQ0ZDE5MjA3NmI3ZjgwHhcNMjExMDMw
MDMwMDAwWhcNMjMxMDMwMDMwMDAwWjAzMTEwLwYDVQQDEyhkYjkxNTk0YWU4ZmY4
MmI2M2I1YjUyYWFiZjViMTk4MzQyYzMwOGEwMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAhsY0YAeoZkWLeFFnWxvX/qo8Dn9QDc/HllTy86xuoE9m/XmW
2soHXOj3rdykcRwb5kUBzzUMiQS0gjTsy70TvIpsXx0pcuZddZihVsJG0u2593p2
QCcKwvtks3YUCuBha+0gqL1MjKBJJJkr6V8KFH7Hguacgw0L0uS4+zrMjDz2IEYr
iK0ODx3NLWhMu/nJYIFGM3SUqUf094m4Yv0pgemskaoKSFk5EVwQ+EIBslAu3dMT
737UKDqOtJ8JMokIEzm2DJPWvSHQaoQVj1fzH+Gdl9I6eKyLmYkHc8YoaukofbOs
SmNWAq57el4pxD7LKD2jYt3RiVu4pkjix0h4/QIDAQABo4ICYTCCAl0wHQYDVR0O
BBYEFFxiYMkfvZ/2oHXV94QKqn3C0qeOMB8GA1UdIwQYMBaAFIX1kZdy1/1B6u2A
kTA85ZLGyudtMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvNTIwYTBk
NWU0NWJhOThiMzYyM2ZkMmU0YzJmNDRkMTkyMDc2YjdmOC5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvYzljZGJkNjMtOGYwMS00NDhiLThjMWUtZjJlOTRl
MWM5ZTdiL2RiOTE1OTRhZThmZjgyYjYzYjViNTJhYWJmNWIxOTgzNDJjMzA4YTAu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9jOWNkYmQ2My04ZjAxLTQ0OGItOGMxZS1mMmU5
NGUxYzllN2IvNTIwYTBkNWU0NWJhOThiMzYyM2ZkMmU0YzJmNDRkMTkyMDc2Yjdm
OC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQW
MBQwEgQCAAEwDAMEAIq5HAMEAYq5HjANBgkqhkiG9w0BAQsFAAOCAQEACtX/bYtd
jH94GF6Gjs0y+IcX1zK9DFVMsZ5a8EIkgDCqIxiaL0fX0/2Nma0xzbuOQk5TQxNr
nL7Yu6FAl1dgm/JKCKHl5cMv+zzQ+b7DQrO5kSPkhu+KDQDp4bOSzkbAALc4TMKV
8WDMD/FUfBjlLVtnuvz+T/HBZuqU01Pg91ntJeKBE5giXazXk3pIrQYYMf+zebW7
PIz4CJvjWuRIFEYeQkx+tqUcMn87Nvf5oBRlowaSwcCHlIuUxMGjetiV1zq7wFZm
4MYmnBrE5ReDC7B7VtSURHUqqKB2QdzF+ShU6S+oQpr/gUBUMqqQybavPNhbM2y8
punUwB1LJzyEEA==
-----END CERTIFICATE-----
Generated at Wed Mar 15 11:35:14 2023 by rpki-client on console-ams.rpki-client.org