Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/d1531c72-2e64-4361-9fb9-32da72319746/c95d2fff749f954a8c17c264c992a9c32ee48a53.roa
File:                     c95d2fff749f954a8c17c264c992a9c32ee48a53.roa (raw, json)
Hash identifier:          p2ZiwJT1Qr/WXK2we7YLA7IZNa+elFTfWD/rx61hnX8=
Subject key identifier:   FE:33:90:03:DA:D8:2C:7B:65:59:C6:E7:32:D3:52:9D:5E:21:D9:D6
Certificate issuer:       /CN=6c68514e340a0b39197cbb6d38d1378f39565c69
Certificate serial:       0D2139
Authority key identifier: 84:E6:07:3F:42:95:21:DF:B2:35:D7:50:57:0F:EB:7F:22:50:04:98
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/6c68514e340a0b39197cbb6d38d1378f39565c69.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/d1531c72-2e64-4361-9fb9-32da72319746/c95d2fff749f954a8c17c264c992a9c32ee48a53.roa
Signing time:             Wed 24 Mar 2021 14:33:51 +0000
ROA not before:           Wed 24 Mar 2021 14:33:51 +0000
ROA not after:            Tue 24 Mar 2026 14:33:51 +0000
asID:                     263702
IP address blocks:        45.228.208.0/22 maxlen: 24
                          2803:e920::/32 maxlen: 32

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/d1531c72-2e64-4361-9fb9-32da72319746/6c68514e340a0b39197cbb6d38d1378f39565c69.crl
                          rsync://repository.lacnic.net/rpki/lacnic/d1531c72-2e64-4361-9fb9-32da72319746/6c68514e340a0b39197cbb6d38d1378f39565c69.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/6c68514e340a0b39197cbb6d38d1378f39565c69.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 01 Apr 2024 05:58:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 860473 (0xd2139)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6c68514e340a0b39197cbb6d38d1378f39565c69
        Validity
            Not Before: Mar 24 14:33:51 2021 GMT
            Not After : Mar 24 14:33:51 2026 GMT
        Subject: CN=c95d2fff749f954a8c17c264c992a9c32ee48a53
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:fa:95:29:c9:63:92:1e:1f:ae:a4:19:e6:6e:
                    f7:f0:f0:c3:eb:ce:28:53:9d:3c:7c:3d:c5:7c:b8:
                    9d:ae:ba:15:73:1f:60:dc:bf:ae:70:4c:a1:13:87:
                    82:6a:a7:3e:c9:dd:bf:65:28:69:5f:19:7b:ad:58:
                    97:73:45:7a:ef:8b:e8:c8:70:06:68:8a:f9:be:fc:
                    97:d5:5b:56:19:6a:69:9c:1c:44:4b:6f:ee:02:27:
                    39:51:f3:ab:e0:99:70:43:b4:37:19:3b:96:37:48:
                    77:1a:57:c3:08:88:4b:59:83:2a:2a:7f:e9:69:70:
                    f0:94:3d:15:dd:92:b8:b3:9f:c8:55:1f:20:e5:31:
                    0f:0f:7e:6c:5e:d0:19:83:35:ee:c0:5b:ed:19:51:
                    11:87:9f:19:36:a1:5c:fd:96:ba:36:d2:11:53:d0:
                    fe:b7:94:96:cd:ba:3e:63:e7:39:b5:cd:81:99:c6:
                    3c:8a:c4:60:67:fa:97:5d:2d:7e:60:ba:32:a4:d4:
                    bb:53:3f:4e:0d:55:be:41:de:25:74:66:e1:9e:9f:
                    fd:8b:af:8a:f0:01:27:0a:f1:38:e7:10:8e:03:68:
                    ff:99:b8:26:dd:d9:72:59:33:66:95:1c:99:b8:d8:
                    02:52:32:3c:f6:6d:f7:5e:0c:fb:cb:e1:67:12:75:
                    04:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FE:33:90:03:DA:D8:2C:7B:65:59:C6:E7:32:D3:52:9D:5E:21:D9:D6
            X509v3 Authority Key Identifier:
                keyid:84:E6:07:3F:42:95:21:DF:B2:35:D7:50:57:0F:EB:7F:22:50:04:98

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/6c68514e340a0b39197cbb6d38d1378f39565c69.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/d1531c72-2e64-4361-9fb9-32da72319746/c95d2fff749f954a8c17c264c992a9c32ee48a53.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/d1531c72-2e64-4361-9fb9-32da72319746/6c68514e340a0b39197cbb6d38d1378f39565c69.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.228.208.0/22
                IPv6:
                  2803:e920::/32

    Signature Algorithm: sha256WithRSAEncryption
         5e:26:b5:dd:c8:36:e8:01:92:a6:e9:6f:2a:a2:a6:cc:c2:54:
         42:62:04:36:fa:37:f8:e6:68:17:5e:94:cf:f9:1a:df:2e:c8:
         17:64:f6:42:e8:8f:7c:60:76:74:dd:36:9c:06:83:29:36:20:
         9a:b5:f1:87:60:8d:39:68:5a:8f:bc:f6:f6:23:4b:a4:da:57:
         ac:a2:14:90:a0:6f:95:03:4b:04:10:f4:e0:be:9b:be:1c:6e:
         31:05:1f:2a:11:23:4b:35:80:c2:6a:41:54:55:8b:4d:ce:ee:
         a9:00:50:60:67:9d:95:82:a8:37:17:74:4e:01:d9:85:e3:85:
         41:bc:68:de:cd:36:0b:36:fb:07:14:33:d2:f7:c4:f2:82:56:
         10:f9:79:b5:3b:18:8c:31:a4:1e:ae:37:49:31:83:96:49:0c:
         7d:87:85:6a:a3:05:c6:7d:bc:90:28:b7:b1:64:a9:77:1e:a8:
         f3:a0:67:8e:61:7e:bb:45:2f:55:28:48:85:c4:f0:b7:27:34:
         c3:37:0d:6e:ba:00:87:ad:fb:f8:f2:29:ec:18:58:41:13:6e:
         b9:53:19:b2:be:7b:a4:34:a8:4b:04:82:41:a6:07:32:3d:60:
         db:fa:1c:b1:19:5b:ea:e3:7e:af:34:3c:ca:f9:95:c1:d0:1a:
         34:2a:f9:0a
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgIDDSE5MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDZj
Njg1MTRlMzQwYTBiMzkxOTdjYmI2ZDM4ZDEzNzhmMzk1NjVjNjkwHhcNMjEwMzI0
MTQzMzUxWhcNMjYwMzI0MTQzMzUxWjAzMTEwLwYDVQQDEyhjOTVkMmZmZjc0OWY5
NTRhOGMxN2MyNjRjOTkyYTljMzJlZTQ4YTUzMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAqvqVKcljkh4frqQZ5m738PDD684oU508fD3FfLidrroVcx9g
3L+ucEyhE4eCaqc+yd2/ZShpXxl7rViXc0V674voyHAGaIr5vvyX1VtWGWppnBxE
S2/uAic5UfOr4JlwQ7Q3GTuWN0h3GlfDCIhLWYMqKn/paXDwlD0V3ZK4s5/IVR8g
5TEPD35sXtAZgzXuwFvtGVERh58ZNqFc/Za6NtIRU9D+t5SWzbo+Y+c5tc2BmcY8
isRgZ/qXXS1+YLoypNS7Uz9ODVW+Qd4ldGbhnp/9i6+K8AEnCvE45xCOA2j/mbgm
3dlyWTNmlRyZuNgCUjI89m33Xgz7y+FnEnUEnwIDAQABo4ICajCCAmYwHQYDVR0O
BBYEFP4zkAPa2Cx7ZVnG5zLTUp1eIdnWMB8GA1UdIwQYMBaAFITmBz9ClSHfsjXX
UFcP638iUASYMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvNmM2ODUx
NGUzNDBhMGIzOTE5N2NiYjZkMzhkMTM3OGYzOTU2NWM2OS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvZDE1MzFjNzItMmU2NC00MzYxLTlmYjktMzJkYTcy
MzE5NzQ2L2M5NWQyZmZmNzQ5Zjk1NGE4YzE3YzI2NGM5OTJhOWMzMmVlNDhhNTMu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9kMTUzMWM3Mi0yZTY0LTQzNjEtOWZiOS0zMmRh
NzIzMTk3NDYvNmM2ODUxNGUzNDBhMGIzOTE5N2NiYjZkMzhkMTM3OGYzOTU2NWM2
OS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQf
MB0wDAQCAAEwBgMEAi3k0DANBAIAAjAHAwUAKAPpIDANBgkqhkiG9w0BAQsFAAOC
AQEAXia13cg26AGSpulvKqKmzMJUQmIENvo3+OZoF16Uz/ka3y7IF2T2QuiPfGB2
dN02nAaDKTYgmrXxh2CNOWhaj7z29iNLpNpXrKIUkKBvlQNLBBD04L6bvhxuMQUf
KhEjSzWAwmpBVFWLTc7uqQBQYGedlYKoNxd0TgHZheOFQbxo3s02Czb7BxQz0vfE
8oJWEPl5tTsYjDGkHq43STGDlkkMfYeFaqMFxn28kCi3sWSpdx6o86BnjmF+u0Uv
VShIhcTwtyc0wzcNbroAh637+PIp7BhYQRNuuVMZsr57pDSoSwSCQaYHMj1g2/oc
sRlb6uN+rzQ8yvmVwdAaNCr5Cg==
-----END CERTIFICATE-----
Generated at Fri Mar 29 08:55:32 2024 by rpki-client on console-fra.rpki-client.org