Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/d2d008c8-a975-4fa4-89b2-393f4285797f/a58c0c2fe786ee054fa5c729baf8ec6ca5953876.roa
File:                     a58c0c2fe786ee054fa5c729baf8ec6ca5953876.roa (raw, json)
Hash identifier:          TjwotoLQ2uXlgVCQWYa6t+fN+8wHmfBp66YT09Wb8zU=
Subject key identifier:   32:43:CE:5C:8C:27:C3:6F:52:DC:65:DC:AD:99:90:59:28:31:65:C9
Certificate issuer:       /CN=2216f730dc559b8b90421f5cdb654392e386eba6
Certificate serial:       0D2DB3
Authority key identifier: AE:BC:B5:40:D1:C5:F4:BE:16:C1:8A:18:26:76:BA:46:E1:75:5A:0C
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/2216f730dc559b8b90421f5cdb654392e386eba6.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/d2d008c8-a975-4fa4-89b2-393f4285797f/a58c0c2fe786ee054fa5c729baf8ec6ca5953876.roa
Signing time:             Wed 24 Mar 2021 14:37:20 +0000
ROA not before:           Wed 24 Mar 2021 14:37:18 +0000
ROA not after:            Tue 24 Mar 2026 14:37:18 +0000
asID:                     65105
IP address blocks:        179.0.20.0/24 maxlen: 25
                          179.0.22.64/26 maxlen: 26

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/d2d008c8-a975-4fa4-89b2-393f4285797f/2216f730dc559b8b90421f5cdb654392e386eba6.crl
                          rsync://repository.lacnic.net/rpki/lacnic/d2d008c8-a975-4fa4-89b2-393f4285797f/2216f730dc559b8b90421f5cdb654392e386eba6.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/2216f730dc559b8b90421f5cdb654392e386eba6.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 03:49:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 863667 (0xd2db3)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2216f730dc559b8b90421f5cdb654392e386eba6
        Validity
            Not Before: Mar 24 14:37:18 2021 GMT
            Not After : Mar 24 14:37:18 2026 GMT
        Subject: CN=a58c0c2fe786ee054fa5c729baf8ec6ca5953876
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:13:34:0a:8f:50:c7:05:c0:f5:5b:b0:8e:fa:
                    08:10:ad:28:bc:a7:d5:e5:e0:4b:6d:5a:f2:e8:1d:
                    c9:03:1b:38:f4:c1:1d:27:41:71:94:a8:04:17:8b:
                    00:2f:71:fc:b3:36:a2:bc:41:3e:16:5d:e3:47:80:
                    9d:5c:3e:97:33:78:22:e2:38:95:fb:0c:21:c4:ae:
                    4a:ef:40:ca:aa:5b:d8:7b:e0:94:bb:4d:62:6b:9a:
                    b2:35:db:1a:e2:7c:42:c9:3d:f3:16:28:4f:12:d3:
                    d0:c1:13:92:a0:0b:a2:5a:68:90:b8:77:09:87:62:
                    fd:fa:f9:8e:be:05:16:04:f5:7e:57:cb:9f:0a:a1:
                    32:f9:7b:9a:aa:7b:81:d3:9a:04:5a:7b:35:3d:e1:
                    2d:dc:14:82:d8:8d:02:77:f8:0d:5b:14:77:68:03:
                    b0:a4:38:4e:53:70:7e:5e:56:95:b7:b9:39:99:c7:
                    b7:ce:8b:8e:cc:06:4c:80:b3:b3:5b:e9:ea:e0:cd:
                    b0:f4:ea:58:f9:7a:56:18:cd:98:a9:aa:c6:48:f5:
                    95:46:f7:39:15:75:ec:df:71:87:79:e9:d5:5f:5c:
                    f4:6d:49:b2:ee:d9:4f:3e:3d:be:de:ac:15:9b:0e:
                    ef:fe:d9:17:7d:b2:de:b1:63:e1:02:8b:50:16:ee:
                    0a:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                32:43:CE:5C:8C:27:C3:6F:52:DC:65:DC:AD:99:90:59:28:31:65:C9
            X509v3 Authority Key Identifier:
                keyid:AE:BC:B5:40:D1:C5:F4:BE:16:C1:8A:18:26:76:BA:46:E1:75:5A:0C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/2216f730dc559b8b90421f5cdb654392e386eba6.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/d2d008c8-a975-4fa4-89b2-393f4285797f/a58c0c2fe786ee054fa5c729baf8ec6ca5953876.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/d2d008c8-a975-4fa4-89b2-393f4285797f/2216f730dc559b8b90421f5cdb654392e386eba6.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  179.0.20.0/24
                  179.0.22.64/26

    Signature Algorithm: sha256WithRSAEncryption
         32:4c:c7:1f:36:32:99:4d:28:6e:3e:2c:d2:5a:3d:3d:45:07:
         2f:53:75:f4:80:58:70:3d:7e:ea:2c:09:07:45:a2:46:b2:14:
         25:2a:a5:40:af:80:5e:78:4a:17:fc:b7:53:d8:02:f3:86:71:
         bb:47:45:a9:7a:1b:90:2a:78:58:aa:56:b7:d8:bf:a4:7e:8e:
         fd:79:61:c3:24:4a:37:61:96:cd:0f:64:d2:70:ce:df:d1:6c:
         61:5c:be:a2:8c:02:a2:71:25:c0:49:15:8d:95:69:23:6d:89:
         72:5a:07:25:83:5c:5c:90:06:9e:56:12:d8:97:c3:15:e5:28:
         82:a9:4c:35:09:e7:47:92:da:27:01:6e:92:16:ad:e6:a9:da:
         4e:b7:eb:90:f1:d7:b3:0e:77:3e:d0:ff:77:6a:58:95:e1:ad:
         a8:7d:e6:1c:eb:2f:38:f9:c2:5a:08:3c:9d:15:ae:34:a7:46:
         9c:f9:37:09:d2:51:df:13:ba:f6:9c:ed:2a:bb:5b:50:9a:bd:
         89:a5:da:1b:12:ec:31:d4:0b:73:5d:4a:b0:aa:a2:5e:57:b1:
         d7:fe:1f:56:c1:8e:c4:21:20:1e:86:46:f3:0f:57:48:4e:8b:
         6b:ea:59:4c:42:4c:32:e7:48:c5:05:1e:8d:bd:dc:f0:5a:43:
         4f:85:f6:07
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgIDDS2zMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDIy
MTZmNzMwZGM1NTliOGI5MDQyMWY1Y2RiNjU0MzkyZTM4NmViYTYwHhcNMjEwMzI0
MTQzNzE4WhcNMjYwMzI0MTQzNzE4WjAzMTEwLwYDVQQDEyhhNThjMGMyZmU3ODZl
ZTA1NGZhNWM3MjliYWY4ZWM2Y2E1OTUzODc2MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAiRM0Co9QxwXA9VuwjvoIEK0ovKfV5eBLbVry6B3JAxs49MEd
J0FxlKgEF4sAL3H8szaivEE+Fl3jR4CdXD6XM3gi4jiV+wwhxK5K70DKqlvYe+CU
u01ia5qyNdsa4nxCyT3zFihPEtPQwROSoAuiWmiQuHcJh2L9+vmOvgUWBPV+V8uf
CqEy+XuaqnuB05oEWns1PeEt3BSC2I0Cd/gNWxR3aAOwpDhOU3B+XlaVt7k5mce3
zouOzAZMgLOzW+nq4M2w9OpY+XpWGM2YqarGSPWVRvc5FXXs33GHeenVX1z0bUmy
7tlPPj2+3qwVmw7v/tkXfbLesWPhAotQFu4KCwIDAQABo4ICYjCCAl4wHQYDVR0O
BBYEFDJDzlyMJ8NvUtxl3K2ZkFkoMWXJMB8GA1UdIwQYMBaAFK68tUDRxfS+FsGK
GCZ2ukbhdVoMMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvMjIxNmY3
MzBkYzU1OWI4YjkwNDIxZjVjZGI2NTQzOTJlMzg2ZWJhNi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvZDJkMDA4YzgtYTk3NS00ZmE0LTg5YjItMzkzZjQy
ODU3OTdmL2E1OGMwYzJmZTc4NmVlMDU0ZmE1YzcyOWJhZjhlYzZjYTU5NTM4NzYu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9kMmQwMDhjOC1hOTc1LTRmYTQtODliMi0zOTNm
NDI4NTc5N2YvMjIxNmY3MzBkYzU1OWI4YjkwNDIxZjVjZGI2NTQzOTJlMzg2ZWJh
Ni5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAmBggrBgEFBQcBBwEB/wQX
MBUwEwQCAAEwDQMEALMAFAMFBrMAFkAwDQYJKoZIhvcNAQELBQADggEBADJMxx82
MplNKG4+LNJaPT1FBy9TdfSAWHA9fuosCQdFokayFCUqpUCvgF54Shf8t1PYAvOG
cbtHRal6G5AqeFiqVrfYv6R+jv15YcMkSjdhls0PZNJwzt/RbGFcvqKMAqJxJcBJ
FY2VaSNtiXJaByWDXFyQBp5WEtiXwxXlKIKpTDUJ50eS2icBbpIWreap2k6365Dx
17MOdz7Q/3dqWJXhrah95hzrLzj5wloIPJ0VrjSnRpz5NwnSUd8Tuvac7Sq7W1Ca
vYml2hsS7DHUC3NdSrCqol5Xsdf+H1bBjsQhIB6GRvMPV0hOi2vqWUxCTDLnSMUF
Ho293PBaQ0+F9gc=
-----END CERTIFICATE-----
Generated at Thu Mar 28 08:12:33 2024 by rpki-client on console-ams.rpki-client.org