Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/d2d60855-e1f4-4e6d-bcca-f9c002017bac/cca04ec15ab678370fb1ac8000d17dbb9282d779.roa
File:                     cca04ec15ab678370fb1ac8000d17dbb9282d779.roa (raw, json)
Hash identifier:          ZpIAFh2pI/VuoYL2YrmvNNXjAy1FzCkNwuUQjK+z9eg=
Subject key identifier:   34:6C:60:ED:3F:57:3E:71:0F:8F:74:32:6C:15:AA:02:8E:E1:C5:61
Certificate issuer:       /CN=a0a9fce8cb929134f597a155d408f5064261fb6f
Certificate serial:       192EF3
Authority key identifier: 21:1F:63:1A:59:65:91:1D:B2:3C:59:48:0C:93:95:CF:5E:21:6D:3C
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/a0a9fce8cb929134f597a155d408f5064261fb6f.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/d2d60855-e1f4-4e6d-bcca-f9c002017bac/cca04ec15ab678370fb1ac8000d17dbb9282d779.roa
Signing time:             Mon 11 Jul 2022 19:55:19 +0000
ROA not before:           Wed 24 Mar 2021 03:00:00 +0000
ROA not after:            Tue 24 Mar 2026 03:00:00 +0000
asID:                     11058
IP address blocks:        179.0.14.0/24 maxlen: 24
                          200.13.42.0/23 maxlen: 24
                          200.13.42.0/24 maxlen: 24
                          200.13.43.0/24 maxlen: 24
                          200.33.82.0/24 maxlen: 24
                          2801:0:440::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/d2d60855-e1f4-4e6d-bcca-f9c002017bac/a0a9fce8cb929134f597a155d408f5064261fb6f.crl
                          rsync://repository.lacnic.net/rpki/lacnic/d2d60855-e1f4-4e6d-bcca-f9c002017bac/a0a9fce8cb929134f597a155d408f5064261fb6f.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/a0a9fce8cb929134f597a155d408f5064261fb6f.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 03:49:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1650419 (0x192ef3)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a0a9fce8cb929134f597a155d408f5064261fb6f
        Validity
            Not Before: Mar 24 03:00:00 2021 GMT
            Not After : Mar 24 03:00:00 2026 GMT
        Subject: CN=cca04ec15ab678370fb1ac8000d17dbb9282d779
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:57:48:1a:3d:55:8d:39:90:50:aa:f3:6a:b2:
                    3c:c2:9b:8b:9e:86:81:85:0e:d7:07:29:62:2b:12:
                    10:ca:a1:21:5c:7a:b4:93:0d:e8:6e:86:0a:da:9d:
                    ef:7d:f5:b4:58:aa:04:4c:81:1d:79:23:26:6d:52:
                    a8:fb:bf:7d:8b:a5:28:24:63:49:1d:02:5c:eb:a9:
                    83:85:49:8e:08:5e:b8:cb:9d:a2:9b:69:51:7d:ba:
                    38:7f:2a:01:85:2f:73:ec:73:98:31:bb:02:e9:e4:
                    c2:eb:e6:5b:97:ca:7d:23:45:e9:d2:52:b6:5a:fb:
                    30:13:cf:29:f3:92:57:25:23:43:68:84:84:04:8a:
                    1a:ca:19:62:c1:19:35:25:c8:e3:d4:06:b4:ca:30:
                    42:16:c0:9b:8b:31:7b:b5:3c:8a:9b:82:87:90:fc:
                    59:1f:9a:40:64:df:7c:aa:fe:24:23:de:4d:25:84:
                    20:41:21:e9:b1:d4:66:02:0c:4e:98:50:3e:29:92:
                    21:45:b5:f1:93:23:b6:db:64:56:50:a9:d2:85:1b:
                    97:09:3f:40:5d:e3:c7:29:31:73:e2:5b:22:17:bc:
                    de:a9:2c:63:f4:2d:ba:f0:f5:c7:36:da:be:97:07:
                    fb:6b:d2:ce:d1:54:47:58:2f:73:b9:40:89:db:81:
                    50:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                34:6C:60:ED:3F:57:3E:71:0F:8F:74:32:6C:15:AA:02:8E:E1:C5:61
            X509v3 Authority Key Identifier:
                keyid:21:1F:63:1A:59:65:91:1D:B2:3C:59:48:0C:93:95:CF:5E:21:6D:3C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/a0a9fce8cb929134f597a155d408f5064261fb6f.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/d2d60855-e1f4-4e6d-bcca-f9c002017bac/cca04ec15ab678370fb1ac8000d17dbb9282d779.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/d2d60855-e1f4-4e6d-bcca-f9c002017bac/a0a9fce8cb929134f597a155d408f5064261fb6f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  179.0.14.0/24
                  200.13.42.0/23
                  200.33.82.0/24
                IPv6:
                  2801:0:440::/48

    Signature Algorithm: sha256WithRSAEncryption
         a5:79:18:5d:62:aa:02:99:08:fa:4c:a9:84:27:d0:08:65:7e:
         8b:b2:00:1a:d2:10:1a:eb:57:65:14:28:34:4d:65:a8:a1:1d:
         a1:a0:78:26:20:76:01:b1:38:26:d6:a1:4b:0c:c8:10:4f:e8:
         47:aa:30:e2:c4:fe:5d:4d:36:e5:44:5b:09:50:d2:91:b4:7d:
         38:0b:7d:51:65:f9:2a:92:b7:15:76:0d:5c:9e:d9:cb:01:ff:
         ac:a0:a9:af:3b:7a:1a:8f:dd:c6:8c:16:c3:fa:11:13:15:8a:
         c4:71:51:c1:c1:47:dc:46:47:6c:be:1e:d9:09:7d:96:17:df:
         38:23:bc:50:ab:d8:7f:ee:11:a1:07:8c:f1:9c:b6:95:d6:35:
         22:87:78:57:2d:08:57:d6:59:eb:11:d8:34:8f:c4:13:08:07:
         37:42:6a:1c:10:c5:91:39:bc:b0:55:1c:f2:28:35:91:8d:5d:
         bf:fe:8b:fb:48:e5:67:09:cc:ae:46:1b:74:28:41:af:03:61:
         7f:47:b3:31:d6:3b:ab:08:34:85:1c:a6:16:d0:16:eb:44:4f:
         9c:d7:22:5d:e8:58:95:6e:79:3a:14:6c:b2:fb:7c:fa:d0:cf:
         cb:ee:f5:c5:ce:b9:d7:91:9c:09:af:11:d7:e4:b7:71:b0:f3:
         ab:7d:22:ef
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIDGS7zMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGEw
YTlmY2U4Y2I5MjkxMzRmNTk3YTE1NWQ0MDhmNTA2NDI2MWZiNmYwHhcNMjEwMzI0
MDMwMDAwWhcNMjYwMzI0MDMwMDAwWjAzMTEwLwYDVQQDEyhjY2EwNGVjMTVhYjY3
ODM3MGZiMWFjODAwMGQxN2RiYjkyODJkNzc5MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAxldIGj1VjTmQUKrzarI8wpuLnoaBhQ7XByliKxIQyqEhXHq0
kw3oboYK2p3vffW0WKoETIEdeSMmbVKo+799i6UoJGNJHQJc66mDhUmOCF64y52i
m2lRfbo4fyoBhS9z7HOYMbsC6eTC6+Zbl8p9I0Xp0lK2WvswE88p85JXJSNDaISE
BIoayhliwRk1Jcjj1Aa0yjBCFsCbizF7tTyKm4KHkPxZH5pAZN98qv4kI95NJYQg
QSHpsdRmAgxOmFA+KZIhRbXxkyO222RWUKnShRuXCT9AXePHKTFz4lsiF7zeqSxj
9C268PXHNtq+lwf7a9LO0VRHWC9zuUCJ24FQDQIDAQABo4ICeDCCAnQwHQYDVR0O
BBYEFDRsYO0/Vz5xD490MmwVqgKO4cVhMB8GA1UdIwQYMBaAFCEfYxpZZZEdsjxZ
SAyTlc9eIW08MA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYTBhOWZj
ZThjYjkyOTEzNGY1OTdhMTU1ZDQwOGY1MDY0MjYxZmI2Zi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvZDJkNjA4NTUtZTFmNC00ZTZkLWJjY2EtZjljMDAy
MDE3YmFjL2NjYTA0ZWMxNWFiNjc4MzcwZmIxYWM4MDAwZDE3ZGJiOTI4MmQ3Nzku
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9kMmQ2MDg1NS1lMWY0LTRlNmQtYmNjYS1mOWMw
MDIwMTdiYWMvYTBhOWZjZThjYjkyOTEzNGY1OTdhMTU1ZDQwOGY1MDY0MjYxZmI2
Zi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA8BggrBgEFBQcBBwEB/wQt
MCswGAQCAAEwEgMEALMADgMEAcgNKgMEAMghUjAPBAIAAjAJAwcAKAEAAARAMA0G
CSqGSIb3DQEBCwUAA4IBAQCleRhdYqoCmQj6TKmEJ9AIZX6LsgAa0hAa61dlFCg0
TWWooR2hoHgmIHYBsTgm1qFLDMgQT+hHqjDixP5dTTblRFsJUNKRtH04C31RZfkq
krcVdg1cntnLAf+soKmvO3oaj93GjBbD+hETFYrEcVHBwUfcRkdsvh7ZCX2WF984
I7xQq9h/7hGhB4zxnLaV1jUih3hXLQhX1lnrEdg0j8QTCAc3QmocEMWRObywVRzy
KDWRjV2//ov7SOVnCcyuRht0KEGvA2F/R7Mx1jurCDSFHKYW0BbrRE+c1yJd6FiV
bnk6FGyy+3z60M/L7vXFzrnXkZwJrxHX5LdxsPOrfSLv
-----END CERTIFICATE-----
Generated at Thu Mar 28 11:18:02 2024 by rpki-client on console-fra.rpki-client.org