Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/d6e1048a-93ca-438a-a436-81d815ef04d1/5873a8e41ace706cd1d7dd5702afb44e141334d0.roa
File:                     5873a8e41ace706cd1d7dd5702afb44e141334d0.roa (raw, json)
Hash identifier:          gA25awR1ZtIY2XzpQbr0QYpfJXJMuv33KKwKYxSh7yY=
Subject key identifier:   1B:51:47:A8:7E:AD:FE:A6:A9:D6:4A:D6:10:11:75:A5:3B:40:DB:DD
Certificate issuer:       /CN=4765b8b9f74b776a4e530fc87f986c651911f727
Certificate serial:       14019C
Authority key identifier: F4:12:7B:B5:12:E1:E7:AD:72:EB:3D:00:A4:C7:53:40:07:04:38:06
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/4765b8b9f74b776a4e530fc87f986c651911f727.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/d6e1048a-93ca-438a-a436-81d815ef04d1/5873a8e41ace706cd1d7dd5702afb44e141334d0.roa
Signing time:             Wed 30 Nov 2022 21:07:21 +0000
ROA not before:           Mon 28 Nov 2022 21:04:55 +0000
ROA not after:            Sat 30 Nov 2024 21:04:55 +0000
asID:                     264754
IP address blocks:        168.194.142.0/23 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/d6e1048a-93ca-438a-a436-81d815ef04d1/4765b8b9f74b776a4e530fc87f986c651911f727.crl
                          rsync://repository.lacnic.net/rpki/lacnic/d6e1048a-93ca-438a-a436-81d815ef04d1/4765b8b9f74b776a4e530fc87f986c651911f727.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/4765b8b9f74b776a4e530fc87f986c651911f727.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 03:49:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1311132 (0x14019c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4765b8b9f74b776a4e530fc87f986c651911f727
        Validity
            Not Before: Nov 28 21:04:55 2022 GMT
            Not After : Nov 30 21:04:55 2024 GMT
        Subject: CN=5873a8e41ace706cd1d7dd5702afb44e141334d0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:6a:2d:7a:f6:68:d0:7a:9d:a1:7b:3c:65:fc:
                    a8:b6:dd:a3:5a:b5:27:d6:80:0b:34:3f:bd:64:bf:
                    70:e5:94:83:34:4d:c5:7e:3f:1d:be:e9:94:b3:e3:
                    7a:1e:1d:20:54:71:74:51:45:d7:15:91:a6:4d:66:
                    f4:4e:37:41:60:de:de:9e:e3:16:12:af:1a:c5:72:
                    0a:6e:62:a1:f5:72:bd:4b:2b:bc:0d:90:f2:ad:c7:
                    77:1a:71:80:d2:f2:ed:bd:b1:36:1c:59:78:86:e0:
                    cc:73:97:af:ae:9e:3f:a6:78:89:7c:30:18:51:48:
                    00:1c:52:27:35:7f:05:0c:9d:18:44:71:2f:6e:4d:
                    26:ac:bb:3b:6c:92:b6:39:6f:39:d8:62:8e:56:34:
                    84:12:25:4f:70:07:9b:95:a6:9e:3b:91:fe:ae:86:
                    cd:fb:22:0d:34:0d:e1:c0:15:25:75:d1:ac:26:54:
                    d3:38:fb:3f:9a:6c:dc:7e:cd:55:f5:ad:b8:c7:fd:
                    19:12:87:75:42:d6:7f:c3:5a:20:c1:a9:5d:e5:2f:
                    ed:5c:3a:20:73:e5:95:c7:e7:28:a5:7d:e9:2f:d3:
                    41:a8:d2:d7:30:b0:27:f9:18:a7:7a:b6:d0:4d:dc:
                    fd:23:de:f7:a5:cc:a0:a9:4a:ec:bf:37:5e:30:fe:
                    58:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1B:51:47:A8:7E:AD:FE:A6:A9:D6:4A:D6:10:11:75:A5:3B:40:DB:DD
            X509v3 Authority Key Identifier:
                keyid:F4:12:7B:B5:12:E1:E7:AD:72:EB:3D:00:A4:C7:53:40:07:04:38:06

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/4765b8b9f74b776a4e530fc87f986c651911f727.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/d6e1048a-93ca-438a-a436-81d815ef04d1/5873a8e41ace706cd1d7dd5702afb44e141334d0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/d6e1048a-93ca-438a-a436-81d815ef04d1/4765b8b9f74b776a4e530fc87f986c651911f727.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  168.194.142.0/23

    Signature Algorithm: sha256WithRSAEncryption
         1a:07:48:8e:bb:0e:03:1d:7e:e7:ee:27:a9:5d:dd:2e:42:98:
         4a:b7:59:17:31:aa:08:3f:a8:16:73:8d:b5:3b:27:d9:83:d6:
         16:c3:a7:98:59:95:f8:f4:dc:1d:a4:23:cc:a7:27:c9:41:b9:
         99:e9:fd:9d:70:86:bd:10:c4:5b:b5:b1:2f:5d:fd:b4:fa:0a:
         f6:ce:b8:66:ac:ae:ee:62:c7:0c:ee:69:d4:87:c1:33:68:64:
         22:57:da:ca:fb:f4:1c:7c:3f:58:b4:12:1b:ca:bc:67:a8:45:
         57:76:7b:ab:96:25:aa:3b:56:1c:ca:e6:6c:55:0c:9e:05:b1:
         2b:c2:40:ce:2e:8b:4f:58:a2:bd:0f:29:87:1c:fb:3e:fa:02:
         8c:50:e8:1e:33:90:2b:a8:e3:51:e8:09:7c:d4:e3:af:a8:cc:
         a5:95:12:d9:20:62:3e:ef:51:25:26:a0:1b:75:65:a7:95:8d:
         f8:3c:bb:e7:04:51:be:ec:73:39:0f:2e:de:21:87:d2:21:d3:
         30:ac:d7:b6:f2:53:d3:54:cc:dc:cc:e8:b0:a9:e3:59:db:76:
         b3:3d:24:4a:e7:78:1f:ad:51:93:44:47:f1:32:d1:ed:37:da:
         4c:4f:a5:9d:46:e9:0b:0b:48:84:9d:28:4d:78:a7:e6:2a:76:
         5a:45:f0:2d
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDFAGcMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDQ3
NjViOGI5Zjc0Yjc3NmE0ZTUzMGZjODdmOTg2YzY1MTkxMWY3MjcwHhcNMjIxMTI4
MjEwNDU1WhcNMjQxMTMwMjEwNDU1WjAzMTEwLwYDVQQDEyg1ODczYThlNDFhY2U3
MDZjZDFkN2RkNTcwMmFmYjQ0ZTE0MTMzNGQwMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAomotevZo0HqdoXs8Zfyott2jWrUn1oALND+9ZL9w5ZSDNE3F
fj8dvumUs+N6Hh0gVHF0UUXXFZGmTWb0TjdBYN7enuMWEq8axXIKbmKh9XK9Syu8
DZDyrcd3GnGA0vLtvbE2HFl4huDMc5evrp4/pniJfDAYUUgAHFInNX8FDJ0YRHEv
bk0mrLs7bJK2OW852GKOVjSEEiVPcAeblaaeO5H+robN+yINNA3hwBUlddGsJlTT
OPs/mmzcfs1V9a24x/0ZEod1QtZ/w1ogwald5S/tXDogc+WVx+copX3pL9NBqNLX
MLAn+RinerbQTdz9I973pcygqUrsvzdeMP5YNQIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFBtRR6h+rf6mqdZK1hARdaU7QNvdMB8GA1UdIwQYMBaAFPQSe7US4eetcus9
AKTHU0AHBDgGMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvNDc2NWI4
YjlmNzRiNzc2YTRlNTMwZmM4N2Y5ODZjNjUxOTExZjcyNy5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvZDZlMTA0OGEtOTNjYS00MzhhLWE0MzYtODFkODE1
ZWYwNGQxLzU4NzNhOGU0MWFjZTcwNmNkMWQ3ZGQ1NzAyYWZiNDRlMTQxMzM0ZDAu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9kNmUxMDQ4YS05M2NhLTQzOGEtYTQzNi04MWQ4
MTVlZjA0ZDEvNDc2NWI4YjlmNzRiNzc2YTRlNTMwZmM4N2Y5ODZjNjUxOTExZjcy
Ny5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAajCjjANBgkqhkiG9w0BAQsFAAOCAQEAGgdIjrsOAx1+5+4n
qV3dLkKYSrdZFzGqCD+oFnONtTsn2YPWFsOnmFmV+PTcHaQjzKcnyUG5men9nXCG
vRDEW7WxL139tPoK9s64Zqyu7mLHDO5p1IfBM2hkIlfayvv0HHw/WLQSG8q8Z6hF
V3Z7q5YlqjtWHMrmbFUMngWxK8JAzi6LT1iivQ8phxz7PvoCjFDoHjOQK6jjUegJ
fNTjr6jMpZUS2SBiPu9RJSagG3Vlp5WN+Dy75wRRvuxzOQ8u3iGH0iHTMKzXtvJT
01TM3MzosKnjWdt2sz0kSud4H61Rk0RH8TLR7TfaTE+lnUbpCwtIhJ0oTXin5ip2
WkXwLQ==
-----END CERTIFICATE-----
Generated at Thu Mar 28 10:47:16 2024 by rpki-client on console-ams.rpki-client.org