Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/d6fc4ed0-e134-4842-83f1-3335a359c030/27c3b18cd0c961714c39893f45d04c5ee9589946.roa
File:                     27c3b18cd0c961714c39893f45d04c5ee9589946.roa (raw, json)
Hash identifier:          eaAwGYS4eP9bIu9vtFC4TMjyPhB1Ahnm/ZQqEHPCTFI=
Subject key identifier:   36:E7:04:B4:F2:A1:AD:D6:2F:BD:08:28:CA:4B:31:36:97:E4:89:2D
Certificate issuer:       /CN=8f1cc87626264ef5304bffeed66698e0701024c7
Certificate serial:       0B987E
Authority key identifier: D8:7E:11:FD:20:39:2F:86:6D:9E:E3:74:95:D7:F6:8F:DA:EF:A6:DA
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/8f1cc87626264ef5304bffeed66698e0701024c7.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/d6fc4ed0-e134-4842-83f1-3335a359c030/27c3b18cd0c961714c39893f45d04c5ee9589946.roa
Signing time:             Wed 24 Mar 2021 14:30:08 +0000
ROA not before:           Wed 24 Mar 2021 14:30:08 +0000
ROA not after:            Tue 24 Mar 2026 14:30:08 +0000
asID:                     52496
IP address blocks:        179.42.160.0/21 maxlen: 24
                          2803:7480::/32 maxlen: 48

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/d6fc4ed0-e134-4842-83f1-3335a359c030/8f1cc87626264ef5304bffeed66698e0701024c7.crl
                          rsync://repository.lacnic.net/rpki/lacnic/d6fc4ed0-e134-4842-83f1-3335a359c030/8f1cc87626264ef5304bffeed66698e0701024c7.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/8f1cc87626264ef5304bffeed66698e0701024c7.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 12:22:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 759934 (0xb987e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8f1cc87626264ef5304bffeed66698e0701024c7
        Validity
            Not Before: Mar 24 14:30:08 2021 GMT
            Not After : Mar 24 14:30:08 2026 GMT
        Subject: CN=27c3b18cd0c961714c39893f45d04c5ee9589946
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:cb:f2:9b:25:1f:45:f3:b3:2b:0c:28:fe:51:
                    f5:ab:c9:65:24:4a:58:c7:1d:21:60:dc:83:38:3d:
                    4c:ce:6a:6d:42:a9:84:d3:7c:49:9c:c5:c3:b1:83:
                    2f:28:d9:42:77:3e:2c:16:b2:87:b6:40:9a:87:ab:
                    4f:e9:c2:f3:6d:1e:1f:87:d6:5d:8b:78:f5:c6:0b:
                    f7:04:ec:de:2b:d4:52:29:d8:b0:44:39:87:e8:7c:
                    50:5e:db:18:e2:19:77:10:5f:20:ce:51:fe:80:e8:
                    ea:59:60:29:db:e7:1e:7a:62:cb:95:0e:a0:88:91:
                    1f:dc:db:85:8d:3d:13:7d:2a:d9:0f:7c:08:4d:b3:
                    77:1a:59:76:a0:0f:e8:97:cb:31:70:32:dc:d2:d1:
                    6f:37:b6:be:72:ff:39:0b:3e:25:68:0d:3b:a0:8e:
                    58:2b:c5:a2:d2:08:4a:29:5a:c8:02:b9:0c:b3:04:
                    17:bc:e2:aa:7b:ae:7e:78:0c:9b:b8:d3:92:83:fd:
                    62:6c:09:f7:01:fb:c7:e5:fe:3f:7f:5f:04:31:cf:
                    3d:a8:69:2a:02:f7:3b:61:48:8e:b3:1f:0d:cd:a5:
                    81:a7:7b:75:e9:58:55:66:3e:6e:e6:ba:64:7a:2a:
                    6c:28:74:31:10:a4:1b:6f:87:0f:2f:82:5e:88:89:
                    8f:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                36:E7:04:B4:F2:A1:AD:D6:2F:BD:08:28:CA:4B:31:36:97:E4:89:2D
            X509v3 Authority Key Identifier:
                keyid:D8:7E:11:FD:20:39:2F:86:6D:9E:E3:74:95:D7:F6:8F:DA:EF:A6:DA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/8f1cc87626264ef5304bffeed66698e0701024c7.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/d6fc4ed0-e134-4842-83f1-3335a359c030/27c3b18cd0c961714c39893f45d04c5ee9589946.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/d6fc4ed0-e134-4842-83f1-3335a359c030/8f1cc87626264ef5304bffeed66698e0701024c7.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  179.42.160.0/21
                IPv6:
                  2803:7480::/32

    Signature Algorithm: sha256WithRSAEncryption
         1d:07:a5:4d:b1:de:c1:88:c2:ef:df:b9:1c:6d:12:6b:c9:1c:
         c5:60:fb:73:1e:6b:c8:eb:ba:98:46:88:ff:03:b0:99:9b:36:
         21:c4:06:e7:52:08:4e:ba:c3:5b:f3:42:20:0c:d2:3b:33:da:
         62:4c:00:4d:80:3f:1b:50:da:56:6c:2e:df:dd:d8:da:38:fe:
         d0:18:02:f8:be:8a:fc:c2:aa:03:48:54:46:fe:69:6f:ba:2a:
         40:10:f1:88:36:8d:eb:50:eb:1c:9b:41:64:da:f0:d7:34:b6:
         36:07:4c:c7:8f:4c:85:bd:8f:02:19:13:8e:8b:47:05:5f:c2:
         39:b5:37:06:9f:c9:96:43:de:9e:e3:1c:c9:6c:1f:b4:34:58:
         bf:fe:96:a1:cc:71:cf:a0:8f:71:a4:ba:36:7b:42:13:50:29:
         ce:6f:f8:fd:76:f1:43:49:a6:f4:33:ae:52:de:5a:63:d4:ec:
         5d:9e:4d:75:ff:5c:fd:0d:12:6f:73:66:66:3b:72:05:f8:74:
         ac:c6:90:39:3c:27:51:8e:03:51:e0:51:4e:a7:06:84:1e:c4:
         b2:57:cf:04:d1:34:c5:ef:e6:fc:dc:d0:3f:9b:99:88:6d:11:
         14:8e:7b:6c:2b:6c:17:b9:0d:e2:30:b5:a7:c0:b9:64:6c:12:
         23:22:20:f8
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgIDC5h+MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDhm
MWNjODc2MjYyNjRlZjUzMDRiZmZlZWQ2NjY5OGUwNzAxMDI0YzcwHhcNMjEwMzI0
MTQzMDA4WhcNMjYwMzI0MTQzMDA4WjAzMTEwLwYDVQQDEygyN2MzYjE4Y2QwYzk2
MTcxNGMzOTg5M2Y0NWQwNGM1ZWU5NTg5OTQ2MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAjsvymyUfRfOzKwwo/lH1q8llJEpYxx0hYNyDOD1MzmptQqmE
03xJnMXDsYMvKNlCdz4sFrKHtkCah6tP6cLzbR4fh9Zdi3j1xgv3BOzeK9RSKdiw
RDmH6HxQXtsY4hl3EF8gzlH+gOjqWWAp2+ceemLLlQ6giJEf3NuFjT0TfSrZD3wI
TbN3Gll2oA/ol8sxcDLc0tFvN7a+cv85Cz4laA07oI5YK8Wi0ghKKVrIArkMswQX
vOKqe65+eAybuNOSg/1ibAn3AfvH5f4/f18EMc89qGkqAvc7YUiOsx8NzaWBp3t1
6VhVZj5u5rpkeipsKHQxEKQbb4cPL4JeiImPkwIDAQABo4ICajCCAmYwHQYDVR0O
BBYEFDbnBLTyoa3WL70IKMpLMTaX5IktMB8GA1UdIwQYMBaAFNh+Ef0gOS+GbZ7j
dJXX9o/a76baMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvOGYxY2M4
NzYyNjI2NGVmNTMwNGJmZmVlZDY2Njk4ZTA3MDEwMjRjNy5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvZDZmYzRlZDAtZTEzNC00ODQyLTgzZjEtMzMzNWEz
NTljMDMwLzI3YzNiMThjZDBjOTYxNzE0YzM5ODkzZjQ1ZDA0YzVlZTk1ODk5NDYu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9kNmZjNGVkMC1lMTM0LTQ4NDItODNmMS0zMzM1
YTM1OWMwMzAvOGYxY2M4NzYyNjI2NGVmNTMwNGJmZmVlZDY2Njk4ZTA3MDEwMjRj
Ny5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQf
MB0wDAQCAAEwBgMEA7MqoDANBAIAAjAHAwUAKAN0gDANBgkqhkiG9w0BAQsFAAOC
AQEAHQelTbHewYjC79+5HG0Sa8kcxWD7cx5ryOu6mEaI/wOwmZs2IcQG51IITrrD
W/NCIAzSOzPaYkwATYA/G1DaVmwu393Y2jj+0BgC+L6K/MKqA0hURv5pb7oqQBDx
iDaN61DrHJtBZNrw1zS2NgdMx49Mhb2PAhkTjotHBV/CObU3Bp/JlkPenuMcyWwf
tDRYv/6Wocxxz6CPcaS6NntCE1Apzm/4/XbxQ0mm9DOuUt5aY9TsXZ5Ndf9c/Q0S
b3NmZjtyBfh0rMaQOTwnUY4DUeBRTqcGhB7EslfPBNE0xe/m/NzQP5uZiG0RFI57
bCtsF7kN4jC1p8C5ZGwSIyIg+A==
-----END CERTIFICATE-----
Generated at Thu Mar 28 16:04:24 2024 by rpki-client on console-ams.rpki-client.org