Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/d77024a0-3ba0-40cf-aa99-add6c761a78c/98c983e4fc3706bb602854f193497b284127443f.roa
File:                     98c983e4fc3706bb602854f193497b284127443f.roa (raw, json)
Hash identifier:          PWAAjBpvii8obJ+tgE5Ixj4mUl8kmv1YNf9DBJdHMwc=
Subject key identifier:   74:74:42:6F:DD:F9:46:5C:08:98:43:2E:F3:8F:97:69:38:37:26:42
Certificate issuer:       /CN=6580f34afc7743eafec378652f0294590304094f
Certificate serial:       034406
Authority key identifier: 5B:25:34:CF:12:94:F8:A1:30:8D:84:36:1A:21:7B:19:AF:8A:3B:7A
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/6580f34afc7743eafec378652f0294590304094f.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/d77024a0-3ba0-40cf-aa99-add6c761a78c/98c983e4fc3706bb602854f193497b284127443f.roa
Signing time:             Wed 24 Mar 2021 14:30:31 +0000
ROA not before:           Wed 24 Mar 2021 14:30:31 +0000
ROA not after:            Tue 24 Mar 2026 14:30:31 +0000
asID:                     27983
IP address blocks:        45.161.132.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/d77024a0-3ba0-40cf-aa99-add6c761a78c/6580f34afc7743eafec378652f0294590304094f.crl
                          rsync://repository.lacnic.net/rpki/lacnic/d77024a0-3ba0-40cf-aa99-add6c761a78c/6580f34afc7743eafec378652f0294590304094f.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/6580f34afc7743eafec378652f0294590304094f.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 01 Apr 2024 05:58:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 214022 (0x34406)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6580f34afc7743eafec378652f0294590304094f
        Validity
            Not Before: Mar 24 14:30:31 2021 GMT
            Not After : Mar 24 14:30:31 2026 GMT
        Subject: CN=98c983e4fc3706bb602854f193497b284127443f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:e1:30:72:35:11:75:4d:bb:fe:af:d2:7b:bc:
                    33:12:41:18:7e:db:08:5a:d7:93:4e:24:f7:35:4c:
                    e9:61:7c:06:24:77:3a:16:44:10:15:9c:ad:fd:2e:
                    e1:84:a1:dd:91:c6:65:95:fc:40:d6:f4:4c:f7:db:
                    b1:14:ba:5c:3c:8c:0e:31:0f:d4:27:47:8c:23:7b:
                    05:40:e9:46:df:ba:1a:aa:e3:3d:96:18:5f:21:18:
                    77:eb:0a:74:19:e2:d0:94:97:71:d0:64:0f:40:3c:
                    71:da:42:7b:06:21:35:07:46:27:e4:6d:29:3b:59:
                    1b:b7:df:eb:f0:02:a8:f2:27:43:38:d9:09:35:97:
                    5a:40:b5:b5:8c:1d:20:2b:7e:93:21:f3:06:c2:0b:
                    5f:b8:e3:3f:60:4d:3b:bd:30:f9:47:4b:95:c3:a5:
                    5c:90:66:87:4a:49:d8:17:e1:04:b1:22:15:f4:44:
                    f1:1b:c6:e8:17:69:87:96:4c:0b:28:99:c2:34:6e:
                    66:bb:18:96:c7:e4:3e:ae:d0:fb:08:bd:c5:0f:08:
                    fb:f8:99:47:cd:06:b2:f1:29:0f:32:de:5f:b9:f1:
                    0e:33:73:59:62:ac:5f:60:0e:35:36:f4:ac:08:79:
                    ad:09:c4:8e:81:8f:15:bf:f4:7b:c7:a7:a1:f2:5e:
                    30:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                74:74:42:6F:DD:F9:46:5C:08:98:43:2E:F3:8F:97:69:38:37:26:42
            X509v3 Authority Key Identifier:
                keyid:5B:25:34:CF:12:94:F8:A1:30:8D:84:36:1A:21:7B:19:AF:8A:3B:7A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/6580f34afc7743eafec378652f0294590304094f.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/d77024a0-3ba0-40cf-aa99-add6c761a78c/98c983e4fc3706bb602854f193497b284127443f.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/d77024a0-3ba0-40cf-aa99-add6c761a78c/6580f34afc7743eafec378652f0294590304094f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.161.132.0/22

    Signature Algorithm: sha256WithRSAEncryption
         93:b7:3d:3c:ae:fc:39:fd:20:09:ca:bb:23:d5:28:c5:9c:33:
         55:5b:5e:5c:ed:ce:61:f4:d5:0c:f6:48:20:37:0f:00:3f:ac:
         d4:e9:1c:97:8a:91:86:f2:d4:bc:d6:0a:ea:cf:88:be:3e:de:
         e5:29:ea:6a:55:21:59:a8:68:13:12:0e:cc:59:92:60:4f:41:
         c6:91:27:a2:2a:06:3f:d8:23:84:1d:ee:f3:62:cb:46:fb:16:
         ad:1f:3d:54:68:2a:5a:95:3d:80:27:51:a3:44:b5:a8:db:6d:
         e1:2d:19:5c:a8:91:91:f7:f3:e8:d2:d0:43:6a:e0:79:f6:59:
         39:9f:cb:74:5b:e7:da:e0:0f:11:38:dc:93:85:55:d8:1b:85:
         a5:4d:8f:e2:09:67:d7:d1:79:d4:42:59:f0:7b:f6:27:91:7d:
         bf:ec:7b:2b:3a:26:70:80:73:41:10:76:89:19:a1:3f:5c:65:
         60:28:89:34:05:64:3b:8c:4a:1a:01:2a:54:0b:2c:ef:fc:8a:
         ef:85:07:e4:56:13:13:66:c2:0e:ad:9a:3e:ca:e6:29:3a:57:
         76:60:f4:f8:ee:57:9f:1f:98:a2:65:f4:b4:4e:32:24:f4:6b:
         fd:1f:f0:f7:7a:93:9f:90:77:70:46:85:76:3a:f6:83:87:82:
         8f:8e:c2:4a
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDA0QGMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDY1
ODBmMzRhZmM3NzQzZWFmZWMzNzg2NTJmMDI5NDU5MDMwNDA5NGYwHhcNMjEwMzI0
MTQzMDMxWhcNMjYwMzI0MTQzMDMxWjAzMTEwLwYDVQQDEyg5OGM5ODNlNGZjMzcw
NmJiNjAyODU0ZjE5MzQ5N2IyODQxMjc0NDNmMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAj+EwcjURdU27/q/Se7wzEkEYftsIWteTTiT3NUzpYXwGJHc6
FkQQFZyt/S7hhKHdkcZllfxA1vRM99uxFLpcPIwOMQ/UJ0eMI3sFQOlG37oaquM9
lhhfIRh36wp0GeLQlJdx0GQPQDxx2kJ7BiE1B0Yn5G0pO1kbt9/r8AKo8idDONkJ
NZdaQLW1jB0gK36TIfMGwgtfuOM/YE07vTD5R0uVw6VckGaHSknYF+EEsSIV9ETx
G8boF2mHlkwLKJnCNG5muxiWx+Q+rtD7CL3FDwj7+JlHzQay8SkPMt5fufEOM3NZ
YqxfYA41NvSsCHmtCcSOgY8Vv/R7x6eh8l4w3QIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFHR0Qm/d+UZcCJhDLvOPl2k4NyZCMB8GA1UdIwQYMBaAFFslNM8SlPihMI2E
Nhohexmvijt6MA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvNjU4MGYz
NGFmYzc3NDNlYWZlYzM3ODY1MmYwMjk0NTkwMzA0MDk0Zi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvZDc3MDI0YTAtM2JhMC00MGNmLWFhOTktYWRkNmM3
NjFhNzhjLzk4Yzk4M2U0ZmMzNzA2YmI2MDI4NTRmMTkzNDk3YjI4NDEyNzQ0M2Yu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9kNzcwMjRhMC0zYmEwLTQwY2YtYWE5OS1hZGQ2
Yzc2MWE3OGMvNjU4MGYzNGFmYzc3NDNlYWZlYzM3ODY1MmYwMjk0NTkwMzA0MDk0
Zi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAi2hhDANBgkqhkiG9w0BAQsFAAOCAQEAk7c9PK78Of0gCcq7
I9UoxZwzVVteXO3OYfTVDPZIIDcPAD+s1Okcl4qRhvLUvNYK6s+Ivj7e5SnqalUh
WahoExIOzFmSYE9BxpEnoioGP9gjhB3u82LLRvsWrR89VGgqWpU9gCdRo0S1qNtt
4S0ZXKiRkffz6NLQQ2rgefZZOZ/LdFvn2uAPETjck4VV2BuFpU2P4gln19F51EJZ
8Hv2J5F9v+x7KzomcIBzQRB2iRmhP1xlYCiJNAVkO4xKGgEqVAss7/yK74UH5FYT
E2bCDq2aPsrmKTpXdmD0+O5Xnx+YomX0tE4yJPRr/R/w93qTn5B3cEaFdjr2g4eC
j47CSg==
-----END CERTIFICATE-----
Generated at Fri Mar 29 11:05:21 2024 by rpki-client on console-ams.rpki-client.org