Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/d8ed7bc0-daf1-46c8-8e41-73fd916c745a/7f3878c199a8c32435b93fa6a721d7752671e0cd.roa
File:                     7f3878c199a8c32435b93fa6a721d7752671e0cd.roa (raw, json)
Hash identifier:          hmaFAE1JM55g/DSTsYcO2aei/z+s9y80li7qeOQBRUQ=
Subject key identifier:   1C:63:03:2C:BC:75:43:EB:D6:9D:68:F2:07:C6:32:86:1D:10:73:F5
Certificate issuer:       /CN=227fd99f85ce60d1b1b511e37e626686b25a57d4
Certificate serial:       06CD87
Authority key identifier: 25:59:35:6D:11:35:FC:54:3C:F0:65:CA:2F:CC:FF:B4:60:54:75:08
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/227fd99f85ce60d1b1b511e37e626686b25a57d4.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/d8ed7bc0-daf1-46c8-8e41-73fd916c745a/7f3878c199a8c32435b93fa6a721d7752671e0cd.roa
Signing time:             Wed 24 Mar 2021 14:31:32 +0000
ROA not before:           Wed 24 Mar 2021 14:31:32 +0000
ROA not after:            Tue 24 Mar 2026 14:31:32 +0000
asID:                     267854
IP address blocks:        45.176.194.0/23 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/d8ed7bc0-daf1-46c8-8e41-73fd916c745a/227fd99f85ce60d1b1b511e37e626686b25a57d4.crl
                          rsync://repository.lacnic.net/rpki/lacnic/d8ed7bc0-daf1-46c8-8e41-73fd916c745a/227fd99f85ce60d1b1b511e37e626686b25a57d4.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/227fd99f85ce60d1b1b511e37e626686b25a57d4.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 00:32:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 445831 (0x6cd87)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=227fd99f85ce60d1b1b511e37e626686b25a57d4
        Validity
            Not Before: Mar 24 14:31:32 2021 GMT
            Not After : Mar 24 14:31:32 2026 GMT
        Subject: CN=7f3878c199a8c32435b93fa6a721d7752671e0cd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:1b:47:5a:74:59:e9:e1:ff:30:da:e2:b3:9e:
                    a7:05:f1:7c:97:e3:85:bf:5a:31:27:49:2d:e7:2b:
                    39:0c:cb:86:16:77:21:1e:44:0d:1e:e1:cd:22:08:
                    5a:35:dd:8c:10:44:4e:00:93:f3:f8:40:53:82:06:
                    79:ff:d3:bf:5d:da:39:f9:da:e6:7a:85:a2:f2:34:
                    d8:15:c4:14:e4:0d:47:72:22:d0:95:cc:0c:c5:43:
                    ea:bc:f8:48:b0:3b:a5:f7:5f:db:45:f2:a7:c7:1b:
                    1a:e9:b1:4e:34:e5:95:34:db:e3:89:ce:70:a1:c7:
                    74:cc:bf:be:7a:87:39:cc:35:89:82:32:7f:5f:3b:
                    f6:83:96:96:9f:f9:a7:88:f3:a0:03:8c:4d:f6:6c:
                    7c:3a:92:68:8b:f0:3a:f7:7e:39:64:9b:5c:f4:0f:
                    9e:44:e8:30:bf:d6:f5:92:b0:74:09:d2:c7:85:04:
                    47:bd:c7:e3:5c:9d:48:95:66:e0:57:24:de:af:0c:
                    6f:81:eb:db:a9:2d:55:f0:14:c6:d5:c4:a4:be:09:
                    d6:60:83:61:e2:5c:a6:ab:51:3e:1d:a0:ca:d5:36:
                    7c:88:0a:a1:4d:c5:f9:d2:7d:89:b7:08:58:f8:d5:
                    82:1b:d2:d4:6c:c3:e7:3e:49:ec:0b:19:8d:76:e5:
                    29:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1C:63:03:2C:BC:75:43:EB:D6:9D:68:F2:07:C6:32:86:1D:10:73:F5
            X509v3 Authority Key Identifier:
                keyid:25:59:35:6D:11:35:FC:54:3C:F0:65:CA:2F:CC:FF:B4:60:54:75:08

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/227fd99f85ce60d1b1b511e37e626686b25a57d4.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/d8ed7bc0-daf1-46c8-8e41-73fd916c745a/7f3878c199a8c32435b93fa6a721d7752671e0cd.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/d8ed7bc0-daf1-46c8-8e41-73fd916c745a/227fd99f85ce60d1b1b511e37e626686b25a57d4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.176.194.0/23

    Signature Algorithm: sha256WithRSAEncryption
         24:41:a2:9b:06:b8:d2:84:f8:8f:0e:37:4b:63:41:c3:2f:25:
         2f:92:60:af:e5:7c:ae:18:96:a2:79:90:6a:b3:84:6a:08:0e:
         b0:e1:35:59:fe:8f:3e:19:55:42:b3:33:dc:8d:3f:a0:f3:fe:
         aa:ea:ac:bc:a0:f8:d0:40:9f:0c:2a:81:90:3c:69:6a:1a:e2:
         49:c0:91:41:5f:d4:91:77:84:7f:62:8b:ad:28:48:fe:b6:10:
         83:bd:1f:4d:c6:9b:f8:1c:3a:39:0c:6e:ea:c6:51:e7:66:24:
         ae:be:cc:ab:97:87:bb:7d:dd:b7:3c:19:7e:79:45:f0:e5:80:
         20:1d:e8:3c:6a:4c:6f:a0:97:98:8d:60:dd:89:d3:c5:3b:dd:
         28:0b:21:37:3c:31:75:14:cb:e7:4d:a6:d1:a0:ce:d9:0a:78:
         c3:56:b0:8b:eb:6c:67:81:b1:86:2b:98:ef:e3:01:61:2f:4a:
         6b:89:c3:db:30:e5:e8:98:e1:75:60:fe:dc:88:c1:81:f3:70:
         fc:7a:b4:72:a5:2d:dd:5f:73:a8:c1:29:ef:82:59:00:03:af:
         8e:25:c6:19:3a:22:f6:4e:87:bd:31:86:4b:2f:27:6c:f4:f5:
         2b:c9:ab:2b:07:13:d3:74:e8:53:cc:2c:ad:4c:db:46:66:da:
         ca:57:08:21
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDBs2HMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDIy
N2ZkOTlmODVjZTYwZDFiMWI1MTFlMzdlNjI2Njg2YjI1YTU3ZDQwHhcNMjEwMzI0
MTQzMTMyWhcNMjYwMzI0MTQzMTMyWjAzMTEwLwYDVQQDEyg3ZjM4NzhjMTk5YThj
MzI0MzViOTNmYTZhNzIxZDc3NTI2NzFlMGNkMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAtxtHWnRZ6eH/MNris56nBfF8l+OFv1oxJ0kt5ys5DMuGFnch
HkQNHuHNIghaNd2MEEROAJPz+EBTggZ5/9O/Xdo5+drmeoWi8jTYFcQU5A1HciLQ
lcwMxUPqvPhIsDul91/bRfKnxxsa6bFONOWVNNvjic5wocd0zL++eoc5zDWJgjJ/
Xzv2g5aWn/mniPOgA4xN9mx8OpJoi/A69345ZJtc9A+eROgwv9b1krB0CdLHhQRH
vcfjXJ1IlWbgVyTerwxvgevbqS1V8BTG1cSkvgnWYINh4lymq1E+HaDK1TZ8iAqh
TcX50n2JtwhY+NWCG9LUbMPnPknsCxmNduUpSQIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFBxjAyy8dUPr1p1o8gfGMoYdEHP1MB8GA1UdIwQYMBaAFCVZNW0RNfxUPPBl
yi/M/7RgVHUIMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvMjI3ZmQ5
OWY4NWNlNjBkMWIxYjUxMWUzN2U2MjY2ODZiMjVhNTdkNC5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvZDhlZDdiYzAtZGFmMS00NmM4LThlNDEtNzNmZDkx
NmM3NDVhLzdmMzg3OGMxOTlhOGMzMjQzNWI5M2ZhNmE3MjFkNzc1MjY3MWUwY2Qu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9kOGVkN2JjMC1kYWYxLTQ2YzgtOGU0MS03M2Zk
OTE2Yzc0NWEvMjI3ZmQ5OWY4NWNlNjBkMWIxYjUxMWUzN2U2MjY2ODZiMjVhNTdk
NC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAS2wwjANBgkqhkiG9w0BAQsFAAOCAQEAJEGimwa40oT4jw43
S2NBwy8lL5Jgr+V8rhiWonmQarOEaggOsOE1Wf6PPhlVQrMz3I0/oPP+quqsvKD4
0ECfDCqBkDxpahriScCRQV/UkXeEf2KLrShI/rYQg70fTcab+Bw6OQxu6sZR52Yk
rr7Mq5eHu33dtzwZfnlF8OWAIB3oPGpMb6CXmI1g3YnTxTvdKAshNzwxdRTL502m
0aDO2Qp4w1awi+tsZ4GxhiuY7+MBYS9Ka4nD2zDl6JjhdWD+3IjBgfNw/Hq0cqUt
3V9zqMEp74JZAAOvjiXGGToi9k6HvTGGSy8nbPT1K8mrKwcT03ToU8wsrUzbRmba
ylcIIQ==
-----END CERTIFICATE-----
Generated at Thu Mar 28 02:04:32 2024 by rpki-client on console-ams.rpki-client.org