Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/d9ad544c-98a5-4e06-ad9e-01cc80b63909/af83f7530557ab35853334df14e8c80249641f86.roa
File:                     af83f7530557ab35853334df14e8c80249641f86.roa (raw, json)
Hash identifier:          uhTof4nd7hmmzTe7DbR5xyDCIORQq26EqpB59g37pRk=
Subject key identifier:   25:15:EC:A1:84:DC:95:5C:23:00:ED:8E:96:5B:53:6A:2F:74:00:9D
Certificate issuer:       /CN=720fdde2333d9be1b9882d4ab7b45c922b6aa16e
Certificate serial:       0C6B38
Authority key identifier: B9:26:6E:10:CE:E9:B4:21:F2:D7:7F:42:80:44:8A:B7:1F:DA:7C:0F
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/720fdde2333d9be1b9882d4ab7b45c922b6aa16e.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/d9ad544c-98a5-4e06-ad9e-01cc80b63909/af83f7530557ab35853334df14e8c80249641f86.roa
Signing time:             Wed 24 Mar 2021 14:34:25 +0000
ROA not before:           Wed 24 Mar 2021 14:34:25 +0000
ROA not after:            Tue 24 Mar 2026 14:34:25 +0000
asID:                     267748
IP address blocks:        167.250.196.0/23 maxlen: 23
                          2803:23a0::/32 maxlen: 32

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/d9ad544c-98a5-4e06-ad9e-01cc80b63909/720fdde2333d9be1b9882d4ab7b45c922b6aa16e.crl
                          rsync://repository.lacnic.net/rpki/lacnic/d9ad544c-98a5-4e06-ad9e-01cc80b63909/720fdde2333d9be1b9882d4ab7b45c922b6aa16e.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/720fdde2333d9be1b9882d4ab7b45c922b6aa16e.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 24 Feb 2024 17:37:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 813880 (0xc6b38)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=720fdde2333d9be1b9882d4ab7b45c922b6aa16e
        Validity
            Not Before: Mar 24 14:34:25 2021 GMT
            Not After : Mar 24 14:34:25 2026 GMT
        Subject: CN=af83f7530557ab35853334df14e8c80249641f86
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:37:ca:c5:df:dc:68:95:aa:83:0a:3a:fb:8f:
                    d5:eb:d0:be:29:7f:20:4d:bd:aa:e0:0f:fd:78:80:
                    49:0a:19:84:7b:a1:76:a1:23:96:42:99:f4:90:0e:
                    eb:a9:65:ef:73:fc:bf:d0:b1:d1:68:aa:09:c6:31:
                    ab:48:df:9e:24:9d:47:b4:a3:92:30:2b:c7:38:60:
                    01:dd:82:43:07:a5:ad:c3:03:6e:be:a0:8f:34:fc:
                    b4:44:95:01:38:19:99:8c:7e:17:66:1c:74:99:6f:
                    61:fb:d0:57:1a:c9:82:43:88:85:f3:c0:5a:3e:f2:
                    f2:c6:47:2b:2b:7e:8d:86:52:d7:aa:3e:f9:cc:20:
                    dc:d9:0a:dc:20:f2:64:3a:f6:42:a5:e2:50:12:db:
                    1b:ce:0c:20:34:d6:48:0d:37:34:10:18:49:8c:1e:
                    83:46:97:3e:ba:7c:49:6f:bb:4f:4d:ac:a7:df:45:
                    01:fb:32:3f:c4:47:4a:61:67:91:d6:d7:e3:0c:c1:
                    89:4d:a7:9a:29:c3:07:74:b0:8f:52:11:9e:60:b7:
                    6d:6d:9b:3d:86:96:88:95:da:76:06:0b:4d:b7:66:
                    b2:e6:72:a0:56:a8:01:9d:0d:e4:87:03:fc:1c:92:
                    b6:e6:66:a7:42:6b:22:0a:cb:cd:97:08:47:8d:a7:
                    6a:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                25:15:EC:A1:84:DC:95:5C:23:00:ED:8E:96:5B:53:6A:2F:74:00:9D
            X509v3 Authority Key Identifier:
                keyid:B9:26:6E:10:CE:E9:B4:21:F2:D7:7F:42:80:44:8A:B7:1F:DA:7C:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/720fdde2333d9be1b9882d4ab7b45c922b6aa16e.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/d9ad544c-98a5-4e06-ad9e-01cc80b63909/af83f7530557ab35853334df14e8c80249641f86.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/d9ad544c-98a5-4e06-ad9e-01cc80b63909/720fdde2333d9be1b9882d4ab7b45c922b6aa16e.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  167.250.196.0/23
                IPv6:
                  2803:23a0::/32

    Signature Algorithm: sha256WithRSAEncryption
         42:ec:04:bd:7e:86:a4:30:21:8f:38:54:60:b5:87:39:ae:df:
         46:0c:63:78:16:10:6c:4b:ab:56:ce:30:c3:d5:2f:e8:e6:20:
         2a:3f:db:f3:61:50:f0:36:11:1f:16:7d:1b:10:0f:52:b5:70:
         f1:e3:a3:21:7d:3e:97:ff:42:18:d2:a8:55:20:bd:5f:a7:64:
         2a:d9:19:07:7a:d9:9a:45:f6:34:b2:ab:9c:f4:a6:c5:d9:5f:
         7e:57:f2:51:85:10:15:25:74:e9:6e:d7:64:2a:97:49:b6:40:
         b9:1e:05:2c:b5:52:62:43:4b:8f:af:6f:6a:65:6f:e0:b5:01:
         30:48:56:77:aa:3f:65:b8:5d:b3:be:c0:df:4c:2f:50:38:ef:
         8a:f0:62:2d:46:20:71:b9:25:91:3e:18:97:a3:a9:23:80:cd:
         7e:f8:cc:00:89:7b:1e:df:b1:a4:0f:fd:5c:89:38:40:2e:e9:
         5e:86:4c:15:53:a5:cf:24:f1:a6:7b:7c:ac:cf:c6:10:99:8e:
         17:6b:3c:5a:34:f6:7e:80:81:d9:92:29:eb:61:45:db:4f:31:
         70:ce:b7:bf:c4:83:6f:e5:05:f7:44:fc:5f:0f:18:e7:fc:9b:
         55:bd:14:0b:fb:70:9a:b6:ea:84:c7:5d:84:f1:23:ff:8e:fa:
         cc:84:0e:68
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgIDDGs4MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDcy
MGZkZGUyMzMzZDliZTFiOTg4MmQ0YWI3YjQ1YzkyMmI2YWExNmUwHhcNMjEwMzI0
MTQzNDI1WhcNMjYwMzI0MTQzNDI1WjAzMTEwLwYDVQQDEyhhZjgzZjc1MzA1NTdh
YjM1ODUzMzM0ZGYxNGU4YzgwMjQ5NjQxZjg2MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA0jfKxd/caJWqgwo6+4/V69C+KX8gTb2q4A/9eIBJChmEe6F2
oSOWQpn0kA7rqWXvc/y/0LHRaKoJxjGrSN+eJJ1HtKOSMCvHOGAB3YJDB6WtwwNu
vqCPNPy0RJUBOBmZjH4XZhx0mW9h+9BXGsmCQ4iF88BaPvLyxkcrK36NhlLXqj75
zCDc2QrcIPJkOvZCpeJQEtsbzgwgNNZIDTc0EBhJjB6DRpc+unxJb7tPTayn30UB
+zI/xEdKYWeR1tfjDMGJTaeaKcMHdLCPUhGeYLdtbZs9hpaIldp2BgtNt2ay5nKg
VqgBnQ3khwP8HJK25manQmsiCsvNlwhHjadqTwIDAQABo4ICajCCAmYwHQYDVR0O
BBYEFCUV7KGE3JVcIwDtjpZbU2ovdACdMB8GA1UdIwQYMBaAFLkmbhDO6bQh8td/
QoBEircf2nwPMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvNzIwZmRk
ZTIzMzNkOWJlMWI5ODgyZDRhYjdiNDVjOTIyYjZhYTE2ZS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvZDlhZDU0NGMtOThhNS00ZTA2LWFkOWUtMDFjYzgw
YjYzOTA5L2FmODNmNzUzMDU1N2FiMzU4NTMzMzRkZjE0ZThjODAyNDk2NDFmODYu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9kOWFkNTQ0Yy05OGE1LTRlMDYtYWQ5ZS0wMWNj
ODBiNjM5MDkvNzIwZmRkZTIzMzNkOWJlMWI5ODgyZDRhYjdiNDVjOTIyYjZhYTE2
ZS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQf
MB0wDAQCAAEwBgMEAaf6xDANBAIAAjAHAwUAKAMjoDANBgkqhkiG9w0BAQsFAAOC
AQEAQuwEvX6GpDAhjzhUYLWHOa7fRgxjeBYQbEurVs4ww9Uv6OYgKj/b82FQ8DYR
HxZ9GxAPUrVw8eOjIX0+l/9CGNKoVSC9X6dkKtkZB3rZmkX2NLKrnPSmxdlfflfy
UYUQFSV06W7XZCqXSbZAuR4FLLVSYkNLj69vamVv4LUBMEhWd6o/Zbhds77A30wv
UDjvivBiLUYgcbklkT4Yl6OpI4DNfvjMAIl7Ht+xpA/9XIk4QC7pXoZMFVOlzyTx
pnt8rM/GEJmOF2s8WjT2foCB2ZIp62FF208xcM63v8SDb+UF90T8Xw8Y5/ybVb0U
C/twmrbqhMddhPEj/476zIQOaA==
-----END CERTIFICATE-----
Generated at Wed Feb 21 20:21:12 2024 by rpki-client on console-fra.rpki-client.org