Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/df6a3bfc-6158-44fd-bdbd-8c8fec861163/f6895f80e8e4eb88f68fe5084a08b6efa06f7d5c.roa
File:                     f6895f80e8e4eb88f68fe5084a08b6efa06f7d5c.roa (raw, json)
Hash identifier:          86wyN2jYpBdrsMvs5UMKSN++zy0szEEoJRjU4OC5c+8=
Subject key identifier:   EC:C5:3F:11:F1:F6:4C:66:75:BC:0D:D7:EB:E1:95:60:8E:2D:21:C9
Certificate issuer:       /CN=c762e3663c49c6163cbc84c15751626392abf3fe
Certificate serial:       1B094D
Authority key identifier: 05:CC:B1:18:E6:98:F6:30:38:58:6F:E3:37:0A:D5:B1:91:43:99:8E
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/c762e3663c49c6163cbc84c15751626392abf3fe.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/df6a3bfc-6158-44fd-bdbd-8c8fec861163/f6895f80e8e4eb88f68fe5084a08b6efa06f7d5c.roa
Signing time:             Wed 12 Oct 2022 22:13:41 +0000
ROA not before:           Tue 11 Oct 2022 22:09:23 +0000
ROA not after:            Sat 12 Oct 2024 22:09:23 +0000
asID:                     264686
IP address blocks:        168.181.160.0/22 maxlen: 24
                          2803:ad40::/32 maxlen: 48

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/df6a3bfc-6158-44fd-bdbd-8c8fec861163/c762e3663c49c6163cbc84c15751626392abf3fe.crl
                          rsync://repository.lacnic.net/rpki/lacnic/df6a3bfc-6158-44fd-bdbd-8c8fec861163/c762e3663c49c6163cbc84c15751626392abf3fe.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/c762e3663c49c6163cbc84c15751626392abf3fe.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 03:49:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1771853 (0x1b094d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c762e3663c49c6163cbc84c15751626392abf3fe
        Validity
            Not Before: Oct 11 22:09:23 2022 GMT
            Not After : Oct 12 22:09:23 2024 GMT
        Subject: CN=f6895f80e8e4eb88f68fe5084a08b6efa06f7d5c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:ca:36:91:e5:40:8d:8d:2d:84:13:a4:8c:7b:
                    07:f4:78:e9:be:c6:a9:a6:20:57:9b:0d:4d:f1:42:
                    2d:41:1c:6a:d9:88:89:d8:e6:53:49:8a:69:42:ee:
                    18:0b:f4:07:32:3f:c5:04:4b:db:e9:05:90:38:97:
                    d1:a2:24:54:73:e4:fb:f2:18:bb:aa:22:12:26:e7:
                    ea:3b:2d:d5:8f:f1:21:20:26:d2:86:6b:68:ea:d3:
                    d3:08:04:ec:cb:db:83:1f:f4:6a:61:48:df:b1:57:
                    d0:44:6d:54:c0:e7:d2:4a:6c:cb:24:4e:78:fb:bf:
                    36:98:c9:02:4b:43:72:74:7a:63:99:65:79:ea:25:
                    31:37:ba:9c:ab:aa:36:21:a9:8e:33:76:a6:75:8b:
                    0a:37:33:54:4e:31:5d:f9:76:84:81:5c:97:33:d3:
                    c2:2c:a1:20:31:0b:33:b9:fb:06:2d:75:89:80:48:
                    b2:35:c0:ff:f1:5a:5f:cb:77:84:a5:98:52:3e:ad:
                    d0:af:72:1b:06:05:cf:34:b8:72:5b:ee:a5:a1:cb:
                    1f:3d:63:c5:22:32:37:28:e7:17:9b:34:29:f5:57:
                    00:40:9d:f5:1b:af:64:c7:e5:fb:7d:0a:82:be:bd:
                    ff:b1:03:4c:f9:11:62:79:b6:f8:a9:33:bb:8d:51:
                    3f:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EC:C5:3F:11:F1:F6:4C:66:75:BC:0D:D7:EB:E1:95:60:8E:2D:21:C9
            X509v3 Authority Key Identifier:
                keyid:05:CC:B1:18:E6:98:F6:30:38:58:6F:E3:37:0A:D5:B1:91:43:99:8E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/c762e3663c49c6163cbc84c15751626392abf3fe.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/df6a3bfc-6158-44fd-bdbd-8c8fec861163/f6895f80e8e4eb88f68fe5084a08b6efa06f7d5c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/df6a3bfc-6158-44fd-bdbd-8c8fec861163/c762e3663c49c6163cbc84c15751626392abf3fe.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  168.181.160.0/22
                IPv6:
                  2803:ad40::/32

    Signature Algorithm: sha256WithRSAEncryption
         61:23:34:51:a5:74:42:83:40:5f:4a:fb:0f:dc:9f:c9:52:65:
         02:47:95:76:5e:a9:98:6d:bb:b2:f4:a1:21:48:7a:b0:1a:40:
         77:bc:c2:a4:b2:d6:7c:b0:cc:08:05:85:c7:c2:0c:45:57:c7:
         ee:65:7b:b5:f2:dd:4e:f8:ce:a7:18:3c:ba:2e:98:3d:97:62:
         18:5c:1d:32:df:73:dc:03:00:11:59:4f:79:d6:6e:ff:3f:f3:
         8c:25:e8:26:9d:da:43:34:49:b6:23:a1:9d:97:17:73:05:c2:
         82:11:7a:11:26:c3:f0:0e:aa:82:c8:e0:2a:d3:33:86:f2:e9:
         87:91:7e:d6:a0:20:cf:ab:90:c4:28:c7:43:a5:f4:3f:a6:c2:
         49:5a:f5:1f:46:f4:7f:b9:ad:73:e3:54:58:28:a9:2c:d2:ab:
         6d:97:58:34:a1:1a:7a:8a:68:7b:b2:d4:70:f7:17:ed:4a:d6:
         1e:ed:0b:92:63:6c:2b:95:d9:6f:e1:ca:78:cc:2d:ad:e5:cb:
         e4:6e:0a:0b:bb:52:7c:5b:71:24:b9:07:9a:81:58:3f:ab:a9:
         bf:da:f1:18:3e:3a:b5:41:9f:9b:f5:3c:07:b9:8d:04:55:3e:
         45:cf:0f:5f:75:e3:b8:2f:d3:5b:59:f5:b0:59:cd:da:62:fa:
         8a:a3:f4:00
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgIDGwlNMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGM3
NjJlMzY2M2M0OWM2MTYzY2JjODRjMTU3NTE2MjYzOTJhYmYzZmUwHhcNMjIxMDEx
MjIwOTIzWhcNMjQxMDEyMjIwOTIzWjAzMTEwLwYDVQQDEyhmNjg5NWY4MGU4ZTRl
Yjg4ZjY4ZmU1MDg0YTA4YjZlZmEwNmY3ZDVjMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAsso2keVAjY0thBOkjHsH9HjpvsappiBXmw1N8UItQRxq2YiJ
2OZTSYppQu4YC/QHMj/FBEvb6QWQOJfRoiRUc+T78hi7qiISJufqOy3Vj/EhICbS
hmto6tPTCATsy9uDH/RqYUjfsVfQRG1UwOfSSmzLJE54+782mMkCS0NydHpjmWV5
6iUxN7qcq6o2IamOM3amdYsKNzNUTjFd+XaEgVyXM9PCLKEgMQszufsGLXWJgEiy
NcD/8Vpfy3eEpZhSPq3Qr3IbBgXPNLhyW+6locsfPWPFIjI3KOcXmzQp9VcAQJ31
G69kx+X7fQqCvr3/sQNM+RFiebb4qTO7jVE/WwIDAQABo4ICajCCAmYwHQYDVR0O
BBYEFOzFPxHx9kxmdbwN1+vhlWCOLSHJMB8GA1UdIwQYMBaAFAXMsRjmmPYwOFhv
4zcK1bGRQ5mOMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYzc2MmUz
NjYzYzQ5YzYxNjNjYmM4NGMxNTc1MTYyNjM5MmFiZjNmZS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvZGY2YTNiZmMtNjE1OC00NGZkLWJkYmQtOGM4ZmVj
ODYxMTYzL2Y2ODk1ZjgwZThlNGViODhmNjhmZTUwODRhMDhiNmVmYTA2ZjdkNWMu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9kZjZhM2JmYy02MTU4LTQ0ZmQtYmRiZC04Yzhm
ZWM4NjExNjMvYzc2MmUzNjYzYzQ5YzYxNjNjYmM4NGMxNTc1MTYyNjM5MmFiZjNm
ZS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQf
MB0wDAQCAAEwBgMEAqi1oDANBAIAAjAHAwUAKAOtQDANBgkqhkiG9w0BAQsFAAOC
AQEAYSM0UaV0QoNAX0r7D9yfyVJlAkeVdl6pmG27svShIUh6sBpAd7zCpLLWfLDM
CAWFx8IMRVfH7mV7tfLdTvjOpxg8ui6YPZdiGFwdMt9z3AMAEVlPedZu/z/zjCXo
Jp3aQzRJtiOhnZcXcwXCghF6ESbD8A6qgsjgKtMzhvLph5F+1qAgz6uQxCjHQ6X0
P6bCSVr1H0b0f7mtc+NUWCipLNKrbZdYNKEaeopoe7LUcPcX7UrWHu0LkmNsK5XZ
b+HKeMwtreXL5G4KC7tSfFtxJLkHmoFYP6upv9rxGD46tUGfm/U8B7mNBFU+Rc8P
X3XjuC/TW1n1sFnN2mL6iqP0AA==
-----END CERTIFICATE-----
Generated at Thu Mar 28 08:36:08 2024 by rpki-client on console-fra.rpki-client.org