Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/e06244f4-1f59-4182-8105-8d770ece2856/ea4e568770565cfb418c8b758aff097f71549fd5.roa
File:                     ea4e568770565cfb418c8b758aff097f71549fd5.roa (raw, json)
Hash identifier:          STVCC9EiPRPBUCqd6u0YIdmb53/2+uttJFKylBmFtLw=
Subject key identifier:   55:20:CD:56:77:63:E3:20:E3:17:16:F0:D0:FC:AA:33:6B:22:20:47
Certificate issuer:       /CN=a5265fc51b7f5a9f0ec142aa30846e06015ca4ff
Certificate serial:       216BF5
Authority key identifier: 7B:81:30:97:3D:07:EE:38:1D:BC:1C:6C:C9:D0:90:B0:10:92:A6:13
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/a5265fc51b7f5a9f0ec142aa30846e06015ca4ff.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/e06244f4-1f59-4182-8105-8d770ece2856/ea4e568770565cfb418c8b758aff097f71549fd5.roa
Signing time:             Fri 02 Jun 2023 14:47:36 +0000
ROA not before:           Thu 01 Jun 2023 14:47:35 +0000
ROA not after:            Mon 02 Jun 2025 14:47:35 +0000
asID:                     265705
IP address blocks:        186.33.204.0/24 maxlen: 24
                          2800:c30:ad00::/40 maxlen: 40

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/e06244f4-1f59-4182-8105-8d770ece2856/a5265fc51b7f5a9f0ec142aa30846e06015ca4ff.crl
                          rsync://repository.lacnic.net/rpki/lacnic/e06244f4-1f59-4182-8105-8d770ece2856/a5265fc51b7f5a9f0ec142aa30846e06015ca4ff.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/a5265fc51b7f5a9f0ec142aa30846e06015ca4ff.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 03 Mar 2024 21:34:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2190325 (0x216bf5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a5265fc51b7f5a9f0ec142aa30846e06015ca4ff
        Validity
            Not Before: Jun  1 14:47:35 2023 GMT
            Not After : Jun  2 14:47:35 2025 GMT
        Subject: CN=ea4e568770565cfb418c8b758aff097f71549fd5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:6b:a6:9e:b3:c5:de:b4:ae:96:8f:e9:5c:63:
                    4e:13:cd:a7:e2:02:e8:bc:5d:6b:ce:87:ef:fb:53:
                    4e:42:f7:a4:d4:08:0d:59:b0:c3:b6:10:cf:9f:c3:
                    ca:6a:7e:e0:2d:64:4e:f7:df:64:0a:fe:93:40:0d:
                    6d:50:28:ac:28:d9:e4:a8:71:c8:54:3f:de:cf:18:
                    2c:84:23:56:7a:3f:d4:35:f5:4e:31:85:22:7a:76:
                    6a:c6:97:eb:40:08:8f:82:10:63:c9:e8:f8:55:9f:
                    90:bb:7d:9f:30:f6:5b:5f:6c:48:be:10:fd:93:99:
                    2a:88:de:e2:62:72:84:57:2e:ea:f6:f0:73:77:58:
                    07:48:55:4f:52:a9:74:d5:b2:18:26:8d:37:88:6d:
                    74:a4:31:4e:f3:20:cd:7d:39:4b:e2:7f:b3:03:fb:
                    98:1c:f5:de:3a:5f:56:b6:f5:b1:9b:bd:05:21:3f:
                    72:a7:87:52:8b:42:12:0c:78:2e:5c:c0:89:6e:11:
                    25:d2:0e:68:c5:71:10:41:f3:c5:6a:fd:ae:d3:2b:
                    a5:97:22:f5:88:83:ed:6c:25:04:d0:5c:e9:f2:a1:
                    20:67:8d:53:1a:9c:00:e9:32:eb:24:40:81:c3:be:
                    c6:2b:98:a5:0f:33:ee:18:f9:1d:36:d7:56:f2:d5:
                    79:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                55:20:CD:56:77:63:E3:20:E3:17:16:F0:D0:FC:AA:33:6B:22:20:47
            X509v3 Authority Key Identifier:
                keyid:7B:81:30:97:3D:07:EE:38:1D:BC:1C:6C:C9:D0:90:B0:10:92:A6:13

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/a5265fc51b7f5a9f0ec142aa30846e06015ca4ff.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/e06244f4-1f59-4182-8105-8d770ece2856/ea4e568770565cfb418c8b758aff097f71549fd5.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/e06244f4-1f59-4182-8105-8d770ece2856/a5265fc51b7f5a9f0ec142aa30846e06015ca4ff.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  186.33.204.0/24
                IPv6:
                  2800:c30:ad00::/40

    Signature Algorithm: sha256WithRSAEncryption
         43:b1:d5:4e:dd:a6:7b:b5:83:39:79:fb:86:02:35:d9:84:03:
         69:6e:c5:12:6c:3f:63:19:97:20:28:06:0a:0a:0e:81:2e:9a:
         ec:0c:c3:51:0f:0a:53:22:6c:c5:fa:77:09:64:8b:b5:34:87:
         f6:e7:2c:f8:5d:bd:3a:12:04:e6:50:46:86:56:bc:0a:f1:12:
         30:8d:fd:7f:05:8b:c5:89:0b:57:10:26:79:8d:15:82:30:61:
         60:61:70:13:35:8b:cc:ed:f9:2e:67:41:42:3d:cd:c2:a0:da:
         3c:06:04:a0:c9:e9:78:6a:53:05:9a:7b:01:8d:c3:8c:2e:f9:
         8b:0f:3e:49:f9:27:75:dc:36:9c:24:97:c3:f9:b0:57:63:2f:
         0c:3e:19:fd:6d:29:94:44:6f:c8:d0:36:fc:d8:b3:7b:24:fc:
         0c:e0:2a:35:8b:54:7c:d4:31:b7:7b:12:f8:d3:2e:e0:0d:40:
         4a:90:9e:55:67:ee:59:8c:b2:6e:dc:5e:84:8d:81:78:f4:c2:
         9e:a5:e3:08:0f:64:98:89:e0:b7:43:e1:15:d1:76:37:03:ae:
         72:29:d3:a4:4f:3f:8e:69:61:f0:3c:5e:f5:b5:96:3e:76:c1:
         7f:49:15:d8:0f:36:0a:a8:19:a2:38:43:99:25:ee:0e:e1:53:
         b4:ec:61:f6
-----BEGIN CERTIFICATE-----
MIIFUDCCBDigAwIBAgIDIWv1MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGE1
MjY1ZmM1MWI3ZjVhOWYwZWMxNDJhYTMwODQ2ZTA2MDE1Y2E0ZmYwHhcNMjMwNjAx
MTQ0NzM1WhcNMjUwNjAyMTQ0NzM1WjAzMTEwLwYDVQQDEyhlYTRlNTY4NzcwNTY1
Y2ZiNDE4YzhiNzU4YWZmMDk3ZjcxNTQ5ZmQ1MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAo2umnrPF3rSulo/pXGNOE82n4gLovF1rzofv+1NOQvek1AgN
WbDDthDPn8PKan7gLWRO999kCv6TQA1tUCisKNnkqHHIVD/ezxgshCNWej/UNfVO
MYUienZqxpfrQAiPghBjyej4VZ+Qu32fMPZbX2xIvhD9k5kqiN7iYnKEVy7q9vBz
d1gHSFVPUql01bIYJo03iG10pDFO8yDNfTlL4n+zA/uYHPXeOl9WtvWxm70FIT9y
p4dSi0ISDHguXMCJbhEl0g5oxXEQQfPFav2u0yullyL1iIPtbCUE0Fzp8qEgZ41T
GpwA6TLrJECBw77GK5ilDzPuGPkdNtdW8tV5SQIDAQABo4ICazCCAmcwHQYDVR0O
BBYEFFUgzVZ3Y+Mg4xcW8ND8qjNrIiBHMB8GA1UdIwQYMBaAFHuBMJc9B+44Hbwc
bMnQkLAQkqYTMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYTUyNjVm
YzUxYjdmNWE5ZjBlYzE0MmFhMzA4NDZlMDYwMTVjYTRmZi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvZTA2MjQ0ZjQtMWY1OS00MTgyLTgxMDUtOGQ3NzBl
Y2UyODU2L2VhNGU1Njg3NzA1NjVjZmI0MThjOGI3NThhZmYwOTdmNzE1NDlmZDUu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9lMDYyNDRmNC0xZjU5LTQxODItODEwNS04ZDc3
MGVjZTI4NTYvYTUyNjVmYzUxYjdmNWE5ZjBlYzE0MmFhMzA4NDZlMDYwMTVjYTRm
Zi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAvBggrBgEFBQcBBwEB/wQg
MB4wDAQCAAEwBgMEALohzDAOBAIAAjAIAwYAKAAMMK0wDQYJKoZIhvcNAQELBQAD
ggEBAEOx1U7dpnu1gzl5+4YCNdmEA2luxRJsP2MZlyAoBgoKDoEumuwMw1EPClMi
bMX6dwlki7U0h/bnLPhdvToSBOZQRoZWvArxEjCN/X8Fi8WJC1cQJnmNFYIwYWBh
cBM1i8zt+S5nQUI9zcKg2jwGBKDJ6XhqUwWaewGNw4wu+YsPPkn5J3XcNpwkl8P5
sFdjLww+Gf1tKZREb8jQNvzYs3sk/AzgKjWLVHzUMbd7EvjTLuANQEqQnlVn7lmM
sm7cXoSNgXj0wp6l4wgPZJiJ4LdD4RXRdjcDrnIp06RPP45pYfA8XvW1lj52wX9J
FdgPNgqoGaI4Q5kl7g7hU7TsYfY=
-----END CERTIFICATE-----
Generated at Thu Feb 29 22:07:53 2024 by rpki-client on console-fra.rpki-client.org