Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/e06244f4-1f59-4182-8105-8d770ece2856/fa464aa68e6068a1ffe4549b2023c83e264f20a0.roa
File:                     fa464aa68e6068a1ffe4549b2023c83e264f20a0.roa (raw, json)
Hash identifier:          uSctUDVbdyAsq6O8jfcLjWPGnvA01JT9j96Z6k1VCFs=
Subject key identifier:   B1:2C:96:AB:F9:EB:E8:26:88:F9:22:6D:B9:E9:DF:77:3A:6D:80:BC
Certificate issuer:       /CN=a5265fc51b7f5a9f0ec142aa30846e06015ca4ff
Certificate serial:       2164C1
Authority key identifier: 7B:81:30:97:3D:07:EE:38:1D:BC:1C:6C:C9:D0:90:B0:10:92:A6:13
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/a5265fc51b7f5a9f0ec142aa30846e06015ca4ff.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/e06244f4-1f59-4182-8105-8d770ece2856/fa464aa68e6068a1ffe4549b2023c83e264f20a0.roa
Signing time:             Fri 02 Jun 2023 14:47:35 +0000
ROA not before:           Thu 01 Jun 2023 14:47:35 +0000
ROA not after:            Mon 02 Jun 2025 14:47:35 +0000
asID:                     52361
IP address blocks:        186.33.192.0/18 maxlen: 24
                          181.209.0.0/17 maxlen: 24
                          2800:c30::/32 maxlen: 40

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/e06244f4-1f59-4182-8105-8d770ece2856/a5265fc51b7f5a9f0ec142aa30846e06015ca4ff.crl
                          rsync://repository.lacnic.net/rpki/lacnic/e06244f4-1f59-4182-8105-8d770ece2856/a5265fc51b7f5a9f0ec142aa30846e06015ca4ff.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/a5265fc51b7f5a9f0ec142aa30846e06015ca4ff.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 03 Mar 2024 21:34:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2188481 (0x2164c1)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a5265fc51b7f5a9f0ec142aa30846e06015ca4ff
        Validity
            Not Before: Jun  1 14:47:35 2023 GMT
            Not After : Jun  2 14:47:35 2025 GMT
        Subject: CN=fa464aa68e6068a1ffe4549b2023c83e264f20a0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:a7:ce:93:99:9c:17:92:32:9d:eb:7f:91:31:
                    1b:02:c8:a3:4c:73:76:bd:f8:df:06:03:23:50:cd:
                    01:8e:d3:00:a3:c8:5b:49:c5:df:3d:3d:bb:f7:d7:
                    40:bd:d4:fd:45:8e:2f:24:3b:5d:c6:d2:9f:17:e3:
                    52:2f:0b:09:13:ac:f9:78:64:ce:b5:76:5d:a2:06:
                    be:0e:90:c7:2a:cf:3c:42:d4:3b:4b:10:8a:28:1b:
                    94:06:e9:9f:5d:82:18:a7:77:41:6b:bf:1a:5f:dd:
                    cd:88:60:00:6b:fb:ee:87:63:49:ea:3c:f6:de:8f:
                    73:e4:79:4b:0d:56:d7:46:a9:12:8b:f3:a4:76:32:
                    c9:3d:95:eb:59:36:1e:67:85:04:a4:0d:b4:a1:9d:
                    c7:80:b3:d9:5d:fd:f0:a8:49:0b:be:38:01:a9:08:
                    2a:aa:07:84:5b:f4:ae:b7:57:cc:ea:37:2e:cb:85:
                    cb:50:d4:ec:63:a2:50:e5:c2:e7:b3:a7:17:04:87:
                    a8:9d:bd:bc:a4:a4:c9:33:00:59:03:c1:77:c5:8c:
                    c2:c3:f1:79:7e:ec:2b:d2:d0:fc:ba:23:41:4d:7a:
                    8c:54:07:e5:03:29:0f:57:1b:18:eb:ad:73:fb:42:
                    79:05:4a:78:11:c7:3c:38:22:66:a0:b2:3f:a9:ce:
                    e8:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B1:2C:96:AB:F9:EB:E8:26:88:F9:22:6D:B9:E9:DF:77:3A:6D:80:BC
            X509v3 Authority Key Identifier:
                keyid:7B:81:30:97:3D:07:EE:38:1D:BC:1C:6C:C9:D0:90:B0:10:92:A6:13

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/a5265fc51b7f5a9f0ec142aa30846e06015ca4ff.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/e06244f4-1f59-4182-8105-8d770ece2856/fa464aa68e6068a1ffe4549b2023c83e264f20a0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/e06244f4-1f59-4182-8105-8d770ece2856/a5265fc51b7f5a9f0ec142aa30846e06015ca4ff.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  181.209.0.0/17
                  186.33.192.0/18
                IPv6:
                  2800:c30::/32

    Signature Algorithm: sha256WithRSAEncryption
         0d:0e:19:1e:b3:48:bd:e9:bc:c8:47:1e:1d:22:4e:ef:b1:db:
         b5:17:04:83:43:6c:01:5b:37:7f:15:6d:7e:d5:ce:aa:d8:b3:
         ab:5f:0e:62:74:ea:b9:72:9d:cf:2a:4b:6b:51:4c:32:bf:79:
         55:85:39:52:62:5e:a0:ff:b1:1a:18:ad:63:6e:38:94:25:4a:
         52:32:75:61:d0:cb:74:ca:39:fc:89:e7:ec:c6:36:e9:17:6c:
         a2:e2:cf:83:96:86:9e:5c:ab:95:50:a5:f7:8d:cb:6b:74:06:
         2e:f1:27:16:80:ea:17:d3:68:fa:b3:6a:d5:26:7d:86:04:d2:
         37:46:af:c9:73:9b:6c:3f:29:3a:5b:48:07:d5:d1:16:b6:04:
         a3:df:6a:0d:fa:1d:b6:6c:6c:58:c5:5e:6d:5d:e8:f0:53:e8:
         81:8e:0d:43:c1:95:67:00:b4:13:af:0b:53:1e:fe:19:63:8c:
         1c:cd:86:be:9c:42:f2:86:50:6b:25:fd:d2:da:a5:dc:cc:80:
         66:ec:39:f7:a3:a0:da:2b:50:ea:0d:0e:eb:61:03:a5:a0:40:
         14:cc:34:2a:b5:d3:32:4e:de:5e:0a:28:52:64:fa:12:2c:da:
         8d:5a:74:09:68:d5:46:ad:27:87:48:fe:44:2d:6a:e5:93:2e:
         10:02:8f:0a
-----BEGIN CERTIFICATE-----
MIIFVTCCBD2gAwIBAgIDIWTBMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGE1
MjY1ZmM1MWI3ZjVhOWYwZWMxNDJhYTMwODQ2ZTA2MDE1Y2E0ZmYwHhcNMjMwNjAx
MTQ0NzM1WhcNMjUwNjAyMTQ0NzM1WjAzMTEwLwYDVQQDEyhmYTQ2NGFhNjhlNjA2
OGExZmZlNDU0OWIyMDIzYzgzZTI2NGYyMGEwMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAq6fOk5mcF5Iynet/kTEbAsijTHN2vfjfBgMjUM0BjtMAo8hb
ScXfPT2799dAvdT9RY4vJDtdxtKfF+NSLwsJE6z5eGTOtXZdoga+DpDHKs88QtQ7
SxCKKBuUBumfXYIYp3dBa78aX93NiGAAa/vuh2NJ6jz23o9z5HlLDVbXRqkSi/Ok
djLJPZXrWTYeZ4UEpA20oZ3HgLPZXf3wqEkLvjgBqQgqqgeEW/Sut1fM6jcuy4XL
UNTsY6JQ5cLns6cXBIeonb28pKTJMwBZA8F3xYzCw/F5fuwr0tD8uiNBTXqMVAfl
AykPVxsY661z+0J5BUp4Ecc8OCJmoLI/qc7oRwIDAQABo4ICcDCCAmwwHQYDVR0O
BBYEFLEslqv56+gmiPkibbnp33c6bYC8MB8GA1UdIwQYMBaAFHuBMJc9B+44Hbwc
bMnQkLAQkqYTMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYTUyNjVm
YzUxYjdmNWE5ZjBlYzE0MmFhMzA4NDZlMDYwMTVjYTRmZi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvZTA2MjQ0ZjQtMWY1OS00MTgyLTgxMDUtOGQ3NzBl
Y2UyODU2L2ZhNDY0YWE2OGU2MDY4YTFmZmU0NTQ5YjIwMjNjODNlMjY0ZjIwYTAu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9lMDYyNDRmNC0xZjU5LTQxODItODEwNS04ZDc3
MGVjZTI4NTYvYTUyNjVmYzUxYjdmNWE5ZjBlYzE0MmFhMzA4NDZlMDYwMTVjYTRm
Zi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0BggrBgEFBQcBBwEB/wQl
MCMwEgQCAAEwDAMEB7XRAAMEBrohwDANBAIAAjAHAwUAKAAMMDANBgkqhkiG9w0B
AQsFAAOCAQEADQ4ZHrNIvem8yEceHSJO77HbtRcEg0NsAVs3fxVtftXOqtizq18O
YnTquXKdzypLa1FMMr95VYU5UmJeoP+xGhitY244lCVKUjJ1YdDLdMo5/Inn7MY2
6RdsouLPg5aGnlyrlVCl943La3QGLvEnFoDqF9No+rNq1SZ9hgTSN0avyXObbD8p
OltIB9XRFrYEo99qDfodtmxsWMVebV3o8FPogY4NQ8GVZwC0E68LUx7+GWOMHM2G
vpxC8oZQayX90tql3MyAZuw596Og2itQ6g0O62EDpaBAFMw0KrXTMk7eXgooUmT6
EizajVp0CWjVRq0nh0j+RC1q5ZMuEAKPCg==
-----END CERTIFICATE-----
Generated at Thu Feb 29 22:23:27 2024 by rpki-client on console-ams.rpki-client.org