Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/e27c8ded-fabf-42f1-a452-28c5544083e4/f4b5a66ba62f41d067186e85189372597034d8c9.roa
File:                     f4b5a66ba62f41d067186e85189372597034d8c9.roa (raw, json)
Hash identifier:          lvF6xW3b6+FwpYLOjbk4NVprIWjWKdBae4PdlFqd0WQ=
Subject key identifier:   83:AF:9A:51:B3:58:59:29:D5:AD:7D:78:B7:95:2F:22:CF:3A:83:B8
Certificate issuer:       /CN=3aa8de614ca05bcd2943ee2f4ffb30bf19a864b7
Certificate serial:       1D29E1
Authority key identifier: 54:07:E3:26:0E:37:3F:FA:85:65:42:62:04:BA:57:D5:22:12:FB:3E
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/3aa8de614ca05bcd2943ee2f4ffb30bf19a864b7.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/e27c8ded-fabf-42f1-a452-28c5544083e4/f4b5a66ba62f41d067186e85189372597034d8c9.roa
Signing time:             Mon 10 Jul 2023 19:10:25 +0000
ROA not before:           Sun 09 Jul 2023 19:10:25 +0000
ROA not after:            Thu 10 Jul 2025 19:10:25 +0000
asID:                     269974
IP address blocks:        138.122.4.0/22 maxlen: 24
                          138.122.5.0/24 maxlen: 24
                          138.122.6.0/24 maxlen: 24
                          138.122.7.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/e27c8ded-fabf-42f1-a452-28c5544083e4/3aa8de614ca05bcd2943ee2f4ffb30bf19a864b7.crl
                          rsync://repository.lacnic.net/rpki/lacnic/e27c8ded-fabf-42f1-a452-28c5544083e4/3aa8de614ca05bcd2943ee2f4ffb30bf19a864b7.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/3aa8de614ca05bcd2943ee2f4ffb30bf19a864b7.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 26 Feb 2024 16:36:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1911265 (0x1d29e1)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3aa8de614ca05bcd2943ee2f4ffb30bf19a864b7
        Validity
            Not Before: Jul  9 19:10:25 2023 GMT
            Not After : Jul 10 19:10:25 2025 GMT
        Subject: CN=f4b5a66ba62f41d067186e85189372597034d8c9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:17:3c:b2:48:6c:1f:05:b4:68:62:4d:87:df:
                    d0:7e:d3:96:b5:81:c3:f6:16:24:7b:27:fc:96:3f:
                    f5:9b:aa:e9:f1:16:9e:ba:60:c2:bd:12:d0:c2:20:
                    7c:a5:a9:33:95:5b:9f:00:0c:3d:4d:17:4d:a4:5c:
                    09:e0:59:bd:20:73:24:95:f9:ab:fa:76:bc:58:63:
                    a0:fa:88:8a:1d:b6:03:1e:b4:60:7a:23:18:03:2a:
                    e4:c9:a8:73:2c:8b:e6:0d:79:30:1d:7f:3f:2b:8e:
                    fd:77:11:a2:6f:ce:b7:99:68:dd:04:aa:72:07:d1:
                    ef:34:4b:75:dc:30:94:cb:43:f8:de:b3:21:91:b9:
                    42:d4:6f:9b:53:43:92:96:74:67:52:6a:30:f0:4b:
                    04:91:c4:44:d9:c4:75:14:f4:9b:8e:e3:00:cf:25:
                    65:02:ab:cb:e9:1b:31:f2:43:4f:2d:bd:5d:77:f9:
                    75:85:25:e5:9e:60:ea:d0:4e:fa:7d:f0:0f:f9:4b:
                    a8:4e:b7:b1:5d:a4:73:0e:3a:d9:ea:e7:1a:bc:77:
                    86:81:32:da:c8:a4:6a:a2:ba:ba:a7:6d:8e:e0:c7:
                    57:60:07:ca:45:55:f0:64:25:34:2d:d2:53:07:17:
                    c9:d1:a1:34:fe:87:1e:d2:51:69:e6:57:5b:ef:d7:
                    32:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                83:AF:9A:51:B3:58:59:29:D5:AD:7D:78:B7:95:2F:22:CF:3A:83:B8
            X509v3 Authority Key Identifier:
                keyid:54:07:E3:26:0E:37:3F:FA:85:65:42:62:04:BA:57:D5:22:12:FB:3E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/3aa8de614ca05bcd2943ee2f4ffb30bf19a864b7.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/e27c8ded-fabf-42f1-a452-28c5544083e4/f4b5a66ba62f41d067186e85189372597034d8c9.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/e27c8ded-fabf-42f1-a452-28c5544083e4/3aa8de614ca05bcd2943ee2f4ffb30bf19a864b7.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  138.122.4.0/22

    Signature Algorithm: sha256WithRSAEncryption
         72:06:2e:ab:a1:37:95:b0:b1:ee:24:a2:14:0d:9b:e2:93:58:
         db:c9:09:ba:95:63:1b:9a:b5:7c:2f:5d:3a:db:36:77:5f:c7:
         ac:34:b1:dd:c1:fe:91:19:04:11:98:9e:06:12:78:39:0e:89:
         89:5e:a5:cc:90:44:73:5e:84:74:aa:69:cf:c7:55:ea:d1:d8:
         b9:9d:5e:a3:1c:2c:71:3a:68:1b:3f:00:91:7d:22:e8:3e:1d:
         36:93:9b:cd:70:72:a0:aa:ed:69:a0:b8:4d:b5:8b:6a:7d:f2:
         69:06:7a:7e:a6:7f:dd:89:27:c1:e7:29:8e:44:f2:9e:3b:f8:
         8b:49:84:17:ca:50:c2:ec:39:a0:5a:d6:fa:db:7d:aa:9b:82:
         ca:83:92:1f:ad:8a:8b:3b:43:0b:72:7d:19:65:01:3b:ea:79:
         39:f7:8b:4f:60:1e:3d:6e:f9:d7:ab:07:3b:af:4a:f6:14:5d:
         f9:77:13:87:6a:52:b1:52:b7:08:dd:2c:22:81:0d:58:83:9c:
         41:1c:50:8b:a0:81:42:48:d0:15:e6:d2:75:9f:4e:f2:81:f2:
         6f:95:39:6f:1b:a6:f9:8d:1a:0f:60:c0:52:ee:45:eb:02:11:
         f8:a5:25:2a:35:3b:7e:8e:eb:b2:36:3e:7d:1a:c6:c1:2b:8f:
         f2:97:e3:aa
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDHSnhMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDNh
YThkZTYxNGNhMDViY2QyOTQzZWUyZjRmZmIzMGJmMTlhODY0YjcwHhcNMjMwNzA5
MTkxMDI1WhcNMjUwNzEwMTkxMDI1WjAzMTEwLwYDVQQDEyhmNGI1YTY2YmE2MmY0
MWQwNjcxODZlODUxODkzNzI1OTcwMzRkOGM5MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAphc8skhsHwW0aGJNh9/QftOWtYHD9hYkeyf8lj/1m6rp8Rae
umDCvRLQwiB8pakzlVufAAw9TRdNpFwJ4Fm9IHMklfmr+na8WGOg+oiKHbYDHrRg
eiMYAyrkyahzLIvmDXkwHX8/K479dxGib863mWjdBKpyB9HvNEt13DCUy0P43rMh
kblC1G+bU0OSlnRnUmow8EsEkcRE2cR1FPSbjuMAzyVlAqvL6Rsx8kNPLb1dd/l1
hSXlnmDq0E76ffAP+UuoTrexXaRzDjrZ6ucavHeGgTLayKRqorq6p22O4MdXYAfK
RVXwZCU0LdJTBxfJ0aE0/oce0lFp5ldb79cyGwIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFIOvmlGzWFkp1a19eLeVLyLPOoO4MB8GA1UdIwQYMBaAFFQH4yYONz/6hWVC
YgS6V9UiEvs+MA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvM2FhOGRl
NjE0Y2EwNWJjZDI5NDNlZTJmNGZmYjMwYmYxOWE4NjRiNy5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvZTI3YzhkZWQtZmFiZi00MmYxLWE0NTItMjhjNTU0
NDA4M2U0L2Y0YjVhNjZiYTYyZjQxZDA2NzE4NmU4NTE4OTM3MjU5NzAzNGQ4Yzku
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9lMjdjOGRlZC1mYWJmLTQyZjEtYTQ1Mi0yOGM1
NTQ0MDgzZTQvM2FhOGRlNjE0Y2EwNWJjZDI5NDNlZTJmNGZmYjMwYmYxOWE4NjRi
Ny5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAop6BDANBgkqhkiG9w0BAQsFAAOCAQEAcgYuq6E3lbCx7iSi
FA2b4pNY28kJupVjG5q1fC9dOts2d1/HrDSx3cH+kRkEEZieBhJ4OQ6JiV6lzJBE
c16EdKppz8dV6tHYuZ1eoxwscTpoGz8AkX0i6D4dNpObzXByoKrtaaC4TbWLan3y
aQZ6fqZ/3YknwecpjkTynjv4i0mEF8pQwuw5oFrW+tt9qpuCyoOSH62KiztDC3J9
GWUBO+p5OfeLT2AePW7516sHO69K9hRd+XcTh2pSsVK3CN0sIoENWIOcQRxQi6CB
QkjQFebSdZ9O8oHyb5U5bxum+Y0aD2DAUu5F6wIR+KUlKjU7fo7rsjY+fRrGwSuP
8pfjqg==
-----END CERTIFICATE-----
Generated at Fri Feb 23 20:03:05 2024 by rpki-client on console-fra.rpki-client.org