Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/e34bd55e-41a7-4306-be7e-0a1586d5cf59/15d30ce316bfc0b2ca6958b5e41dd53f0b47132a.roa
File:                     15d30ce316bfc0b2ca6958b5e41dd53f0b47132a.roa (raw, json)
Hash identifier:          pfH7KyYlHyxibApd/Jc/AepFb1zWm5phEji8xestZDY=
Subject key identifier:   8B:3C:E3:19:EF:26:EC:6F:C9:48:A6:DE:BE:0C:59:41:71:B3:BB:15
Certificate issuer:       /CN=c117f0121a5ef011f07c8d516305c00886bef690
Certificate serial:       1C7CF0
Authority key identifier: 24:1E:39:F9:68:BC:DD:99:50:0C:5C:BA:D4:E0:4B:D3:21:83:45:71
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/c117f0121a5ef011f07c8d516305c00886bef690.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/e34bd55e-41a7-4306-be7e-0a1586d5cf59/15d30ce316bfc0b2ca6958b5e41dd53f0b47132a.roa
Signing time:             Tue 17 Oct 2023 20:40:47 +0000
ROA not before:           Mon 16 Oct 2023 20:40:47 +0000
ROA not after:            Fri 17 Oct 2025 20:40:47 +0000
asID:                     271947
IP address blocks:        177.74.100.0/22 maxlen: 24
                          2803:33e0::/32 maxlen: 48

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/e34bd55e-41a7-4306-be7e-0a1586d5cf59/c117f0121a5ef011f07c8d516305c00886bef690.crl
                          rsync://repository.lacnic.net/rpki/lacnic/e34bd55e-41a7-4306-be7e-0a1586d5cf59/c117f0121a5ef011f07c8d516305c00886bef690.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/c117f0121a5ef011f07c8d516305c00886bef690.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 25 Feb 2024 20:21:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1866992 (0x1c7cf0)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c117f0121a5ef011f07c8d516305c00886bef690
        Validity
            Not Before: Oct 16 20:40:47 2023 GMT
            Not After : Oct 17 20:40:47 2025 GMT
        Subject: CN=15d30ce316bfc0b2ca6958b5e41dd53f0b47132a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:2f:fc:c4:3a:18:35:c6:3a:57:35:22:54:8f:
                    2f:3d:bd:d4:70:9e:68:43:08:d5:65:dc:d8:ec:6b:
                    2a:eb:d5:91:ad:60:0c:98:7c:be:42:42:64:bc:e5:
                    ec:76:27:28:69:97:88:28:e6:82:c0:29:36:d5:ff:
                    fe:c5:75:c3:5e:43:ef:31:51:d3:7e:91:7f:4e:91:
                    50:64:a2:24:49:43:9f:c0:79:2e:84:93:e8:3b:b0:
                    ab:8c:33:84:9f:39:6a:7a:4c:9d:c6:8f:86:65:b7:
                    58:6d:09:75:86:ce:6e:a4:ee:f5:86:8f:79:02:a3:
                    81:e2:f7:a7:24:df:1b:91:88:32:26:d8:34:07:6b:
                    f2:d1:bb:7d:19:2e:ac:c7:d8:6b:d3:74:c5:67:4d:
                    72:cd:94:cd:80:e3:8a:66:5b:ea:98:d8:c4:03:ee:
                    c8:bf:5a:8d:33:52:46:46:13:14:94:30:cf:8d:5d:
                    62:c1:d2:12:db:ea:87:39:fb:bd:93:62:43:25:ca:
                    89:86:80:f7:d9:9f:66:8d:78:18:4a:96:7c:51:92:
                    3a:b5:6a:eb:cd:00:23:37:8c:8b:bc:d8:d2:2b:40:
                    aa:76:58:5e:00:e8:e8:73:cc:bb:56:69:e1:a8:84:
                    11:7d:24:f2:9d:57:48:c2:95:7c:71:d1:73:eb:f8:
                    d9:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8B:3C:E3:19:EF:26:EC:6F:C9:48:A6:DE:BE:0C:59:41:71:B3:BB:15
            X509v3 Authority Key Identifier:
                keyid:24:1E:39:F9:68:BC:DD:99:50:0C:5C:BA:D4:E0:4B:D3:21:83:45:71

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/c117f0121a5ef011f07c8d516305c00886bef690.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/e34bd55e-41a7-4306-be7e-0a1586d5cf59/15d30ce316bfc0b2ca6958b5e41dd53f0b47132a.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/e34bd55e-41a7-4306-be7e-0a1586d5cf59/c117f0121a5ef011f07c8d516305c00886bef690.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  177.74.100.0/22
                IPv6:
                  2803:33e0::/32

    Signature Algorithm: sha256WithRSAEncryption
         2c:3d:2c:b6:1b:4e:ac:8d:c9:b0:87:c6:50:25:ab:35:53:97:
         3e:ba:18:a8:6c:36:1c:6c:2d:4c:16:57:dd:97:75:ba:a7:02:
         cf:50:d7:d5:16:d5:63:42:e6:76:3a:a6:e6:45:56:26:60:c9:
         eb:9a:fe:00:db:61:2d:61:b2:c6:85:f1:46:c8:e9:68:6c:8b:
         9d:74:a6:ad:8b:de:e6:6a:18:f3:31:9e:89:b8:d7:45:d5:4b:
         4e:24:c2:6e:77:0a:e3:28:28:13:bf:0f:0a:a9:e6:75:d0:04:
         98:39:8c:2a:f2:b5:28:cd:93:e9:dd:3d:f2:5e:57:89:ef:09:
         b2:b2:20:74:0d:69:03:bd:e1:24:ee:38:7a:c2:a5:84:69:17:
         e1:ce:70:43:79:f8:dd:83:82:c4:21:cc:26:4c:8d:9b:5a:07:
         b1:dc:bb:a1:19:ee:f3:30:c2:8a:23:1d:9f:24:a4:1f:3a:21:
         9b:2f:02:66:3e:96:08:50:01:29:dd:f1:e2:de:a5:2e:8d:a5:
         ea:5f:2f:81:e0:b9:49:33:27:4a:b2:7c:55:e5:34:15:ef:74:
         41:d1:c4:0b:38:86:9f:8f:61:52:c4:1f:9a:b6:06:e7:f9:ff:
         3f:91:95:e9:04:f0:0b:d0:2c:bc:c5:9e:cd:2d:77:16:dc:f1:
         21:80:6c:f6
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgIDHHzwMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGMx
MTdmMDEyMWE1ZWYwMTFmMDdjOGQ1MTYzMDVjMDA4ODZiZWY2OTAwHhcNMjMxMDE2
MjA0MDQ3WhcNMjUxMDE3MjA0MDQ3WjAzMTEwLwYDVQQDEygxNWQzMGNlMzE2YmZj
MGIyY2E2OTU4YjVlNDFkZDUzZjBiNDcxMzJhMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAnC/8xDoYNcY6VzUiVI8vPb3UcJ5oQwjVZdzY7Gsq69WRrWAM
mHy+QkJkvOXsdicoaZeIKOaCwCk21f/+xXXDXkPvMVHTfpF/TpFQZKIkSUOfwHku
hJPoO7CrjDOEnzlqekydxo+GZbdYbQl1hs5upO71ho95AqOB4venJN8bkYgyJtg0
B2vy0bt9GS6sx9hr03TFZ01yzZTNgOOKZlvqmNjEA+7Iv1qNM1JGRhMUlDDPjV1i
wdIS2+qHOfu9k2JDJcqJhoD32Z9mjXgYSpZ8UZI6tWrrzQAjN4yLvNjSK0Cqdlhe
AOjoc8y7VmnhqIQRfSTynVdIwpV8cdFz6/jZjQIDAQABo4ICajCCAmYwHQYDVR0O
BBYEFIs84xnvJuxvyUim3r4MWUFxs7sVMB8GA1UdIwQYMBaAFCQeOflovN2ZUAxc
utTgS9Mhg0VxMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYzExN2Yw
MTIxYTVlZjAxMWYwN2M4ZDUxNjMwNWMwMDg4NmJlZjY5MC5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvZTM0YmQ1NWUtNDFhNy00MzA2LWJlN2UtMGExNTg2
ZDVjZjU5LzE1ZDMwY2UzMTZiZmMwYjJjYTY5NThiNWU0MWRkNTNmMGI0NzEzMmEu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9lMzRiZDU1ZS00MWE3LTQzMDYtYmU3ZS0wYTE1
ODZkNWNmNTkvYzExN2YwMTIxYTVlZjAxMWYwN2M4ZDUxNjMwNWMwMDg4NmJlZjY5
MC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQf
MB0wDAQCAAEwBgMEArFKZDANBAIAAjAHAwUAKAMz4DANBgkqhkiG9w0BAQsFAAOC
AQEALD0sthtOrI3JsIfGUCWrNVOXProYqGw2HGwtTBZX3Zd1uqcCz1DX1RbVY0Lm
djqm5kVWJmDJ65r+ANthLWGyxoXxRsjpaGyLnXSmrYve5moY8zGeibjXRdVLTiTC
bncK4ygoE78PCqnmddAEmDmMKvK1KM2T6d098l5Xie8JsrIgdA1pA73hJO44esKl
hGkX4c5wQ3n43YOCxCHMJkyNm1oHsdy7oRnu8zDCiiMdnySkHzohmy8CZj6WCFAB
Kd3x4t6lLo2l6l8vgeC5STMnSrJ8VeU0Fe90QdHECziGn49hUsQfmrYG5/n/P5GV
6QTwC9AsvMWezS13FtzxIYBs9g==
-----END CERTIFICATE-----
Generated at Fri Feb 23 00:19:17 2024 by rpki-client on console-fra.rpki-client.org