Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/e42d711d-2c03-40f6-ac45-6903a54b2324/60adb8564d4d07ebf55a95808eb929cd39ecef58.roa
File:                     60adb8564d4d07ebf55a95808eb929cd39ecef58.roa (raw, json)
Hash identifier:          RcKqKhdBR+qIgt7SnVTsuwFzDSlQW5y7/orBZx0MHSE=
Subject key identifier:   52:A9:0C:35:C2:4B:BA:46:76:B6:EC:68:DB:3A:02:69:FE:6A:A2:41
Certificate issuer:       /CN=dedf8d5736c0557e727f6db72e984837a300b8ac
Certificate serial:       1B24F9
Authority key identifier: 32:F5:45:4E:85:B9:BA:CF:E3:D6:81:55:95:CE:B6:00:EB:A5:4F:9A
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/dedf8d5736c0557e727f6db72e984837a300b8ac.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/e42d711d-2c03-40f6-ac45-6903a54b2324/60adb8564d4d07ebf55a95808eb929cd39ecef58.roa
Signing time:             Mon 25 Sep 2023 13:32:06 +0000
ROA not before:           Sun 24 Sep 2023 13:32:05 +0000
ROA not after:            Thu 25 Sep 2025 13:32:05 +0000
asID:                     52468
IP address blocks:        181.225.188.0/22 maxlen: 25
                          2803:53e0::/32 maxlen: 64

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/e42d711d-2c03-40f6-ac45-6903a54b2324/dedf8d5736c0557e727f6db72e984837a300b8ac.crl
                          rsync://repository.lacnic.net/rpki/lacnic/e42d711d-2c03-40f6-ac45-6903a54b2324/dedf8d5736c0557e727f6db72e984837a300b8ac.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/dedf8d5736c0557e727f6db72e984837a300b8ac.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 25 Feb 2024 20:21:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1778937 (0x1b24f9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dedf8d5736c0557e727f6db72e984837a300b8ac
        Validity
            Not Before: Sep 24 13:32:05 2023 GMT
            Not After : Sep 25 13:32:05 2025 GMT
        Subject: CN=60adb8564d4d07ebf55a95808eb929cd39ecef58
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:46:7b:97:44:49:c8:8f:b2:61:75:9d:0e:47:
                    ea:d1:71:82:57:00:c0:d7:d1:c1:5f:4e:58:52:3c:
                    40:3b:bd:e5:95:05:82:d2:ba:d9:e4:8b:38:76:33:
                    e5:da:36:c5:1a:c2:d0:f5:c4:2b:2e:52:12:28:94:
                    49:09:95:12:c4:09:bf:57:90:51:65:14:5f:61:10:
                    6d:b3:22:83:31:24:e7:1a:5b:5c:c0:15:a4:1a:e2:
                    81:27:3e:7c:05:57:8d:d6:e1:cb:f2:22:df:a6:a5:
                    1d:1a:64:d5:0a:3c:18:e3:d5:6a:91:b4:db:e0:10:
                    a1:1d:6c:a6:08:a9:59:7f:90:70:5d:8c:03:85:c6:
                    de:ca:4d:3a:2c:32:c3:8a:2a:46:76:8a:f9:4b:e4:
                    66:b7:eb:d8:af:ce:3a:9a:ce:cd:8f:3a:14:92:e7:
                    eb:5e:08:3b:62:b4:be:d3:10:c2:2c:99:d8:40:d5:
                    ea:fd:64:ec:24:67:b6:5e:e4:11:57:96:22:89:17:
                    06:ed:7d:9f:3a:7c:82:dd:33:f4:97:e0:89:73:6a:
                    de:48:cf:2c:92:03:4c:d3:fa:fe:f5:c8:7f:ac:a1:
                    51:f7:2a:a1:51:dd:e1:93:f6:5e:af:e9:b8:89:4b:
                    f1:33:e9:81:9c:ad:60:54:8d:1b:67:28:42:df:c7:
                    15:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                52:A9:0C:35:C2:4B:BA:46:76:B6:EC:68:DB:3A:02:69:FE:6A:A2:41
            X509v3 Authority Key Identifier:
                keyid:32:F5:45:4E:85:B9:BA:CF:E3:D6:81:55:95:CE:B6:00:EB:A5:4F:9A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/dedf8d5736c0557e727f6db72e984837a300b8ac.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/e42d711d-2c03-40f6-ac45-6903a54b2324/60adb8564d4d07ebf55a95808eb929cd39ecef58.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/e42d711d-2c03-40f6-ac45-6903a54b2324/dedf8d5736c0557e727f6db72e984837a300b8ac.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  181.225.188.0/22
                IPv6:
                  2803:53e0::/32

    Signature Algorithm: sha256WithRSAEncryption
         c8:5c:37:74:ab:ee:9d:be:ad:40:08:2c:c8:27:43:5c:27:04:
         6d:2b:c4:a2:9b:10:ff:59:ad:e5:c2:29:da:71:99:e1:03:db:
         9b:43:1b:39:53:b7:e9:51:02:96:28:d5:67:b9:e0:d7:56:4d:
         6f:63:0e:e1:58:43:e6:62:72:7a:f3:81:c8:8e:e0:ed:64:6c:
         6f:11:c7:5c:35:e0:16:fb:b8:15:cb:16:ff:6c:45:3d:a5:c0:
         f4:0c:cc:d8:5d:80:50:b9:a5:a1:59:12:3d:16:ae:1b:1b:4e:
         96:fc:3d:30:d4:0d:5a:0c:29:ba:9a:f5:a6:fa:8c:47:fe:ef:
         77:1e:d4:e9:25:bc:1f:91:ae:92:bf:26:7f:91:53:7a:36:dc:
         83:ab:15:12:2c:e5:7b:7b:16:be:da:be:ab:24:78:12:91:cb:
         e2:1d:02:4a:e1:e3:6a:1e:b5:dc:ea:28:c9:57:6e:27:2c:d4:
         2d:de:5c:e4:ee:57:69:3e:fe:11:a2:ac:74:a4:9f:ee:f6:4a:
         12:c0:a6:48:14:a7:17:36:3a:0c:6c:fd:a1:63:de:e4:94:fb:
         fe:7c:88:32:09:b3:f3:02:ef:a8:12:2d:1c:fe:f2:75:53:32:
         84:b6:4f:73:83:85:cd:8f:6f:eb:c7:8b:6b:e3:32:e2:33:6c:
         67:0c:6e:8e
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgIDGyT5MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGRl
ZGY4ZDU3MzZjMDU1N2U3MjdmNmRiNzJlOTg0ODM3YTMwMGI4YWMwHhcNMjMwOTI0
MTMzMjA1WhcNMjUwOTI1MTMzMjA1WjAzMTEwLwYDVQQDEyg2MGFkYjg1NjRkNGQw
N2ViZjU1YTk1ODA4ZWI5MjljZDM5ZWNlZjU4MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA1UZ7l0RJyI+yYXWdDkfq0XGCVwDA19HBX05YUjxAO73llQWC
0rrZ5Is4djPl2jbFGsLQ9cQrLlISKJRJCZUSxAm/V5BRZRRfYRBtsyKDMSTnGltc
wBWkGuKBJz58BVeN1uHL8iLfpqUdGmTVCjwY49VqkbTb4BChHWymCKlZf5BwXYwD
hcbeyk06LDLDiipGdor5S+Rmt+vYr846ms7NjzoUkufrXgg7YrS+0xDCLJnYQNXq
/WTsJGe2XuQRV5YiiRcG7X2fOnyC3TP0l+CJc2reSM8skgNM0/r+9ch/rKFR9yqh
Ud3hk/Zer+m4iUvxM+mBnK1gVI0bZyhC38cVDwIDAQABo4ICajCCAmYwHQYDVR0O
BBYEFFKpDDXCS7pGdrbsaNs6Amn+aqJBMB8GA1UdIwQYMBaAFDL1RU6FubrP49aB
VZXOtgDrpU+aMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvZGVkZjhk
NTczNmMwNTU3ZTcyN2Y2ZGI3MmU5ODQ4MzdhMzAwYjhhYy5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvZTQyZDcxMWQtMmMwMy00MGY2LWFjNDUtNjkwM2E1
NGIyMzI0LzYwYWRiODU2NGQ0ZDA3ZWJmNTVhOTU4MDhlYjkyOWNkMzllY2VmNTgu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9lNDJkNzExZC0yYzAzLTQwZjYtYWM0NS02OTAz
YTU0YjIzMjQvZGVkZjhkNTczNmMwNTU3ZTcyN2Y2ZGI3MmU5ODQ4MzdhMzAwYjhh
Yy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQf
MB0wDAQCAAEwBgMEArXhvDANBAIAAjAHAwUAKANT4DANBgkqhkiG9w0BAQsFAAOC
AQEAyFw3dKvunb6tQAgsyCdDXCcEbSvEopsQ/1mt5cIp2nGZ4QPbm0MbOVO36VEC
lijVZ7ng11ZNb2MO4VhD5mJyevOByI7g7WRsbxHHXDXgFvu4FcsW/2xFPaXA9AzM
2F2AULmloVkSPRauGxtOlvw9MNQNWgwpupr1pvqMR/7vdx7U6SW8H5Gukr8mf5FT
ejbcg6sVEizle3sWvtq+qyR4EpHL4h0CSuHjah613OooyVduJyzULd5c5O5XaT7+
EaKsdKSf7vZKEsCmSBSnFzY6DGz9oWPe5JT7/nyIMgmz8wLvqBItHP7ydVMyhLZP
c4OFzY9v68eLa+My4jNsZwxujg==
-----END CERTIFICATE-----
Generated at Fri Feb 23 01:31:19 2024 by rpki-client on console-ams.rpki-client.org