Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/e42d711d-2c03-40f6-ac45-6903a54b2324/fb554837b895ef884303a32ba14142b2b9d5db08.roa
File:                     fb554837b895ef884303a32ba14142b2b9d5db08.roa (raw, json)
Hash identifier:          85mAIL4ueBLLx53vpD5zEUkGEl0NvyTtDArrX+/JucM=
Subject key identifier:   27:8A:9D:74:CC:2A:74:F9:F1:89:97:91:27:E6:DE:CF:55:68:5C:4E
Certificate issuer:       /CN=dedf8d5736c0557e727f6db72e984837a300b8ac
Certificate serial:       1B28CD
Authority key identifier: 32:F5:45:4E:85:B9:BA:CF:E3:D6:81:55:95:CE:B6:00:EB:A5:4F:9A
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/dedf8d5736c0557e727f6db72e984837a300b8ac.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/e42d711d-2c03-40f6-ac45-6903a54b2324/fb554837b895ef884303a32ba14142b2b9d5db08.roa
Signing time:             Mon 25 Sep 2023 13:32:06 +0000
ROA not before:           Sun 24 Sep 2023 13:32:05 +0000
ROA not after:            Thu 25 Sep 2025 13:32:05 +0000
asID:                     272139
IP address blocks:        181.225.188.0/22 maxlen: 24
                          2803:53e0::/32 maxlen: 48

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/e42d711d-2c03-40f6-ac45-6903a54b2324/dedf8d5736c0557e727f6db72e984837a300b8ac.crl
                          rsync://repository.lacnic.net/rpki/lacnic/e42d711d-2c03-40f6-ac45-6903a54b2324/dedf8d5736c0557e727f6db72e984837a300b8ac.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/dedf8d5736c0557e727f6db72e984837a300b8ac.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Tue 27 Feb 2024 21:42:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1779917 (0x1b28cd)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dedf8d5736c0557e727f6db72e984837a300b8ac
        Validity
            Not Before: Sep 24 13:32:05 2023 GMT
            Not After : Sep 25 13:32:05 2025 GMT
        Subject: CN=fb554837b895ef884303a32ba14142b2b9d5db08
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:15:15:84:33:f6:01:96:ca:b7:73:d7:25:db:
                    23:c9:95:8f:ba:9e:b5:a1:29:d4:bd:56:9a:6e:62:
                    d3:83:35:6b:bb:a4:dd:09:f6:3e:fa:a0:da:80:60:
                    28:38:f1:f3:64:05:ba:ff:e2:2a:3d:4d:54:70:e3:
                    de:d6:16:e5:d4:2a:e9:30:9b:88:a2:88:7a:c2:d4:
                    5c:be:cb:68:0e:7c:7a:b3:1f:7d:58:02:14:90:9f:
                    16:76:cd:71:ca:21:e9:2e:c7:3a:19:8e:e6:2b:50:
                    c9:fd:12:9a:3d:1f:0b:1d:cd:eb:66:ec:31:5f:fc:
                    73:7f:44:52:58:a9:64:32:7a:25:33:72:b4:72:9e:
                    6b:89:f2:15:34:eb:ab:31:7e:9b:b7:00:12:0d:67:
                    43:16:ad:c0:62:40:7a:e8:60:39:eb:24:9c:7c:b9:
                    b8:d9:88:5c:8b:b1:98:9a:12:65:a9:05:19:a7:a3:
                    03:a7:f4:29:3a:5e:4c:3f:b4:54:6e:ba:f8:0c:87:
                    13:85:1f:ba:9c:07:50:de:fd:1f:c5:6e:20:f9:98:
                    5d:09:58:57:dc:80:f6:be:da:b4:31:f8:ba:b0:6b:
                    34:49:bb:d6:a7:2a:b5:cd:3d:38:69:f3:c7:0f:de:
                    6f:b6:c0:4f:2c:24:d9:72:5a:94:52:41:03:48:6a:
                    86:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                27:8A:9D:74:CC:2A:74:F9:F1:89:97:91:27:E6:DE:CF:55:68:5C:4E
            X509v3 Authority Key Identifier:
                keyid:32:F5:45:4E:85:B9:BA:CF:E3:D6:81:55:95:CE:B6:00:EB:A5:4F:9A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/dedf8d5736c0557e727f6db72e984837a300b8ac.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/e42d711d-2c03-40f6-ac45-6903a54b2324/fb554837b895ef884303a32ba14142b2b9d5db08.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/e42d711d-2c03-40f6-ac45-6903a54b2324/dedf8d5736c0557e727f6db72e984837a300b8ac.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  181.225.188.0/22
                IPv6:
                  2803:53e0::/32

    Signature Algorithm: sha256WithRSAEncryption
         30:48:57:d5:4c:23:99:d6:9a:82:63:41:f3:e5:f6:49:a3:e7:
         9d:b2:e1:bb:3a:c1:77:c5:e7:d7:1f:52:b4:0c:a8:2b:d7:12:
         75:bf:a0:00:63:01:05:d2:c1:26:8b:a7:97:90:9a:55:4c:b9:
         c1:b9:73:ae:e9:bd:57:66:e9:2c:87:8d:df:39:54:ee:2f:b8:
         05:ff:ba:9e:c4:38:74:ee:85:13:3c:2c:b1:03:8e:50:be:39:
         90:7c:e4:0a:b4:05:7d:e8:e1:d5:d2:4a:dc:b8:13:ab:b2:62:
         98:8a:19:75:4b:29:c5:a5:7b:07:16:3e:b9:42:a0:ae:24:6f:
         d5:76:e5:c7:a2:0b:56:d5:6c:5d:fc:e8:89:69:06:77:6c:8c:
         20:d5:ad:b1:6a:77:dd:7c:93:25:f3:4f:c8:22:68:29:72:2c:
         06:a7:3e:ab:75:83:92:03:81:3a:6d:94:9f:87:c4:1d:91:65:
         a6:c5:ef:0f:a2:fc:50:47:cd:53:82:bf:f2:27:06:a4:63:aa:
         71:12:5a:1a:7f:77:d3:82:a8:23:d5:75:13:38:0a:da:ae:6b:
         90:cd:29:ae:d0:c3:eb:9e:e0:64:d6:1c:5a:96:58:4c:f1:4f:
         4e:5a:8d:ad:d7:02:b5:a8:3a:74:1e:74:aa:06:61:74:10:7d:
         ca:49:5b:cc
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgIDGyjNMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGRl
ZGY4ZDU3MzZjMDU1N2U3MjdmNmRiNzJlOTg0ODM3YTMwMGI4YWMwHhcNMjMwOTI0
MTMzMjA1WhcNMjUwOTI1MTMzMjA1WjAzMTEwLwYDVQQDEyhmYjU1NDgzN2I4OTVl
Zjg4NDMwM2EzMmJhMTQxNDJiMmI5ZDVkYjA4MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAwhUVhDP2AZbKt3PXJdsjyZWPup61oSnUvVaabmLTgzVru6Td
CfY++qDagGAoOPHzZAW6/+IqPU1UcOPe1hbl1CrpMJuIooh6wtRcvstoDnx6sx99
WAIUkJ8Wds1xyiHpLsc6GY7mK1DJ/RKaPR8LHc3rZuwxX/xzf0RSWKlkMnolM3K0
cp5rifIVNOurMX6btwASDWdDFq3AYkB66GA56yScfLm42Yhci7GYmhJlqQUZp6MD
p/QpOl5MP7RUbrr4DIcThR+6nAdQ3v0fxW4g+ZhdCVhX3ID2vtq0Mfi6sGs0SbvW
pyq1zT04afPHD95vtsBPLCTZclqUUkEDSGqGswIDAQABo4ICajCCAmYwHQYDVR0O
BBYEFCeKnXTMKnT58YmXkSfm3s9VaFxOMB8GA1UdIwQYMBaAFDL1RU6FubrP49aB
VZXOtgDrpU+aMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvZGVkZjhk
NTczNmMwNTU3ZTcyN2Y2ZGI3MmU5ODQ4MzdhMzAwYjhhYy5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvZTQyZDcxMWQtMmMwMy00MGY2LWFjNDUtNjkwM2E1
NGIyMzI0L2ZiNTU0ODM3Yjg5NWVmODg0MzAzYTMyYmExNDE0MmIyYjlkNWRiMDgu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9lNDJkNzExZC0yYzAzLTQwZjYtYWM0NS02OTAz
YTU0YjIzMjQvZGVkZjhkNTczNmMwNTU3ZTcyN2Y2ZGI3MmU5ODQ4MzdhMzAwYjhh
Yy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQf
MB0wDAQCAAEwBgMEArXhvDANBAIAAjAHAwUAKANT4DANBgkqhkiG9w0BAQsFAAOC
AQEAMEhX1UwjmdaagmNB8+X2SaPnnbLhuzrBd8Xn1x9StAyoK9cSdb+gAGMBBdLB
Jounl5CaVUy5wblzrum9V2bpLIeN3zlU7i+4Bf+6nsQ4dO6FEzwssQOOUL45kHzk
CrQFfejh1dJK3LgTq7JimIoZdUspxaV7BxY+uUKgriRv1Xblx6ILVtVsXfzoiWkG
d2yMINWtsWp33XyTJfNPyCJoKXIsBqc+q3WDkgOBOm2Un4fEHZFlpsXvD6L8UEfN
U4K/8icGpGOqcRJaGn9304KoI9V1EzgK2q5rkM0prtDD657gZNYcWpZYTPFPTlqN
rdcCtag6dB50qgZhdBB9yklbzA==
-----END CERTIFICATE-----
Generated at Sun Feb 25 02:38:45 2024 by rpki-client on console-ams.rpki-client.org