Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/e65946f6-1f47-409f-a11c-7e3505bebf3a/4e503e2d51cce3fa5f442aea2f7a6afdcd352c3d.roa
File:                     4e503e2d51cce3fa5f442aea2f7a6afdcd352c3d.roa (raw, json)
Hash identifier:          t6iZ8YdTuVtEL3FsXedFo5uGwkbYTwIw3WYaNj9N/RY=
Subject key identifier:   42:F3:44:F7:8D:C2:0A:CB:B8:DF:1E:C3:C0:A4:F4:A3:CA:1A:87:8E
Certificate issuer:       /CN=4c1e2a981bc2f6315b444fd175be279aa44a75a8
Certificate serial:       18B03E
Authority key identifier: 56:07:63:52:05:47:55:03:BF:8E:96:ED:36:2F:9F:EE:43:05:59:8F
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/4c1e2a981bc2f6315b444fd175be279aa44a75a8.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/e65946f6-1f47-409f-a11c-7e3505bebf3a/4e503e2d51cce3fa5f442aea2f7a6afdcd352c3d.roa
Signing time:             Tue 28 Jun 2022 20:12:31 +0000
ROA not before:           Wed 24 Mar 2021 03:00:00 +0000
ROA not after:            Mon 24 Mar 2036 03:00:00 +0000
asID:                     52328
IP address blocks:        190.211.64.0/20 maxlen: 20
                          190.211.64.0/21 maxlen: 21
                          190.211.72.0/21 maxlen: 21
                          190.211.64.0/22 maxlen: 22
                          190.211.68.0/22 maxlen: 22
                          190.211.72.0/22 maxlen: 22
                          190.211.76.0/22 maxlen: 22
                          190.211.64.0/23 maxlen: 23
                          190.211.66.0/23 maxlen: 23
                          190.211.68.0/23 maxlen: 23
                          190.211.70.0/23 maxlen: 23
                          190.211.72.0/23 maxlen: 23
                          190.211.74.0/23 maxlen: 23
                          190.211.76.0/23 maxlen: 23
                          190.211.78.0/23 maxlen: 23
                          190.211.64.0/24 maxlen: 24
                          190.211.65.0/24 maxlen: 24
                          190.211.66.0/24 maxlen: 24
                          190.211.67.0/24 maxlen: 24
                          190.211.68.0/24 maxlen: 24
                          190.211.69.0/24 maxlen: 24
                          190.211.70.0/24 maxlen: 24
                          190.211.71.0/24 maxlen: 24
                          190.211.72.0/24 maxlen: 24
                          190.211.73.0/24 maxlen: 24
                          190.211.74.0/24 maxlen: 24
                          190.211.75.0/24 maxlen: 24
                          190.211.76.0/24 maxlen: 24
                          190.211.77.0/24 maxlen: 24
                          190.211.78.0/24 maxlen: 24
                          190.211.79.0/24 maxlen: 24
                          201.159.216.0/22 maxlen: 22
                          201.159.216.0/23 maxlen: 23
                          201.159.218.0/23 maxlen: 23
                          201.159.216.0/24 maxlen: 24
                          201.159.217.0/24 maxlen: 24
                          201.159.218.0/24 maxlen: 24
                          201.159.219.0/24 maxlen: 24
                          138.99.172.0/22 maxlen: 22
                          138.99.172.0/23 maxlen: 23
                          138.99.174.0/23 maxlen: 23
                          138.99.172.0/24 maxlen: 24
                          138.99.173.0/24 maxlen: 24
                          138.99.174.0/24 maxlen: 24
                          138.99.175.0/24 maxlen: 24
                          45.226.174.0/23 maxlen: 23
                          45.226.174.0/24 maxlen: 24
                          45.226.175.0/24 maxlen: 24
                          2803:4980::/32 maxlen: 48

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/e65946f6-1f47-409f-a11c-7e3505bebf3a/4c1e2a981bc2f6315b444fd175be279aa44a75a8.crl
                          rsync://repository.lacnic.net/rpki/lacnic/e65946f6-1f47-409f-a11c-7e3505bebf3a/4c1e2a981bc2f6315b444fd175be279aa44a75a8.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/4c1e2a981bc2f6315b444fd175be279aa44a75a8.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 02 Mar 2024 22:45:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1617982 (0x18b03e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4c1e2a981bc2f6315b444fd175be279aa44a75a8
        Validity
            Not Before: Mar 24 03:00:00 2021 GMT
            Not After : Mar 24 03:00:00 2036 GMT
        Subject: CN=4e503e2d51cce3fa5f442aea2f7a6afdcd352c3d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:e8:ca:dd:b1:9d:6a:67:36:c6:d3:83:ac:df:
                    1f:a3:8f:03:29:38:4f:c3:18:89:a0:c3:b2:38:f4:
                    39:2b:95:cb:7d:7f:42:91:1f:7f:c7:18:19:af:df:
                    7f:67:98:bb:57:c1:b5:ca:5a:66:51:3b:be:51:c3:
                    7f:b6:c4:06:b7:2c:62:32:4b:a6:49:cb:0b:f0:02:
                    d9:1f:b8:66:3b:4e:66:31:34:66:94:aa:5a:87:e1:
                    12:03:38:c7:57:25:10:07:2f:08:da:0b:0e:23:bd:
                    27:b2:32:01:46:06:19:76:78:b9:54:7f:89:6b:b6:
                    17:7e:69:35:f5:30:76:5f:99:36:da:2d:98:d5:a7:
                    84:e7:56:b1:fe:1d:d0:12:9a:b7:37:e6:9a:ca:8b:
                    fb:9e:b7:e0:95:d9:13:1d:b3:4f:ad:ec:65:f8:5d:
                    11:84:bb:ac:e4:79:b1:d8:24:a4:69:1d:d3:62:d7:
                    cb:2e:94:31:58:a8:c3:73:e9:c0:d6:cc:77:3f:f8:
                    bb:9a:02:d3:9f:77:45:63:ff:ac:43:32:28:84:f1:
                    2e:cb:30:16:14:62:e5:6d:44:28:6b:6a:84:d7:e1:
                    7a:c9:f6:d4:06:f2:31:80:50:d2:f8:55:a9:cd:e1:
                    b9:76:31:70:9d:56:eb:cc:3b:39:42:20:bb:6c:86:
                    e5:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                42:F3:44:F7:8D:C2:0A:CB:B8:DF:1E:C3:C0:A4:F4:A3:CA:1A:87:8E
            X509v3 Authority Key Identifier:
                keyid:56:07:63:52:05:47:55:03:BF:8E:96:ED:36:2F:9F:EE:43:05:59:8F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/4c1e2a981bc2f6315b444fd175be279aa44a75a8.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/e65946f6-1f47-409f-a11c-7e3505bebf3a/4e503e2d51cce3fa5f442aea2f7a6afdcd352c3d.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/e65946f6-1f47-409f-a11c-7e3505bebf3a/4c1e2a981bc2f6315b444fd175be279aa44a75a8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.226.174.0/23
                  138.99.172.0/22
                  190.211.64.0/20
                  201.159.216.0/22
                IPv6:
                  2803:4980::/32

    Signature Algorithm: sha256WithRSAEncryption
         5b:2d:52:22:b6:10:3b:d2:5a:68:32:79:f4:2d:8c:dd:f9:94:
         46:7d:9f:20:f2:e9:e0:e1:80:54:fa:fd:0f:e3:01:49:2a:7f:
         0e:3d:f0:64:dc:d7:de:3f:c3:ca:27:21:30:76:dd:65:89:07:
         af:87:ae:64:f2:d8:af:67:9b:30:e1:c7:dd:d8:5f:b5:2e:1f:
         a7:97:0e:39:cc:cb:01:d2:22:7f:4d:29:f5:e4:c1:eb:e0:aa:
         b0:34:a9:70:7f:9c:c2:a7:97:44:13:ff:85:63:15:a6:9d:53:
         19:79:c8:ec:32:e2:7e:9c:35:65:d7:b8:35:24:6f:d3:74:45:
         63:60:8f:70:56:42:9a:39:91:8c:b7:07:6e:22:59:62:80:91:
         bf:7b:8b:d8:61:20:f7:7d:8a:4f:4a:07:dc:83:6d:24:08:da:
         6c:38:de:e8:c9:d7:56:74:38:4a:98:21:6b:18:af:e1:2d:c0:
         69:d4:80:90:5f:1b:c6:b6:d4:ef:6d:19:a4:5a:27:ad:b8:fd:
         74:e0:88:e4:c7:81:91:ef:0e:72:15:2b:06:ab:cc:21:41:b4:
         c4:b2:00:62:14:25:47:75:25:cb:2a:d8:b4:ba:f8:32:f4:77:
         1d:9b:c7:0f:a5:6d:59:27:5c:c4:ff:99:14:d5:cf:f6:f5:cc:
         da:55:c2:2f
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIDGLA+MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDRj
MWUyYTk4MWJjMmY2MzE1YjQ0NGZkMTc1YmUyNzlhYTQ0YTc1YTgwHhcNMjEwMzI0
MDMwMDAwWhcNMzYwMzI0MDMwMDAwWjAzMTEwLwYDVQQDEyg0ZTUwM2UyZDUxY2Nl
M2ZhNWY0NDJhZWEyZjdhNmFmZGNkMzUyYzNkMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAlejK3bGdamc2xtODrN8fo48DKThPwxiJoMOyOPQ5K5XLfX9C
kR9/xxgZr99/Z5i7V8G1ylpmUTu+UcN/tsQGtyxiMkumScsL8ALZH7hmO05mMTRm
lKpah+ESAzjHVyUQBy8I2gsOI70nsjIBRgYZdni5VH+Ja7YXfmk19TB2X5k22i2Y
1aeE51ax/h3QEpq3N+aayov7nrfgldkTHbNPrexl+F0RhLus5Hmx2CSkaR3TYtfL
LpQxWKjDc+nA1sx3P/i7mgLTn3dFY/+sQzIohPEuyzAWFGLlbUQoa2qE1+F6yfbU
BvIxgFDS+FWpzeG5djFwnVbrzDs5QiC7bIblowIDAQABo4ICfDCCAngwHQYDVR0O
BBYEFELzRPeNwgrLuN8ew8Ck9KPKGoeOMB8GA1UdIwQYMBaAFFYHY1IFR1UDv46W
7TYvn+5DBVmPMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvNGMxZTJh
OTgxYmMyZjYzMTViNDQ0ZmQxNzViZTI3OWFhNDRhNzVhOC5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvZTY1OTQ2ZjYtMWY0Ny00MDlmLWExMWMtN2UzNTA1
YmViZjNhLzRlNTAzZTJkNTFjY2UzZmE1ZjQ0MmFlYTJmN2E2YWZkY2QzNTJjM2Qu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9lNjU5NDZmNi0xZjQ3LTQwOWYtYTExYy03ZTM1
MDViZWJmM2EvNGMxZTJhOTgxYmMyZjYzMTViNDQ0ZmQxNzViZTI3OWFhNDRhNzVh
OC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBABggrBgEFBQcBBwEB/wQx
MC8wHgQCAAEwGAMEAS3irgMEAopjrAMEBL7TQAMEAsmf2DANBAIAAjAHAwUAKANJ
gDANBgkqhkiG9w0BAQsFAAOCAQEAWy1SIrYQO9JaaDJ59C2M3fmURn2fIPLp4OGA
VPr9D+MBSSp/Dj3wZNzX3j/DyichMHbdZYkHr4euZPLYr2ebMOHH3dhftS4fp5cO
OczLAdIif00p9eTB6+CqsDSpcH+cwqeXRBP/hWMVpp1TGXnI7DLifpw1Zde4NSRv
03RFY2CPcFZCmjmRjLcHbiJZYoCRv3uL2GEg932KT0oH3INtJAjabDje6MnXVnQ4
Spghaxiv4S3AadSAkF8bxrbU720ZpFonrbj9dOCI5MeBke8OchUrBqvMIUG0xLIA
YhQlR3UlyyrYtLr4MvR3HZvHD6VtWSdcxP+ZFNXP9vXM2lXCLw==
-----END CERTIFICATE-----
Generated at Wed Feb 28 23:36:23 2024 by rpki-client on console-fra.rpki-client.org