Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/e6c28a90-6df1-4e3a-aea1-5288ea579c54/4974dc4d62791b475e243785e7d17f52efd9f704.roa
File:                     4974dc4d62791b475e243785e7d17f52efd9f704.roa (raw, json)
Hash identifier:          s76nSXPia0nnjy81NhSNTlOh3+/CPZNKPnfibRh1KFU=
Subject key identifier:   FF:10:7F:15:B1:12:50:8B:BA:EA:0B:A9:11:EB:6C:D4:B1:EC:4B:51
Certificate issuer:       /CN=ce0912528b97c919a76319567c2e68b8d44d0cef
Certificate serial:       0AB195
Authority key identifier: 6A:7D:93:D4:F2:2A:E8:93:2A:D1:35:49:73:9F:3C:AE:73:75:16:7D
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ce0912528b97c919a76319567c2e68b8d44d0cef.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/e6c28a90-6df1-4e3a-aea1-5288ea579c54/4974dc4d62791b475e243785e7d17f52efd9f704.roa
Signing time:             Wed 24 Mar 2021 14:35:40 +0000
ROA not before:           Wed 24 Mar 2021 14:35:38 +0000
ROA not after:            Tue 24 Mar 2026 14:35:38 +0000
asID:                     14080
IP address blocks:        170.83.59.0/24 maxlen: 24
                          2801:1e:d000::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/e6c28a90-6df1-4e3a-aea1-5288ea579c54/ce0912528b97c919a76319567c2e68b8d44d0cef.crl
                          rsync://repository.lacnic.net/rpki/lacnic/e6c28a90-6df1-4e3a-aea1-5288ea579c54/ce0912528b97c919a76319567c2e68b8d44d0cef.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ce0912528b97c919a76319567c2e68b8d44d0cef.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 12:15:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 700821 (0xab195)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ce0912528b97c919a76319567c2e68b8d44d0cef
        Validity
            Not Before: Mar 24 14:35:38 2021 GMT
            Not After : Mar 24 14:35:38 2026 GMT
        Subject: CN=4974dc4d62791b475e243785e7d17f52efd9f704
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:d8:88:6b:35:06:bd:50:00:56:60:e9:9e:36:
                    1a:48:15:9e:59:db:3d:4a:7a:52:77:39:78:2c:59:
                    df:99:a6:11:35:36:58:d6:25:0e:60:99:60:ba:f3:
                    da:60:8c:b2:00:67:0f:80:69:f5:c1:8a:d4:38:25:
                    a1:d3:c2:ab:4b:a5:4d:af:47:e9:ff:ce:ea:de:cc:
                    f5:aa:d9:98:eb:cb:52:43:69:74:3a:6c:7e:ae:fc:
                    18:85:46:8f:84:1e:6c:3d:1e:65:81:2f:1f:f8:f1:
                    0f:d5:b4:b4:0d:2f:2e:aa:55:a3:82:9d:c6:b4:a3:
                    c1:ca:ac:d6:e4:85:6f:d3:b9:3f:33:dc:9b:be:fe:
                    b8:7d:66:93:38:5e:57:c6:f7:75:03:f6:0a:f6:f8:
                    03:77:72:7b:21:e3:95:d6:86:8d:2a:6f:7b:85:74:
                    5c:aa:0d:34:ea:46:e4:f2:80:67:b4:d5:59:3b:e6:
                    21:59:23:ba:cd:c1:76:3c:f6:fd:23:48:cd:0d:08:
                    c1:c9:b0:30:28:7f:41:96:3e:3a:f6:bf:23:c3:8e:
                    f0:e5:0c:c2:bc:c2:bb:06:d4:9d:39:21:8f:f5:76:
                    97:12:1b:2a:48:f1:16:fc:ca:14:35:2f:4b:ae:ce:
                    a1:d3:ed:c8:16:e0:26:11:d8:1c:5a:97:6d:30:f7:
                    b4:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FF:10:7F:15:B1:12:50:8B:BA:EA:0B:A9:11:EB:6C:D4:B1:EC:4B:51
            X509v3 Authority Key Identifier:
                keyid:6A:7D:93:D4:F2:2A:E8:93:2A:D1:35:49:73:9F:3C:AE:73:75:16:7D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ce0912528b97c919a76319567c2e68b8d44d0cef.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/e6c28a90-6df1-4e3a-aea1-5288ea579c54/4974dc4d62791b475e243785e7d17f52efd9f704.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/e6c28a90-6df1-4e3a-aea1-5288ea579c54/ce0912528b97c919a76319567c2e68b8d44d0cef.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  170.83.59.0/24
                IPv6:
                  2801:1e:d000::/48

    Signature Algorithm: sha256WithRSAEncryption
         06:bf:e1:e4:68:f8:d7:d1:bd:13:25:10:fc:4d:e3:d2:ba:75:
         02:6b:5d:9c:bb:28:8b:8d:01:f6:6c:c1:81:2b:32:5b:8d:66:
         b2:27:a6:2b:2d:f1:e0:de:8b:fa:58:ea:20:ca:f6:be:14:d7:
         6e:f4:eb:9d:e2:86:79:94:23:a7:79:5a:1a:3d:4f:e0:f1:03:
         0a:72:57:f8:11:c9:d3:e2:5d:aa:d9:7e:25:7c:00:6d:c4:a2:
         88:c5:42:fc:71:48:3c:28:36:ce:e9:3e:99:ee:af:31:fb:5e:
         fe:91:10:65:78:d5:e7:47:23:86:b3:d5:7a:b9:04:de:fb:df:
         43:cb:3b:29:8d:1a:07:38:6b:6a:b0:37:11:fd:45:33:50:0b:
         c8:6a:8f:ae:a5:b2:6b:b8:a6:c9:f8:02:83:91:49:e3:56:96:
         dd:8d:d9:4a:c4:68:65:57:6d:64:24:6d:2a:c5:fe:46:50:0f:
         da:20:5e:62:91:54:af:31:eb:de:4f:30:7d:58:95:a0:51:a9:
         1d:c3:b7:84:bd:17:b6:0a:0b:9c:4e:7a:58:a4:dc:e3:0c:3c:
         32:8f:6c:4a:1e:16:2f:ad:31:d2:6c:c2:56:87:a7:f7:85:a3:
         50:f8:f3:7f:d2:e2:d7:a8:0c:c1:2e:85:d1:a7:23:82:91:05:
         ed:5f:6f:6a
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgIDCrGVMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGNl
MDkxMjUyOGI5N2M5MTlhNzYzMTk1NjdjMmU2OGI4ZDQ0ZDBjZWYwHhcNMjEwMzI0
MTQzNTM4WhcNMjYwMzI0MTQzNTM4WjAzMTEwLwYDVQQDEyg0OTc0ZGM0ZDYyNzkx
YjQ3NWUyNDM3ODVlN2QxN2Y1MmVmZDlmNzA0MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA29iIazUGvVAAVmDpnjYaSBWeWds9SnpSdzl4LFnfmaYRNTZY
1iUOYJlguvPaYIyyAGcPgGn1wYrUOCWh08KrS6VNr0fp/87q3sz1qtmY68tSQ2l0
Omx+rvwYhUaPhB5sPR5lgS8f+PEP1bS0DS8uqlWjgp3GtKPByqzW5IVv07k/M9yb
vv64fWaTOF5Xxvd1A/YK9vgDd3J7IeOV1oaNKm97hXRcqg006kbk8oBntNVZO+Yh
WSO6zcF2PPb9I0jNDQjBybAwKH9Blj469r8jw47w5QzCvMK7BtSdOSGP9XaXEhsq
SPEW/MoUNS9Lrs6h0+3IFuAmEdgcWpdtMPe0hwIDAQABo4ICbDCCAmgwHQYDVR0O
BBYEFP8QfxWxElCLuuoLqRHrbNSx7EtRMB8GA1UdIwQYMBaAFGp9k9TyKuiTKtE1
SXOfPK5zdRZ9MA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvY2UwOTEy
NTI4Yjk3YzkxOWE3NjMxOTU2N2MyZTY4YjhkNDRkMGNlZi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvZTZjMjhhOTAtNmRmMS00ZTNhLWFlYTEtNTI4OGVh
NTc5YzU0LzQ5NzRkYzRkNjI3OTFiNDc1ZTI0Mzc4NWU3ZDE3ZjUyZWZkOWY3MDQu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9lNmMyOGE5MC02ZGYxLTRlM2EtYWVhMS01Mjg4
ZWE1NzljNTQvY2UwOTEyNTI4Yjk3YzkxOWE3NjMxOTU2N2MyZTY4YjhkNDRkMGNl
Zi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAwBggrBgEFBQcBBwEB/wQh
MB8wDAQCAAEwBgMEAKpTOzAPBAIAAjAJAwcAKAEAHtAAMA0GCSqGSIb3DQEBCwUA
A4IBAQAGv+HkaPjX0b0TJRD8TePSunUCa12cuyiLjQH2bMGBKzJbjWayJ6YrLfHg
3ov6WOogyva+FNdu9Oud4oZ5lCOneVoaPU/g8QMKclf4EcnT4l2q2X4lfABtxKKI
xUL8cUg8KDbO6T6Z7q8x+17+kRBleNXnRyOGs9V6uQTe+99DyzspjRoHOGtqsDcR
/UUzUAvIao+upbJruKbJ+AKDkUnjVpbdjdlKxGhlV21kJG0qxf5GUA/aIF5ikVSv
MeveTzB9WJWgUakdw7eEvRe2CgucTnpYpNzjDDwyj2xKHhYvrTHSbMJWh6f3haNQ
+PN/0uLXqAzBLoXRpyOCkQXtX29q
-----END CERTIFICATE-----
Generated at Thu Mar 28 13:29:33 2024 by rpki-client on console-ams.rpki-client.org