Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/e80705f0-4f2b-43fe-b9b8-d338f79298a7/de38980f1b21afb7a4df339369109121a0123cef.roa
File:                     de38980f1b21afb7a4df339369109121a0123cef.roa (raw, json)
Hash identifier:          s18XfTGbuUL38WsjTtYUT6525MZYV9nvXZAYxrNGaFA=
Subject key identifier:   64:4F:F9:AE:C6:D6:7E:B1:54:C1:56:BD:09:1B:A8:F0:2A:FA:C6:D9
Certificate issuer:       /CN=031cc30e575cdbf3eab60cfb6b609fbb71a064e9
Certificate serial:       0D088E
Authority key identifier: 6D:A8:46:74:FE:7C:FB:B0:9D:EB:6C:0B:74:30:03:76:E0:34:2D:B5
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/031cc30e575cdbf3eab60cfb6b609fbb71a064e9.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/e80705f0-4f2b-43fe-b9b8-d338f79298a7/de38980f1b21afb7a4df339369109121a0123cef.roa
Signing time:             Wed 24 Mar 2021 14:39:29 +0000
ROA not before:           Wed 24 Mar 2021 14:39:29 +0000
ROA not after:            Tue 24 Mar 2026 14:39:29 +0000
asID:                     264668
IP address blocks:        201.182.84.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/e80705f0-4f2b-43fe-b9b8-d338f79298a7/031cc30e575cdbf3eab60cfb6b609fbb71a064e9.crl
                          rsync://repository.lacnic.net/rpki/lacnic/e80705f0-4f2b-43fe-b9b8-d338f79298a7/031cc30e575cdbf3eab60cfb6b609fbb71a064e9.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/031cc30e575cdbf3eab60cfb6b609fbb71a064e9.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 12:22:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 854158 (0xd088e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=031cc30e575cdbf3eab60cfb6b609fbb71a064e9
        Validity
            Not Before: Mar 24 14:39:29 2021 GMT
            Not After : Mar 24 14:39:29 2026 GMT
        Subject: CN=de38980f1b21afb7a4df339369109121a0123cef
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:67:d2:9f:44:e4:fb:bb:11:a8:d6:8b:7a:46:
                    cd:9d:ea:1f:85:de:34:6b:85:3b:d1:0b:e3:8d:c0:
                    10:f2:c3:db:94:eb:31:94:d1:36:91:36:2c:5a:bb:
                    c6:8f:90:34:1c:b9:2e:7e:26:33:4d:32:63:25:15:
                    bb:1f:c7:b2:10:ad:23:02:94:2b:82:0c:e9:d3:98:
                    87:ac:a7:c5:f4:78:fe:66:57:40:7e:ff:ef:47:cf:
                    3e:79:7c:5a:1b:00:6b:e6:bb:55:de:91:0e:b1:3d:
                    62:85:94:7d:b4:c1:cf:30:f1:d0:5b:1d:3a:77:51:
                    8b:ac:87:f3:13:de:29:61:b7:3b:2b:7a:ae:20:5c:
                    b9:51:63:8f:32:3f:a3:f2:92:37:34:be:d2:ff:64:
                    f2:ac:45:56:5c:d5:3a:dc:e5:47:63:0c:d3:9c:d6:
                    99:ee:28:8b:a7:5f:b0:87:e4:0e:de:69:45:13:08:
                    79:0a:9c:40:bb:e0:7c:d4:d7:89:1b:3e:3a:0a:0b:
                    36:97:cc:53:34:1d:e3:ea:42:bd:9b:f1:b8:75:49:
                    01:05:dc:69:8e:d7:03:50:cf:98:14:6a:2a:af:4e:
                    9b:8d:d2:2f:ba:df:18:82:dc:ea:c5:3f:53:59:62:
                    90:24:e4:39:af:9b:7f:d1:ee:48:e3:3a:7e:3a:e8:
                    ff:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                64:4F:F9:AE:C6:D6:7E:B1:54:C1:56:BD:09:1B:A8:F0:2A:FA:C6:D9
            X509v3 Authority Key Identifier:
                keyid:6D:A8:46:74:FE:7C:FB:B0:9D:EB:6C:0B:74:30:03:76:E0:34:2D:B5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/031cc30e575cdbf3eab60cfb6b609fbb71a064e9.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/e80705f0-4f2b-43fe-b9b8-d338f79298a7/de38980f1b21afb7a4df339369109121a0123cef.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/e80705f0-4f2b-43fe-b9b8-d338f79298a7/031cc30e575cdbf3eab60cfb6b609fbb71a064e9.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  201.182.84.0/22

    Signature Algorithm: sha256WithRSAEncryption
         7b:8f:de:d7:a4:bf:8c:57:26:c3:96:7c:38:09:88:cc:76:e9:
         d7:fa:ec:ef:3e:8f:9e:2e:8a:f7:ee:54:a1:5b:0d:a1:05:c0:
         6a:c3:c5:66:4e:4a:9a:23:ba:d1:e9:48:25:9a:92:72:ff:eb:
         46:8c:d4:96:e9:51:a5:74:a1:a0:4d:e2:66:2f:f4:8a:fd:30:
         fe:3b:bc:76:29:9e:aa:95:35:ba:30:b2:17:19:62:de:1c:58:
         f5:55:72:7c:ba:ad:a4:60:6a:e2:48:59:84:7f:bb:c5:2c:5a:
         fe:03:f9:2e:f5:ad:f2:3c:0f:d7:b3:1e:63:04:c2:88:8e:69:
         d2:35:6d:04:6c:c4:cb:19:36:7e:a9:e8:79:4f:77:56:56:b8:
         a8:da:7c:5e:ab:fd:27:2f:74:90:46:01:3b:61:29:ac:8e:75:
         7b:59:46:49:67:d3:8c:06:c4:f0:a5:3c:a6:f0:15:34:f5:c2:
         c1:e1:5b:e3:29:ec:93:c0:83:b0:79:b8:83:be:42:b0:b3:15:
         a4:27:04:3e:30:aa:53:f8:6c:d7:77:a5:0f:40:5d:1e:d9:38:
         73:a7:df:71:bb:dc:32:76:f8:8e:50:d3:8e:e1:d0:bf:dc:34:
         fc:b0:7b:06:09:ae:bb:19:55:a0:7b:96:c3:b4:fa:1f:b9:c1:
         37:01:4c:70
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDDQiOMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDAz
MWNjMzBlNTc1Y2RiZjNlYWI2MGNmYjZiNjA5ZmJiNzFhMDY0ZTkwHhcNMjEwMzI0
MTQzOTI5WhcNMjYwMzI0MTQzOTI5WjAzMTEwLwYDVQQDEyhkZTM4OTgwZjFiMjFh
ZmI3YTRkZjMzOTM2OTEwOTEyMWEwMTIzY2VmMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAlGfSn0Tk+7sRqNaLekbNneofhd40a4U70QvjjcAQ8sPblOsx
lNE2kTYsWrvGj5A0HLkufiYzTTJjJRW7H8eyEK0jApQrggzp05iHrKfF9Hj+ZldA
fv/vR88+eXxaGwBr5rtV3pEOsT1ihZR9tMHPMPHQWx06d1GLrIfzE94pYbc7K3qu
IFy5UWOPMj+j8pI3NL7S/2TyrEVWXNU63OVHYwzTnNaZ7iiLp1+wh+QO3mlFEwh5
CpxAu+B81NeJGz46Cgs2l8xTNB3j6kK9m/G4dUkBBdxpjtcDUM+YFGoqr06bjdIv
ut8YgtzqxT9TWWKQJOQ5r5t/0e5I4zp+Ouj/UQIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFGRP+a7G1n6xVMFWvQkbqPAq+sbZMB8GA1UdIwQYMBaAFG2oRnT+fPuwnets
C3QwA3bgNC21MA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvMDMxY2Mz
MGU1NzVjZGJmM2VhYjYwY2ZiNmI2MDlmYmI3MWEwNjRlOS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvZTgwNzA1ZjAtNGYyYi00M2ZlLWI5YjgtZDMzOGY3
OTI5OGE3L2RlMzg5ODBmMWIyMWFmYjdhNGRmMzM5MzY5MTA5MTIxYTAxMjNjZWYu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9lODA3MDVmMC00ZjJiLTQzZmUtYjliOC1kMzM4
Zjc5Mjk4YTcvMDMxY2MzMGU1NzVjZGJmM2VhYjYwY2ZiNmI2MDlmYmI3MWEwNjRl
OS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAsm2VDANBgkqhkiG9w0BAQsFAAOCAQEAe4/e16S/jFcmw5Z8
OAmIzHbp1/rs7z6Pni6K9+5UoVsNoQXAasPFZk5KmiO60elIJZqScv/rRozUlulR
pXShoE3iZi/0iv0w/ju8dimeqpU1ujCyFxli3hxY9VVyfLqtpGBq4khZhH+7xSxa
/gP5LvWt8jwP17MeYwTCiI5p0jVtBGzEyxk2fqnoeU93Vla4qNp8Xqv9Jy90kEYB
O2EprI51e1lGSWfTjAbE8KU8pvAVNPXCweFb4ynsk8CDsHm4g75CsLMVpCcEPjCq
U/hs13elD0BdHtk4c6ffcbvcMnb4jlDTjuHQv9w0/LB7BgmuuxlVoHuWw7T6H7nB
NwFMcA==
-----END CERTIFICATE-----
Generated at Thu Mar 28 14:03:00 2024 by rpki-client on console-fra.rpki-client.org