Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/e977afc1-14c3-4ce9-a69b-5b88fc35838a/25014a644462e55d0ad34ff9d0b7d97a33fbb159.roa
File:                     25014a644462e55d0ad34ff9d0b7d97a33fbb159.roa (raw, json)
Hash identifier:          ZEMKoJjPf2eQtRXhhhdx/xTGiF7cVTeYTwEaonj5hkI=
Subject key identifier:   B8:57:B7:7B:F3:FC:B2:B9:6E:09:B8:D4:38:AD:A8:2C:BF:30:8C:06
Certificate issuer:       /CN=928723b4ebd5246c0aa94baeaa44572b7b3662b3
Certificate serial:       0D3AE7
Authority key identifier: 42:E0:8F:E1:1A:DA:5B:56:FE:46:4E:5E:12:A9:21:A0:6E:BD:86:A4
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/928723b4ebd5246c0aa94baeaa44572b7b3662b3.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/e977afc1-14c3-4ce9-a69b-5b88fc35838a/25014a644462e55d0ad34ff9d0b7d97a33fbb159.roa
Signing time:             Wed 24 Mar 2021 14:32:35 +0000
ROA not before:           Wed 24 Mar 2021 14:32:34 +0000
ROA not after:            Tue 24 Mar 2026 14:32:34 +0000
asID:                     5692
IP address blocks:        163.10.0.0/16 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/e977afc1-14c3-4ce9-a69b-5b88fc35838a/928723b4ebd5246c0aa94baeaa44572b7b3662b3.crl
                          rsync://repository.lacnic.net/rpki/lacnic/e977afc1-14c3-4ce9-a69b-5b88fc35838a/928723b4ebd5246c0aa94baeaa44572b7b3662b3.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/928723b4ebd5246c0aa94baeaa44572b7b3662b3.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 01 Apr 2024 05:58:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 867047 (0xd3ae7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=928723b4ebd5246c0aa94baeaa44572b7b3662b3
        Validity
            Not Before: Mar 24 14:32:34 2021 GMT
            Not After : Mar 24 14:32:34 2026 GMT
        Subject: CN=25014a644462e55d0ad34ff9d0b7d97a33fbb159
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:82:59:59:2d:86:4c:0e:06:bd:26:5b:76:ec:
                    7a:59:88:e3:60:b2:c1:3b:f8:c0:fd:93:c2:54:00:
                    4e:d5:64:96:01:db:32:bf:a5:7f:53:60:96:58:d5:
                    e7:b8:1f:fd:5c:3b:07:57:e1:63:5e:a8:be:66:11:
                    cc:f9:83:8c:28:53:3b:42:f5:09:f2:f7:0f:99:cb:
                    76:a8:e2:4c:58:f4:fe:e2:be:c0:77:b8:7c:7d:a9:
                    e9:ef:c9:ec:a4:77:10:05:30:84:db:8d:fb:83:a1:
                    b7:f7:9b:ef:b3:01:26:2c:70:4e:cb:79:ae:95:4e:
                    1c:76:8e:28:9a:24:bb:3a:2b:5c:d1:9d:3e:e3:16:
                    51:40:6f:03:61:8b:49:ed:b4:f0:63:68:18:27:3f:
                    dd:fa:e8:a3:b5:fb:36:e9:a9:f0:57:b6:1c:a9:bd:
                    c7:90:0d:9a:06:3f:8f:a0:71:f5:49:b0:cb:ad:61:
                    92:83:22:15:1f:2f:ba:02:e3:40:8a:80:54:31:ca:
                    f0:a9:a4:6b:e8:4d:9e:12:ef:cb:d6:49:bc:6e:03:
                    56:21:18:8f:0a:c7:81:c8:90:ec:4d:8a:f6:30:73:
                    32:1c:5c:e6:91:36:04:71:00:5a:ea:22:2b:68:6c:
                    62:7c:ee:79:5e:a7:cf:a1:40:7c:c0:b2:75:73:fd:
                    26:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B8:57:B7:7B:F3:FC:B2:B9:6E:09:B8:D4:38:AD:A8:2C:BF:30:8C:06
            X509v3 Authority Key Identifier:
                keyid:42:E0:8F:E1:1A:DA:5B:56:FE:46:4E:5E:12:A9:21:A0:6E:BD:86:A4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/928723b4ebd5246c0aa94baeaa44572b7b3662b3.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/e977afc1-14c3-4ce9-a69b-5b88fc35838a/25014a644462e55d0ad34ff9d0b7d97a33fbb159.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/e977afc1-14c3-4ce9-a69b-5b88fc35838a/928723b4ebd5246c0aa94baeaa44572b7b3662b3.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.10.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         0c:6c:c3:59:b1:18:12:15:bf:30:d0:8c:5d:2d:6b:95:5a:b3:
         91:2c:b3:6f:02:5e:5b:65:07:39:43:38:3d:2b:0c:d2:b3:84:
         e2:ec:b4:77:5a:0b:ef:38:ce:7e:29:62:0f:59:a5:ed:3e:1e:
         b9:e5:99:7f:dc:0a:8b:c0:75:89:7e:a8:da:aa:fa:0f:ee:94:
         cd:cd:4d:1a:61:f3:e3:0c:c1:02:b5:77:1f:c4:f7:aa:d1:dd:
         fa:c4:b3:4d:97:f3:a8:de:99:9d:d5:33:51:3a:ae:75:4d:9d:
         21:a6:81:a4:e3:a8:22:95:3f:70:92:56:ef:4e:e3:e6:6b:4e:
         5f:c1:ec:d9:17:78:94:50:fd:80:f5:93:5f:a9:d3:8c:01:80:
         d6:53:27:e4:e9:da:2a:c6:8f:28:f5:a2:9d:de:43:cf:aa:7c:
         1f:65:98:bc:f6:c2:cc:ba:ef:a7:6a:ff:81:6d:d9:37:09:cf:
         e5:61:2f:fe:96:65:f1:95:82:3e:c4:40:4f:c9:e5:52:6c:55:
         df:36:0a:30:57:d3:69:9e:e7:88:c9:95:7c:56:13:ab:b5:38:
         64:96:20:d3:b2:70:c1:81:ee:81:5f:96:c3:81:26:c3:9e:11:
         a9:7d:35:2f:c6:12:a6:79:38:89:9a:0f:6f:0f:7b:ad:bd:dc:
         7c:43:62:03
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgIDDTrnMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDky
ODcyM2I0ZWJkNTI0NmMwYWE5NGJhZWFhNDQ1NzJiN2IzNjYyYjMwHhcNMjEwMzI0
MTQzMjM0WhcNMjYwMzI0MTQzMjM0WjAzMTEwLwYDVQQDEygyNTAxNGE2NDQ0NjJl
NTVkMGFkMzRmZjlkMGI3ZDk3YTMzZmJiMTU5MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAwYJZWS2GTA4GvSZbdux6WYjjYLLBO/jA/ZPCVABO1WSWAdsy
v6V/U2CWWNXnuB/9XDsHV+FjXqi+ZhHM+YOMKFM7QvUJ8vcPmct2qOJMWPT+4r7A
d7h8fanp78nspHcQBTCE2437g6G395vvswEmLHBOy3mulU4cdo4omiS7Oitc0Z0+
4xZRQG8DYYtJ7bTwY2gYJz/d+uijtfs26anwV7Ycqb3HkA2aBj+PoHH1SbDLrWGS
gyIVHy+6AuNAioBUMcrwqaRr6E2eEu/L1km8bgNWIRiPCseByJDsTYr2MHMyHFzm
kTYEcQBa6iIraGxifO55XqfPoUB8wLJ1c/0mRwIDAQABo4ICWjCCAlYwHQYDVR0O
BBYEFLhXt3vz/LK5bgm41DitqCy/MIwGMB8GA1UdIwQYMBaAFELgj+Ea2ltW/kZO
XhKpIaBuvYakMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvOTI4NzIz
YjRlYmQ1MjQ2YzBhYTk0YmFlYWE0NDU3MmI3YjM2NjJiMy5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvZTk3N2FmYzEtMTRjMy00Y2U5LWE2OWItNWI4OGZj
MzU4MzhhLzI1MDE0YTY0NDQ2MmU1NWQwYWQzNGZmOWQwYjdkOTdhMzNmYmIxNTku
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9lOTc3YWZjMS0xNGMzLTRjZTktYTY5Yi01Yjg4
ZmMzNTgzOGEvOTI4NzIzYjRlYmQ1MjQ2YzBhYTk0YmFlYWE0NDU3MmI3YjM2NjJi
My5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQP
MA0wCwQCAAEwBQMDAKMKMA0GCSqGSIb3DQEBCwUAA4IBAQAMbMNZsRgSFb8w0Ixd
LWuVWrORLLNvAl5bZQc5Qzg9KwzSs4Ti7LR3WgvvOM5+KWIPWaXtPh655Zl/3AqL
wHWJfqjaqvoP7pTNzU0aYfPjDMECtXcfxPeq0d36xLNNl/Oo3pmd1TNROq51TZ0h
poGk46gilT9wklbvTuPma05fwezZF3iUUP2A9ZNfqdOMAYDWUyfk6doqxo8o9aKd
3kPPqnwfZZi89sLMuu+nav+Bbdk3Cc/lYS/+lmXxlYI+xEBPyeVSbFXfNgowV9Np
nueIyZV8VhOrtThkliDTsnDBge6BX5bDgSbDnhGpfTUvxhKmeTiJmg9vD3utvdx8
Q2ID
-----END CERTIFICATE-----
Generated at Fri Mar 29 07:06:41 2024 by rpki-client on console-ams.rpki-client.org