Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/eaaa58d8-7447-4323-9c46-50e614c0e8c5/8a14b38290ac0c8afb09895745cb1c066f2a8717.roa
File:                     8a14b38290ac0c8afb09895745cb1c066f2a8717.roa (raw, json)
Hash identifier:          eTH3sfIeYsk0N0SpcfpNLl/6EK0pIIIb8VncyFmcweI=
Subject key identifier:   92:22:5A:80:5C:8E:36:C8:7C:8D:E5:9A:A5:CF:33:12:35:47:DD:71
Certificate issuer:       /CN=8b9cb5e6af42fe0b3952f04c0400038291a3632e
Certificate serial:       0C8DD1
Authority key identifier: C1:F4:33:D9:5C:DC:0F:2B:48:89:D1:F8:A5:85:87:F5:C3:FC:1B:38
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/8b9cb5e6af42fe0b3952f04c0400038291a3632e.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/eaaa58d8-7447-4323-9c46-50e614c0e8c5/8a14b38290ac0c8afb09895745cb1c066f2a8717.roa
Signing time:             Wed 24 Mar 2021 14:36:31 +0000
ROA not before:           Wed 24 Mar 2021 14:36:31 +0000
ROA not after:            Tue 24 Mar 2026 14:36:31 +0000
asID:                     266848
IP address blocks:        45.238.197.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/eaaa58d8-7447-4323-9c46-50e614c0e8c5/8b9cb5e6af42fe0b3952f04c0400038291a3632e.crl
                          rsync://repository.lacnic.net/rpki/lacnic/eaaa58d8-7447-4323-9c46-50e614c0e8c5/8b9cb5e6af42fe0b3952f04c0400038291a3632e.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/8b9cb5e6af42fe0b3952f04c0400038291a3632e.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 01 Apr 2024 05:58:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 822737 (0xc8dd1)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8b9cb5e6af42fe0b3952f04c0400038291a3632e
        Validity
            Not Before: Mar 24 14:36:31 2021 GMT
            Not After : Mar 24 14:36:31 2026 GMT
        Subject: CN=8a14b38290ac0c8afb09895745cb1c066f2a8717
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:d2:52:62:5d:6b:02:7e:63:09:27:b2:d5:61:
                    6b:29:4e:9f:66:97:70:b5:96:6c:27:cb:77:4d:ec:
                    98:1e:0a:70:6e:29:cf:5b:01:44:a7:9a:6b:e9:c3:
                    fd:74:aa:08:63:a3:eb:64:a6:47:86:00:e3:6d:a8:
                    c2:99:4f:96:ff:fe:73:42:07:f0:78:a7:3b:12:8b:
                    24:cb:a7:f3:25:5e:9a:fb:e3:96:25:11:d3:d2:cb:
                    b6:14:4d:44:6b:7b:17:72:21:36:09:4c:3c:ae:a4:
                    88:46:8b:7b:7f:bc:63:90:03:71:fe:aa:5a:5a:89:
                    2e:2b:6f:a7:51:eb:59:67:86:0d:2e:f3:63:7c:7b:
                    60:0f:41:54:93:35:d0:16:05:b6:1d:7d:2f:b8:25:
                    7f:38:e0:3c:26:16:de:f2:2b:52:7c:df:f2:3d:70:
                    31:04:6d:fa:ee:40:5f:85:f8:83:e3:73:cf:6e:36:
                    8e:c0:97:6f:e1:c4:df:ed:56:b9:e3:60:78:95:fb:
                    11:49:33:56:b0:64:fe:f0:07:fa:bc:63:c7:68:7c:
                    cd:45:e9:5a:9e:9c:71:d5:7a:5b:b2:1a:2e:20:70:
                    ca:41:b6:b5:e6:8a:c4:c4:08:d2:75:36:f5:66:41:
                    80:2a:95:04:8d:21:40:ee:3c:82:d6:ca:62:db:00:
                    86:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                92:22:5A:80:5C:8E:36:C8:7C:8D:E5:9A:A5:CF:33:12:35:47:DD:71
            X509v3 Authority Key Identifier:
                keyid:C1:F4:33:D9:5C:DC:0F:2B:48:89:D1:F8:A5:85:87:F5:C3:FC:1B:38

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/8b9cb5e6af42fe0b3952f04c0400038291a3632e.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/eaaa58d8-7447-4323-9c46-50e614c0e8c5/8a14b38290ac0c8afb09895745cb1c066f2a8717.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/eaaa58d8-7447-4323-9c46-50e614c0e8c5/8b9cb5e6af42fe0b3952f04c0400038291a3632e.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.238.197.0/24

    Signature Algorithm: sha256WithRSAEncryption
         18:3e:22:09:0b:f2:23:bf:06:25:5a:15:28:2e:9a:8e:73:1c:
         29:1e:3e:e5:cb:fa:f5:a1:b6:d6:48:4b:a9:c0:68:ff:73:08:
         2b:c4:3d:c0:d1:dc:7f:76:37:b1:38:f6:83:f7:2d:61:62:a9:
         87:b4:f1:20:74:18:0a:9c:68:aa:e4:e2:c2:0a:68:9c:e7:2e:
         70:92:14:35:fa:88:54:f1:3f:4d:92:54:34:80:9e:a5:0b:42:
         0a:2d:75:83:07:83:85:6a:a5:d1:09:83:58:ac:f4:bc:12:95:
         59:01:fc:48:c0:8b:fa:4b:87:2d:00:c5:5f:1e:e3:dc:04:6e:
         9a:f2:98:0f:d4:95:0b:6e:62:98:c3:af:b1:9f:93:88:b9:59:
         a6:40:c8:d1:ee:98:4d:16:d4:ea:44:d0:85:c9:12:e7:3f:8b:
         f5:53:e8:8a:27:50:e4:06:a9:e4:74:b4:cb:fe:58:4e:4d:12:
         ec:49:a4:ae:36:c9:cc:18:9d:01:a9:9f:f2:9c:31:2c:7c:3b:
         ed:37:43:fc:1a:56:7f:52:9e:2f:eb:ed:08:4a:4c:d9:aa:a5:
         93:37:ab:1a:e3:a2:d8:d0:91:9e:27:03:05:72:2d:c0:b4:44:
         da:4d:72:20:1a:84:6d:3d:b8:a2:0e:65:4c:02:b3:b2:a5:db:
         0f:f0:d4:6c
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDDI3RMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDhi
OWNiNWU2YWY0MmZlMGIzOTUyZjA0YzA0MDAwMzgyOTFhMzYzMmUwHhcNMjEwMzI0
MTQzNjMxWhcNMjYwMzI0MTQzNjMxWjAzMTEwLwYDVQQDEyg4YTE0YjM4MjkwYWMw
YzhhZmIwOTg5NTc0NWNiMWMwNjZmMmE4NzE3MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAm9JSYl1rAn5jCSey1WFrKU6fZpdwtZZsJ8t3TeyYHgpwbinP
WwFEp5pr6cP9dKoIY6PrZKZHhgDjbajCmU+W//5zQgfweKc7Eosky6fzJV6a++OW
JRHT0su2FE1Ea3sXciE2CUw8rqSIRot7f7xjkANx/qpaWokuK2+nUetZZ4YNLvNj
fHtgD0FUkzXQFgW2HX0vuCV/OOA8Jhbe8itSfN/yPXAxBG367kBfhfiD43PPbjaO
wJdv4cTf7Va542B4lfsRSTNWsGT+8Af6vGPHaHzNRelanpxx1XpbshouIHDKQba1
5orExAjSdTb1ZkGAKpUEjSFA7jyC1spi2wCG7wIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFJIiWoBcjjbIfI3lmqXPMxI1R91xMB8GA1UdIwQYMBaAFMH0M9lc3A8rSInR
+KWFh/XD/Bs4MA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvOGI5Y2I1
ZTZhZjQyZmUwYjM5NTJmMDRjMDQwMDAzODI5MWEzNjMyZS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvZWFhYTU4ZDgtNzQ0Ny00MzIzLTljNDYtNTBlNjE0
YzBlOGM1LzhhMTRiMzgyOTBhYzBjOGFmYjA5ODk1NzQ1Y2IxYzA2NmYyYTg3MTcu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9lYWFhNThkOC03NDQ3LTQzMjMtOWM0Ni01MGU2
MTRjMGU4YzUvOGI5Y2I1ZTZhZjQyZmUwYjM5NTJmMDRjMDQwMDAzODI5MWEzNjMy
ZS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAC3uxTANBgkqhkiG9w0BAQsFAAOCAQEAGD4iCQvyI78GJVoV
KC6ajnMcKR4+5cv69aG21khLqcBo/3MIK8Q9wNHcf3Y3sTj2g/ctYWKph7TxIHQY
CpxoquTiwgponOcucJIUNfqIVPE/TZJUNICepQtCCi11gweDhWql0QmDWKz0vBKV
WQH8SMCL+kuHLQDFXx7j3ARumvKYD9SVC25imMOvsZ+TiLlZpkDI0e6YTRbU6kTQ
hckS5z+L9VPoiidQ5Aap5HS0y/5YTk0S7EmkrjbJzBidAamf8pwxLHw77TdD/BpW
f1KeL+vtCEpM2aqlkzerGuOi2NCRnicDBXItwLRE2k1yIBqEbT24og5lTAKzsqXb
D/DUbA==
-----END CERTIFICATE-----
Generated at Fri Mar 29 06:00:51 2024 by rpki-client on console-fra.rpki-client.org