Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/ebe90bfd-ba56-4046-aa71-cf50da5c70fd/6ea25308cc0b5af8e52486e7a1273a10ccee66a9.roa
File:                     6ea25308cc0b5af8e52486e7a1273a10ccee66a9.roa (raw, json)
Hash identifier:          8kjeDVp6dJR9S7bVpKs+h1JUekWoiFGVgEd2ZVSdye0=
Subject key identifier:   C3:5A:68:57:0F:A0:A9:BA:66:59:89:3F:53:81:19:ED:F3:47:45:D3
Certificate issuer:       /CN=cd5bdf4364a69749441571efcc359e8b36e0aa9d
Certificate serial:       0D87F1
Authority key identifier: A8:58:B2:4C:DD:9A:12:71:8D:FF:37:C9:9C:4D:FD:8C:BD:DA:FB:ED
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/cd5bdf4364a69749441571efcc359e8b36e0aa9d.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/ebe90bfd-ba56-4046-aa71-cf50da5c70fd/6ea25308cc0b5af8e52486e7a1273a10ccee66a9.roa
Signing time:             Wed 24 Mar 2021 14:31:17 +0000
ROA not before:           Wed 24 Mar 2021 14:31:17 +0000
ROA not after:            Tue 24 Mar 2026 14:31:17 +0000
asID:                     265856
IP address blocks:        170.231.204.0/22 maxlen: 24
                          2803:9740::/32 maxlen: 32

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/ebe90bfd-ba56-4046-aa71-cf50da5c70fd/cd5bdf4364a69749441571efcc359e8b36e0aa9d.crl
                          rsync://repository.lacnic.net/rpki/lacnic/ebe90bfd-ba56-4046-aa71-cf50da5c70fd/cd5bdf4364a69749441571efcc359e8b36e0aa9d.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/cd5bdf4364a69749441571efcc359e8b36e0aa9d.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 19:38:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 886769 (0xd87f1)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cd5bdf4364a69749441571efcc359e8b36e0aa9d
        Validity
            Not Before: Mar 24 14:31:17 2021 GMT
            Not After : Mar 24 14:31:17 2026 GMT
        Subject: CN=6ea25308cc0b5af8e52486e7a1273a10ccee66a9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:e9:46:a2:89:9e:52:81:ec:5f:7c:e7:c1:24:
                    52:5e:74:a7:74:91:cb:a5:82:23:48:48:58:8f:7f:
                    98:0c:f5:20:fe:1e:fb:c7:fa:5d:80:13:82:a4:98:
                    18:28:b5:98:f3:10:58:96:15:2b:f0:bb:07:fa:77:
                    09:25:f6:60:68:6c:da:da:5e:f2:97:7d:ed:9a:4d:
                    1e:3c:28:db:f1:f3:cc:19:25:7c:68:90:31:bf:a0:
                    2d:e0:b1:4c:32:4b:36:f7:45:8d:fe:b7:d1:ce:2c:
                    34:cb:19:fc:e8:50:8c:53:f3:e4:b9:94:07:6d:45:
                    b1:3b:68:83:77:63:d7:c4:a9:33:91:df:82:de:70:
                    78:bc:9f:67:12:fb:33:85:6b:54:ac:9a:c0:8b:ec:
                    62:f8:ba:4e:84:1d:2f:ff:4f:81:d5:57:d5:19:12:
                    6a:cd:23:fa:41:18:e4:74:19:31:72:8d:e4:48:3d:
                    c8:b3:37:81:8b:33:23:13:12:a1:e8:dc:4e:87:14:
                    03:80:f7:42:8b:6f:a4:73:e9:f4:8d:37:93:94:78:
                    aa:b0:49:be:75:68:f7:92:79:2f:6c:77:48:62:13:
                    aa:52:45:70:bf:ee:c0:c5:fc:72:67:df:65:b8:af:
                    2a:1c:35:12:9b:79:60:d4:2a:0d:60:52:63:4d:b6:
                    66:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C3:5A:68:57:0F:A0:A9:BA:66:59:89:3F:53:81:19:ED:F3:47:45:D3
            X509v3 Authority Key Identifier:
                keyid:A8:58:B2:4C:DD:9A:12:71:8D:FF:37:C9:9C:4D:FD:8C:BD:DA:FB:ED

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/cd5bdf4364a69749441571efcc359e8b36e0aa9d.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/ebe90bfd-ba56-4046-aa71-cf50da5c70fd/6ea25308cc0b5af8e52486e7a1273a10ccee66a9.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/ebe90bfd-ba56-4046-aa71-cf50da5c70fd/cd5bdf4364a69749441571efcc359e8b36e0aa9d.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  170.231.204.0/22
                IPv6:
                  2803:9740::/32

    Signature Algorithm: sha256WithRSAEncryption
         06:79:21:4e:aa:c2:0c:00:a1:2c:2e:95:36:6c:63:49:7a:46:
         c3:0a:24:fc:a5:18:a4:35:a5:42:59:a2:f6:db:ac:ab:f5:c0:
         7d:0f:a6:e9:17:98:d9:5e:dc:ac:74:06:d3:13:6a:c5:cc:5f:
         25:9c:05:2a:19:40:17:57:4a:ae:2b:da:fd:86:70:71:42:cb:
         43:b7:28:5d:12:76:ad:39:36:73:cf:e5:04:87:b7:51:14:e6:
         dd:4f:e9:56:f0:7a:2f:68:74:8c:e8:43:8c:0a:16:cd:ce:d3:
         aa:08:c7:2b:4f:b9:e3:83:fe:4a:ff:8d:37:89:06:c9:f7:43:
         0d:c5:02:f4:6f:af:42:37:16:fb:27:30:3b:5e:6b:f8:86:96:
         5c:eb:4a:aa:34:3e:ea:8d:2f:2b:80:10:cf:30:93:66:eb:76:
         7b:58:5a:a4:b4:21:85:f3:82:d5:dd:10:35:71:a2:d6:bb:6b:
         80:42:b0:66:24:d9:3d:a7:c2:9c:c4:9f:9a:a9:dc:c1:d7:18:
         6a:dc:76:56:41:b0:b2:f3:0e:b0:02:d4:72:6c:d1:d3:d9:3b:
         fe:74:5a:4c:c0:d7:96:46:00:8e:c7:6a:9e:12:06:ff:6a:71:
         3f:36:ea:fc:d6:d6:fe:a8:f1:64:7b:b9:0d:83:b2:13:56:98:
         b8:2b:3a:0b
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgIDDYfxMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGNk
NWJkZjQzNjRhNjk3NDk0NDE1NzFlZmNjMzU5ZThiMzZlMGFhOWQwHhcNMjEwMzI0
MTQzMTE3WhcNMjYwMzI0MTQzMTE3WjAzMTEwLwYDVQQDEyg2ZWEyNTMwOGNjMGI1
YWY4ZTUyNDg2ZTdhMTI3M2ExMGNjZWU2NmE5MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAk+lGoomeUoHsX3znwSRSXnSndJHLpYIjSEhYj3+YDPUg/h77
x/pdgBOCpJgYKLWY8xBYlhUr8LsH+ncJJfZgaGza2l7yl33tmk0ePCjb8fPMGSV8
aJAxv6At4LFMMks290WN/rfRziw0yxn86FCMU/PkuZQHbUWxO2iDd2PXxKkzkd+C
3nB4vJ9nEvszhWtUrJrAi+xi+LpOhB0v/0+B1VfVGRJqzSP6QRjkdBkxco3kSD3I
szeBizMjExKh6NxOhxQDgPdCi2+kc+n0jTeTlHiqsEm+dWj3knkvbHdIYhOqUkVw
v+7AxfxyZ99luK8qHDUSm3lg1CoNYFJjTbZmuwIDAQABo4ICajCCAmYwHQYDVR0O
BBYEFMNaaFcPoKm6ZlmJP1OBGe3zR0XTMB8GA1UdIwQYMBaAFKhYskzdmhJxjf83
yZxN/Yy92vvtMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvY2Q1YmRm
NDM2NGE2OTc0OTQ0MTU3MWVmY2MzNTllOGIzNmUwYWE5ZC5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvZWJlOTBiZmQtYmE1Ni00MDQ2LWFhNzEtY2Y1MGRh
NWM3MGZkLzZlYTI1MzA4Y2MwYjVhZjhlNTI0ODZlN2ExMjczYTEwY2NlZTY2YTku
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9lYmU5MGJmZC1iYTU2LTQwNDYtYWE3MS1jZjUw
ZGE1YzcwZmQvY2Q1YmRmNDM2NGE2OTc0OTQ0MTU3MWVmY2MzNTllOGIzNmUwYWE5
ZC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQf
MB0wDAQCAAEwBgMEAqrnzDANBAIAAjAHAwUAKAOXQDANBgkqhkiG9w0BAQsFAAOC
AQEABnkhTqrCDAChLC6VNmxjSXpGwwok/KUYpDWlQlmi9tusq/XAfQ+m6ReY2V7c
rHQG0xNqxcxfJZwFKhlAF1dKriva/YZwcULLQ7coXRJ2rTk2c8/lBIe3URTm3U/p
VvB6L2h0jOhDjAoWzc7TqgjHK0+544P+Sv+NN4kGyfdDDcUC9G+vQjcW+ycwO15r
+IaWXOtKqjQ+6o0vK4AQzzCTZut2e1hapLQhhfOC1d0QNXGi1rtrgEKwZiTZPafC
nMSfmqncwdcYatx2VkGwsvMOsALUcmzR09k7/nRaTMDXlkYAjsdqnhIG/2pxPzbq
/NbW/qjxZHu5DYOyE1aYuCs6Cw==
-----END CERTIFICATE-----
Generated at Fri Mar 29 02:14:29 2024 by rpki-client on console-ams.rpki-client.org