Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/ec31dcfb-d9c1-423f-b658-fa96ff1562aa/4cfa9e9650f1ed132521ac671aaf9f97f1172b4d.roa
File:                     4cfa9e9650f1ed132521ac671aaf9f97f1172b4d.roa (raw, json)
Hash identifier:          Iu//lJNFHU1jkzYohjuMUjvtQiEmnK7WKIUNjextijY=
Subject key identifier:   F5:0B:E2:08:90:3E:F5:7B:FB:86:3D:01:56:6C:84:AC:D8:04:8A:E2
Certificate issuer:       /CN=891940c92e5962f377d7880042fabe9dcc03d089
Certificate serial:       29BD
Authority key identifier: CD:A0:A7:03:75:E8:B0:4F:33:54:57:5D:FB:2C:52:89:02:F4:B9:6A
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/891940c92e5962f377d7880042fabe9dcc03d089.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/ec31dcfb-d9c1-423f-b658-fa96ff1562aa/4cfa9e9650f1ed132521ac671aaf9f97f1172b4d.roa
Signing time:             Sun 09 Oct 2022 12:56:21 +0000
ROA not before:           Sun 09 Oct 2022 12:55:19 +0000
ROA not after:            Wed 09 Oct 2024 12:55:19 +0000
asID:                     264757
IP address blocks:        168.196.1.0/24 maxlen: 24
                          2803:80c0::/32 maxlen: 48

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/ec31dcfb-d9c1-423f-b658-fa96ff1562aa/891940c92e5962f377d7880042fabe9dcc03d089.crl
                          rsync://repository.lacnic.net/rpki/lacnic/ec31dcfb-d9c1-423f-b658-fa96ff1562aa/891940c92e5962f377d7880042fabe9dcc03d089.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/891940c92e5962f377d7880042fabe9dcc03d089.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 01 Apr 2024 04:36:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 10685 (0x29bd)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=891940c92e5962f377d7880042fabe9dcc03d089
        Validity
            Not Before: Oct  9 12:55:19 2022 GMT
            Not After : Oct  9 12:55:19 2024 GMT
        Subject: CN=4cfa9e9650f1ed132521ac671aaf9f97f1172b4d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:1e:df:34:42:39:22:13:8f:49:bf:bb:0e:61:
                    44:3c:e6:50:76:3b:83:78:d0:51:7c:29:ae:3a:f7:
                    8b:8b:de:27:b5:e5:6c:af:6a:38:2b:2b:fe:df:cf:
                    b7:ff:67:08:10:4e:c3:fc:00:e0:21:6e:99:d9:17:
                    b4:73:15:75:7a:55:79:c1:bf:44:56:2f:97:58:3f:
                    4d:fc:6d:b8:06:89:e5:1b:f8:b1:44:df:4d:50:fc:
                    d3:b3:9a:58:7e:24:cf:50:1d:1c:f9:a6:73:67:9f:
                    cd:41:94:e2:f1:af:da:1c:6a:d9:fa:69:0f:4b:f4:
                    f8:5c:03:ec:43:92:b5:ff:83:31:67:55:61:3d:d5:
                    f1:62:c7:ac:c3:22:3b:21:6a:16:f5:d1:54:6e:83:
                    78:6c:c4:16:10:e7:ad:01:2a:fd:34:e2:df:6a:14:
                    31:2f:8f:93:14:f4:b6:4b:ca:2c:4d:58:be:06:18:
                    29:9c:f1:c2:2d:18:55:be:1e:c0:bb:7e:8d:74:9e:
                    62:d7:f1:30:a8:f7:74:8f:77:41:65:56:b4:c5:54:
                    91:24:35:c3:b1:c8:f6:e3:06:cc:e1:36:44:ab:5a:
                    17:26:0d:e5:b4:05:db:23:e7:f2:a1:75:94:38:61:
                    89:3c:a9:86:8d:72:60:0c:53:cf:49:dc:25:e5:5e:
                    83:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F5:0B:E2:08:90:3E:F5:7B:FB:86:3D:01:56:6C:84:AC:D8:04:8A:E2
            X509v3 Authority Key Identifier:
                keyid:CD:A0:A7:03:75:E8:B0:4F:33:54:57:5D:FB:2C:52:89:02:F4:B9:6A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/891940c92e5962f377d7880042fabe9dcc03d089.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/ec31dcfb-d9c1-423f-b658-fa96ff1562aa/4cfa9e9650f1ed132521ac671aaf9f97f1172b4d.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/ec31dcfb-d9c1-423f-b658-fa96ff1562aa/891940c92e5962f377d7880042fabe9dcc03d089.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  168.196.1.0/24
                IPv6:
                  2803:80c0::/32

    Signature Algorithm: sha256WithRSAEncryption
         92:9c:fe:87:30:bf:a9:98:53:57:e8:9f:de:28:33:aa:50:d7:
         b3:c0:e5:cb:f4:66:b7:24:6f:94:50:bc:f7:92:a2:56:fc:14:
         6d:88:13:0e:dd:42:1f:6b:30:22:36:56:4a:60:87:e2:78:08:
         83:d8:75:fe:e3:70:ab:6b:d5:01:51:6c:09:09:68:42:b1:f0:
         61:4e:7a:c3:14:e6:d8:af:82:e7:9a:ae:cc:b0:f4:27:3a:0b:
         c7:86:83:78:92:a4:a0:57:bd:d0:c5:77:27:18:de:db:23:39:
         2e:be:3b:fb:9b:1f:43:51:d6:91:e8:54:66:69:70:82:b9:2e:
         74:c3:05:d9:b5:a3:16:dc:cf:8d:83:7a:c7:f6:e9:e9:8c:2e:
         49:2f:76:80:4d:2b:b8:91:9f:ce:a3:37:3a:fd:59:7b:82:61:
         df:81:81:7d:94:3e:29:09:e5:08:84:8a:ad:f3:03:75:57:80:
         ba:c6:9c:e5:6d:c7:54:50:da:fe:8f:16:2c:e9:b8:8d:c1:84:
         68:5f:b9:63:1b:f8:4c:56:72:27:fc:9a:2e:7b:af:fd:c2:3e:
         26:9a:6e:9f:42:b7:b4:80:c5:20:0e:5f:1a:e5:15:dd:5e:32:
         2e:91:1b:b5:f5:20:c8:e1:53:4d:48:ce:75:1d:bc:cb:97:d3:
         d6:3c:3b:69
-----BEGIN CERTIFICATE-----
MIIFTjCCBDagAwIBAgICKb0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODkx
OTQwYzkyZTU5NjJmMzc3ZDc4ODAwNDJmYWJlOWRjYzAzZDA4OTAeFw0yMjEwMDkx
MjU1MTlaFw0yNDEwMDkxMjU1MTlaMDMxMTAvBgNVBAMTKDRjZmE5ZTk2NTBmMWVk
MTMyNTIxYWM2NzFhYWY5Zjk3ZjExNzJiNGQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCvHt80QjkiE49Jv7sOYUQ85lB2O4N40FF8Ka4694uL3ie15Wyv
ajgrK/7fz7f/ZwgQTsP8AOAhbpnZF7RzFXV6VXnBv0RWL5dYP038bbgGieUb+LFE
301Q/NOzmlh+JM9QHRz5pnNnn81BlOLxr9ocatn6aQ9L9PhcA+xDkrX/gzFnVWE9
1fFix6zDIjshahb10VRug3hsxBYQ560BKv004t9qFDEvj5MU9LZLyixNWL4GGCmc
8cItGFW+HsC7fo10nmLX8TCo93SPd0FlVrTFVJEkNcOxyPbjBszhNkSrWhcmDeW0
Bdsj5/KhdZQ4YYk8qYaNcmAMU89J3CXlXoNbAgMBAAGjggJqMIICZjAdBgNVHQ4E
FgQU9QviCJA+9Xv7hj0BVmyErNgEiuIwHwYDVR0jBBgwFoAUzaCnA3XosE8zVFdd
+yxSiQL0uWowDgYDVR0PAQH/BAQDAgeAMIGaBggrBgEFBQcBAQSBjTCBijCBhwYI
KwYBBQUHMAKGe3JzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jwa2kvbGFj
bmljLzQ4ZjA4M2JiLWY2MDMtNDg5My05OTkwLTAyODRjMDRjZWI4NS84OTE5NDBj
OTJlNTk2MmYzNzdkNzg4MDA0MmZhYmU5ZGNjMDNkMDg5LmNlcjCBmgYIKwYBBQUH
AQsEgY0wgYowgYcGCCsGAQUFBzALhntyc3luYzovL3JlcG9zaXRvcnkubGFjbmlj
Lm5ldC9ycGtpL2xhY25pYy9lYzMxZGNmYi1kOWMxLTQyM2YtYjY1OC1mYTk2ZmYx
NTYyYWEvNGNmYTllOTY1MGYxZWQxMzI1MjFhYzY3MWFhZjlmOTdmMTE3MmI0ZC5y
b2EwgY8GA1UdHwSBhzCBhDCBgaB/oH2Ge3JzeW5jOi8vcmVwb3NpdG9yeS5sYWNu
aWMubmV0L3Jwa2kvbGFjbmljL2VjMzFkY2ZiLWQ5YzEtNDIzZi1iNjU4LWZhOTZm
ZjE1NjJhYS84OTE5NDBjOTJlNTk2MmYzNzdkNzg4MDA0MmZhYmU5ZGNjMDNkMDg5
LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8w
HTAMBAIAATAGAwQAqMQBMA0EAgACMAcDBQAoA4DAMA0GCSqGSIb3DQEBCwUAA4IB
AQCSnP6HML+pmFNX6J/eKDOqUNezwOXL9Ga3JG+UULz3kqJW/BRtiBMO3UIfazAi
NlZKYIfieAiD2HX+43Cra9UBUWwJCWhCsfBhTnrDFObYr4Lnmq7MsPQnOgvHhoN4
kqSgV73QxXcnGN7bIzkuvjv7mx9DUdaR6FRmaXCCuS50wwXZtaMW3M+Ng3rH9unp
jC5JL3aATSu4kZ/Oozc6/Vl7gmHfgYF9lD4pCeUIhIqt8wN1V4C6xpzlbcdUUNr+
jxYs6biNwYRoX7ljG/hMVnIn/Joue6/9wj4mmm6fQre0gMUgDl8a5RXdXjIukRu1
9SDI4VNNSM51HbzLl9PWPDtp
-----END CERTIFICATE-----
Generated at Fri Mar 29 04:59:32 2024 by rpki-client on console-fra.rpki-client.org