Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/ee5acfc9-e56e-464d-8621-b53e63ad0c5e/41bcfe3d3d03e3c942201efb6b5887f96bd3c084.roa
File:                     41bcfe3d3d03e3c942201efb6b5887f96bd3c084.roa (raw, json)
Hash identifier:          HqLgLmZ1bv6IC18bBlP59Nd3gJa1Y5t/DdOD8/RtvzI=
Subject key identifier:   8E:2B:05:AC:E1:79:81:39:7D:BE:15:E3:6C:46:4F:26:60:23:61:C5
Certificate issuer:       /CN=e6713d1a769f8d56ff7a6a1f360adfa08db3e3ba
Certificate serial:       0648F2
Authority key identifier: F3:DC:12:CD:8D:C8:69:8E:B0:89:77:42:7B:6C:08:56:F3:A5:27:F8
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/e6713d1a769f8d56ff7a6a1f360adfa08db3e3ba.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/ee5acfc9-e56e-464d-8621-b53e63ad0c5e/41bcfe3d3d03e3c942201efb6b5887f96bd3c084.roa
Signing time:             Mon 24 Apr 2023 18:03:45 +0000
ROA not before:           Sun 23 Apr 2023 18:03:45 +0000
ROA not after:            Thu 24 Apr 2025 18:03:45 +0000
asID:                     272806
IP address blocks:        45.68.24.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/ee5acfc9-e56e-464d-8621-b53e63ad0c5e/e6713d1a769f8d56ff7a6a1f360adfa08db3e3ba.crl
                          rsync://repository.lacnic.net/rpki/lacnic/ee5acfc9-e56e-464d-8621-b53e63ad0c5e/e6713d1a769f8d56ff7a6a1f360adfa08db3e3ba.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/e6713d1a769f8d56ff7a6a1f360adfa08db3e3ba.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Tue 27 Feb 2024 12:23:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 411890 (0x648f2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e6713d1a769f8d56ff7a6a1f360adfa08db3e3ba
        Validity
            Not Before: Apr 23 18:03:45 2023 GMT
            Not After : Apr 24 18:03:45 2025 GMT
        Subject: CN=41bcfe3d3d03e3c942201efb6b5887f96bd3c084
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:1f:0d:47:fa:d6:bf:78:e7:5a:fd:27:06:a5:
                    1a:37:c8:ff:21:ba:82:dd:40:8e:82:b4:f0:e3:7e:
                    d4:8f:d0:49:36:a0:fa:f7:78:8e:d9:b7:a6:c9:9c:
                    cd:86:64:9d:a8:9f:df:35:47:a4:bd:ec:c0:03:a6:
                    a7:61:99:3d:4b:fd:77:a6:fe:71:a3:cc:10:04:7e:
                    6b:84:da:54:00:99:3a:d7:45:db:b4:85:e9:af:6b:
                    20:94:6b:74:5f:be:7a:2e:2f:6d:c8:52:bb:3c:eb:
                    5a:41:e6:c5:f9:f5:52:b9:11:9f:28:be:2b:f4:62:
                    24:14:ff:e9:cc:2d:4d:5c:45:fe:49:51:39:63:4f:
                    df:8e:d3:ab:a6:9a:81:73:c1:64:6d:88:20:5c:48:
                    d3:c7:39:52:9f:4c:f9:e2:13:25:1f:28:8e:3c:07:
                    15:b9:9d:90:5b:18:ab:75:64:87:fe:ee:c4:e5:35:
                    8d:d5:83:32:18:8e:87:e2:c5:3e:1b:0d:d0:ac:9e:
                    0f:19:df:71:71:ac:e7:8f:13:6f:62:03:22:b1:d8:
                    64:32:dd:40:df:0d:bc:ee:ab:5d:cf:85:8e:84:65:
                    bd:36:50:94:4c:8f:c2:cb:7d:b2:ce:e5:1b:92:b8:
                    0c:38:50:cd:0d:2e:69:93:32:66:0a:ee:03:a1:b5:
                    47:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8E:2B:05:AC:E1:79:81:39:7D:BE:15:E3:6C:46:4F:26:60:23:61:C5
            X509v3 Authority Key Identifier:
                keyid:F3:DC:12:CD:8D:C8:69:8E:B0:89:77:42:7B:6C:08:56:F3:A5:27:F8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/e6713d1a769f8d56ff7a6a1f360adfa08db3e3ba.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/ee5acfc9-e56e-464d-8621-b53e63ad0c5e/41bcfe3d3d03e3c942201efb6b5887f96bd3c084.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/ee5acfc9-e56e-464d-8621-b53e63ad0c5e/e6713d1a769f8d56ff7a6a1f360adfa08db3e3ba.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.68.24.0/22

    Signature Algorithm: sha256WithRSAEncryption
         54:9c:a5:ed:56:ee:7a:35:66:ee:87:a6:16:86:a3:13:fc:3f:
         57:7e:8f:d1:54:b7:b4:5e:25:9f:33:b9:1e:ad:5e:f7:bc:89:
         f1:f4:05:f9:81:34:be:91:4d:dd:d2:79:03:e2:a8:06:e2:59:
         1b:48:af:c5:c7:0e:dc:26:b2:b1:81:1b:2a:dd:c0:24:bd:c3:
         86:ff:3f:eb:68:e7:ec:dc:8b:ab:c6:41:ee:35:30:8e:b8:b9:
         16:1e:56:49:fe:ee:e4:15:37:0d:e5:d6:4c:c7:5e:58:a4:9c:
         fe:bc:bd:eb:ea:af:70:38:00:f1:2b:7f:f9:25:19:af:10:e1:
         83:8b:00:47:4e:2d:1d:4f:3e:44:40:16:b1:e5:84:11:55:2f:
         28:03:83:18:32:73:84:15:33:8a:9d:ef:40:97:15:36:79:2c:
         ff:e1:31:53:85:18:bf:b4:0d:9e:a9:0b:d1:28:ff:9e:df:65:
         9d:5a:0a:da:a9:24:13:8b:a2:24:c5:4b:10:51:97:a4:a6:8c:
         cd:78:11:11:1e:e5:80:48:e2:16:d3:72:96:2c:67:08:8a:e6:
         2b:33:80:21:3a:4d:12:6a:af:9c:9d:93:7f:44:74:5f:3e:42:
         11:67:87:b3:76:d3:0e:bc:6e:a9:03:02:c9:0a:89:6e:dd:d7:
         2c:2e:99:51
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDBkjyMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGU2
NzEzZDFhNzY5ZjhkNTZmZjdhNmExZjM2MGFkZmEwOGRiM2UzYmEwHhcNMjMwNDIz
MTgwMzQ1WhcNMjUwNDI0MTgwMzQ1WjAzMTEwLwYDVQQDEyg0MWJjZmUzZDNkMDNl
M2M5NDIyMDFlZmI2YjU4ODdmOTZiZDNjMDg0MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAlh8NR/rWv3jnWv0nBqUaN8j/IbqC3UCOgrTw437Uj9BJNqD6
93iO2bemyZzNhmSdqJ/fNUekvezAA6anYZk9S/13pv5xo8wQBH5rhNpUAJk610Xb
tIXpr2sglGt0X756Li9tyFK7POtaQebF+fVSuRGfKL4r9GIkFP/pzC1NXEX+SVE5
Y0/fjtOrppqBc8FkbYggXEjTxzlSn0z54hMlHyiOPAcVuZ2QWxirdWSH/u7E5TWN
1YMyGI6H4sU+Gw3QrJ4PGd9xcaznjxNvYgMisdhkMt1A3w287qtdz4WOhGW9NlCU
TI/Cy32yzuUbkrgMOFDNDS5pkzJmCu4DobVHnwIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFI4rBazheYE5fb4V42xGTyZgI2HFMB8GA1UdIwQYMBaAFPPcEs2NyGmOsIl3
QntsCFbzpSf4MA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvZTY3MTNk
MWE3NjlmOGQ1NmZmN2E2YTFmMzYwYWRmYTA4ZGIzZTNiYS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvZWU1YWNmYzktZTU2ZS00NjRkLTg2MjEtYjUzZTYz
YWQwYzVlLzQxYmNmZTNkM2QwM2UzYzk0MjIwMWVmYjZiNTg4N2Y5NmJkM2MwODQu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9lZTVhY2ZjOS1lNTZlLTQ2NGQtODYyMS1iNTNl
NjNhZDBjNWUvZTY3MTNkMWE3NjlmOGQ1NmZmN2E2YTFmMzYwYWRmYTA4ZGIzZTNi
YS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAi1EGDANBgkqhkiG9w0BAQsFAAOCAQEAVJyl7VbuejVm7oem
FoajE/w/V36P0VS3tF4lnzO5Hq1e97yJ8fQF+YE0vpFN3dJ5A+KoBuJZG0ivxccO
3CaysYEbKt3AJL3Dhv8/62jn7NyLq8ZB7jUwjri5Fh5WSf7u5BU3DeXWTMdeWKSc
/ry96+qvcDgA8St/+SUZrxDhg4sAR04tHU8+REAWseWEEVUvKAODGDJzhBUzip3v
QJcVNnks/+ExU4UYv7QNnqkL0Sj/nt9lnVoK2qkkE4uiJMVLEFGXpKaMzXgRER7l
gEjiFtNylixnCIrmKzOAITpNEmqvnJ2Tf0R0Xz5CEWeHs3bTDrxuqQMCyQqJbt3X
LC6ZUQ==
-----END CERTIFICATE-----
Generated at Sat Feb 24 12:30:41 2024 by rpki-client on console-fra.rpki-client.org