Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/ef31cd1b-4c3c-4cea-880c-7a6ea6ebd562/a2b5c653cb1c744895e31a79bf6bbff92ab0f501.roa
File:                     a2b5c653cb1c744895e31a79bf6bbff92ab0f501.roa (raw, json)
Hash identifier:          /uXrA0mU0v+jZdinAkUOVUKjkdraEqxck8hKg1wRNPk=
Subject key identifier:   DD:99:CC:B6:0F:99:BF:6E:DB:54:02:03:C5:48:1E:8D:AF:E9:00:AA
Certificate issuer:       /CN=9f93cc4be904bedf51ae14caa9d33ee5ec03dce8
Certificate serial:       148F1F
Authority key identifier: DE:16:CC:0D:84:F3:21:46:7E:1C:D7:08:83:A4:50:00:E5:65:D0:E9
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/9f93cc4be904bedf51ae14caa9d33ee5ec03dce8.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/ef31cd1b-4c3c-4cea-880c-7a6ea6ebd562/a2b5c653cb1c744895e31a79bf6bbff92ab0f501.roa
Signing time:             Tue 28 Dec 2021 17:49:15 +0000
ROA not before:           Wed 29 Dec 2021 03:00:00 +0000
ROA not after:            Sat 28 Dec 2030 03:00:00 +0000
asID:                     269851
IP address blocks:        181.191.140.0/23 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/ef31cd1b-4c3c-4cea-880c-7a6ea6ebd562/9f93cc4be904bedf51ae14caa9d33ee5ec03dce8.crl
                          rsync://repository.lacnic.net/rpki/lacnic/ef31cd1b-4c3c-4cea-880c-7a6ea6ebd562/9f93cc4be904bedf51ae14caa9d33ee5ec03dce8.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/9f93cc4be904bedf51ae14caa9d33ee5ec03dce8.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 19:38:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1347359 (0x148f1f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9f93cc4be904bedf51ae14caa9d33ee5ec03dce8
        Validity
            Not Before: Dec 29 03:00:00 2021 GMT
            Not After : Dec 28 03:00:00 2030 GMT
        Subject: CN=a2b5c653cb1c744895e31a79bf6bbff92ab0f501
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:71:c1:22:9a:cd:6d:dd:28:8c:55:ff:b4:54:
                    25:13:fa:45:c3:48:38:e2:1d:f5:d3:3e:8f:09:22:
                    e2:4b:2a:74:df:07:98:22:40:34:e0:a2:9c:d1:a6:
                    3b:cf:1b:8e:6d:51:44:4b:d0:65:25:0c:e1:d1:af:
                    23:3e:0d:80:bb:8a:81:e6:20:8c:ba:73:31:88:28:
                    cc:03:99:32:66:79:54:d8:66:9e:5e:6f:ea:b3:a5:
                    86:3d:71:32:9a:35:87:ed:81:79:99:4e:da:9f:ac:
                    70:dd:7e:0b:6a:c9:6f:3f:fe:eb:8c:e1:48:b3:7a:
                    a1:a9:34:ad:21:f1:c5:94:94:8e:a0:78:75:d2:5d:
                    6b:ab:34:6e:98:16:73:81:5e:53:bf:98:7e:1b:1e:
                    3c:d0:d4:0f:29:ef:9e:1b:3d:19:49:b5:7d:11:d9:
                    03:8b:c9:be:66:39:f0:ef:84:cb:6c:96:a4:09:75:
                    37:41:b4:3b:8f:a4:bd:f7:58:0b:96:79:aa:03:9c:
                    99:fa:3b:69:2d:54:81:43:0e:ba:a2:b5:fb:9f:55:
                    85:3c:94:c4:03:45:14:a6:d5:9c:18:fb:33:1c:f1:
                    67:48:75:09:44:4f:97:2c:25:e7:b2:2f:46:0f:19:
                    b0:8e:da:63:59:3c:8f:aa:ab:0b:e8:d3:24:67:4d:
                    b8:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DD:99:CC:B6:0F:99:BF:6E:DB:54:02:03:C5:48:1E:8D:AF:E9:00:AA
            X509v3 Authority Key Identifier:
                keyid:DE:16:CC:0D:84:F3:21:46:7E:1C:D7:08:83:A4:50:00:E5:65:D0:E9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/9f93cc4be904bedf51ae14caa9d33ee5ec03dce8.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/ef31cd1b-4c3c-4cea-880c-7a6ea6ebd562/a2b5c653cb1c744895e31a79bf6bbff92ab0f501.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/ef31cd1b-4c3c-4cea-880c-7a6ea6ebd562/9f93cc4be904bedf51ae14caa9d33ee5ec03dce8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  181.191.140.0/23

    Signature Algorithm: sha256WithRSAEncryption
         3b:df:93:32:6d:1c:a8:fa:0d:1f:4c:56:ba:96:d9:2c:92:8d:
         54:46:ca:69:94:d8:10:16:92:69:bf:0c:43:d5:87:07:3c:1c:
         e6:a3:14:e6:53:ae:5b:97:3b:3e:a5:c0:3e:53:23:c0:5a:25:
         fd:62:c1:b5:2f:f2:f8:6d:5c:33:65:85:35:82:9e:c4:6e:54:
         41:af:ad:8c:4e:7f:6b:2b:af:ee:08:2c:9e:ed:78:5c:82:10:
         bf:78:55:18:be:4d:5b:3e:44:64:7e:76:d1:aa:d3:5c:24:39:
         a7:ee:3a:12:83:7f:b9:bc:56:37:ba:8a:c3:48:de:e9:a4:0b:
         48:20:2e:be:21:66:89:b2:ac:4e:0e:93:96:0f:0a:a5:84:53:
         9f:98:7f:00:9c:66:56:11:a4:c6:7f:55:03:12:31:ef:e0:77:
         82:d8:40:bb:16:59:ba:d1:1b:85:34:f0:9f:75:73:6a:c9:43:
         78:d7:9a:d5:4d:c6:c9:01:c8:a1:e2:7e:8e:3b:3f:72:33:06:
         11:4e:60:63:64:34:e9:d6:7c:7e:9d:8b:10:eb:ee:06:09:67:
         de:9f:e9:d0:2d:3d:fa:df:77:95:8a:11:b5:62:af:0d:bc:13:
         17:42:80:20:9a:bf:46:f1:e8:14:29:84:be:6b:6f:14:4a:17:
         64:5b:f6:20
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDFI8fMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDlm
OTNjYzRiZTkwNGJlZGY1MWFlMTRjYWE5ZDMzZWU1ZWMwM2RjZTgwHhcNMjExMjI5
MDMwMDAwWhcNMzAxMjI4MDMwMDAwWjAzMTEwLwYDVQQDEyhhMmI1YzY1M2NiMWM3
NDQ4OTVlMzFhNzliZjZiYmZmOTJhYjBmNTAxMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAjHHBIprNbd0ojFX/tFQlE/pFw0g44h310z6PCSLiSyp03weY
IkA04KKc0aY7zxuObVFES9BlJQzh0a8jPg2Au4qB5iCMunMxiCjMA5kyZnlU2Gae
Xm/qs6WGPXEymjWH7YF5mU7an6xw3X4LaslvP/7rjOFIs3qhqTStIfHFlJSOoHh1
0l1rqzRumBZzgV5Tv5h+Gx480NQPKe+eGz0ZSbV9EdkDi8m+Zjnw74TLbJakCXU3
QbQ7j6S991gLlnmqA5yZ+jtpLVSBQw66orX7n1WFPJTEA0UUptWcGPszHPFnSHUJ
RE+XLCXnsi9GDxmwjtpjWTyPqqsL6NMkZ024lwIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFN2ZzLYPmb9u21QCA8VIHo2v6QCqMB8GA1UdIwQYMBaAFN4WzA2E8yFGfhzX
CIOkUADlZdDpMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvOWY5M2Nj
NGJlOTA0YmVkZjUxYWUxNGNhYTlkMzNlZTVlYzAzZGNlOC5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvZWYzMWNkMWItNGMzYy00Y2VhLTg4MGMtN2E2ZWE2
ZWJkNTYyL2EyYjVjNjUzY2IxYzc0NDg5NWUzMWE3OWJmNmJiZmY5MmFiMGY1MDEu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9lZjMxY2QxYi00YzNjLTRjZWEtODgwYy03YTZl
YTZlYmQ1NjIvOWY5M2NjNGJlOTA0YmVkZjUxYWUxNGNhYTlkMzNlZTVlYzAzZGNl
OC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAbW/jDANBgkqhkiG9w0BAQsFAAOCAQEAO9+TMm0cqPoNH0xW
upbZLJKNVEbKaZTYEBaSab8MQ9WHBzwc5qMU5lOuW5c7PqXAPlMjwFol/WLBtS/y
+G1cM2WFNYKexG5UQa+tjE5/ayuv7ggsnu14XIIQv3hVGL5NWz5EZH520arTXCQ5
p+46EoN/ubxWN7qKw0je6aQLSCAuviFmibKsTg6Tlg8KpYRTn5h/AJxmVhGkxn9V
AxIx7+B3gthAuxZZutEbhTTwn3VzaslDeNea1U3GyQHIoeJ+jjs/cjMGEU5gY2Q0
6dZ8fp2LEOvuBgln3p/p0C09+t93lYoRtWKvDbwTF0KAIJq/RvHoFCmEvmtvFEoX
ZFv2IA==
-----END CERTIFICATE-----
Generated at Thu Mar 28 21:31:15 2024 by rpki-client on console-ams.rpki-client.org