Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/efefc6b1-9f94-4336-a0db-f023199e87d5/d8253a7996976d2eed7bf2eb73cb58c6b64eafd7.roa
File:                     d8253a7996976d2eed7bf2eb73cb58c6b64eafd7.roa (raw, json)
Hash identifier:          v6YRHPZO86qpGQDD/vu4yy0d2bTSQ6SzRv3XlCPTGcY=
Subject key identifier:   24:E5:08:4A:53:F1:9F:AE:14:5A:E1:48:AE:A1:67:29:23:DA:AD:E0
Certificate issuer:       /CN=99499d80cec394d19d7b53760cbd0592d5cc9ed8
Certificate serial:       040D
Authority key identifier: D3:12:28:07:2B:77:6A:DE:9D:E5:D7:3E:04:1F:A5:72:F9:B5:A9:D2
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/99499d80cec394d19d7b53760cbd0592d5cc9ed8.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/efefc6b1-9f94-4336-a0db-f023199e87d5/d8253a7996976d2eed7bf2eb73cb58c6b64eafd7.roa
Signing time:             Mon 04 Jul 2022 19:49:33 +0000
ROA not before:           Mon 04 Jul 2022 03:00:00 +0000
ROA not after:            Thu 04 Jul 2024 03:00:00 +0000
asID:                     270111
IP address blocks:        189.51.168.0/22 maxlen: 22
                          2806:3b2::/32 maxlen: 32

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/efefc6b1-9f94-4336-a0db-f023199e87d5/99499d80cec394d19d7b53760cbd0592d5cc9ed8.crl
                          rsync://repository.lacnic.net/rpki/lacnic/efefc6b1-9f94-4336-a0db-f023199e87d5/99499d80cec394d19d7b53760cbd0592d5cc9ed8.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/99499d80cec394d19d7b53760cbd0592d5cc9ed8.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 01 Apr 2024 05:58:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1037 (0x40d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=99499d80cec394d19d7b53760cbd0592d5cc9ed8
        Validity
            Not Before: Jul  4 03:00:00 2022 GMT
            Not After : Jul  4 03:00:00 2024 GMT
        Subject: CN=d8253a7996976d2eed7bf2eb73cb58c6b64eafd7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:66:e8:ad:20:84:a3:c0:87:02:24:40:33:92:
                    6b:e2:ad:ca:c7:a4:3e:89:68:25:21:9e:9c:a6:e9:
                    5e:4a:d1:0d:9f:23:3e:60:7a:b5:20:5f:37:2c:56:
                    1e:23:57:d2:0c:3d:61:7a:55:e5:a1:3d:43:74:98:
                    55:db:d1:bd:52:c6:45:d1:ce:26:04:74:26:bd:05:
                    08:2c:e0:46:98:f7:97:65:ac:80:0f:47:2c:a2:12:
                    4e:72:a5:d2:69:06:3d:b5:1b:a6:3c:1d:c4:d5:0f:
                    bd:a8:ef:a2:05:8a:cd:67:0b:72:e8:54:d0:13:10:
                    55:81:90:eb:2f:55:93:84:fe:88:6f:f8:a6:0d:5b:
                    e8:04:05:85:3d:9b:47:ce:ef:e4:6a:c5:2a:82:48:
                    05:87:ca:b6:9a:a4:c3:f0:f8:cb:2a:fc:ae:cd:7a:
                    1c:42:f7:83:49:8b:8d:fb:3a:f1:88:0f:35:eb:76:
                    f9:7b:36:06:2a:d1:e8:1a:f6:dd:4b:41:7b:ae:bd:
                    7e:74:06:ad:de:9a:53:6f:14:3b:a4:fb:40:29:d8:
                    d5:c0:03:19:05:08:fd:f1:a6:31:47:c3:7b:92:de:
                    50:82:56:66:5e:32:c7:1e:8b:91:f7:13:4f:7b:3e:
                    47:34:12:a8:70:a8:91:ed:ce:dc:bb:8f:2f:ca:db:
                    e1:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                24:E5:08:4A:53:F1:9F:AE:14:5A:E1:48:AE:A1:67:29:23:DA:AD:E0
            X509v3 Authority Key Identifier:
                keyid:D3:12:28:07:2B:77:6A:DE:9D:E5:D7:3E:04:1F:A5:72:F9:B5:A9:D2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/99499d80cec394d19d7b53760cbd0592d5cc9ed8.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/efefc6b1-9f94-4336-a0db-f023199e87d5/d8253a7996976d2eed7bf2eb73cb58c6b64eafd7.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/efefc6b1-9f94-4336-a0db-f023199e87d5/99499d80cec394d19d7b53760cbd0592d5cc9ed8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  189.51.168.0/22
                IPv6:
                  2806:3b2::/32

    Signature Algorithm: sha256WithRSAEncryption
         53:91:25:8e:71:f8:31:92:6e:0b:e7:3a:d1:e7:b7:6e:f2:35:
         3f:f5:e9:57:9d:e9:68:a3:79:29:ea:9d:f3:4a:91:0c:23:d4:
         05:a7:9d:fe:be:a6:18:c9:d1:1f:21:b3:88:a6:f3:cf:6c:2e:
         ec:66:1d:1c:d8:1e:fa:58:fe:8e:1e:76:ad:39:31:da:bb:67:
         3a:5f:de:d4:3e:a7:d3:50:b9:e9:1c:dd:a2:c6:33:5d:b9:da:
         67:66:26:16:e7:2f:b3:2d:a4:fa:8c:5e:b7:26:49:10:38:5a:
         2f:e6:66:c2:ac:1c:ae:ba:6a:5b:50:c7:6b:43:bc:6d:01:74:
         8c:c4:ef:07:63:91:50:68:3a:59:5f:75:39:01:52:f6:70:66:
         c4:dd:0c:9d:6e:b2:8d:a0:92:ea:54:61:82:c0:76:89:dc:a8:
         76:31:3c:e8:b3:df:8c:d3:d3:26:21:e9:44:4d:44:d0:1c:36:
         6d:48:3f:91:20:32:1a:31:03:cb:c3:f5:57:55:a7:d4:36:b3:
         e6:d6:ff:48:21:11:c0:fb:3c:9a:e8:fd:bb:73:50:4c:e9:37:
         d8:14:a8:c3:fb:7d:13:68:22:f2:4d:cb:2a:22:55:c0:f4:b6:
         f9:e4:78:da:f3:b3:03:72:0e:7d:91:a9:03:24:66:ec:b9:b8:
         9e:a8:c3:c8
-----BEGIN CERTIFICATE-----
MIIFTjCCBDagAwIBAgICBA0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTk0
OTlkODBjZWMzOTRkMTlkN2I1Mzc2MGNiZDA1OTJkNWNjOWVkODAeFw0yMjA3MDQw
MzAwMDBaFw0yNDA3MDQwMzAwMDBaMDMxMTAvBgNVBAMTKGQ4MjUzYTc5OTY5NzZk
MmVlZDdiZjJlYjczY2I1OGM2YjY0ZWFmZDcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCQZuitIISjwIcCJEAzkmvircrHpD6JaCUhnpym6V5K0Q2fIz5g
erUgXzcsVh4jV9IMPWF6VeWhPUN0mFXb0b1SxkXRziYEdCa9BQgs4EaY95dlrIAP
RyyiEk5ypdJpBj21G6Y8HcTVD72o76IFis1nC3LoVNATEFWBkOsvVZOE/ohv+KYN
W+gEBYU9m0fO7+RqxSqCSAWHyraapMPw+Msq/K7NehxC94NJi437OvGIDzXrdvl7
NgYq0ega9t1LQXuuvX50Bq3emlNvFDuk+0Ap2NXAAxkFCP3xpjFHw3uS3lCCVmZe
Mscei5H3E097Pkc0EqhwqJHtzty7jy/K2+E3AgMBAAGjggJqMIICZjAdBgNVHQ4E
FgQUJOUISlPxn64UWuFIrqFnKSPareAwHwYDVR0jBBgwFoAU0xIoByt3at6d5dc+
BB+lcvm1qdIwDgYDVR0PAQH/BAQDAgeAMIGaBggrBgEFBQcBAQSBjTCBijCBhwYI
KwYBBQUHMAKGe3JzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jwa2kvbGFj
bmljLzQ4ZjA4M2JiLWY2MDMtNDg5My05OTkwLTAyODRjMDRjZWI4NS85OTQ5OWQ4
MGNlYzM5NGQxOWQ3YjUzNzYwY2JkMDU5MmQ1Y2M5ZWQ4LmNlcjCBmgYIKwYBBQUH
AQsEgY0wgYowgYcGCCsGAQUFBzALhntyc3luYzovL3JlcG9zaXRvcnkubGFjbmlj
Lm5ldC9ycGtpL2xhY25pYy9lZmVmYzZiMS05Zjk0LTQzMzYtYTBkYi1mMDIzMTk5
ZTg3ZDUvZDgyNTNhNzk5Njk3NmQyZWVkN2JmMmViNzNjYjU4YzZiNjRlYWZkNy5y
b2EwgY8GA1UdHwSBhzCBhDCBgaB/oH2Ge3JzeW5jOi8vcmVwb3NpdG9yeS5sYWNu
aWMubmV0L3Jwa2kvbGFjbmljL2VmZWZjNmIxLTlmOTQtNDMzNi1hMGRiLWYwMjMx
OTllODdkNS85OTQ5OWQ4MGNlYzM5NGQxOWQ3YjUzNzYwY2JkMDU5MmQ1Y2M5ZWQ4
LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8w
HTAMBAIAATAGAwQCvTOoMA0EAgACMAcDBQAoBgOyMA0GCSqGSIb3DQEBCwUAA4IB
AQBTkSWOcfgxkm4L5zrR57du8jU/9elXneloo3kp6p3zSpEMI9QFp53+vqYYydEf
IbOIpvPPbC7sZh0c2B76WP6OHnatOTHau2c6X97UPqfTULnpHN2ixjNdudpnZiYW
5y+zLaT6jF63JkkQOFov5mbCrByuumpbUMdrQ7xtAXSMxO8HY5FQaDpZX3U5AVL2
cGbE3QydbrKNoJLqVGGCwHaJ3Kh2MTzos9+M09MmIelETUTQHDZtSD+RIDIaMQPL
w/VXVafUNrPm1v9IIRHA+zya6P27c1BM6TfYFKjD+30TaCLyTcsqIlXA9Lb55Hja
87MDcg59kakDJGbsubieqMPI
-----END CERTIFICATE-----
Generated at Fri Mar 29 11:25:51 2024 by rpki-client on console-fra.rpki-client.org