Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/f094ba4d-b940-4535-874b-2955646e9b2f/d98ce20e5f8fbcabb76f6078d550ed6af0792376.roa
File:                     d98ce20e5f8fbcabb76f6078d550ed6af0792376.roa (raw, json)
Hash identifier:          wqTftnkEF7dQRC4OFxQ/3gCeQ5RmSbLWGODCtEzMoUU=
Subject key identifier:   4F:D3:6D:50:D4:A0:BC:87:6F:03:94:F7:CA:59:13:90:EF:F5:7C:D1
Certificate issuer:       /CN=36817b7835a533bb981e2d4d3ab947b1245f9378
Certificate serial:       0BE83B
Authority key identifier: 82:2D:4B:30:21:75:21:33:B4:7F:25:E8:CC:AE:8D:B0:49:89:3D:52
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/36817b7835a533bb981e2d4d3ab947b1245f9378.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/f094ba4d-b940-4535-874b-2955646e9b2f/d98ce20e5f8fbcabb76f6078d550ed6af0792376.roa
Signing time:             Wed 24 Mar 2021 14:30:39 +0000
ROA not before:           Wed 24 Mar 2021 14:30:39 +0000
ROA not after:            Tue 24 Mar 2026 14:30:39 +0000
asID:                     269768
IP address blocks:        45.182.220.0/22 maxlen: 24
                          2803:4d60::/32 maxlen: 48

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/f094ba4d-b940-4535-874b-2955646e9b2f/36817b7835a533bb981e2d4d3ab947b1245f9378.crl
                          rsync://repository.lacnic.net/rpki/lacnic/f094ba4d-b940-4535-874b-2955646e9b2f/36817b7835a533bb981e2d4d3ab947b1245f9378.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/36817b7835a533bb981e2d4d3ab947b1245f9378.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 19:38:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 780347 (0xbe83b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36817b7835a533bb981e2d4d3ab947b1245f9378
        Validity
            Not Before: Mar 24 14:30:39 2021 GMT
            Not After : Mar 24 14:30:39 2026 GMT
        Subject: CN=d98ce20e5f8fbcabb76f6078d550ed6af0792376
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:1f:35:d3:43:e0:05:69:83:ad:f0:b3:4e:3f:
                    f1:75:89:bc:ea:3b:f8:40:b1:91:29:cc:67:a9:03:
                    0c:90:b1:f4:aa:76:25:54:d6:0c:1c:c6:7d:1e:8f:
                    c1:d2:3f:4a:12:63:eb:be:2d:d0:38:ec:61:cf:5f:
                    5a:d7:62:a1:5b:68:1c:c7:ad:ff:d2:bc:3f:56:a9:
                    03:26:c9:21:eb:77:dc:bd:b8:37:3a:0e:2b:73:28:
                    64:77:56:09:1f:3b:6f:98:6a:a7:64:68:c3:3c:de:
                    a7:67:b3:70:ac:63:27:ec:37:59:bc:6c:40:d2:70:
                    1f:a0:58:17:93:16:a8:f4:26:5a:e6:e0:d5:93:a1:
                    10:4b:c1:7a:f9:a1:6b:4c:ae:37:7f:a5:bf:3a:d4:
                    bc:68:b1:c4:1f:bf:69:ff:ea:25:07:f8:fb:b1:2f:
                    2e:dd:21:5e:8c:08:d3:e6:b3:88:f4:c2:99:dd:ce:
                    d4:57:72:7e:9d:f9:4f:fb:ab:05:d6:05:85:da:29:
                    a3:e5:37:02:8a:6a:70:51:dd:c7:e2:83:a8:46:6e:
                    cd:c9:ac:c0:78:a2:e8:a4:81:b4:c3:2a:36:34:9b:
                    36:4c:fd:a4:0c:aa:6e:5e:0f:d1:60:85:16:b7:c4:
                    e4:55:0e:79:5a:86:eb:22:d8:4e:4a:45:b3:7d:98:
                    22:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4F:D3:6D:50:D4:A0:BC:87:6F:03:94:F7:CA:59:13:90:EF:F5:7C:D1
            X509v3 Authority Key Identifier:
                keyid:82:2D:4B:30:21:75:21:33:B4:7F:25:E8:CC:AE:8D:B0:49:89:3D:52

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/36817b7835a533bb981e2d4d3ab947b1245f9378.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/f094ba4d-b940-4535-874b-2955646e9b2f/d98ce20e5f8fbcabb76f6078d550ed6af0792376.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/f094ba4d-b940-4535-874b-2955646e9b2f/36817b7835a533bb981e2d4d3ab947b1245f9378.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.182.220.0/22
                IPv6:
                  2803:4d60::/32

    Signature Algorithm: sha256WithRSAEncryption
         ad:e8:61:6d:5d:1f:74:13:ce:46:cc:89:80:13:6e:e7:a2:bc:
         63:32:70:5a:34:e6:1c:73:8a:77:2f:56:47:1c:64:29:32:c8:
         d0:11:fb:5f:d9:f7:bf:7f:ca:1a:3b:c5:47:19:3a:50:3a:be:
         34:b4:72:e6:5b:5a:a6:4a:45:68:bb:9b:a6:3e:e3:5c:8f:ac:
         89:45:ac:56:fb:00:86:be:74:56:6f:3b:40:73:ad:43:2b:5d:
         be:71:79:55:02:cc:eb:30:ca:22:b6:d4:39:78:ba:9a:2c:61:
         57:70:90:18:39:ab:46:2e:85:2f:71:80:31:17:3a:96:e1:ac:
         c4:1a:10:0c:d3:86:47:7b:9d:83:e5:91:54:88:04:8c:e5:f7:
         31:c9:7e:7e:b5:e8:fb:6c:88:a3:51:2d:21:94:0a:6b:f5:b3:
         85:e8:b5:31:6a:1e:44:10:1f:23:fe:c9:e7:9d:90:c4:a2:de:
         bb:c2:6b:c5:04:66:dc:4a:3e:19:e5:79:2e:85:90:12:44:ef:
         86:02:a8:35:fb:f6:cb:a7:77:a9:57:c2:91:78:4d:12:d5:1d:
         96:b4:ae:63:4a:c7:0b:fd:34:75:7d:66:95:e3:11:5c:46:58:
         95:9b:c2:d0:ab:6e:39:4f:d9:0e:26:2c:2e:20:db:83:41:90:
         46:2a:50:62
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgIDC+g7MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDM2
ODE3Yjc4MzVhNTMzYmI5ODFlMmQ0ZDNhYjk0N2IxMjQ1ZjkzNzgwHhcNMjEwMzI0
MTQzMDM5WhcNMjYwMzI0MTQzMDM5WjAzMTEwLwYDVQQDEyhkOThjZTIwZTVmOGZi
Y2FiYjc2ZjYwNzhkNTUwZWQ2YWYwNzkyMzc2MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAnx8100PgBWmDrfCzTj/xdYm86jv4QLGRKcxnqQMMkLH0qnYl
VNYMHMZ9Ho/B0j9KEmPrvi3QOOxhz19a12KhW2gcx63/0rw/VqkDJskh63fcvbg3
Og4rcyhkd1YJHztvmGqnZGjDPN6nZ7NwrGMn7DdZvGxA0nAfoFgXkxao9CZa5uDV
k6EQS8F6+aFrTK43f6W/OtS8aLHEH79p/+olB/j7sS8u3SFejAjT5rOI9MKZ3c7U
V3J+nflP+6sF1gWF2imj5TcCimpwUd3H4oOoRm7NyazAeKLopIG0wyo2NJs2TP2k
DKpuXg/RYIUWt8TkVQ55WobrIthOSkWzfZgiPwIDAQABo4ICajCCAmYwHQYDVR0O
BBYEFE/TbVDUoLyHbwOU98pZE5Dv9XzRMB8GA1UdIwQYMBaAFIItSzAhdSEztH8l
6MyujbBJiT1SMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvMzY4MTdi
NzgzNWE1MzNiYjk4MWUyZDRkM2FiOTQ3YjEyNDVmOTM3OC5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvZjA5NGJhNGQtYjk0MC00NTM1LTg3NGItMjk1NTY0
NmU5YjJmL2Q5OGNlMjBlNWY4ZmJjYWJiNzZmNjA3OGQ1NTBlZDZhZjA3OTIzNzYu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9mMDk0YmE0ZC1iOTQwLTQ1MzUtODc0Yi0yOTU1
NjQ2ZTliMmYvMzY4MTdiNzgzNWE1MzNiYjk4MWUyZDRkM2FiOTQ3YjEyNDVmOTM3
OC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQf
MB0wDAQCAAEwBgMEAi223DANBAIAAjAHAwUAKANNYDANBgkqhkiG9w0BAQsFAAOC
AQEArehhbV0fdBPORsyJgBNu56K8YzJwWjTmHHOKdy9WRxxkKTLI0BH7X9n3v3/K
GjvFRxk6UDq+NLRy5ltapkpFaLubpj7jXI+siUWsVvsAhr50Vm87QHOtQytdvnF5
VQLM6zDKIrbUOXi6mixhV3CQGDmrRi6FL3GAMRc6luGsxBoQDNOGR3udg+WRVIgE
jOX3Mcl+frXo+2yIo1EtIZQKa/Wzhei1MWoeRBAfI/7J552QxKLeu8JrxQRm3Eo+
GeV5LoWQEkTvhgKoNfv2y6d3qVfCkXhNEtUdlrSuY0rHC/00dX1mleMRXEZYlZvC
0KtuOU/ZDiYsLiDbg0GQRipQYg==
-----END CERTIFICATE-----
Generated at Thu Mar 28 23:12:15 2024 by rpki-client on console-fra.rpki-client.org