Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/f41fbaba-af79-4562-9dde-4ef65221f9b8/fc96fcc17f203494bb16df188aac0fabbc2a4f64.roa
File:                     fc96fcc17f203494bb16df188aac0fabbc2a4f64.roa (raw, json)
Hash identifier:          8Rd+7TBmqUWvGCdRlgfdsDpv8/fG6PYCk06JtPtyaYk=
Subject key identifier:   4F:1C:07:DB:1A:05:F8:C4:B8:D3:07:B7:07:03:A6:4E:20:6D:D3:08
Certificate issuer:       /CN=c63b81088b8ee19ee848e7230778ed21342ec0fd
Certificate serial:       0D51D5
Authority key identifier: 78:A2:25:97:F2:F8:E8:61:B9:5C:DE:B4:C6:9B:88:56:0D:B7:06:7A
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/c63b81088b8ee19ee848e7230778ed21342ec0fd.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/f41fbaba-af79-4562-9dde-4ef65221f9b8/fc96fcc17f203494bb16df188aac0fabbc2a4f64.roa
Signing time:             Wed 24 Mar 2021 14:40:49 +0000
ROA not before:           Wed 24 Mar 2021 14:40:46 +0000
ROA not after:            Tue 24 Mar 2026 14:40:46 +0000
asID:                     27947
IP address blocks:        45.71.187.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/f41fbaba-af79-4562-9dde-4ef65221f9b8/c63b81088b8ee19ee848e7230778ed21342ec0fd.crl
                          rsync://repository.lacnic.net/rpki/lacnic/f41fbaba-af79-4562-9dde-4ef65221f9b8/c63b81088b8ee19ee848e7230778ed21342ec0fd.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/c63b81088b8ee19ee848e7230778ed21342ec0fd.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 19:38:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 872917 (0xd51d5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c63b81088b8ee19ee848e7230778ed21342ec0fd
        Validity
            Not Before: Mar 24 14:40:46 2021 GMT
            Not After : Mar 24 14:40:46 2026 GMT
        Subject: CN=fc96fcc17f203494bb16df188aac0fabbc2a4f64
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:77:46:f1:32:fa:6e:22:32:9c:54:a3:80:24:
                    27:c0:0d:6f:d0:a1:82:7c:d6:09:48:6f:cf:c5:6d:
                    c8:ae:4b:13:81:8f:07:2c:0f:53:ae:4a:36:04:a1:
                    84:2e:3a:99:81:b8:ad:bd:0c:d5:24:6b:08:33:71:
                    16:d6:34:4e:37:19:0c:a3:6c:6f:7e:77:2c:e0:58:
                    65:cf:62:3a:5b:5d:6d:b9:1a:0b:50:f4:66:e6:74:
                    ac:c1:34:50:5d:d2:1f:8b:c9:00:1e:7b:77:ab:72:
                    bd:35:52:b3:dc:d7:6a:2b:c5:b4:bb:b8:2b:56:80:
                    1a:62:b4:dd:32:b1:49:98:6f:27:0b:d7:9a:f0:32:
                    52:76:5d:1d:b9:f0:3c:8d:cf:9c:49:42:fc:ca:16:
                    0a:0a:f9:a0:8c:41:7c:20:23:ae:3b:e6:43:a4:31:
                    f3:ac:63:10:1b:ab:2a:8c:27:93:cb:0a:07:26:b0:
                    5d:f2:ce:8d:0b:c2:2c:36:0c:8a:a7:63:6b:f8:84:
                    db:bf:1c:3d:a7:0e:a5:e0:8d:e7:27:27:10:90:9a:
                    e3:2d:24:84:cf:2d:6c:2e:77:e9:bb:35:f8:5d:b6:
                    41:d5:2b:7a:aa:ac:50:af:c4:1e:4c:f4:22:8c:6e:
                    e8:2a:93:32:04:ed:f3:b0:92:1d:99:d9:36:33:46:
                    03:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4F:1C:07:DB:1A:05:F8:C4:B8:D3:07:B7:07:03:A6:4E:20:6D:D3:08
            X509v3 Authority Key Identifier:
                keyid:78:A2:25:97:F2:F8:E8:61:B9:5C:DE:B4:C6:9B:88:56:0D:B7:06:7A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/c63b81088b8ee19ee848e7230778ed21342ec0fd.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/f41fbaba-af79-4562-9dde-4ef65221f9b8/fc96fcc17f203494bb16df188aac0fabbc2a4f64.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/f41fbaba-af79-4562-9dde-4ef65221f9b8/c63b81088b8ee19ee848e7230778ed21342ec0fd.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.71.187.0/24

    Signature Algorithm: sha256WithRSAEncryption
         24:cb:1c:c0:55:30:ef:08:f1:bd:1c:8d:52:19:3c:fd:3d:f2:
         87:7a:f4:00:a5:48:7c:f5:fc:bf:ce:98:19:76:7b:9a:75:46:
         6d:18:f5:b9:16:92:1e:39:66:96:9b:26:28:c3:70:e1:98:d7:
         e6:1b:41:db:b0:94:b3:bc:dc:14:4e:e1:d0:db:b9:2b:0c:91:
         31:1f:57:05:de:09:de:1b:9f:e3:84:fa:b7:30:9e:41:5c:26:
         f9:69:4f:1b:e3:f1:ad:dd:d5:22:f5:70:26:8a:a2:b3:fe:27:
         e7:44:93:2c:2a:54:6a:9b:0c:f0:b8:51:85:22:c5:d8:a4:e6:
         a7:20:b8:af:f0:c7:16:0a:b4:dd:13:f4:87:c3:78:cb:98:8b:
         98:11:2f:b4:09:08:48:c6:13:41:9e:7b:f8:6b:b8:c4:52:12:
         0f:92:07:95:e4:fc:dc:21:54:3f:46:c3:a5:5d:cb:22:2e:7a:
         c8:4e:cb:db:f6:5b:f7:99:ed:f8:cb:6d:71:53:94:76:39:c9:
         58:d2:30:7e:20:1d:f8:ef:de:42:56:71:93:b5:d0:d9:2d:4d:
         81:c2:1c:0f:e8:50:82:28:26:b4:15:4a:9e:fa:61:44:75:b7:
         ee:7f:d9:04:c1:69:7f:0e:7e:a8:93:c8:66:70:4b:17:e6:fa:
         3d:4f:65:52
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDDVHVMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGM2
M2I4MTA4OGI4ZWUxOWVlODQ4ZTcyMzA3NzhlZDIxMzQyZWMwZmQwHhcNMjEwMzI0
MTQ0MDQ2WhcNMjYwMzI0MTQ0MDQ2WjAzMTEwLwYDVQQDEyhmYzk2ZmNjMTdmMjAz
NDk0YmIxNmRmMTg4YWFjMGZhYmJjMmE0ZjY0MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAl3dG8TL6biIynFSjgCQnwA1v0KGCfNYJSG/PxW3IrksTgY8H
LA9Trko2BKGELjqZgbitvQzVJGsIM3EW1jRONxkMo2xvfncs4Fhlz2I6W11tuRoL
UPRm5nSswTRQXdIfi8kAHnt3q3K9NVKz3NdqK8W0u7grVoAaYrTdMrFJmG8nC9ea
8DJSdl0dufA8jc+cSUL8yhYKCvmgjEF8ICOuO+ZDpDHzrGMQG6sqjCeTywoHJrBd
8s6NC8IsNgyKp2Nr+ITbvxw9pw6l4I3nJycQkJrjLSSEzy1sLnfpuzX4XbZB1St6
qqxQr8QeTPQijG7oKpMyBO3zsJIdmdk2M0YD0QIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFE8cB9saBfjEuNMHtwcDpk4gbdMIMB8GA1UdIwQYMBaAFHiiJZfy+OhhuVze
tMabiFYNtwZ6MA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYzYzYjgx
MDg4YjhlZTE5ZWU4NDhlNzIzMDc3OGVkMjEzNDJlYzBmZC5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvZjQxZmJhYmEtYWY3OS00NTYyLTlkZGUtNGVmNjUy
MjFmOWI4L2ZjOTZmY2MxN2YyMDM0OTRiYjE2ZGYxODhhYWMwZmFiYmMyYTRmNjQu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9mNDFmYmFiYS1hZjc5LTQ1NjItOWRkZS00ZWY2
NTIyMWY5YjgvYzYzYjgxMDg4YjhlZTE5ZWU4NDhlNzIzMDc3OGVkMjEzNDJlYzBm
ZC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAC1HuzANBgkqhkiG9w0BAQsFAAOCAQEAJMscwFUw7wjxvRyN
Uhk8/T3yh3r0AKVIfPX8v86YGXZ7mnVGbRj1uRaSHjlmlpsmKMNw4ZjX5htB27CU
s7zcFE7h0Nu5KwyRMR9XBd4J3huf44T6tzCeQVwm+WlPG+Pxrd3VIvVwJoqis/4n
50STLCpUapsM8LhRhSLF2KTmpyC4r/DHFgq03RP0h8N4y5iLmBEvtAkISMYTQZ57
+Gu4xFISD5IHleT83CFUP0bDpV3LIi56yE7L2/Zb95nt+MttcVOUdjnJWNIwfiAd
+O/eQlZxk7XQ2S1NgcIcD+hQgigmtBVKnvphRHW37n/ZBMFpfw5+qJPIZnBLF+b6
PU9lUg==
-----END CERTIFICATE-----
Generated at Thu Mar 28 23:49:07 2024 by rpki-client on console-ams.rpki-client.org