Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/f448da9d-d2ab-4f82-b97a-9e31fd0ffe58/1857df77cd26e601eb22b664ce8989932a3c9303.roa
File:                     1857df77cd26e601eb22b664ce8989932a3c9303.roa (raw, json)
Hash identifier:          xZbtksBEg9FJDn3G0X263iRkWt5x9AF7SqFQpe0E2UU=
Subject key identifier:   F3:58:C3:8F:9F:23:99:3F:78:1B:A9:7F:F2:CE:46:D5:15:D4:FF:74
Certificate issuer:       /CN=89d4ccaed0ced333fa28447d46fd7ba4bdfa23c4
Certificate serial:       0DB014
Authority key identifier: 08:DB:F9:88:38:8D:F0:56:86:D3:0B:EF:8F:8D:31:0F:51:EE:DD:7C
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/89d4ccaed0ced333fa28447d46fd7ba4bdfa23c4.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/f448da9d-d2ab-4f82-b97a-9e31fd0ffe58/1857df77cd26e601eb22b664ce8989932a3c9303.roa
Signing time:             Wed 24 Mar 2021 14:29:55 +0000
ROA not before:           Wed 24 Mar 2021 14:29:55 +0000
ROA not after:            Tue 24 Mar 2026 14:29:55 +0000
asID:                     61481
IP address blocks:        131.100.88.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/f448da9d-d2ab-4f82-b97a-9e31fd0ffe58/89d4ccaed0ced333fa28447d46fd7ba4bdfa23c4.crl
                          rsync://repository.lacnic.net/rpki/lacnic/f448da9d-d2ab-4f82-b97a-9e31fd0ffe58/89d4ccaed0ced333fa28447d46fd7ba4bdfa23c4.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/89d4ccaed0ced333fa28447d46fd7ba4bdfa23c4.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 19:38:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 897044 (0xdb014)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=89d4ccaed0ced333fa28447d46fd7ba4bdfa23c4
        Validity
            Not Before: Mar 24 14:29:55 2021 GMT
            Not After : Mar 24 14:29:55 2026 GMT
        Subject: CN=1857df77cd26e601eb22b664ce8989932a3c9303
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:34:e9:6b:aa:2a:19:fa:14:7b:07:80:04:38:
                    dc:17:34:cb:8f:f8:2a:fa:05:e9:bd:de:4b:f4:51:
                    69:bb:de:91:82:6b:46:1a:67:bf:8e:78:62:6b:c0:
                    33:18:5b:48:1a:18:e6:c9:c6:6b:f0:38:d4:92:3c:
                    5f:9a:2b:f5:be:95:97:9d:71:01:af:7b:2a:7a:04:
                    ae:c6:19:4d:90:49:e3:9c:08:22:ce:63:0e:8b:1b:
                    b0:dd:c6:99:2d:f4:95:35:af:43:d8:34:48:94:85:
                    fa:6e:cf:cb:1b:78:8b:a7:84:3c:a1:5b:68:4e:4a:
                    22:81:fd:e5:6e:9a:68:0b:d4:bb:4b:0b:6c:4b:9a:
                    63:e1:35:67:84:ef:9f:3d:a2:b8:94:10:a0:c9:a9:
                    94:04:10:56:e2:3d:96:3d:73:44:e2:a6:ed:b3:0e:
                    e2:44:e4:f6:22:87:ea:d8:a4:f7:7c:01:fb:f8:29:
                    00:d6:91:c2:b9:46:af:eb:08:42:2b:f0:e1:fe:5b:
                    8e:b3:45:88:73:4c:be:35:8a:8d:32:c4:67:30:2a:
                    b6:85:7c:1c:7e:5f:c0:a2:b6:e4:01:5c:c1:28:bd:
                    56:1a:3e:ff:e8:c5:9e:ad:4b:c7:3a:06:7f:31:be:
                    4c:44:71:9d:2c:11:7b:bf:32:b8:75:58:a7:cd:d0:
                    43:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F3:58:C3:8F:9F:23:99:3F:78:1B:A9:7F:F2:CE:46:D5:15:D4:FF:74
            X509v3 Authority Key Identifier:
                keyid:08:DB:F9:88:38:8D:F0:56:86:D3:0B:EF:8F:8D:31:0F:51:EE:DD:7C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/89d4ccaed0ced333fa28447d46fd7ba4bdfa23c4.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/f448da9d-d2ab-4f82-b97a-9e31fd0ffe58/1857df77cd26e601eb22b664ce8989932a3c9303.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/f448da9d-d2ab-4f82-b97a-9e31fd0ffe58/89d4ccaed0ced333fa28447d46fd7ba4bdfa23c4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  131.100.88.0/22

    Signature Algorithm: sha256WithRSAEncryption
         9f:a3:e1:bd:52:fa:d2:40:2c:9b:05:da:ab:7b:0d:16:c2:9f:
         95:0a:5f:60:d8:75:d5:97:38:42:b2:4f:a2:c9:90:d4:db:95:
         73:a8:66:a4:51:4c:96:fe:e6:d5:4c:ae:37:42:6d:65:21:da:
         02:8e:9a:4e:37:7e:d7:08:65:46:c7:51:87:4c:9e:3a:7c:a4:
         8c:5a:c9:3b:b6:83:53:eb:7a:d3:eb:68:9a:7e:53:5c:1a:98:
         b7:72:72:4f:7e:3e:2e:ab:71:51:df:65:c4:1a:36:0b:7a:3c:
         34:bd:44:a6:e1:70:74:32:39:47:88:c3:cb:72:de:e3:3d:73:
         4e:ee:1a:9d:37:5b:54:eb:28:44:de:b8:88:9c:c8:63:74:55:
         f0:a3:25:de:91:f7:13:03:72:1b:d6:3a:48:62:ca:1d:0b:aa:
         36:f8:23:ca:56:96:7f:2b:73:05:75:c1:0a:cb:84:ee:16:eb:
         aa:f0:25:90:b4:80:67:a0:ea:e7:d6:c2:d1:17:2c:f5:3f:02:
         be:5a:8a:89:57:62:31:df:ec:53:88:85:1f:a0:e0:fb:f7:bb:
         13:be:2c:83:84:f8:d7:28:3e:45:af:87:d2:f6:90:ed:3e:8e:
         04:2c:3c:a3:c3:ae:13:2f:1f:fe:78:3b:79:b0:7c:5e:38:30:
         05:e1:1f:60
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDDbAUMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDg5
ZDRjY2FlZDBjZWQzMzNmYTI4NDQ3ZDQ2ZmQ3YmE0YmRmYTIzYzQwHhcNMjEwMzI0
MTQyOTU1WhcNMjYwMzI0MTQyOTU1WjAzMTEwLwYDVQQDEygxODU3ZGY3N2NkMjZl
NjAxZWIyMmI2NjRjZTg5ODk5MzJhM2M5MzAzMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAhTTpa6oqGfoUeweABDjcFzTLj/gq+gXpvd5L9FFpu96RgmtG
Gme/jnhia8AzGFtIGhjmycZr8DjUkjxfmiv1vpWXnXEBr3sqegSuxhlNkEnjnAgi
zmMOixuw3caZLfSVNa9D2DRIlIX6bs/LG3iLp4Q8oVtoTkoigf3lbppoC9S7Swts
S5pj4TVnhO+fPaK4lBCgyamUBBBW4j2WPXNE4qbtsw7iROT2Iofq2KT3fAH7+CkA
1pHCuUav6whCK/Dh/luOs0WIc0y+NYqNMsRnMCq2hXwcfl/AorbkAVzBKL1WGj7/
6MWerUvHOgZ/Mb5MRHGdLBF7vzK4dVinzdBDcwIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFPNYw4+fI5k/eBupf/LORtUV1P90MB8GA1UdIwQYMBaAFAjb+Yg4jfBWhtML
74+NMQ9R7t18MA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvODlkNGNj
YWVkMGNlZDMzM2ZhMjg0NDdkNDZmZDdiYTRiZGZhMjNjNC5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvZjQ0OGRhOWQtZDJhYi00ZjgyLWI5N2EtOWUzMWZk
MGZmZTU4LzE4NTdkZjc3Y2QyNmU2MDFlYjIyYjY2NGNlODk4OTkzMmEzYzkzMDMu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9mNDQ4ZGE5ZC1kMmFiLTRmODItYjk3YS05ZTMx
ZmQwZmZlNTgvODlkNGNjYWVkMGNlZDMzM2ZhMjg0NDdkNDZmZDdiYTRiZGZhMjNj
NC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAoNkWDANBgkqhkiG9w0BAQsFAAOCAQEAn6PhvVL60kAsmwXa
q3sNFsKflQpfYNh11Zc4QrJPosmQ1NuVc6hmpFFMlv7m1UyuN0JtZSHaAo6aTjd+
1whlRsdRh0yeOnykjFrJO7aDU+t60+tomn5TXBqYt3JyT34+LqtxUd9lxBo2C3o8
NL1EpuFwdDI5R4jDy3Le4z1zTu4anTdbVOsoRN64iJzIY3RV8KMl3pH3EwNyG9Y6
SGLKHQuqNvgjylaWfytzBXXBCsuE7hbrqvAlkLSAZ6Dq59bC0Rcs9T8CvlqKiVdi
Md/sU4iFH6Dg+/e7E74sg4T41yg+Ra+H0vaQ7T6OBCw8o8OuEy8f/ng7ebB8Xjgw
BeEfYA==
-----END CERTIFICATE-----
Generated at Thu Mar 28 22:53:10 2024 by rpki-client on console-ams.rpki-client.org