Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/f542b47d-f64d-40f9-945f-c6e9eb5ab9c7/864a99af8c29e80baf90c5dad95784c87775e98d.roa
File:                     864a99af8c29e80baf90c5dad95784c87775e98d.roa (raw, json)
Hash identifier:          CPH7YfeYo2SP7e7iNrn4glkynnZjTQL1oLfNI6RsgRE=
Subject key identifier:   97:07:E8:A5:0A:81:77:93:B6:C7:09:41:BF:C5:73:CA:D2:B0:D0:0A
Certificate issuer:       /CN=4f75d567409587c423de2dbd5dde5cf60431a02a
Certificate serial:       0DB434
Authority key identifier: 70:C5:F9:24:89:A7:62:95:B7:D9:CA:8E:05:33:22:B9:70:67:9C:E2
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/4f75d567409587c423de2dbd5dde5cf60431a02a.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/f542b47d-f64d-40f9-945f-c6e9eb5ab9c7/864a99af8c29e80baf90c5dad95784c87775e98d.roa
Signing time:             Wed 24 Mar 2021 14:29:55 +0000
ROA not before:           Wed 24 Mar 2021 14:29:55 +0000
ROA not after:            Tue 24 Mar 2026 14:29:55 +0000
asID:                     28023
IP address blocks:        170.238.244.0/22 maxlen: 24
                          200.91.48.0/21 maxlen: 24
                          2803:14c0::/32 maxlen: 34

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/f542b47d-f64d-40f9-945f-c6e9eb5ab9c7/4f75d567409587c423de2dbd5dde5cf60431a02a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/f542b47d-f64d-40f9-945f-c6e9eb5ab9c7/4f75d567409587c423de2dbd5dde5cf60431a02a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/4f75d567409587c423de2dbd5dde5cf60431a02a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 12:22:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 898100 (0xdb434)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4f75d567409587c423de2dbd5dde5cf60431a02a
        Validity
            Not Before: Mar 24 14:29:55 2021 GMT
            Not After : Mar 24 14:29:55 2026 GMT
        Subject: CN=864a99af8c29e80baf90c5dad95784c87775e98d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:4e:3d:d3:08:72:67:9e:c6:fa:2c:12:88:12:
                    71:0d:23:5b:c7:f3:60:e7:f1:b2:be:2d:ca:d4:a8:
                    c9:69:ca:9a:b2:1b:f2:f7:85:4c:60:ab:ae:93:a1:
                    5e:fd:6e:ce:18:07:5d:44:35:d9:a0:88:cc:de:93:
                    49:f9:13:02:c4:50:db:e0:99:1f:5c:43:3a:6b:47:
                    84:d0:3a:55:c7:bc:4b:0c:1b:ef:fe:49:0b:e7:9e:
                    97:0b:a2:f7:eb:30:d1:df:42:c6:a7:86:96:3a:28:
                    11:5f:04:fb:d2:bc:74:38:2a:14:ff:8f:ff:cd:80:
                    17:ed:7b:b4:90:f3:e9:e7:cb:87:c8:71:16:b8:93:
                    71:1a:6e:42:e2:61:d5:22:12:5b:79:b8:df:ed:81:
                    5b:bd:3e:31:91:04:86:45:ea:a1:59:4c:2c:8d:52:
                    dc:75:7e:31:ca:c5:44:5f:6b:91:d5:c4:82:4a:d1:
                    48:70:68:e9:20:56:2e:cd:91:8c:01:7b:ca:e3:2a:
                    fd:43:4b:4c:50:1d:28:ec:b2:21:6e:72:ed:cb:c9:
                    b0:47:80:45:9e:4a:de:4a:83:d9:86:56:00:3e:dd:
                    fd:93:4d:ac:24:30:49:9b:cf:57:ab:b2:3d:54:1a:
                    12:2b:d5:6f:37:f8:63:6b:58:69:83:25:2d:60:ae:
                    97:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                97:07:E8:A5:0A:81:77:93:B6:C7:09:41:BF:C5:73:CA:D2:B0:D0:0A
            X509v3 Authority Key Identifier:
                keyid:70:C5:F9:24:89:A7:62:95:B7:D9:CA:8E:05:33:22:B9:70:67:9C:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/4f75d567409587c423de2dbd5dde5cf60431a02a.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/f542b47d-f64d-40f9-945f-c6e9eb5ab9c7/864a99af8c29e80baf90c5dad95784c87775e98d.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/f542b47d-f64d-40f9-945f-c6e9eb5ab9c7/4f75d567409587c423de2dbd5dde5cf60431a02a.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  170.238.244.0/22
                  200.91.48.0/21
                IPv6:
                  2803:14c0::/32

    Signature Algorithm: sha256WithRSAEncryption
         26:bf:6f:9c:aa:66:e3:0c:b4:8d:be:79:e9:61:9f:36:e0:54:
         c0:cd:c1:1e:21:76:5c:6d:e7:d3:ac:c0:b7:4c:46:ae:9c:b3:
         61:dd:92:9d:f4:e2:11:02:b4:33:9f:69:01:d7:75:3e:ae:de:
         1b:7b:a6:3f:6f:bd:21:c1:07:d0:ff:5e:69:fd:0d:a0:6d:61:
         c9:95:97:39:2c:4b:17:97:c3:94:30:29:67:a0:2a:44:39:9b:
         82:92:95:dd:cb:db:2f:27:80:a9:78:ab:c0:12:bd:68:58:02:
         04:56:e5:85:d7:8c:9a:7f:88:16:a3:b1:e0:f5:e8:ec:fe:90:
         3b:25:c9:53:03:c8:64:e8:f1:c1:54:b0:68:d5:c4:40:6b:33:
         a6:97:44:e4:92:6b:c5:67:d9:04:6c:64:7d:1c:08:6d:22:45:
         f9:9a:77:1b:60:94:48:f5:f0:3c:fb:88:ee:99:76:3c:e6:8b:
         85:5d:6d:60:84:d7:7b:a2:ee:c8:b2:7d:eb:b2:37:86:52:02:
         b8:e0:32:a6:d3:1b:af:e3:fb:a2:52:47:e4:a6:0c:93:91:d5:
         ba:49:e1:59:90:fc:01:8b:f6:3c:1e:ec:aa:6b:82:a0:41:8c:
         4f:79:11:7e:34:d2:a9:8b:97:eb:5b:22:23:60:19:28:56:53:
         38:18:dc:2f
-----BEGIN CERTIFICATE-----
MIIFVTCCBD2gAwIBAgIDDbQ0MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDRm
NzVkNTY3NDA5NTg3YzQyM2RlMmRiZDVkZGU1Y2Y2MDQzMWEwMmEwHhcNMjEwMzI0
MTQyOTU1WhcNMjYwMzI0MTQyOTU1WjAzMTEwLwYDVQQDEyg4NjRhOTlhZjhjMjll
ODBiYWY5MGM1ZGFkOTU3ODRjODc3NzVlOThkMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAhU490whyZ57G+iwSiBJxDSNbx/Ng5/Gyvi3K1KjJacqashvy
94VMYKuuk6Fe/W7OGAddRDXZoIjM3pNJ+RMCxFDb4JkfXEM6a0eE0DpVx7xLDBvv
/kkL556XC6L36zDR30LGp4aWOigRXwT70rx0OCoU/4//zYAX7Xu0kPPp58uHyHEW
uJNxGm5C4mHVIhJbebjf7YFbvT4xkQSGReqhWUwsjVLcdX4xysVEX2uR1cSCStFI
cGjpIFYuzZGMAXvK4yr9Q0tMUB0o7LIhbnLty8mwR4BFnkreSoPZhlYAPt39k02s
JDBJm89Xq7I9VBoSK9VvN/hja1hpgyUtYK6XqQIDAQABo4ICcDCCAmwwHQYDVR0O
BBYEFJcH6KUKgXeTtscJQb/Fc8rSsNAKMB8GA1UdIwQYMBaAFHDF+SSJp2KVt9nK
jgUzIrlwZ5ziMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvNGY3NWQ1
Njc0MDk1ODdjNDIzZGUyZGJkNWRkZTVjZjYwNDMxYTAyYS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvZjU0MmI0N2QtZjY0ZC00MGY5LTk0NWYtYzZlOWVi
NWFiOWM3Lzg2NGE5OWFmOGMyOWU4MGJhZjkwYzVkYWQ5NTc4NGM4Nzc3NWU5OGQu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9mNTQyYjQ3ZC1mNjRkLTQwZjktOTQ1Zi1jNmU5
ZWI1YWI5YzcvNGY3NWQ1Njc0MDk1ODdjNDIzZGUyZGJkNWRkZTVjZjYwNDMxYTAy
YS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0BggrBgEFBQcBBwEB/wQl
MCMwEgQCAAEwDAMEAqru9AMEA8hbMDANBAIAAjAHAwUAKAMUwDANBgkqhkiG9w0B
AQsFAAOCAQEAJr9vnKpm4wy0jb556WGfNuBUwM3BHiF2XG3n06zAt0xGrpyzYd2S
nfTiEQK0M59pAdd1Pq7eG3umP2+9IcEH0P9eaf0NoG1hyZWXOSxLF5fDlDApZ6Aq
RDmbgpKV3cvbLyeAqXirwBK9aFgCBFblhdeMmn+IFqOx4PXo7P6QOyXJUwPIZOjx
wVSwaNXEQGszppdE5JJrxWfZBGxkfRwIbSJF+Zp3G2CUSPXwPPuI7pl2POaLhV1t
YITXe6LuyLJ967I3hlICuOAyptMbr+P7olJH5KYMk5HVuknhWZD8AYv2PB7sqmuC
oEGMT3kRfjTSqYuX61siI2AZKFZTOBjcLw==
-----END CERTIFICATE-----
Generated at Thu Mar 28 13:29:35 2024 by rpki-client on console-ams.rpki-client.org