Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/f8d5be4d-e751-4c70-966b-cff5ed7bf5be/01d0003c272319d34d749be14eed21312b391ded.roa
File:                     01d0003c272319d34d749be14eed21312b391ded.roa (raw, json)
Hash identifier:          hGg9qKLo8FtWc6MQdIubCcSTCo/Q6HH/KBz4SKTxuTs=
Subject key identifier:   ED:A0:8F:FD:FD:C3:DE:96:00:28:5B:F1:B6:F3:19:2B:9B:AB:C7:11
Certificate issuer:       /CN=eec9334789d4fb97b0c0aa483563906a5d69b4c2
Certificate serial:       1F465F
Authority key identifier: 08:91:AA:C4:91:82:BB:0E:06:78:FA:DA:78:35:8C:58:DF:34:5C:CB
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/eec9334789d4fb97b0c0aa483563906a5d69b4c2.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/f8d5be4d-e751-4c70-966b-cff5ed7bf5be/01d0003c272319d34d749be14eed21312b391ded.roa
Signing time:             Wed 26 Apr 2023 17:24:56 +0000
ROA not before:           Tue 25 Apr 2023 17:24:40 +0000
ROA not after:            Sat 26 Apr 2025 17:24:40 +0000
asID:                     263186
IP address blocks:        170.210.52.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/f8d5be4d-e751-4c70-966b-cff5ed7bf5be/eec9334789d4fb97b0c0aa483563906a5d69b4c2.crl
                          rsync://repository.lacnic.net/rpki/lacnic/f8d5be4d-e751-4c70-966b-cff5ed7bf5be/eec9334789d4fb97b0c0aa483563906a5d69b4c2.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/eec9334789d4fb97b0c0aa483563906a5d69b4c2.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 22 Jul 2023 18:46:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2049631 (0x1f465f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=eec9334789d4fb97b0c0aa483563906a5d69b4c2
        Validity
            Not Before: Apr 25 17:24:40 2023 GMT
            Not After : Apr 26 17:24:40 2025 GMT
        Subject: CN=01d0003c272319d34d749be14eed21312b391ded
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:7e:14:c0:5f:cc:0f:6e:f8:8b:f6:66:ee:bf:
                    82:7c:ab:a3:1b:16:c3:ff:28:e6:f2:f2:79:fb:8e:
                    06:54:5e:02:44:29:69:4e:be:51:c7:32:81:86:f4:
                    47:45:7d:0b:55:ce:47:97:7d:d0:08:44:1b:59:06:
                    75:cc:20:30:51:80:c6:23:b7:2d:cd:ff:54:c0:6a:
                    2f:8e:bd:7c:87:a8:8d:b2:95:e4:cd:8e:44:2e:03:
                    13:6a:6e:b5:53:e6:f2:71:6e:2f:b0:97:03:99:cb:
                    69:f4:07:1e:da:1a:13:45:c8:de:94:08:4a:7a:59:
                    56:fc:09:1b:f5:b0:d6:ec:b0:1e:ea:76:66:b9:d1:
                    30:ae:e4:16:43:c3:53:5d:05:6c:f0:72:c1:a6:0e:
                    14:8a:27:67:9a:5b:8b:c5:0d:00:5a:50:fe:72:8f:
                    69:50:db:5d:06:b7:57:71:14:ca:52:d0:42:65:35:
                    5a:3e:09:5f:f0:99:52:4a:c4:9b:7c:e3:17:11:65:
                    84:ad:7d:74:8b:12:07:90:6b:4a:40:dd:ed:d6:56:
                    de:8a:8e:25:06:e1:65:b3:ef:02:46:32:a6:ef:b7:
                    20:cc:5f:11:75:3e:da:a0:7c:99:3a:f3:23:93:99:
                    69:fa:fe:f9:c7:6d:ca:f4:ef:a4:da:0d:ec:20:0e:
                    82:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                ED:A0:8F:FD:FD:C3:DE:96:00:28:5B:F1:B6:F3:19:2B:9B:AB:C7:11
            X509v3 Authority Key Identifier:
                keyid:08:91:AA:C4:91:82:BB:0E:06:78:FA:DA:78:35:8C:58:DF:34:5C:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/eec9334789d4fb97b0c0aa483563906a5d69b4c2.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/f8d5be4d-e751-4c70-966b-cff5ed7bf5be/01d0003c272319d34d749be14eed21312b391ded.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/f8d5be4d-e751-4c70-966b-cff5ed7bf5be/eec9334789d4fb97b0c0aa483563906a5d69b4c2.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  170.210.52.0/22

    Signature Algorithm: sha256WithRSAEncryption
         25:17:4f:25:a0:bc:28:d8:4d:f8:f3:6f:34:11:8e:ac:35:e8:
         52:64:21:28:68:d4:e6:c2:c6:cc:20:cc:da:be:5b:35:59:ff:
         7e:fc:0d:29:04:6d:61:60:d0:40:64:4a:79:94:d5:e5:ef:26:
         ae:06:4d:df:07:96:6a:a3:a5:94:07:b2:fc:ca:9b:7a:f7:bd:
         80:af:0b:b9:dc:8c:d0:33:55:91:70:17:1b:8f:6e:65:bd:66:
         5b:61:23:cc:b6:fe:1b:ec:3b:d4:4c:fd:36:f4:7b:7e:50:7d:
         a4:b1:e3:b8:f1:a0:0c:30:0b:46:e9:db:23:7c:fa:34:4f:e3:
         c6:83:62:c2:bf:b4:0d:9e:54:81:a0:5f:b5:e1:45:28:df:93:
         aa:b7:f1:4c:17:f3:bb:16:45:6f:0c:63:c4:65:39:12:02:e0:
         de:ca:d7:4b:83:cc:af:9d:aa:91:5a:3d:7c:38:ed:e5:80:c8:
         8f:1a:33:12:ea:d7:09:98:e7:a2:9b:a5:47:cd:6d:87:c0:34:
         35:2e:16:2e:17:9c:5e:97:ea:3b:86:fe:8e:0a:94:75:7d:34:
         ac:f8:cb:6e:9e:44:1d:bf:89:5b:ab:a1:96:24:3e:4c:87:9d:
         da:bb:79:b9:4e:6a:83:97:7b:46:4d:96:37:09:c8:95:91:5b:
         3d:12:5d:21
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDH0ZfMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGVl
YzkzMzQ3ODlkNGZiOTdiMGMwYWE0ODM1NjM5MDZhNWQ2OWI0YzIwHhcNMjMwNDI1
MTcyNDQwWhcNMjUwNDI2MTcyNDQwWjAzMTEwLwYDVQQDEygwMWQwMDAzYzI3MjMx
OWQzNGQ3NDliZTE0ZWVkMjEzMTJiMzkxZGVkMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAnH4UwF/MD274i/Zm7r+CfKujGxbD/yjm8vJ5+44GVF4CRClp
Tr5RxzKBhvRHRX0LVc5Hl33QCEQbWQZ1zCAwUYDGI7ctzf9UwGovjr18h6iNspXk
zY5ELgMTam61U+bycW4vsJcDmctp9Ace2hoTRcjelAhKellW/Akb9bDW7LAe6nZm
udEwruQWQ8NTXQVs8HLBpg4UiidnmluLxQ0AWlD+co9pUNtdBrdXcRTKUtBCZTVa
Pglf8JlSSsSbfOMXEWWErX10ixIHkGtKQN3t1lbeio4lBuFls+8CRjKm77cgzF8R
dT7aoHyZOvMjk5lp+v75x23K9O+k2g3sIA6C+QIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFO2gj/39w96WAChb8bbzGSubq8cRMB8GA1UdIwQYMBaAFAiRqsSRgrsOBnj6
2ng1jFjfNFzLMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvZWVjOTMz
NDc4OWQ0ZmI5N2IwYzBhYTQ4MzU2MzkwNmE1ZDY5YjRjMi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvZjhkNWJlNGQtZTc1MS00YzcwLTk2NmItY2ZmNWVk
N2JmNWJlLzAxZDAwMDNjMjcyMzE5ZDM0ZDc0OWJlMTRlZWQyMTMxMmIzOTFkZWQu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9mOGQ1YmU0ZC1lNzUxLTRjNzAtOTY2Yi1jZmY1
ZWQ3YmY1YmUvZWVjOTMzNDc4OWQ0ZmI5N2IwYzBhYTQ4MzU2MzkwNmE1ZDY5YjRj
Mi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAqrSNDANBgkqhkiG9w0BAQsFAAOCAQEAJRdPJaC8KNhN+PNv
NBGOrDXoUmQhKGjU5sLGzCDM2r5bNVn/fvwNKQRtYWDQQGRKeZTV5e8mrgZN3weW
aqOllAey/Mqbeve9gK8LudyM0DNVkXAXG49uZb1mW2EjzLb+G+w71Ez9NvR7flB9
pLHjuPGgDDALRunbI3z6NE/jxoNiwr+0DZ5UgaBfteFFKN+TqrfxTBfzuxZFbwxj
xGU5EgLg3srXS4PMr52qkVo9fDjt5YDIjxozEurXCZjnopulR81th8A0NS4WLhec
XpfqO4b+jgqUdX00rPjLbp5EHb+JW6uhliQ+TIed2rt5uU5qg5d7Rk2WNwnIlZFb
PRJdIQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 22:21:44 2023 by rpki-client on console-fra.rpki-client.org