Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/fb1df9aa-a9bc-4f3c-8e52-71146a6196f9/d0af110911f7bec04fd7ac9e9c12456f754b5a9c.roa
File:                     d0af110911f7bec04fd7ac9e9c12456f754b5a9c.roa (raw, json)
Hash identifier:          bJa0v1fdfov1y1OUcrogvigOnTG/clOsU18913LpD5M=
Subject key identifier:   E7:08:16:30:C6:3D:59:54:7A:31:32:FB:21:C9:DE:6E:73:20:56:36
Certificate issuer:       /CN=88c828fbf7c4212619b24a7d12142f15f0f5ffea
Certificate serial:       02205A
Authority key identifier: 6A:15:80:3C:4B:16:44:9A:6C:C1:B1:2E:28:E8:2C:8F:E8:A7:6F:F6
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/88c828fbf7c4212619b24a7d12142f15f0f5ffea.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/fb1df9aa-a9bc-4f3c-8e52-71146a6196f9/d0af110911f7bec04fd7ac9e9c12456f754b5a9c.roa
Signing time:             Fri 05 May 2023 22:53:28 +0000
ROA not before:           Thu 04 May 2023 22:53:28 +0000
ROA not after:            Mon 05 May 2025 22:53:28 +0000
asID:                     262589
IP address blocks:        170.0.8.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/fb1df9aa-a9bc-4f3c-8e52-71146a6196f9/88c828fbf7c4212619b24a7d12142f15f0f5ffea.crl
                          rsync://repository.lacnic.net/rpki/lacnic/fb1df9aa-a9bc-4f3c-8e52-71146a6196f9/88c828fbf7c4212619b24a7d12142f15f0f5ffea.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/88c828fbf7c4212619b24a7d12142f15f0f5ffea.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 19:38:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 139354 (0x2205a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=88c828fbf7c4212619b24a7d12142f15f0f5ffea
        Validity
            Not Before: May  4 22:53:28 2023 GMT
            Not After : May  5 22:53:28 2025 GMT
        Subject: CN=d0af110911f7bec04fd7ac9e9c12456f754b5a9c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:2e:7e:04:33:e6:29:4e:8d:86:a5:c2:70:1f:
                    65:d0:ed:56:7a:7a:15:96:ed:d4:92:31:dc:b0:65:
                    5f:42:fc:d8:79:9a:d1:16:0a:d6:b6:50:26:0a:3d:
                    96:bf:4f:84:62:04:d1:ce:d5:2a:37:b8:7c:19:cd:
                    c8:cf:f3:7b:23:eb:09:4e:d7:7f:dc:5a:fe:9a:13:
                    f0:84:d4:6f:d9:4c:8a:41:9b:04:96:78:2c:99:2c:
                    a4:32:b8:29:8e:f2:2c:aa:3e:bf:5d:7f:89:f5:a2:
                    22:50:3c:75:92:2d:61:8c:06:5b:61:54:5f:84:29:
                    7f:e9:e1:5d:42:b4:3e:a9:f3:32:db:73:ba:a7:83:
                    75:c8:73:10:79:6b:a1:4e:24:8b:ea:ae:d7:1a:52:
                    cc:e4:28:c1:88:43:20:5f:83:bb:3c:f2:8e:fd:56:
                    63:11:86:94:4a:28:81:73:4b:b3:4f:7b:5a:6d:e1:
                    c8:99:14:7c:a7:df:18:fd:ef:9f:1e:d2:bd:d6:25:
                    ba:79:51:76:4b:c8:2b:f5:7e:76:77:cf:ae:1f:f3:
                    b6:e0:31:a2:dc:0c:ad:35:12:52:88:cf:bc:f6:7a:
                    0c:49:3c:ad:db:f3:2e:ac:d2:89:ea:a2:d5:6a:8b:
                    87:c9:4b:1c:a4:6d:80:bd:6c:1a:8b:01:3c:f7:22:
                    11:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E7:08:16:30:C6:3D:59:54:7A:31:32:FB:21:C9:DE:6E:73:20:56:36
            X509v3 Authority Key Identifier:
                keyid:6A:15:80:3C:4B:16:44:9A:6C:C1:B1:2E:28:E8:2C:8F:E8:A7:6F:F6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/88c828fbf7c4212619b24a7d12142f15f0f5ffea.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/fb1df9aa-a9bc-4f3c-8e52-71146a6196f9/d0af110911f7bec04fd7ac9e9c12456f754b5a9c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/fb1df9aa-a9bc-4f3c-8e52-71146a6196f9/88c828fbf7c4212619b24a7d12142f15f0f5ffea.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  170.0.8.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5b:63:35:b1:e8:1f:db:36:24:25:93:68:28:ea:6a:05:1d:70:
         93:67:46:7a:f3:23:1f:49:f2:f3:26:fb:d0:ce:54:eb:42:24:
         b0:21:cd:e7:36:31:31:8b:2c:29:93:07:5c:1f:cd:1c:e6:7b:
         22:b4:bf:85:33:9e:32:3e:6f:4e:3e:0d:ad:41:25:3f:3c:fc:
         f4:94:55:74:ea:66:12:08:ad:6b:88:1d:a7:4d:07:2a:33:ad:
         57:24:30:8e:9c:f7:75:11:f8:4b:2c:0b:e0:89:81:0f:a3:a4:
         83:04:67:c2:7b:70:67:eb:84:01:5e:24:8f:43:17:ac:40:9c:
         41:1d:54:98:e2:07:90:39:0b:ff:47:85:df:0b:c1:74:58:62:
         60:2c:2a:ea:e6:21:a5:23:43:3b:34:a6:27:3f:0f:b9:6f:c0:
         75:11:c8:a0:28:17:e2:d6:ec:93:b2:62:51:c1:af:4f:02:46:
         e5:2a:e8:5a:22:e4:79:0e:b1:c9:e7:ee:c9:f2:5f:24:9c:66:
         fe:86:06:9d:73:a3:89:2f:6a:3b:f1:38:a9:49:64:61:6c:49:
         2f:ba:50:da:d7:63:e8:d5:9d:8a:6a:7d:ad:4a:7d:03:04:8e:
         17:3e:29:73:c4:78:79:5b:4d:d9:ec:3a:81:d4:84:6b:be:90:
         0f:9c:b8:b0
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDAiBaMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDg4
YzgyOGZiZjdjNDIxMjYxOWIyNGE3ZDEyMTQyZjE1ZjBmNWZmZWEwHhcNMjMwNTA0
MjI1MzI4WhcNMjUwNTA1MjI1MzI4WjAzMTEwLwYDVQQDEyhkMGFmMTEwOTExZjdi
ZWMwNGZkN2FjOWU5YzEyNDU2Zjc1NGI1YTljMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAmC5+BDPmKU6NhqXCcB9l0O1WenoVlu3UkjHcsGVfQvzYeZrR
FgrWtlAmCj2Wv0+EYgTRztUqN7h8Gc3Iz/N7I+sJTtd/3Fr+mhPwhNRv2UyKQZsE
lngsmSykMrgpjvIsqj6/XX+J9aIiUDx1ki1hjAZbYVRfhCl/6eFdQrQ+qfMy23O6
p4N1yHMQeWuhTiSL6q7XGlLM5CjBiEMgX4O7PPKO/VZjEYaUSiiBc0uzT3tabeHI
mRR8p98Y/e+fHtK91iW6eVF2S8gr9X52d8+uH/O24DGi3AytNRJSiM+89noMSTyt
2/MurNKJ6qLVaouHyUscpG2AvWwaiwE89yIRzQIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFOcIFjDGPVlUejEy+yHJ3m5zIFY2MB8GA1UdIwQYMBaAFGoVgDxLFkSabMGx
LijoLI/op2/2MA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvODhjODI4
ZmJmN2M0MjEyNjE5YjI0YTdkMTIxNDJmMTVmMGY1ZmZlYS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvZmIxZGY5YWEtYTliYy00ZjNjLThlNTItNzExNDZh
NjE5NmY5L2QwYWYxMTA5MTFmN2JlYzA0ZmQ3YWM5ZTljMTI0NTZmNzU0YjVhOWMu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9mYjFkZjlhYS1hOWJjLTRmM2MtOGU1Mi03MTE0
NmE2MTk2ZjkvODhjODI4ZmJmN2M0MjEyNjE5YjI0YTdkMTIxNDJmMTVmMGY1ZmZl
YS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAKoACDANBgkqhkiG9w0BAQsFAAOCAQEAW2M1segf2zYkJZNo
KOpqBR1wk2dGevMjH0ny8yb70M5U60IksCHN5zYxMYssKZMHXB/NHOZ7IrS/hTOe
Mj5vTj4NrUElPzz89JRVdOpmEgita4gdp00HKjOtVyQwjpz3dRH4SywL4ImBD6Ok
gwRnwntwZ+uEAV4kj0MXrECcQR1UmOIHkDkL/0eF3wvBdFhiYCwq6uYhpSNDOzSm
Jz8PuW/AdRHIoCgX4tbsk7JiUcGvTwJG5SroWiLkeQ6xyefuyfJfJJxm/oYGnXOj
iS9qO/E4qUlkYWxJL7pQ2tdj6NWdimp9rUp9AwSOFz4pc8R4eVtN2ew6gdSEa76Q
D5y4sA==
-----END CERTIFICATE-----
Generated at Thu Mar 28 21:31:19 2024 by rpki-client on console-ams.rpki-client.org