Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/fece80fb-b8bb-4d10-b4c2-249d801884fa/d57e5d9cff37c3c69897a32ff3c33679182b9a73.roa
File:                     d57e5d9cff37c3c69897a32ff3c33679182b9a73.roa (raw, json)
Hash identifier:          qrU79jfvYrTSJ36Pfg/5+3Q67EKq0ebIYiWDNX7uV/0=
Subject key identifier:   4B:92:FD:DA:D3:B1:D4:1E:53:DB:44:70:B0:CA:81:A5:50:3D:35:4D
Certificate issuer:       /CN=cb320b79e8976c901f192c3b7778287f392e9486
Certificate serial:       0D34E7
Authority key identifier: AF:95:77:E7:E8:85:BB:2A:53:5B:C9:A4:17:2F:B3:A0:2E:24:6A:C1
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/cb320b79e8976c901f192c3b7778287f392e9486.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/fece80fb-b8bb-4d10-b4c2-249d801884fa/d57e5d9cff37c3c69897a32ff3c33679182b9a73.roa
Signing time:             Wed 24 Mar 2021 14:34:19 +0000
ROA not before:           Wed 24 Mar 2021 14:34:19 +0000
ROA not after:            Tue 24 Mar 2026 14:34:19 +0000
asID:                     265703
IP address blocks:        45.239.120.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/fece80fb-b8bb-4d10-b4c2-249d801884fa/cb320b79e8976c901f192c3b7778287f392e9486.crl
                          rsync://repository.lacnic.net/rpki/lacnic/fece80fb-b8bb-4d10-b4c2-249d801884fa/cb320b79e8976c901f192c3b7778287f392e9486.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/cb320b79e8976c901f192c3b7778287f392e9486.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 01 Apr 2024 04:56:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 865511 (0xd34e7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cb320b79e8976c901f192c3b7778287f392e9486
        Validity
            Not Before: Mar 24 14:34:19 2021 GMT
            Not After : Mar 24 14:34:19 2026 GMT
        Subject: CN=d57e5d9cff37c3c69897a32ff3c33679182b9a73
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:70:b9:7f:c3:12:44:2f:0e:3b:cd:5b:09:77:
                    09:38:de:a1:d3:42:ba:09:31:69:0f:ef:4c:c7:71:
                    13:33:6f:d6:59:b5:e3:1a:c0:6a:30:19:84:e1:5c:
                    dc:16:57:cd:d9:8c:94:25:b1:e2:e7:cd:2b:57:39:
                    b2:48:82:80:4e:07:7f:bb:70:d9:9b:ae:d5:82:7f:
                    72:2e:ef:7e:b0:5a:e4:ae:05:7e:51:42:a8:b4:92:
                    75:83:a2:e3:2e:b1:9d:d1:9d:31:33:dd:91:dc:2d:
                    15:13:bd:73:9f:21:b7:c5:32:2e:94:73:52:a9:fd:
                    5f:3e:7f:c8:4d:17:fc:2c:dc:34:63:6c:f2:26:63:
                    da:86:fe:0b:95:ca:ec:1e:d6:da:98:5a:88:f9:64:
                    4c:c6:46:ef:07:27:b6:d1:82:66:e7:98:e5:bc:dd:
                    bc:9b:af:8d:99:b3:a6:14:a1:e4:21:87:73:8a:59:
                    fc:95:06:ba:4b:1e:d7:4c:70:b5:92:57:90:db:6f:
                    e3:5a:c8:b4:c0:aa:1a:be:14:98:6b:f8:2a:53:5e:
                    c5:f6:49:05:9a:03:3b:29:03:00:22:f1:aa:49:0d:
                    0b:27:d2:d7:18:b8:6f:43:5d:0c:cd:f5:0f:88:f0:
                    db:68:da:7a:78:a4:d1:be:2d:7f:17:f7:91:bb:c2:
                    59:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4B:92:FD:DA:D3:B1:D4:1E:53:DB:44:70:B0:CA:81:A5:50:3D:35:4D
            X509v3 Authority Key Identifier:
                keyid:AF:95:77:E7:E8:85:BB:2A:53:5B:C9:A4:17:2F:B3:A0:2E:24:6A:C1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/cb320b79e8976c901f192c3b7778287f392e9486.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/fece80fb-b8bb-4d10-b4c2-249d801884fa/d57e5d9cff37c3c69897a32ff3c33679182b9a73.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/fece80fb-b8bb-4d10-b4c2-249d801884fa/cb320b79e8976c901f192c3b7778287f392e9486.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.239.120.0/22

    Signature Algorithm: sha256WithRSAEncryption
         40:87:fa:89:95:b2:b1:f3:03:ae:8b:13:25:8b:a3:17:23:2b:
         b4:63:89:83:2d:2a:d7:b7:1f:8e:0c:02:3d:e2:b7:1f:bb:f4:
         80:af:42:09:9e:af:24:c5:f0:e9:d5:d1:16:8e:d4:f6:b7:d5:
         4b:6e:8a:7b:10:92:f5:62:b1:66:e8:26:b6:dc:32:cf:88:ed:
         73:f2:5d:a8:9d:97:be:1a:92:b5:25:8f:e6:e7:b9:ec:9e:25:
         8f:38:80:eb:4b:a2:0d:cc:7b:28:3d:dd:d8:27:dd:3b:5b:ad:
         6e:6e:60:5b:c7:77:be:cd:52:a9:1b:9f:ae:d3:f1:9b:39:b2:
         a8:8a:6f:a8:4f:cc:67:ba:dc:e9:8a:41:4b:f8:b4:42:ba:f8:
         fb:7b:a0:44:9c:90:3b:ea:0b:63:cf:da:73:8d:76:61:d4:4d:
         84:f0:e8:90:53:bc:4f:6c:08:ba:2f:ed:1c:aa:35:d3:25:99:
         2d:09:18:1f:94:d4:ac:eb:5c:a4:c2:12:35:23:f7:43:4a:58:
         68:a9:18:bf:dd:42:41:00:0e:ae:d0:7d:23:e1:f6:ce:c7:24:
         00:3e:bd:52:9a:58:3a:07:12:fe:d5:a7:03:89:56:c0:fe:dd:
         4d:51:4c:37:02:4c:7c:03:87:a3:c2:4f:84:ba:87:cd:1f:36:
         82:b8:f6:d7
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDDTTnMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGNi
MzIwYjc5ZTg5NzZjOTAxZjE5MmMzYjc3NzgyODdmMzkyZTk0ODYwHhcNMjEwMzI0
MTQzNDE5WhcNMjYwMzI0MTQzNDE5WjAzMTEwLwYDVQQDEyhkNTdlNWQ5Y2ZmMzdj
M2M2OTg5N2EzMmZmM2MzMzY3OTE4MmI5YTczMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAv3C5f8MSRC8OO81bCXcJON6h00K6CTFpD+9Mx3ETM2/WWbXj
GsBqMBmE4VzcFlfN2YyUJbHi580rVzmySIKATgd/u3DZm67Vgn9yLu9+sFrkrgV+
UUKotJJ1g6LjLrGd0Z0xM92R3C0VE71znyG3xTIulHNSqf1fPn/ITRf8LNw0Y2zy
JmPahv4LlcrsHtbamFqI+WRMxkbvBye20YJm55jlvN28m6+NmbOmFKHkIYdziln8
lQa6Sx7XTHC1kleQ22/jWsi0wKoavhSYa/gqU17F9kkFmgM7KQMAIvGqSQ0LJ9LX
GLhvQ10MzfUPiPDbaNp6eKTRvi1/F/eRu8JZPQIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFEuS/drTsdQeU9tEcLDKgaVQPTVNMB8GA1UdIwQYMBaAFK+Vd+fohbsqU1vJ
pBcvs6AuJGrBMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvY2IzMjBi
NzllODk3NmM5MDFmMTkyYzNiNzc3ODI4N2YzOTJlOTQ4Ni5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvZmVjZTgwZmItYjhiYi00ZDEwLWI0YzItMjQ5ZDgw
MTg4NGZhL2Q1N2U1ZDljZmYzN2MzYzY5ODk3YTMyZmYzYzMzNjc5MTgyYjlhNzMu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9mZWNlODBmYi1iOGJiLTRkMTAtYjRjMi0yNDlk
ODAxODg0ZmEvY2IzMjBiNzllODk3NmM5MDFmMTkyYzNiNzc3ODI4N2YzOTJlOTQ4
Ni5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAi3veDANBgkqhkiG9w0BAQsFAAOCAQEAQIf6iZWysfMDrosT
JYujFyMrtGOJgy0q17cfjgwCPeK3H7v0gK9CCZ6vJMXw6dXRFo7U9rfVS26KexCS
9WKxZugmttwyz4jtc/JdqJ2XvhqStSWP5ue57J4ljziA60uiDcx7KD3d2CfdO1ut
bm5gW8d3vs1SqRufrtPxmzmyqIpvqE/MZ7rc6YpBS/i0Qrr4+3ugRJyQO+oLY8/a
c412YdRNhPDokFO8T2wIui/tHKo10yWZLQkYH5TUrOtcpMISNSP3Q0pYaKkYv91C
QQAOrtB9I+H2zsckAD69UppYOgcS/tWnA4lWwP7dTVFMNwJMfAOHo8JPhLqHzR82
grj21w==
-----END CERTIFICATE-----
Generated at Fri Mar 29 04:59:33 2024 by rpki-client on console-fra.rpki-client.org