Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/007d3f4a-691a-47a6-9523-28dc2dbdcb3f/5a84274af9ab8c8073fdc4313d0aea4123a11cbd.roa
File:                     5a84274af9ab8c8073fdc4313d0aea4123a11cbd.roa (raw, json)
Hash identifier:          DHJ0dCVrwK4cRNxBOWO1C9DIUz3jNHSpcjGC3o/E3I8=
Subject key identifier:   BB:EA:6C:72:8C:EA:2B:E3:78:F6:DA:A4:C6:6C:1F:88:31:5B:A3:52
Certificate issuer:       /CN=12ff89774599a3b510bac6a3818f3d64e1638997
Certificate serial:       0CF95A
Authority key identifier: F7:B4:89:86:03:46:5C:8E:15:DA:8E:15:35:A3:6F:3F:C1:13:9B:C4
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/12ff89774599a3b510bac6a3818f3d64e1638997.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/007d3f4a-691a-47a6-9523-28dc2dbdcb3f/5a84274af9ab8c8073fdc4313d0aea4123a11cbd.roa
Signing time:             Wed 24 Mar 2021 14:32:31 +0000
ROA not before:           Wed 24 Mar 2021 14:32:31 +0000
ROA not after:            Tue 24 Mar 2026 14:32:31 +0000
asID:                     27790
IP address blocks:        200.16.16.0/20 maxlen: 24
                          2801:120::/32 maxlen: 32

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/007d3f4a-691a-47a6-9523-28dc2dbdcb3f/12ff89774599a3b510bac6a3818f3d64e1638997.crl
                          rsync://repository.lacnic.net/rpki/lacnic/007d3f4a-691a-47a6-9523-28dc2dbdcb3f/12ff89774599a3b510bac6a3818f3d64e1638997.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/12ff89774599a3b510bac6a3818f3d64e1638997.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 12:22:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 850266 (0xcf95a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=12ff89774599a3b510bac6a3818f3d64e1638997
        Validity
            Not Before: Mar 24 14:32:31 2021 GMT
            Not After : Mar 24 14:32:31 2026 GMT
        Subject: CN=5a84274af9ab8c8073fdc4313d0aea4123a11cbd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:1a:0b:39:13:de:75:93:00:ab:79:c4:27:d0:
                    6c:67:74:d6:e4:e8:ff:13:57:c9:b5:99:85:6d:45:
                    93:4a:66:b2:89:31:af:28:8d:7e:58:d7:aa:8a:53:
                    5d:d0:68:59:d2:d0:dd:b7:0c:15:e9:7e:08:18:0c:
                    74:bb:8d:12:20:96:92:3b:5d:eb:fb:d5:e1:00:3f:
                    c5:d2:e6:6b:4f:ef:06:65:26:75:c4:61:eb:c2:62:
                    5a:99:c4:88:81:f4:fc:c5:a7:20:4d:37:83:90:24:
                    34:82:c5:12:c7:c9:12:ef:cc:25:63:e2:aa:99:1d:
                    fc:2d:5b:7d:f2:bc:5d:d2:4e:09:03:d4:59:43:49:
                    45:1a:f0:00:0a:71:e0:1e:30:b7:c0:74:28:dc:af:
                    9c:f1:e0:bc:ff:79:eb:e7:ef:6d:b9:97:6d:eb:9e:
                    73:33:6d:2c:63:7c:4b:67:d5:d5:19:45:96:e0:eb:
                    dd:05:02:71:7d:76:8c:90:f9:fd:24:e2:df:93:cd:
                    66:b4:d3:2c:6b:bd:c0:79:69:f6:22:ce:a5:ed:0c:
                    09:29:60:50:48:1a:40:12:7f:60:7f:a2:85:12:d2:
                    32:eb:64:eb:5b:d1:05:24:ef:7f:b1:ae:c5:96:b8:
                    42:34:8d:c2:2e:71:95:bf:ac:4e:c8:12:7d:81:dd:
                    51:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BB:EA:6C:72:8C:EA:2B:E3:78:F6:DA:A4:C6:6C:1F:88:31:5B:A3:52
            X509v3 Authority Key Identifier:
                keyid:F7:B4:89:86:03:46:5C:8E:15:DA:8E:15:35:A3:6F:3F:C1:13:9B:C4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/12ff89774599a3b510bac6a3818f3d64e1638997.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/007d3f4a-691a-47a6-9523-28dc2dbdcb3f/5a84274af9ab8c8073fdc4313d0aea4123a11cbd.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/007d3f4a-691a-47a6-9523-28dc2dbdcb3f/12ff89774599a3b510bac6a3818f3d64e1638997.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.16.16.0/20
                IPv6:
                  2801:120::/32

    Signature Algorithm: sha256WithRSAEncryption
         8e:91:d5:f0:ab:9d:17:94:96:01:06:f4:b3:e5:d6:f6:44:8d:
         87:34:65:a7:7d:3a:57:d6:c7:13:bc:fb:60:15:4c:ff:2c:23:
         f2:f8:f3:f3:1f:fa:db:3b:df:ec:52:92:15:ef:cb:f2:ed:94:
         25:6a:30:6e:5d:b0:d7:a2:3f:bf:ca:dc:5b:ef:dd:de:38:3a:
         11:48:e4:d9:9d:02:33:db:d4:61:32:33:ae:23:71:2e:0e:d0:
         3c:93:e8:76:86:14:70:f4:da:dc:a9:2b:4b:83:9d:99:53:99:
         81:71:28:fa:0d:cb:ec:ea:36:e8:62:d1:c2:05:78:8f:fb:5e:
         03:8b:82:dc:b0:a8:95:c4:d4:c2:1b:00:bf:21:cb:f5:66:75:
         ad:15:06:a1:af:91:f5:87:52:14:37:46:25:5a:63:95:94:55:
         b0:9e:ef:ae:6d:d8:2e:cc:23:9f:85:d3:f0:cd:07:74:aa:ae:
         6a:37:6f:d7:25:42:09:8a:f9:77:3d:b7:ae:fb:02:77:be:37:
         b6:a2:78:a9:19:e7:e4:90:17:44:0a:a4:5d:57:ce:8e:b1:50:
         9c:d4:a4:a0:2e:53:a1:da:1e:2a:9c:8b:fa:d2:b0:b8:04:05:
         ee:0d:23:79:94:76:27:e9:81:f5:11:3c:99:99:a9:36:a7:94:
         98:12:80:f8
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgIDDPlaMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDEy
ZmY4OTc3NDU5OWEzYjUxMGJhYzZhMzgxOGYzZDY0ZTE2Mzg5OTcwHhcNMjEwMzI0
MTQzMjMxWhcNMjYwMzI0MTQzMjMxWjAzMTEwLwYDVQQDEyg1YTg0Mjc0YWY5YWI4
YzgwNzNmZGM0MzEzZDBhZWE0MTIzYTExY2JkMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAiBoLORPedZMAq3nEJ9BsZ3TW5Oj/E1fJtZmFbUWTSmayiTGv
KI1+WNeqilNd0GhZ0tDdtwwV6X4IGAx0u40SIJaSO13r+9XhAD/F0uZrT+8GZSZ1
xGHrwmJamcSIgfT8xacgTTeDkCQ0gsUSx8kS78wlY+KqmR38LVt98rxd0k4JA9RZ
Q0lFGvAACnHgHjC3wHQo3K+c8eC8/3nr5+9tuZdt655zM20sY3xLZ9XVGUWW4Ovd
BQJxfXaMkPn9JOLfk81mtNMsa73AeWn2Is6l7QwJKWBQSBpAEn9gf6KFEtIy62Tr
W9EFJO9/sa7FlrhCNI3CLnGVv6xOyBJ9gd1RTwIDAQABo4ICajCCAmYwHQYDVR0O
BBYEFLvqbHKM6ivjePbapMZsH4gxW6NSMB8GA1UdIwQYMBaAFPe0iYYDRlyOFdqO
FTWjbz/BE5vEMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvMTJmZjg5
Nzc0NTk5YTNiNTEwYmFjNmEzODE4ZjNkNjRlMTYzODk5Ny5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMDA3ZDNmNGEtNjkxYS00N2E2LTk1MjMtMjhkYzJk
YmRjYjNmLzVhODQyNzRhZjlhYjhjODA3M2ZkYzQzMTNkMGFlYTQxMjNhMTFjYmQu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8wMDdkM2Y0YS02OTFhLTQ3YTYtOTUyMy0yOGRj
MmRiZGNiM2YvMTJmZjg5Nzc0NTk5YTNiNTEwYmFjNmEzODE4ZjNkNjRlMTYzODk5
Ny5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQf
MB0wDAQCAAEwBgMEBMgQEDANBAIAAjAHAwUAKAEBIDANBgkqhkiG9w0BAQsFAAOC
AQEAjpHV8KudF5SWAQb0s+XW9kSNhzRlp306V9bHE7z7YBVM/ywj8vjz8x/62zvf
7FKSFe/L8u2UJWowbl2w16I/v8rcW+/d3jg6EUjk2Z0CM9vUYTIzriNxLg7QPJPo
doYUcPTa3KkrS4OdmVOZgXEo+g3L7Oo26GLRwgV4j/teA4uC3LColcTUwhsAvyHL
9WZ1rRUGoa+R9YdSFDdGJVpjlZRVsJ7vrm3YLswjn4XT8M0HdKquajdv1yVCCYr5
dz23rvsCd743tqJ4qRnn5JAXRAqkXVfOjrFQnNSkoC5TodoeKpyL+tKwuAQF7g0j
eZR2J+mB9RE8mZmpNqeUmBKA+A==
-----END CERTIFICATE-----
Generated at Thu Mar 28 19:38:52 2024 by rpki-client on console-fra.rpki-client.org