Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/0269a6a4-877f-439e-ac3e-8766c178f941/6bbbfc50dd3415955abf943e56713e49d1c39cbc.roa
File:                     6bbbfc50dd3415955abf943e56713e49d1c39cbc.roa (raw, json)
Hash identifier:          /NYQqjq5HwVkoCTxWWIz/MTetPbkLqj5YzbestXq4R8=
Subject key identifier:   A0:80:7C:DE:C5:C5:EA:E3:D7:34:1B:69:33:EB:5A:1A:CC:A6:C1:56
Certificate issuer:       /CN=7eee271396be12d91db16eae558df87246f5bda1
Certificate serial:       1FEEB2
Authority key identifier: 91:72:48:99:ED:4D:B4:8B:0F:1B:E0:08:66:A4:53:15:F6:66:4B:A0
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/7eee271396be12d91db16eae558df87246f5bda1.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/0269a6a4-877f-439e-ac3e-8766c178f941/6bbbfc50dd3415955abf943e56713e49d1c39cbc.roa
Signing time:             Wed 05 Apr 2023 08:30:01 +0000
ROA not before:           Tue 04 Apr 2023 08:30:01 +0000
ROA not after:            Thu 03 Apr 2025 08:30:01 +0000
asID:                     52250
IP address blocks:        200.9.165.0/24 maxlen: 24
                          200.9.166.0/24 maxlen: 24
                          200.9.167.0/24 maxlen: 24
                          200.9.168.0/24 maxlen: 24
                          166.114.1.0/24 maxlen: 24
                          166.114.8.0/23 maxlen: 24
                          2001:1378::/32 maxlen: 32

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/0269a6a4-877f-439e-ac3e-8766c178f941/7eee271396be12d91db16eae558df87246f5bda1.crl
                          rsync://repository.lacnic.net/rpki/lacnic/0269a6a4-877f-439e-ac3e-8766c178f941/7eee271396be12d91db16eae558df87246f5bda1.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/7eee271396be12d91db16eae558df87246f5bda1.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Tue 27 Feb 2024 21:42:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2092722 (0x1feeb2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7eee271396be12d91db16eae558df87246f5bda1
        Validity
            Not Before: Apr  4 08:30:01 2023 GMT
            Not After : Apr  3 08:30:01 2025 GMT
        Subject: CN=6bbbfc50dd3415955abf943e56713e49d1c39cbc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:38:e2:63:36:af:21:af:00:05:30:48:fd:88:
                    51:f9:e4:1f:47:2d:9e:38:88:49:71:77:da:89:57:
                    ec:24:31:6b:fb:93:ae:81:96:7e:0b:6d:18:1d:79:
                    77:d4:f2:31:fb:19:ba:30:1e:c5:c3:33:d6:36:f7:
                    08:e5:93:3f:2c:8e:34:28:dc:29:20:94:08:9b:9d:
                    bf:ae:4e:c0:62:f2:fb:a3:78:6d:11:b3:b3:ab:06:
                    67:8d:52:f6:0e:77:2f:cf:4a:44:64:2f:42:2c:f3:
                    3f:54:8b:28:1f:6f:64:ca:81:b0:fd:c3:94:ab:1f:
                    d7:f2:9c:1c:74:a0:ca:f6:e9:0c:77:08:fb:a4:71:
                    68:5b:ce:ba:90:aa:d5:16:86:38:87:46:b6:21:2e:
                    68:20:92:4a:e5:d5:b8:a1:48:14:7d:bb:f3:a7:69:
                    ac:99:aa:57:fe:a1:9a:78:9a:ea:67:25:ec:2a:a1:
                    6b:66:7c:e9:fa:17:fc:4c:74:27:4e:07:93:44:ec:
                    ee:1b:61:a1:65:a9:d6:5f:28:90:2e:0a:26:12:b7:
                    38:db:4d:a6:04:53:07:6e:19:81:cd:82:fb:f9:fa:
                    ba:ed:94:dd:a5:11:40:5c:67:a2:cd:b2:2b:ed:72:
                    88:fb:2a:9d:48:46:5d:d6:58:4d:a8:06:be:66:df:
                    40:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A0:80:7C:DE:C5:C5:EA:E3:D7:34:1B:69:33:EB:5A:1A:CC:A6:C1:56
            X509v3 Authority Key Identifier:
                keyid:91:72:48:99:ED:4D:B4:8B:0F:1B:E0:08:66:A4:53:15:F6:66:4B:A0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/7eee271396be12d91db16eae558df87246f5bda1.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/0269a6a4-877f-439e-ac3e-8766c178f941/6bbbfc50dd3415955abf943e56713e49d1c39cbc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/0269a6a4-877f-439e-ac3e-8766c178f941/7eee271396be12d91db16eae558df87246f5bda1.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  166.114.1.0/24
                  166.114.8.0/23
                  200.9.165.0-200.9.168.255
                IPv6:
                  2001:1378::/32

    Signature Algorithm: sha256WithRSAEncryption
         7f:d0:af:36:a3:f0:a8:77:94:b1:67:a7:c6:33:da:d2:b0:02:
         38:34:4c:c9:42:57:ab:90:de:d9:24:0e:88:29:7b:7c:12:6c:
         7f:d6:48:b3:80:1c:79:da:21:29:cc:b8:34:59:05:33:36:43:
         da:00:9d:30:2e:44:38:8b:a3:78:b7:cc:02:f9:55:ba:ef:fb:
         90:b1:b4:a9:3b:1e:55:ea:56:ee:14:9c:37:74:c3:cf:c6:b5:
         78:cc:eb:25:72:bd:7b:38:aa:c3:90:48:b4:54:d3:81:8c:4c:
         04:76:5c:c6:4f:57:52:f9:73:03:38:da:dd:71:81:16:92:4f:
         83:af:60:1e:32:6e:81:24:64:21:ce:22:d8:6b:cc:d3:bf:5e:
         3d:48:49:b0:21:b0:eb:3f:84:48:9d:10:9b:34:df:7b:5a:26:
         5a:91:d4:6e:7c:87:70:2f:4c:05:87:4a:f0:66:8f:f4:f8:b0:
         20:5d:e2:f4:14:8a:13:3e:c5:f5:7d:f6:3b:5b:2c:1a:93:51:
         cf:4f:c5:dc:f5:68:e1:6b:8e:b2:b2:30:66:b1:43:dc:38:df:
         13:a8:2d:2c:89:ee:64:7a:b5:f1:75:4d:78:bf:32:e8:4e:8c:
         ed:ee:24:23:2d:19:80:09:dd:b4:05:62:ff:86:85:ec:ed:3e:
         94:59:72:4b
-----BEGIN CERTIFICATE-----
MIIFYzCCBEugAwIBAgIDH+6yMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDdl
ZWUyNzEzOTZiZTEyZDkxZGIxNmVhZTU1OGRmODcyNDZmNWJkYTEwHhcNMjMwNDA0
MDgzMDAxWhcNMjUwNDAzMDgzMDAxWjAzMTEwLwYDVQQDEyg2YmJiZmM1MGRkMzQx
NTk1NWFiZjk0M2U1NjcxM2U0OWQxYzM5Y2JjMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAwTjiYzavIa8ABTBI/YhR+eQfRy2eOIhJcXfaiVfsJDFr+5Ou
gZZ+C20YHXl31PIx+xm6MB7FwzPWNvcI5ZM/LI40KNwpIJQIm52/rk7AYvL7o3ht
EbOzqwZnjVL2Dncvz0pEZC9CLPM/VIsoH29kyoGw/cOUqx/X8pwcdKDK9ukMdwj7
pHFoW866kKrVFoY4h0a2IS5oIJJK5dW4oUgUfbvzp2msmapX/qGaeJrqZyXsKqFr
Znzp+hf8THQnTgeTROzuG2GhZanWXyiQLgomErc4202mBFMHbhmBzYL7+fq67ZTd
pRFAXGeizbIr7XKI+yqdSEZd1lhNqAa+Zt9AUQIDAQABo4ICfjCCAnowHQYDVR0O
BBYEFKCAfN7Fxerj1zQbaTPrWhrMpsFWMB8GA1UdIwQYMBaAFJFySJntTbSLDxvg
CGakUxX2ZkugMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvN2VlZTI3
MTM5NmJlMTJkOTFkYjE2ZWFlNTU4ZGY4NzI0NmY1YmRhMS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMDI2OWE2YTQtODc3Zi00MzllLWFjM2UtODc2NmMx
NzhmOTQxLzZiYmJmYzUwZGQzNDE1OTU1YWJmOTQzZTU2NzEzZTQ5ZDFjMzljYmMu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8wMjY5YTZhNC04NzdmLTQzOWUtYWMzZS04NzY2
YzE3OGY5NDEvN2VlZTI3MTM5NmJlMTJkOTFkYjE2ZWFlNTU4ZGY4NzI0NmY1YmRh
MS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBCBggrBgEFBQcBBwEB/wQz
MDEwIAQCAAEwGgMEAKZyAQMEAaZyCDAMAwQAyAmlAwQAyAmoMA0EAgACMAcDBQAg
ARN4MA0GCSqGSIb3DQEBCwUAA4IBAQB/0K82o/Cod5SxZ6fGM9rSsAI4NEzJQler
kN7ZJA6IKXt8Emx/1kizgBx52iEpzLg0WQUzNkPaAJ0wLkQ4i6N4t8wC+VW67/uQ
sbSpOx5V6lbuFJw3dMPPxrV4zOslcr17OKrDkEi0VNOBjEwEdlzGT1dS+XMDONrd
cYEWkk+Dr2AeMm6BJGQhziLYa8zTv149SEmwIbDrP4RInRCbNN97WiZakdRufIdw
L0wFh0rwZo/0+LAgXeL0FIoTPsX1ffY7Wywak1HPT8Xc9Wjha46ysjBmsUPcON8T
qC0sie5kerXxdU14vzLoTozt7iQjLRmACd20BWL/hoXs7T6UWXJL
-----END CERTIFICATE-----
Generated at Sat Feb 24 23:22:22 2024 by rpki-client on console-ams.rpki-client.org