Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/093a125e-7e47-466f-8b38-5d7dc4c25f35/99bf72d76daed084fd8d932da95cee7b4f79ecba.roa
File:                     99bf72d76daed084fd8d932da95cee7b4f79ecba.roa (raw, json)
Hash identifier:          0+FrE4IqvzJefaXJclLAMQUUbkLIHaBlFAhJlRoM7Sk=
Subject key identifier:   CE:B1:1D:82:11:70:BB:3C:C6:11:9F:CE:71:69:19:35:2A:2C:36:CF
Certificate issuer:       /CN=ecd5ae639c8c795aa6afa77cc9524eebc9084251
Certificate serial:       0D5DD1
Authority key identifier: D3:2A:A7:6C:B0:04:EE:DD:10:48:00:1A:31:08:70:30:15:74:20:74
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ecd5ae639c8c795aa6afa77cc9524eebc9084251.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/093a125e-7e47-466f-8b38-5d7dc4c25f35/99bf72d76daed084fd8d932da95cee7b4f79ecba.roa
Signing time:             Wed 24 Mar 2021 14:36:47 +0000
ROA not before:           Wed 24 Mar 2021 14:36:46 +0000
ROA not after:            Tue 24 Mar 2026 14:36:46 +0000
asID:                     264718
IP address blocks:        200.10.174.0/23 maxlen: 24
                          2801:1d:9000::/48 maxlen: 49

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/093a125e-7e47-466f-8b38-5d7dc4c25f35/ecd5ae639c8c795aa6afa77cc9524eebc9084251.crl
                          rsync://repository.lacnic.net/rpki/lacnic/093a125e-7e47-466f-8b38-5d7dc4c25f35/ecd5ae639c8c795aa6afa77cc9524eebc9084251.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ecd5ae639c8c795aa6afa77cc9524eebc9084251.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 26 Feb 2024 14:26:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 875985 (0xd5dd1)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ecd5ae639c8c795aa6afa77cc9524eebc9084251
        Validity
            Not Before: Mar 24 14:36:46 2021 GMT
            Not After : Mar 24 14:36:46 2026 GMT
        Subject: CN=99bf72d76daed084fd8d932da95cee7b4f79ecba
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:8a:a5:62:a1:3c:a6:fa:88:b6:9a:9f:32:b2:
                    71:01:af:01:4d:a7:9d:79:80:56:70:0a:5d:eb:04:
                    27:62:64:5b:27:e6:39:5a:e8:b7:3a:6e:0a:b0:b5:
                    f7:04:92:b1:ea:0f:2f:43:7b:68:d6:05:30:53:fc:
                    b0:e1:bf:c8:fc:9a:5f:c8:97:f5:ab:9e:51:b4:12:
                    9d:bb:8c:68:21:a5:57:e8:c5:95:96:1f:c2:f4:97:
                    3f:da:89:a1:96:46:9f:df:f9:9e:b7:00:86:29:73:
                    0d:e9:e3:8b:26:ec:ad:a7:25:23:6c:e1:77:5b:19:
                    31:68:71:1d:6f:f8:41:44:da:a9:b3:03:11:73:e3:
                    b9:ad:be:f6:b4:a5:06:e9:0a:70:c8:3e:14:b6:eb:
                    01:87:4b:10:8e:5e:99:fb:4c:c6:f1:d1:4c:a6:82:
                    d2:aa:18:b5:8f:b8:0a:fc:26:c8:14:40:d8:ed:32:
                    68:bb:1a:6e:67:e1:0f:e4:76:99:f6:03:dc:eb:4d:
                    21:5a:ca:fc:c7:37:35:b8:1b:e0:5f:5b:5c:76:db:
                    69:d0:93:1a:37:bb:14:59:8e:90:c2:ed:49:a5:38:
                    36:e9:b2:70:b7:e1:7f:46:5f:06:c8:bf:3e:ba:e2:
                    24:fd:d3:e0:8c:48:10:51:04:e6:2a:e8:fb:7c:eb:
                    4c:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CE:B1:1D:82:11:70:BB:3C:C6:11:9F:CE:71:69:19:35:2A:2C:36:CF
            X509v3 Authority Key Identifier:
                keyid:D3:2A:A7:6C:B0:04:EE:DD:10:48:00:1A:31:08:70:30:15:74:20:74

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ecd5ae639c8c795aa6afa77cc9524eebc9084251.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/093a125e-7e47-466f-8b38-5d7dc4c25f35/99bf72d76daed084fd8d932da95cee7b4f79ecba.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/093a125e-7e47-466f-8b38-5d7dc4c25f35/ecd5ae639c8c795aa6afa77cc9524eebc9084251.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.10.174.0/23
                IPv6:
                  2801:1d:9000::/48

    Signature Algorithm: sha256WithRSAEncryption
         61:41:15:5b:e7:a0:a2:07:b8:79:7d:c0:1e:e1:4f:b9:32:6d:
         ab:dd:7b:54:30:95:c0:a6:d4:2a:1d:06:52:67:49:29:69:68:
         f8:2a:f4:e4:d8:9a:37:35:32:41:ec:de:82:4a:81:e5:1b:db:
         c7:f9:51:72:aa:7a:c0:2b:9a:3f:41:c5:60:2e:91:84:63:ea:
         ce:b5:81:6d:8e:5f:c0:de:e4:2b:3d:02:3a:58:ea:52:d2:e3:
         a3:ea:f6:be:a0:b9:36:6f:05:12:1d:c8:a7:7b:8d:e5:6d:87:
         69:ca:f2:a9:17:c5:40:fa:95:1e:36:85:af:61:e1:07:21:be:
         75:fd:2c:8c:19:9e:4d:6a:3f:f8:4e:6c:f5:2b:8a:29:8b:1a:
         ac:86:b8:a6:e6:c6:c6:54:c7:9d:f2:e5:20:c9:7c:10:7e:8e:
         fc:d8:06:cd:45:18:cc:40:53:8d:ff:c9:90:f8:6a:f4:92:b8:
         f5:2c:05:1c:2d:5e:78:20:fa:55:87:61:06:0d:c3:12:10:35:
         c4:11:8f:f8:e8:c5:68:18:ef:1e:a4:0f:c1:39:4e:38:75:b3:
         c4:62:bf:00:22:2c:46:fd:3b:24:5d:28:ab:d6:ae:d2:8a:ef:
         9b:f7:b1:11:30:1b:18:3f:f9:c9:7c:53:96:06:3a:76:d0:b1:
         38:50:dd:98
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgIDDV3RMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGVj
ZDVhZTYzOWM4Yzc5NWFhNmFmYTc3Y2M5NTI0ZWViYzkwODQyNTEwHhcNMjEwMzI0
MTQzNjQ2WhcNMjYwMzI0MTQzNjQ2WjAzMTEwLwYDVQQDEyg5OWJmNzJkNzZkYWVk
MDg0ZmQ4ZDkzMmRhOTVjZWU3YjRmNzllY2JhMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAi4qlYqE8pvqItpqfMrJxAa8BTaedeYBWcApd6wQnYmRbJ+Y5
Wui3Om4KsLX3BJKx6g8vQ3to1gUwU/yw4b/I/JpfyJf1q55RtBKdu4xoIaVX6MWV
lh/C9Jc/2omhlkaf3/metwCGKXMN6eOLJuytpyUjbOF3WxkxaHEdb/hBRNqpswMR
c+O5rb72tKUG6QpwyD4UtusBh0sQjl6Z+0zG8dFMpoLSqhi1j7gK/CbIFEDY7TJo
uxpuZ+EP5HaZ9gPc600hWsr8xzc1uBvgX1tcdttp0JMaN7sUWY6Qwu1JpTg26bJw
t+F/Rl8GyL8+uuIk/dPgjEgQUQTmKuj7fOtMGwIDAQABo4ICbDCCAmgwHQYDVR0O
BBYEFM6xHYIRcLs8xhGfznFpGTUqLDbPMB8GA1UdIwQYMBaAFNMqp2ywBO7dEEgA
GjEIcDAVdCB0MA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvZWNkNWFl
NjM5YzhjNzk1YWE2YWZhNzdjYzk1MjRlZWJjOTA4NDI1MS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMDkzYTEyNWUtN2U0Ny00NjZmLThiMzgtNWQ3ZGM0
YzI1ZjM1Lzk5YmY3MmQ3NmRhZWQwODRmZDhkOTMyZGE5NWNlZTdiNGY3OWVjYmEu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8wOTNhMTI1ZS03ZTQ3LTQ2NmYtOGIzOC01ZDdk
YzRjMjVmMzUvZWNkNWFlNjM5YzhjNzk1YWE2YWZhNzdjYzk1MjRlZWJjOTA4NDI1
MS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAwBggrBgEFBQcBBwEB/wQh
MB8wDAQCAAEwBgMEAcgKrjAPBAIAAjAJAwcAKAEAHZAAMA0GCSqGSIb3DQEBCwUA
A4IBAQBhQRVb56CiB7h5fcAe4U+5Mm2r3XtUMJXAptQqHQZSZ0kpaWj4KvTk2Jo3
NTJB7N6CSoHlG9vH+VFyqnrAK5o/QcVgLpGEY+rOtYFtjl/A3uQrPQI6WOpS0uOj
6va+oLk2bwUSHcine43lbYdpyvKpF8VA+pUeNoWvYeEHIb51/SyMGZ5Naj/4Tmz1
K4opixqshrim5sbGVMed8uUgyXwQfo782AbNRRjMQFON/8mQ+Gr0krj1LAUcLV54
IPpVh2EGDcMSEDXEEY/46MVoGO8epA/BOU44dbPEYr8AIixG/TskXSir1q7Siu+b
97ERMBsYP/nJfFOWBjp20LE4UN2Y
-----END CERTIFICATE-----
Generated at Fri Feb 23 17:07:19 2024 by rpki-client on console-ams.rpki-client.org