Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/09a9b685-397d-4d4f-8734-6e8fb9651f21/979d42ab683eb4119deb23110f6a920c24cc959c.roa
File:                     979d42ab683eb4119deb23110f6a920c24cc959c.roa (raw, json)
Hash identifier:          DoG0QziVL8boYEkwFNYwYrAIUfaEDSl+IqOnPKdkgjA=
Subject key identifier:   F3:50:BC:1D:E0:D6:9A:86:CE:7A:63:8A:39:79:0F:04:37:48:8D:15
Certificate issuer:       /CN=8a34b88edc7711ba98c357c0cd7c26b4d31bbe13
Certificate serial:       2799C3
Authority key identifier: AC:7D:06:CC:8D:9C:83:2B:CF:18:0B:CB:6C:01:5E:C2:4A:6D:A7:8F
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/8a34b88edc7711ba98c357c0cd7c26b4d31bbe13.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/09a9b685-397d-4d4f-8734-6e8fb9651f21/979d42ab683eb4119deb23110f6a920c24cc959c.roa
Signing time:             Wed 03 Jan 2024 12:52:29 +0000
ROA not before:           Wed 03 Jan 2024 12:52:29 +0000
ROA not after:            Sat 03 Jan 2026 12:52:29 +0000
asID:                     28027
IP address blocks:        192.188.59.0/24 maxlen: 24
                          200.9.176.0/24 maxlen: 24
                          200.10.147.0/24 maxlen: 24
                          200.10.148.0/22 maxlen: 22
                          200.126.0.0/19 maxlen: 19
                          2801:0:20::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/09a9b685-397d-4d4f-8734-6e8fb9651f21/8a34b88edc7711ba98c357c0cd7c26b4d31bbe13.crl
                          rsync://repository.lacnic.net/rpki/lacnic/09a9b685-397d-4d4f-8734-6e8fb9651f21/8a34b88edc7711ba98c357c0cd7c26b4d31bbe13.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/8a34b88edc7711ba98c357c0cd7c26b4d31bbe13.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 06 Jan 2024 04:31:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2595267 (0x2799c3)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8a34b88edc7711ba98c357c0cd7c26b4d31bbe13
        Validity
            Not Before: Jan  3 12:52:29 2024 GMT
            Not After : Jan  3 12:52:29 2026 GMT
        Subject: CN=979d42ab683eb4119deb23110f6a920c24cc959c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:2c:bc:9c:dd:7c:d2:be:7b:82:3b:f2:e1:83:
                    38:f4:0b:ec:f0:8a:2b:d4:8a:7e:91:0f:26:96:58:
                    20:58:f7:02:dd:5b:48:c1:7c:90:44:03:6e:33:28:
                    c3:60:f5:59:87:fb:a0:27:19:00:8b:d9:fe:bd:ce:
                    40:ea:ef:7c:ed:0b:81:df:19:8f:17:87:66:ce:c7:
                    a1:ea:50:c8:50:8c:44:6b:fd:0d:69:19:75:f5:d4:
                    87:78:f5:97:ae:19:5a:5f:b3:68:cd:3f:49:44:da:
                    bc:da:fe:b5:f2:ac:ea:e4:b1:fe:ee:5c:2b:4a:57:
                    7a:35:39:7c:04:e9:54:cd:85:69:aa:fd:63:44:7e:
                    8b:7d:b9:64:4a:a4:71:34:bc:90:a8:ff:77:e8:7b:
                    42:0c:85:4b:4f:7e:87:ed:36:03:01:98:54:b6:cb:
                    7a:10:39:ad:c9:b8:f2:17:e4:f9:11:b5:24:a4:7a:
                    05:34:eb:9d:d6:95:b6:6e:cc:e8:57:4e:d9:82:39:
                    92:8b:16:fc:12:f6:f2:73:1d:df:52:b0:e8:1c:08:
                    e7:92:56:bf:79:bc:55:67:b9:72:22:a0:cf:6d:2d:
                    65:dc:b1:bc:4b:c3:8b:7b:cf:74:79:31:ae:15:88:
                    b4:6f:e4:30:36:f6:21:5d:d7:64:86:72:d5:fe:d2:
                    fb:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F3:50:BC:1D:E0:D6:9A:86:CE:7A:63:8A:39:79:0F:04:37:48:8D:15
            X509v3 Authority Key Identifier:
                keyid:AC:7D:06:CC:8D:9C:83:2B:CF:18:0B:CB:6C:01:5E:C2:4A:6D:A7:8F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/8a34b88edc7711ba98c357c0cd7c26b4d31bbe13.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/09a9b685-397d-4d4f-8734-6e8fb9651f21/979d42ab683eb4119deb23110f6a920c24cc959c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/09a9b685-397d-4d4f-8734-6e8fb9651f21/8a34b88edc7711ba98c357c0cd7c26b4d31bbe13.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  192.188.59.0/24
                  200.9.176.0/24
                  200.10.147.0-200.10.151.255
                  200.126.0.0/19
                IPv6:
                  2801:0:20::/48

    Signature Algorithm: sha256WithRSAEncryption
         12:58:4b:1d:9e:7f:ca:4b:0a:10:82:bf:42:44:17:a3:60:d2:
         bd:18:a0:77:e2:71:26:34:6a:82:73:2f:a9:00:d8:15:e6:ce:
         96:c3:b9:e3:5f:93:b2:98:09:a8:61:6f:23:5e:57:74:4d:9a:
         ad:25:ec:0d:cc:1a:2e:d0:ae:98:ad:cc:c3:e0:d3:e1:a1:e6:
         ae:96:a9:5b:47:17:36:93:a2:76:dc:7d:bd:38:af:8d:ab:ca:
         ea:46:9d:c9:96:5f:90:2b:4f:95:51:cb:c1:c0:f3:ad:4c:15:
         97:8f:13:64:67:81:f5:b2:74:ee:c5:1e:f5:ca:7e:17:c2:1f:
         60:6d:d7:e8:d1:6c:69:33:ce:d4:02:91:84:36:70:3e:1f:9f:
         c3:1b:b5:51:d5:a2:bb:75:5b:35:d4:3c:aa:08:fa:ff:18:f9:
         29:b6:e1:0d:ac:83:9a:bb:47:db:30:e0:33:cb:32:cc:43:a5:
         c4:4f:be:e7:4c:51:27:68:d6:95:d2:e0:c1:b8:1d:0b:0a:4a:
         ca:64:df:8f:b8:a4:c7:f8:d1:50:43:5f:dd:8d:3a:9e:f4:d2:
         73:15:78:fd:98:81:ac:a2:e9:51:ee:96:c4:d5:bc:87:ee:b7:
         72:7e:3a:41:5c:f2:01:88:2b:0e:50:e6:d9:9f:01:55:ed:89:
         22:9a:4a:cd
-----BEGIN CERTIFICATE-----
MIIFazCCBFOgAwIBAgIDJ5nDMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDhh
MzRiODhlZGM3NzExYmE5OGMzNTdjMGNkN2MyNmI0ZDMxYmJlMTMwHhcNMjQwMTAz
MTI1MjI5WhcNMjYwMTAzMTI1MjI5WjAzMTEwLwYDVQQDEyg5NzlkNDJhYjY4M2Vi
NDExOWRlYjIzMTEwZjZhOTIwYzI0Y2M5NTljMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAsiy8nN180r57gjvy4YM49Avs8Ior1Ip+kQ8mllggWPcC3VtI
wXyQRANuMyjDYPVZh/ugJxkAi9n+vc5A6u987QuB3xmPF4dmzseh6lDIUIxEa/0N
aRl19dSHePWXrhlaX7NozT9JRNq82v618qzq5LH+7lwrSld6NTl8BOlUzYVpqv1j
RH6LfblkSqRxNLyQqP936HtCDIVLT36H7TYDAZhUtst6EDmtybjyF+T5EbUkpHoF
NOud1pW2bszoV07ZgjmSixb8Evbycx3fUrDoHAjnkla/ebxVZ7lyIqDPbS1l3LG8
S8OLe890eTGuFYi0b+QwNvYhXddkhnLV/tL7+wIDAQABo4IChjCCAoIwHQYDVR0O
BBYEFPNQvB3g1pqGznpjijl5DwQ3SI0VMB8GA1UdIwQYMBaAFKx9BsyNnIMrzxgL
y2wBXsJKbaePMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvOGEzNGI4
OGVkYzc3MTFiYTk4YzM1N2MwY2Q3YzI2YjRkMzFiYmUxMy5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMDlhOWI2ODUtMzk3ZC00ZDRmLTg3MzQtNmU4ZmI5
NjUxZjIxLzk3OWQ0MmFiNjgzZWI0MTE5ZGViMjMxMTBmNmE5MjBjMjRjYzk1OWMu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8wOWE5YjY4NS0zOTdkLTRkNGYtODczNC02ZThm
Yjk2NTFmMjEvOGEzNGI4OGVkYzc3MTFiYTk4YzM1N2MwY2Q3YzI2YjRkMzFiYmUx
My5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBKBggrBgEFBQcBBwEB/wQ7
MDkwJgQCAAEwIAMEAMC8OwMEAMgJsDAMAwQAyAqTAwQDyAqQAwQFyH4AMA8EAgAC
MAkDBwAoAQAAACAwDQYJKoZIhvcNAQELBQADggEBABJYSx2ef8pLChCCv0JEF6Ng
0r0YoHficSY0aoJzL6kA2BXmzpbDueNfk7KYCahhbyNeV3RNmq0l7A3MGi7Qrpit
zMPg0+Gh5q6WqVtHFzaTonbcfb04r42ryupGncmWX5ArT5VRy8HA861MFZePE2Rn
gfWydO7FHvXKfhfCH2Bt1+jRbGkzztQCkYQ2cD4fn8MbtVHVort1WzXUPKoI+v8Y
+Sm24Q2sg5q7R9sw4DPLMsxDpcRPvudMUSdo1pXS4MG4HQsKSspk34+4pMf40VBD
X92NOp700nMVeP2Ygayi6VHulsTVvIfut3J+OkFc8gGIKw5Q5tmfAVXtiSKaSs0=
-----END CERTIFICATE-----
Generated at Wed Jan 3 13:44:23 2024 by rpki-client on console-fra.rpki-client.org