Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/0d2c4ecc-0a04-42fe-950b-56ed52501d3e/b5638fb2a2e2d73bec36cdd65a0ade86ea8bbca5.roa
File:                     b5638fb2a2e2d73bec36cdd65a0ade86ea8bbca5.roa (raw, json)
Hash identifier:          ofQZBt62CJfadiJQaAtAUZOKjM8RvnJ0wC9uCyqRems=
Subject key identifier:   35:4A:51:A4:18:C6:38:CA:56:65:70:79:0E:AF:78:81:D0:DA:04:C2
Certificate issuer:       /CN=d31209578eceb0ae819110ed32dee1b09ec4df21
Certificate serial:       0C0C8F
Authority key identifier: F0:85:3A:FA:EE:61:C7:D4:EA:74:FA:14:A3:EC:21:56:40:2A:84:D0
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/d31209578eceb0ae819110ed32dee1b09ec4df21.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/0d2c4ecc-0a04-42fe-950b-56ed52501d3e/b5638fb2a2e2d73bec36cdd65a0ade86ea8bbca5.roa
Signing time:             Wed 24 Mar 2021 14:33:48 +0000
ROA not before:           Wed 24 Mar 2021 14:33:48 +0000
ROA not after:            Tue 24 Mar 2026 14:33:48 +0000
asID:                     262256
IP address blocks:        200.24.12.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/0d2c4ecc-0a04-42fe-950b-56ed52501d3e/d31209578eceb0ae819110ed32dee1b09ec4df21.crl
                          rsync://repository.lacnic.net/rpki/lacnic/0d2c4ecc-0a04-42fe-950b-56ed52501d3e/d31209578eceb0ae819110ed32dee1b09ec4df21.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/d31209578eceb0ae819110ed32dee1b09ec4df21.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 12:22:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 789647 (0xc0c8f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d31209578eceb0ae819110ed32dee1b09ec4df21
        Validity
            Not Before: Mar 24 14:33:48 2021 GMT
            Not After : Mar 24 14:33:48 2026 GMT
        Subject: CN=b5638fb2a2e2d73bec36cdd65a0ade86ea8bbca5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:86:8c:42:ed:15:4e:88:65:6f:b2:f4:69:50:
                    1b:17:65:18:d7:b5:5d:7b:4a:8e:bc:f0:0e:48:02:
                    85:cd:55:41:a8:b4:b0:53:4e:43:b2:b7:97:99:48:
                    f3:98:11:27:a7:b7:4b:9a:05:e2:e6:dd:c5:f8:ad:
                    a0:9b:32:3f:38:9a:e2:d7:80:a9:ad:ae:e2:d6:94:
                    69:9c:bd:57:77:5d:4f:47:5d:ea:3d:09:ef:3b:b5:
                    e2:fe:96:c3:07:43:a7:a9:45:e4:ac:01:e1:3f:4f:
                    b9:3e:2d:e8:bd:c8:f4:4f:25:e2:38:82:1b:06:b8:
                    09:65:22:ef:bc:a1:9c:40:b3:74:6a:49:39:cd:11:
                    9c:73:ae:4c:39:14:9c:5a:60:f8:bd:53:c7:3f:25:
                    0d:a0:fd:29:9e:cf:51:da:7e:db:58:e0:67:b3:23:
                    6b:7f:9d:35:51:80:50:50:3a:98:26:1e:2a:b2:bd:
                    71:27:6f:98:56:85:c7:d7:c0:c7:0d:b1:7b:28:fb:
                    1b:01:66:a2:87:c9:c4:71:f7:3d:15:36:dc:12:57:
                    b8:07:16:5b:a2:32:ce:9a:a1:54:96:32:7b:98:c0:
                    26:dc:31:dd:50:a1:d9:83:48:26:8b:52:6b:c8:e2:
                    e9:f0:3f:49:a0:a9:18:48:88:7a:6e:93:e3:24:26:
                    d3:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                35:4A:51:A4:18:C6:38:CA:56:65:70:79:0E:AF:78:81:D0:DA:04:C2
            X509v3 Authority Key Identifier:
                keyid:F0:85:3A:FA:EE:61:C7:D4:EA:74:FA:14:A3:EC:21:56:40:2A:84:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/d31209578eceb0ae819110ed32dee1b09ec4df21.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/0d2c4ecc-0a04-42fe-950b-56ed52501d3e/b5638fb2a2e2d73bec36cdd65a0ade86ea8bbca5.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/0d2c4ecc-0a04-42fe-950b-56ed52501d3e/d31209578eceb0ae819110ed32dee1b09ec4df21.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.24.12.0/22

    Signature Algorithm: sha256WithRSAEncryption
         c5:cb:09:17:9f:02:ff:07:b6:e5:aa:79:d1:5b:14:cb:08:ad:
         04:6a:f6:16:33:a6:f9:bc:78:ad:47:16:d9:45:db:4c:e4:90:
         3d:88:27:87:53:8b:3b:5f:7a:d5:eb:2f:b5:b8:de:7c:9f:f1:
         b5:1b:03:43:24:cf:29:4f:5d:ee:e8:c1:ce:20:5f:aa:3c:a7:
         77:17:76:17:f0:6d:73:f6:84:20:2b:cf:9d:1d:4b:1a:41:ae:
         a3:bb:89:33:60:ab:f5:12:a5:85:2c:fa:de:1d:79:23:e1:1a:
         0f:59:86:4a:ae:b5:90:7b:7d:49:88:48:f8:ba:38:65:08:3c:
         e5:7d:e1:29:04:f3:52:02:f3:3f:0c:c1:61:3c:88:69:9b:fe:
         0b:53:e6:ca:56:8d:5c:41:66:fc:e6:bf:b3:0e:dd:f7:6b:6c:
         b8:22:36:df:0a:38:68:ed:c4:48:fc:5a:2a:6d:ae:04:cd:5a:
         c4:d2:83:c6:54:c9:5f:42:ce:3c:a0:6a:99:ae:e4:32:fe:d3:
         67:b9:07:21:46:f5:1e:e9:60:55:e9:53:b4:18:07:1c:8c:c4:
         f6:52:31:bf:4f:75:f3:04:d1:28:9c:12:dd:a3:0a:1c:f7:86:
         f1:b7:49:9f:22:a4:b4:93:20:b9:cd:61:fb:85:bb:f0:65:cb:
         9f:46:22:60
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDDAyPMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGQz
MTIwOTU3OGVjZWIwYWU4MTkxMTBlZDMyZGVlMWIwOWVjNGRmMjEwHhcNMjEwMzI0
MTQzMzQ4WhcNMjYwMzI0MTQzMzQ4WjAzMTEwLwYDVQQDEyhiNTYzOGZiMmEyZTJk
NzNiZWMzNmNkZDY1YTBhZGU4NmVhOGJiY2E1MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAmoaMQu0VTohlb7L0aVAbF2UY17Vde0qOvPAOSAKFzVVBqLSw
U05DsreXmUjzmBEnp7dLmgXi5t3F+K2gmzI/OJri14Cpra7i1pRpnL1Xd11PR13q
PQnvO7Xi/pbDB0OnqUXkrAHhP0+5Pi3ovcj0TyXiOIIbBrgJZSLvvKGcQLN0akk5
zRGcc65MORScWmD4vVPHPyUNoP0pns9R2n7bWOBnsyNrf501UYBQUDqYJh4qsr1x
J2+YVoXH18DHDbF7KPsbAWaih8nEcfc9FTbcEle4BxZbojLOmqFUljJ7mMAm3DHd
UKHZg0gmi1JryOLp8D9JoKkYSIh6bpPjJCbTRQIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFDVKUaQYxjjKVmVweQ6veIHQ2gTCMB8GA1UdIwQYMBaAFPCFOvruYcfU6nT6
FKPsIVZAKoTQMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvZDMxMjA5
NTc4ZWNlYjBhZTgxOTExMGVkMzJkZWUxYjA5ZWM0ZGYyMS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMGQyYzRlY2MtMGEwNC00MmZlLTk1MGItNTZlZDUy
NTAxZDNlL2I1NjM4ZmIyYTJlMmQ3M2JlYzM2Y2RkNjVhMGFkZTg2ZWE4YmJjYTUu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8wZDJjNGVjYy0wYTA0LTQyZmUtOTUwYi01NmVk
NTI1MDFkM2UvZDMxMjA5NTc4ZWNlYjBhZTgxOTExMGVkMzJkZWUxYjA5ZWM0ZGYy
MS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAsgYDDANBgkqhkiG9w0BAQsFAAOCAQEAxcsJF58C/we25ap5
0VsUywitBGr2FjOm+bx4rUcW2UXbTOSQPYgnh1OLO1961esvtbjefJ/xtRsDQyTP
KU9d7ujBziBfqjyndxd2F/Btc/aEICvPnR1LGkGuo7uJM2Cr9RKlhSz63h15I+Ea
D1mGSq61kHt9SYhI+Lo4ZQg85X3hKQTzUgLzPwzBYTyIaZv+C1PmylaNXEFm/Oa/
sw7d92tsuCI23wo4aO3ESPxaKm2uBM1axNKDxlTJX0LOPKBqma7kMv7TZ7kHIUb1
HulgVelTtBgHHIzE9lIxv0918wTRKJwS3aMKHPeG8bdJnyKktJMguc1h+4W78GXL
n0YiYA==
-----END CERTIFICATE-----
Generated at Thu Mar 28 16:02:47 2024 by rpki-client on console-ams.rpki-client.org