Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/1847714d-49dc-4914-b7c4-efe78e9a10c2/95ca090590515cdf05bcaf74830d4ec0290d53ea.roa
File:                     95ca090590515cdf05bcaf74830d4ec0290d53ea.roa (raw, json)
Hash identifier:          QmcJrYxwFpGn7YEoYNMYa2S3ttx94+ecwstk0pAdBTk=
Subject key identifier:   EA:F3:17:4C:42:A7:DC:19:0D:7C:B8:B8:B3:C2:05:79:82:16:3A:0F
Certificate issuer:       /CN=bd7f33cd5376098fb55565247f8dae5ea5de2952
Certificate serial:       1FD96C
Authority key identifier: A6:04:C9:CB:35:2E:0C:6A:F1:2E:E5:72:B5:4F:8C:35:1B:BF:1C:87
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/bd7f33cd5376098fb55565247f8dae5ea5de2952.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/1847714d-49dc-4914-b7c4-efe78e9a10c2/95ca090590515cdf05bcaf74830d4ec0290d53ea.roa
Signing time:             Wed 19 Apr 2023 08:30:02 +0000
ROA not before:           Tue 18 Apr 2023 08:30:02 +0000
ROA not after:            Thu 17 Apr 2025 08:30:02 +0000
asID:                     27958
IP address blocks:        200.50.236.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/1847714d-49dc-4914-b7c4-efe78e9a10c2/bd7f33cd5376098fb55565247f8dae5ea5de2952.crl
                          rsync://repository.lacnic.net/rpki/lacnic/1847714d-49dc-4914-b7c4-efe78e9a10c2/bd7f33cd5376098fb55565247f8dae5ea5de2952.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/bd7f33cd5376098fb55565247f8dae5ea5de2952.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 04 Mar 2024 08:17:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2087276 (0x1fd96c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bd7f33cd5376098fb55565247f8dae5ea5de2952
        Validity
            Not Before: Apr 18 08:30:02 2023 GMT
            Not After : Apr 17 08:30:02 2025 GMT
        Subject: CN=95ca090590515cdf05bcaf74830d4ec0290d53ea
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:13:3f:6f:4c:c6:71:a4:79:72:58:29:e0:39:
                    94:be:92:86:7d:5b:11:82:3a:c4:fb:fe:34:24:19:
                    16:70:b3:7c:01:56:ed:9f:a9:bb:27:9f:9f:19:df:
                    92:84:9e:d3:95:ab:f0:04:e7:96:37:9c:cc:2d:94:
                    a1:e1:4e:c8:73:cf:66:f1:2e:e6:27:05:e1:e7:f3:
                    f0:62:23:f6:a8:75:75:f5:bd:0e:a9:e9:ab:b4:6a:
                    1d:04:b0:b7:64:19:b2:23:55:c2:cf:f6:66:6a:cd:
                    a1:ac:e6:e4:52:1e:af:e7:c9:aa:dc:03:10:21:70:
                    4a:76:fa:bb:d9:6c:e3:f2:d4:24:66:63:c2:d4:e4:
                    87:22:88:95:be:ba:40:c2:2d:fa:25:34:ba:24:2e:
                    da:53:a9:54:99:97:0b:19:fb:ce:de:8b:7e:93:4f:
                    cb:63:97:94:a8:cd:51:61:1d:86:79:80:9b:b2:c9:
                    af:ad:37:ce:57:f2:b6:c7:a8:5f:dd:c6:89:65:42:
                    f2:ae:54:7b:29:f3:56:5b:eb:91:20:c9:41:7b:b4:
                    10:b9:03:f3:38:2c:14:26:8a:6c:9d:6b:c4:45:5b:
                    70:55:24:49:66:9f:f9:56:ad:e5:65:55:06:75:ed:
                    f4:c7:70:c6:83:99:1a:3c:2f:dc:e6:e1:ec:45:26:
                    45:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EA:F3:17:4C:42:A7:DC:19:0D:7C:B8:B8:B3:C2:05:79:82:16:3A:0F
            X509v3 Authority Key Identifier:
                keyid:A6:04:C9:CB:35:2E:0C:6A:F1:2E:E5:72:B5:4F:8C:35:1B:BF:1C:87

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/bd7f33cd5376098fb55565247f8dae5ea5de2952.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/1847714d-49dc-4914-b7c4-efe78e9a10c2/95ca090590515cdf05bcaf74830d4ec0290d53ea.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/1847714d-49dc-4914-b7c4-efe78e9a10c2/bd7f33cd5376098fb55565247f8dae5ea5de2952.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.50.236.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a3:8a:3a:7b:9a:42:8c:b1:27:0f:dd:92:0b:d6:60:a4:c8:c2:
         b0:8c:84:54:90:77:00:70:90:a0:17:02:85:4f:28:31:6c:1c:
         a0:3c:42:80:63:e4:12:1a:ea:5f:62:5d:a2:0d:f2:e3:3e:c5:
         87:53:80:e9:e8:e7:81:11:a3:bd:ea:18:3b:8d:d7:64:6d:97:
         fb:5c:a5:ef:32:08:c0:13:12:1c:9c:fe:de:40:0d:07:fe:c4:
         47:5d:7f:a0:a1:6b:94:f7:cd:a0:de:5a:07:77:ee:c9:3c:04:
         0e:1d:de:4e:2b:54:d3:b6:c1:c3:93:84:98:03:d4:d3:f3:c9:
         39:4b:1c:ef:fa:ab:ef:76:71:c6:0f:88:8e:09:76:49:25:52:
         52:d6:12:07:79:d1:13:77:91:f5:14:77:a3:84:90:b6:8e:fe:
         bc:a4:1e:36:c5:a1:46:de:a1:5a:d6:94:60:0f:cc:2e:86:fc:
         22:11:19:1c:69:36:c9:01:5d:c1:6f:4b:86:df:52:bb:3c:6a:
         b9:01:9c:d8:a7:ce:e6:30:13:b1:55:32:ed:c8:a5:00:21:0a:
         d4:cb:39:65:1b:f3:b6:f6:7f:2b:0a:58:df:ca:46:3d:21:c5:
         44:ea:81:f1:d1:1a:f7:10:b2:ab:70:55:8f:53:11:25:bb:67:
         5f:9c:b1:41
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDH9lsMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGJk
N2YzM2NkNTM3NjA5OGZiNTU1NjUyNDdmOGRhZTVlYTVkZTI5NTIwHhcNMjMwNDE4
MDgzMDAyWhcNMjUwNDE3MDgzMDAyWjAzMTEwLwYDVQQDEyg5NWNhMDkwNTkwNTE1
Y2RmMDViY2FmNzQ4MzBkNGVjMDI5MGQ1M2VhMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAkRM/b0zGcaR5clgp4DmUvpKGfVsRgjrE+/40JBkWcLN8AVbt
n6m7J5+fGd+ShJ7TlavwBOeWN5zMLZSh4U7Ic89m8S7mJwXh5/PwYiP2qHV19b0O
qemrtGodBLC3ZBmyI1XCz/Zmas2hrObkUh6v58mq3AMQIXBKdvq72Wzj8tQkZmPC
1OSHIoiVvrpAwi36JTS6JC7aU6lUmZcLGfvO3ot+k0/LY5eUqM1RYR2GeYCbssmv
rTfOV/K2x6hf3caJZULyrlR7KfNWW+uRIMlBe7QQuQPzOCwUJopsnWvERVtwVSRJ
Zp/5Vq3lZVUGde30x3DGg5kaPC/c5uHsRSZFBQIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFOrzF0xCp9wZDXy4uLPCBXmCFjoPMB8GA1UdIwQYMBaAFKYEycs1Lgxq8S7l
crVPjDUbvxyHMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYmQ3ZjMz
Y2Q1Mzc2MDk4ZmI1NTU2NTI0N2Y4ZGFlNWVhNWRlMjk1Mi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMTg0NzcxNGQtNDlkYy00OTE0LWI3YzQtZWZlNzhl
OWExMGMyLzk1Y2EwOTA1OTA1MTVjZGYwNWJjYWY3NDgzMGQ0ZWMwMjkwZDUzZWEu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8xODQ3NzE0ZC00OWRjLTQ5MTQtYjdjNC1lZmU3
OGU5YTEwYzIvYmQ3ZjMzY2Q1Mzc2MDk4ZmI1NTU2NTI0N2Y4ZGFlNWVhNWRlMjk1
Mi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAMgy7DANBgkqhkiG9w0BAQsFAAOCAQEAo4o6e5pCjLEnD92S
C9ZgpMjCsIyEVJB3AHCQoBcChU8oMWwcoDxCgGPkEhrqX2Jdog3y4z7Fh1OA6ejn
gRGjveoYO43XZG2X+1yl7zIIwBMSHJz+3kANB/7ER11/oKFrlPfNoN5aB3fuyTwE
Dh3eTitU07bBw5OEmAPU0/PJOUsc7/qr73Zxxg+Ijgl2SSVSUtYSB3nRE3eR9RR3
o4SQto7+vKQeNsWhRt6hWtaUYA/MLob8IhEZHGk2yQFdwW9Lht9SuzxquQGc2KfO
5jATsVUy7cilACEK1Ms5ZRvztvZ/KwpY38pGPSHFROqB8dEa9xCyq3BVj1MRJbtn
X5yxQQ==
-----END CERTIFICATE-----
Generated at Fri Mar 1 14:08:34 2024 by rpki-client on console-fra.rpki-client.org