Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/1865a074-ac31-4cf7-9a92-5fa934dbd6ed/59f76fbaefbd62059f6a7a42d8f99b6db3113008.roa
File:                     59f76fbaefbd62059f6a7a42d8f99b6db3113008.roa (raw, json)
Hash identifier:          2Ys9O4okImb4FNi90OxarVXl/bxP/lNCwj7UWomurqQ=
Subject key identifier:   9F:C3:4F:24:60:2D:DC:8C:96:A1:C5:29:5F:53:E2:6E:31:D2:90:4B
Certificate issuer:       /CN=6700d78d2e18243ea736c1288c50a9461ced8b3c
Certificate serial:       200800
Authority key identifier: 6D:16:7E:D1:DD:2E:65:DE:1D:97:BA:EC:8C:20:55:AD:DC:17:37:C8
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/6700d78d2e18243ea736c1288c50a9461ced8b3c.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/1865a074-ac31-4cf7-9a92-5fa934dbd6ed/59f76fbaefbd62059f6a7a42d8f99b6db3113008.roa
Signing time:             Wed 01 Feb 2023 20:37:45 +0000
ROA not before:           Tue 31 Jan 2023 20:36:55 +0000
ROA not after:            Sat 01 Feb 2025 20:36:55 +0000
asID:                     262171
IP address blocks:        190.93.175.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/1865a074-ac31-4cf7-9a92-5fa934dbd6ed/6700d78d2e18243ea736c1288c50a9461ced8b3c.crl
                          rsync://repository.lacnic.net/rpki/lacnic/1865a074-ac31-4cf7-9a92-5fa934dbd6ed/6700d78d2e18243ea736c1288c50a9461ced8b3c.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/6700d78d2e18243ea736c1288c50a9461ced8b3c.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 01 Apr 2024 05:58:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2099200 (0x200800)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6700d78d2e18243ea736c1288c50a9461ced8b3c
        Validity
            Not Before: Jan 31 20:36:55 2023 GMT
            Not After : Feb  1 20:36:55 2025 GMT
        Subject: CN=59f76fbaefbd62059f6a7a42d8f99b6db3113008
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:51:22:87:7f:c4:69:ea:4e:21:be:01:7f:1b:
                    81:2e:76:57:ac:30:86:45:42:d0:b7:32:97:26:8e:
                    6d:ff:75:e4:99:a1:29:90:a9:74:c8:03:a8:d2:9f:
                    3f:3d:95:c2:e6:db:b5:7e:0f:32:f6:fd:02:d9:a5:
                    d9:8f:92:6e:3a:bd:ff:38:89:37:51:8b:06:b1:ba:
                    37:5f:de:fd:43:dd:93:a1:d9:a7:c6:9e:28:62:5e:
                    60:ad:db:1e:c3:f2:bd:0e:01:b0:1b:db:cf:8f:d2:
                    00:bb:85:6c:f0:c1:c1:8b:62:11:ab:0f:48:8a:b5:
                    49:e0:c3:54:79:dd:d7:f1:2d:52:7f:ec:bb:bc:fd:
                    43:65:b1:87:87:de:70:b8:27:f9:90:9c:fa:ee:8b:
                    ef:4b:50:ee:9a:c2:ef:12:f6:b1:3d:13:1b:82:7b:
                    5f:56:68:76:55:e3:4f:65:7d:49:ab:8c:e7:d9:c3:
                    28:e2:04:59:f4:42:f6:4b:3c:63:d0:27:9f:d5:99:
                    62:0d:15:29:fc:22:41:32:98:ad:f1:24:0b:15:7d:
                    24:bd:f4:e0:61:b9:f4:b0:72:ba:2f:64:e2:cd:05:
                    d0:ba:2f:2a:be:d3:ba:9b:19:0a:43:07:3f:d5:0b:
                    b8:84:65:e3:12:84:1f:9f:06:a1:90:ee:62:68:0e:
                    b8:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9F:C3:4F:24:60:2D:DC:8C:96:A1:C5:29:5F:53:E2:6E:31:D2:90:4B
            X509v3 Authority Key Identifier:
                keyid:6D:16:7E:D1:DD:2E:65:DE:1D:97:BA:EC:8C:20:55:AD:DC:17:37:C8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/6700d78d2e18243ea736c1288c50a9461ced8b3c.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/1865a074-ac31-4cf7-9a92-5fa934dbd6ed/59f76fbaefbd62059f6a7a42d8f99b6db3113008.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/1865a074-ac31-4cf7-9a92-5fa934dbd6ed/6700d78d2e18243ea736c1288c50a9461ced8b3c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.93.175.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3b:28:11:04:b3:83:ee:95:01:98:a9:09:f9:2a:f8:91:e7:19:
         32:f3:0e:9a:1b:93:7e:8b:54:f3:68:b3:87:98:51:30:91:26:
         93:a2:2c:d0:10:b2:52:85:81:46:39:f2:b7:bb:73:6f:7b:64:
         bb:a9:01:cb:8f:07:1e:54:0a:e5:10:71:c1:d8:3e:91:f8:0c:
         3d:92:eb:8f:7a:4e:a2:83:14:bd:7e:55:76:d8:41:da:7e:c1:
         89:33:17:81:20:11:5d:59:c2:fc:b7:b6:d9:31:25:94:fd:cd:
         1e:18:cd:d0:4a:0b:2f:67:cc:43:ae:ea:81:e5:d8:b8:5a:d5:
         99:95:f6:7a:90:10:03:82:d0:b2:fd:b3:cf:45:ee:10:2e:9a:
         85:34:81:03:19:c6:71:76:39:b6:b7:f6:8e:8c:62:68:b2:f1:
         a2:92:fc:d8:0e:58:b0:4b:48:f2:80:7a:de:3c:bd:ee:1b:a5:
         63:5a:a5:ba:5a:51:8e:d7:e8:24:92:ef:87:e3:ef:e9:9e:b0:
         d4:05:c9:03:80:3c:96:7e:18:c7:42:4a:ec:27:79:ce:d8:5c:
         a5:05:c9:81:bf:4b:37:41:7f:b3:f4:2e:e1:44:6e:c9:62:c4:
         5b:fb:ef:cb:49:4a:16:29:2c:c9:47:8c:6c:3b:c9:e9:8d:9f:
         d7:e4:7f:0b
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDIAgAMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDY3
MDBkNzhkMmUxODI0M2VhNzM2YzEyODhjNTBhOTQ2MWNlZDhiM2MwHhcNMjMwMTMx
MjAzNjU1WhcNMjUwMjAxMjAzNjU1WjAzMTEwLwYDVQQDEyg1OWY3NmZiYWVmYmQ2
MjA1OWY2YTdhNDJkOGY5OWI2ZGIzMTEzMDA4MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAx1Eih3/EaepOIb4BfxuBLnZXrDCGRULQtzKXJo5t/3XkmaEp
kKl0yAOo0p8/PZXC5tu1fg8y9v0C2aXZj5JuOr3/OIk3UYsGsbo3X979Q92Todmn
xp4oYl5grdsew/K9DgGwG9vPj9IAu4Vs8MHBi2IRqw9IirVJ4MNUed3X8S1Sf+y7
vP1DZbGHh95wuCf5kJz67ovvS1DumsLvEvaxPRMbgntfVmh2VeNPZX1Jq4zn2cMo
4gRZ9EL2Szxj0Cef1ZliDRUp/CJBMpit8SQLFX0kvfTgYbn0sHK6L2TizQXQui8q
vtO6mxkKQwc/1Qu4hGXjEoQfnwahkO5iaA64XQIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFJ/DTyRgLdyMlqHFKV9T4m4x0pBLMB8GA1UdIwQYMBaAFG0WftHdLmXeHZe6
7IwgVa3cFzfIMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvNjcwMGQ3
OGQyZTE4MjQzZWE3MzZjMTI4OGM1MGE5NDYxY2VkOGIzYy5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMTg2NWEwNzQtYWMzMS00Y2Y3LTlhOTItNWZhOTM0
ZGJkNmVkLzU5Zjc2ZmJhZWZiZDYyMDU5ZjZhN2E0MmQ4Zjk5YjZkYjMxMTMwMDgu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8xODY1YTA3NC1hYzMxLTRjZjctOWE5Mi01ZmE5
MzRkYmQ2ZWQvNjcwMGQ3OGQyZTE4MjQzZWE3MzZjMTI4OGM1MGE5NDYxY2VkOGIz
Yy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAL5drzANBgkqhkiG9w0BAQsFAAOCAQEAOygRBLOD7pUBmKkJ
+Sr4kecZMvMOmhuTfotU82izh5hRMJEmk6Is0BCyUoWBRjnyt7tzb3tku6kBy48H
HlQK5RBxwdg+kfgMPZLrj3pOooMUvX5VdthB2n7BiTMXgSARXVnC/Le22TEllP3N
HhjN0EoLL2fMQ67qgeXYuFrVmZX2epAQA4LQsv2zz0XuEC6ahTSBAxnGcXY5trf2
joxiaLLxopL82A5YsEtI8oB63jy97hulY1qlulpRjtfoJJLvh+Pv6Z6w1AXJA4A8
ln4Yx0JK7Cd5zthcpQXJgb9LN0F/s/Qu4URuyWLEW/vvy0lKFiksyUeMbDvJ6Y2f
1+R/Cw==
-----END CERTIFICATE-----
Generated at Fri Mar 29 08:11:18 2024 by rpki-client on console-fra.rpki-client.org