Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/1B07A4CF9C093D46B15E6B1B09954FE9C8276009074D03772E45261D769271AC/0/AS272883.roa
File:                     AS272883.roa (raw, json)
Hash identifier:          uFZJNH16QOZ36Be/7QgskLjEea0GOQYkMpFa/nY4Y8g=
Subject key identifier:   34:5B:3F:97:07:08:47:F1:24:A8:B2:91:78:86:30:EF:F9:42:21:12
Certificate issuer:       /CN=725E298CCA0B840DB726F60EED140C37FDB23BD6
Certificate serial:       1E28E47F52CD35C478A9DD09059642EE805ED6A1
Authority key identifier: 72:5E:29:8C:CA:0B:84:0D:B7:26:F6:0E:ED:14:0C:37:FD:B2:3B:D6
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/725E298CCA0B840DB726F60EED140C37FDB23BD6.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/1B07A4CF9C093D46B15E6B1B09954FE9C8276009074D03772E45261D769271AC/0/AS272883.roa
Signing time:             Fri 13 Sep 2024 15:45:00 +0000
ROA not before:           Fri 13 Sep 2024 15:40:00 +0000
ROA not after:            Fri 12 Sep 2025 15:45:00 +0000
asID:                     272883
IP address blocks:        200.7.222.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/1B07A4CF9C093D46B15E6B1B09954FE9C8276009074D03772E45261D769271AC/0/725E298CCA0B840DB726F60EED140C37FDB23BD6.crl
                          rsync://repository.lacnic.net/rpki/lacnic/1B07A4CF9C093D46B15E6B1B09954FE9C8276009074D03772E45261D769271AC/0/725E298CCA0B840DB726F60EED140C37FDB23BD6.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/725E298CCA0B840DB726F60EED140C37FDB23BD6.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Thu 31 Oct 2024 16:16:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1e:28:e4:7f:52:cd:35:c4:78:a9:dd:09:05:96:42:ee:80:5e:d6:a1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=725E298CCA0B840DB726F60EED140C37FDB23BD6
        Validity
            Not Before: Sep 13 15:40:00 2024 GMT
            Not After : Sep 12 15:45:00 2025 GMT
        Subject: CN=345B3F97070847F124A8B291788630EFF9422112
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:ca:c6:c3:3e:d9:da:4f:10:ea:7f:de:3e:3a:
                    18:87:8a:db:e3:52:17:f2:ff:97:82:fd:4d:f5:eb:
                    96:f1:b8:67:c2:ee:7f:c2:f7:c5:0a:5e:8b:fd:61:
                    04:0f:46:07:ae:2b:b9:58:fa:79:d3:b5:35:7c:d2:
                    ce:be:dc:9c:ad:41:27:d5:3f:62:a5:a2:8b:98:4f:
                    f4:0d:f5:9c:0d:aa:08:56:be:62:74:b3:cd:5c:09:
                    da:c7:82:80:ee:62:d5:b1:fa:b8:36:d6:b3:86:f9:
                    51:73:53:a9:bc:0a:62:f7:2e:cb:c0:24:47:bc:f3:
                    72:dd:41:6b:ca:f3:0b:91:b0:3f:40:50:24:d6:7a:
                    73:21:fe:63:a0:8b:4c:ca:60:7d:21:19:ad:54:db:
                    d9:99:21:47:ef:5a:37:40:ec:59:ea:b6:23:1c:f1:
                    7b:49:9c:b6:0d:0f:04:91:be:54:61:b6:f1:cb:c7:
                    a2:e3:d3:d8:4c:5e:19:ca:de:6e:2d:77:b0:64:f6:
                    00:10:47:6a:8d:d6:fa:10:6f:1c:98:a4:9a:f3:1a:
                    3d:cd:5f:b0:a4:77:d4:c4:73:7b:84:79:1e:61:f1:
                    a4:b4:be:5a:ba:b3:a3:23:4c:80:40:69:dc:3d:04:
                    ac:a6:52:fc:cb:79:fa:60:e6:17:38:61:3f:a2:38:
                    96:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                34:5B:3F:97:07:08:47:F1:24:A8:B2:91:78:86:30:EF:F9:42:21:12
            X509v3 Authority Key Identifier:
                keyid:72:5E:29:8C:CA:0B:84:0D:B7:26:F6:0E:ED:14:0C:37:FD:B2:3B:D6

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/1B07A4CF9C093D46B15E6B1B09954FE9C8276009074D03772E45261D769271AC/0/725E298CCA0B840DB726F60EED140C37FDB23BD6.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/725E298CCA0B840DB726F60EED140C37FDB23BD6.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/1B07A4CF9C093D46B15E6B1B09954FE9C8276009074D03772E45261D769271AC/0/AS272883.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.7.222.0/24

    Signature Algorithm: sha256WithRSAEncryption
         79:50:ec:d7:ab:9a:00:11:96:53:c8:37:56:7b:97:e8:86:3c:
         e2:83:2a:3d:5a:5d:e5:1a:99:a5:00:e5:9e:4b:40:d3:57:92:
         ce:08:35:ba:62:3f:af:cd:01:1d:b2:61:a9:07:52:90:2f:81:
         5b:fc:47:4f:1a:ed:4f:31:b2:bf:61:02:e8:69:90:66:65:a2:
         11:6d:29:f9:7d:da:91:31:26:35:3d:a3:57:be:25:72:b0:00:
         ee:7a:b4:4f:6c:6e:00:2e:b0:dd:68:2e:e1:10:2f:96:2d:ab:
         a4:62:b8:65:05:0e:9f:80:6a:fb:68:af:2e:89:f0:e6:8c:d3:
         c5:79:ea:d5:a0:4e:8c:5b:ae:88:b7:32:e1:8c:bc:e9:22:67:
         8e:ff:d0:1e:bf:41:98:d8:73:ef:71:b2:4b:ed:5a:dc:6f:3b:
         19:cb:53:cd:9a:2d:66:3d:cf:cf:29:fc:41:50:41:92:f6:66:
         7a:8f:a2:b2:50:d7:e5:ce:25:0f:84:a1:8b:18:c2:94:a9:a8:
         d6:a7:22:24:1d:26:14:e3:14:e1:1e:17:85:ab:c9:b2:02:64:
         31:38:08:e8:da:7b:02:4f:48:20:c5:d2:5d:99:94:f1:9c:28:
         39:35:a1:51:3b:f7:d4:96:9c:c7:d4:d9:fe:b0:f5:f2:bd:eb:
         b4:78:33:a0
-----BEGIN CERTIFICATE-----
MIIFjzCCBHegAwIBAgIUHijkf1LNNcR4qd0JBZZC7oBe1qEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzI1RTI5OENDQTBCODQwREI3MjZGNjBFRUQxNDBDMzdG
REIyM0JENjAeFw0yNDA5MTMxNTQwMDBaFw0yNTA5MTIxNTQ1MDBaMDMxMTAvBgNV
BAMTKDM0NUIzRjk3MDcwODQ3RjEyNEE4QjI5MTc4ODYzMEVGRjk0MjIxMTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCxysbDPtnaTxDqf94+OhiHitvj
Uhfy/5eC/U3165bxuGfC7n/C98UKXov9YQQPRgeuK7lY+nnTtTV80s6+3JytQSfV
P2KloouYT/QN9ZwNqghWvmJ0s81cCdrHgoDuYtWx+rg21rOG+VFzU6m8CmL3LsvA
JEe883LdQWvK8wuRsD9AUCTWenMh/mOgi0zKYH0hGa1U29mZIUfvWjdA7FnqtiMc
8XtJnLYNDwSRvlRhtvHLx6Lj09hMXhnK3m4td7Bk9gAQR2qN1voQbxyYpJrzGj3N
X7Ckd9TEc3uEeR5h8aS0vlq6s6MjTIBAadw9BKymUvzLefpg5hc4YT+iOJYxAgMB
AAGjggKZMIIClTAdBgNVHQ4EFgQUNFs/lwcIR/EkqLKReIYw7/lCIRIwHwYDVR0j
BBgwFoAUcl4pjMoLhA23JvYO7RQMN/2yO9YwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8xQjA3QTRDRjlDMDkzRDQ2QjE1RTZCMUIwOTk1NEZFOUM4
Mjc2MDA5MDc0RDAzNzcyRTQ1MjYxRDc2OTI3MUFDLzAvNzI1RTI5OENDQTBCODQw
REI3MjZGNjBFRUQxNDBDMzdGREIyM0JENi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC83MjVFMjk4Q0NBMEI4NDBEQjcy
NkY2MEVFRDE0MEMzN0ZEQjIzQkQ2LmNlcjCBmAYIKwYBBQUHAQsEgYswgYgwgYUG
CCsGAQUFBzALhnlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy8xQjA3QTRDRjlDMDkzRDQ2QjE1RTZCMUIwOTk1NEZFOUM4Mjc2MDA5MDc0
RDAzNzcyRTQ1MjYxRDc2OTI3MUFDLzAvQVMyNzI4ODMucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADIB94w
DQYJKoZIhvcNAQELBQADggEBAHlQ7NermgARllPIN1Z7l+iGPOKDKj1aXeUamaUA
5Z5LQNNXks4INbpiP6/NAR2yYakHUpAvgVv8R08a7U8xsr9hAuhpkGZlohFtKfl9
2pExJjU9o1e+JXKwAO56tE9sbgAusN1oLuEQL5Ytq6RiuGUFDp+Aavtory6J8OaM
08V56tWgToxbroi3MuGMvOkiZ47/0B6/QZjYc+9xskvtWtxvOxnLU82aLWY9z88p
/EFQQZL2ZnqPorJQ1+XOJQ+EoYsYwpSpqNanIiQdJhTjFOEeF4WrybICZDE4COja
ewJPSCDF0l2ZlPGcKDk1oVE799SWnMfU2f6w9fK967R4M6A=
-----END CERTIFICATE-----
Generated at Sun Oct 27 21:00:45 2024 by rpki-client on console-fra.rpki-client.org