Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/1ad209d1-20a4-467d-afe3-15ac5848b361/bf3d18901ae6bfaa3c9054c497a2a9b49e03e617.roa
File:                     bf3d18901ae6bfaa3c9054c497a2a9b49e03e617.roa (raw, json)
Hash identifier:          jiw91GV/kqjXq2FowoLug/dGzRs1byoC8nmHHpicRrw=
Subject key identifier:   76:43:27:36:A0:34:9B:B9:7F:B0:11:30:DF:46:55:9A:AE:11:2E:EB
Certificate issuer:       /CN=d54d511e19b079cfd93d708d6fe9189557c2ded6
Certificate serial:       0C922C
Authority key identifier: 31:CF:B1:40:6D:E6:CD:7F:CA:9E:DA:1B:CF:F5:A4:44:A2:88:FA:B4
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/d54d511e19b079cfd93d708d6fe9189557c2ded6.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/1ad209d1-20a4-467d-afe3-15ac5848b361/bf3d18901ae6bfaa3c9054c497a2a9b49e03e617.roa
Signing time:             Wed 24 Mar 2021 14:40:18 +0000
ROA not before:           Wed 24 Mar 2021 14:40:18 +0000
ROA not after:            Tue 24 Mar 2026 14:40:18 +0000
asID:                     28006
IP address blocks:        200.6.8.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/1ad209d1-20a4-467d-afe3-15ac5848b361/d54d511e19b079cfd93d708d6fe9189557c2ded6.crl
                          rsync://repository.lacnic.net/rpki/lacnic/1ad209d1-20a4-467d-afe3-15ac5848b361/d54d511e19b079cfd93d708d6fe9189557c2ded6.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/d54d511e19b079cfd93d708d6fe9189557c2ded6.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Tue 27 Feb 2024 12:23:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 823852 (0xc922c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d54d511e19b079cfd93d708d6fe9189557c2ded6
        Validity
            Not Before: Mar 24 14:40:18 2021 GMT
            Not After : Mar 24 14:40:18 2026 GMT
        Subject: CN=bf3d18901ae6bfaa3c9054c497a2a9b49e03e617
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:50:f5:54:0a:92:a2:64:f9:a8:42:80:b6:9e:
                    10:92:60:c2:1d:fe:e5:f3:67:3f:57:04:46:49:9a:
                    2f:28:d6:5b:d2:7f:c0:85:7b:b2:c8:82:43:71:e7:
                    ed:11:f9:22:e9:5d:3e:e7:0d:88:39:97:87:8b:f6:
                    ef:fe:bb:97:9a:c8:e0:3b:72:c1:c9:26:2c:fe:70:
                    7a:f8:2a:e7:19:cf:b0:d7:a9:e2:bb:91:71:a6:f4:
                    a2:01:ce:51:fa:88:58:43:b5:69:d5:af:e9:06:87:
                    42:6e:69:d7:5f:6d:5a:92:b3:62:99:ed:ee:66:f0:
                    d1:3e:1e:b6:29:2e:2a:5b:c3:43:91:6c:bf:d3:b2:
                    e7:57:bd:a7:6e:ea:c1:98:d2:27:80:3a:2a:a7:8f:
                    60:b0:19:0e:6e:18:3f:0b:f5:7d:9f:ed:c1:d4:05:
                    7d:a7:2b:b1:42:ab:61:75:7b:c6:aa:1a:82:4f:f5:
                    d0:52:c6:48:b6:4f:52:07:50:99:6b:ea:2a:96:6d:
                    58:09:10:b7:52:4b:30:7a:9f:89:b4:20:ab:47:06:
                    48:6e:2e:7d:a5:e5:da:f6:b8:fb:9c:a9:fd:a4:67:
                    51:f4:a9:9c:29:a7:4e:78:42:01:5b:c6:77:79:eb:
                    b4:5c:0b:55:53:46:7e:58:c2:70:6c:d6:06:26:b7:
                    6d:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                76:43:27:36:A0:34:9B:B9:7F:B0:11:30:DF:46:55:9A:AE:11:2E:EB
            X509v3 Authority Key Identifier:
                keyid:31:CF:B1:40:6D:E6:CD:7F:CA:9E:DA:1B:CF:F5:A4:44:A2:88:FA:B4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/d54d511e19b079cfd93d708d6fe9189557c2ded6.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/1ad209d1-20a4-467d-afe3-15ac5848b361/bf3d18901ae6bfaa3c9054c497a2a9b49e03e617.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/1ad209d1-20a4-467d-afe3-15ac5848b361/d54d511e19b079cfd93d708d6fe9189557c2ded6.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.6.8.0/24

    Signature Algorithm: sha256WithRSAEncryption
         80:ae:dc:49:fa:f4:1f:d5:da:4c:e2:bc:92:79:af:01:b4:49:
         ad:91:b9:00:0a:2a:cb:72:3a:de:dc:e8:5a:87:92:ee:09:f5:
         d0:31:41:d1:e8:3a:68:99:f7:5a:93:0e:3b:89:04:05:59:9f:
         11:d4:ae:b9:f5:0b:0b:de:cb:1e:51:50:87:a0:f6:87:72:55:
         ea:20:0a:fd:91:66:59:fd:d8:11:6e:4b:b7:9e:4c:1e:8c:53:
         2c:8d:2b:cf:ea:51:73:67:bb:00:0f:9e:bc:9b:bb:42:22:69:
         a9:dc:d1:e4:67:50:e2:5c:c1:90:78:bf:ac:d2:97:b1:fa:ec:
         06:bc:d0:41:f5:ac:80:f1:0c:5e:87:2d:53:bb:0a:f8:17:1b:
         bd:95:13:80:8f:b0:f3:2d:32:48:21:8a:16:26:96:fa:fe:1b:
         d8:81:ed:b2:b6:a9:4b:1a:b0:63:35:80:7f:45:64:61:00:e9:
         a8:dc:21:c7:8b:39:4c:59:62:7e:f1:b8:be:99:79:ea:af:23:
         1c:a7:35:a8:71:85:f8:c4:dd:3c:53:dc:ac:80:b4:52:0c:ba:
         70:bd:f1:1b:02:e6:14:b3:01:3c:57:0a:84:0e:16:e3:50:99:
         7c:13:6a:32:24:b8:4f:ae:5e:f2:b0:b3:85:e6:03:8b:22:8f:
         ea:f9:8c:cc
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDDJIsMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGQ1
NGQ1MTFlMTliMDc5Y2ZkOTNkNzA4ZDZmZTkxODk1NTdjMmRlZDYwHhcNMjEwMzI0
MTQ0MDE4WhcNMjYwMzI0MTQ0MDE4WjAzMTEwLwYDVQQDEyhiZjNkMTg5MDFhZTZi
ZmFhM2M5MDU0YzQ5N2EyYTliNDllMDNlNjE3MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAkVD1VAqSomT5qEKAtp4QkmDCHf7l82c/VwRGSZovKNZb0n/A
hXuyyIJDceftEfki6V0+5w2IOZeHi/bv/ruXmsjgO3LBySYs/nB6+CrnGc+w16ni
u5FxpvSiAc5R+ohYQ7Vp1a/pBodCbmnXX21akrNime3uZvDRPh62KS4qW8NDkWy/
07LnV72nburBmNIngDoqp49gsBkObhg/C/V9n+3B1AV9pyuxQqthdXvGqhqCT/XQ
UsZItk9SB1CZa+oqlm1YCRC3Ukswep+JtCCrRwZIbi59peXa9rj7nKn9pGdR9Kmc
KadOeEIBW8Z3eeu0XAtVU0Z+WMJwbNYGJrdtkQIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFHZDJzagNJu5f7ARMN9GVZquES7rMB8GA1UdIwQYMBaAFDHPsUBt5s1/yp7a
G8/1pESiiPq0MA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvZDU0ZDUx
MWUxOWIwNzljZmQ5M2Q3MDhkNmZlOTE4OTU1N2MyZGVkNi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMWFkMjA5ZDEtMjBhNC00NjdkLWFmZTMtMTVhYzU4
NDhiMzYxL2JmM2QxODkwMWFlNmJmYWEzYzkwNTRjNDk3YTJhOWI0OWUwM2U2MTcu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8xYWQyMDlkMS0yMGE0LTQ2N2QtYWZlMy0xNWFj
NTg0OGIzNjEvZDU0ZDUxMWUxOWIwNzljZmQ5M2Q3MDhkNmZlOTE4OTU1N2MyZGVk
Ni5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAMgGCDANBgkqhkiG9w0BAQsFAAOCAQEAgK7cSfr0H9XaTOK8
knmvAbRJrZG5AAoqy3I63tzoWoeS7gn10DFB0eg6aJn3WpMOO4kEBVmfEdSuufUL
C97LHlFQh6D2h3JV6iAK/ZFmWf3YEW5Lt55MHoxTLI0rz+pRc2e7AA+evJu7QiJp
qdzR5GdQ4lzBkHi/rNKXsfrsBrzQQfWsgPEMXoctU7sK+BcbvZUTgI+w8y0ySCGK
FiaW+v4b2IHtsrapSxqwYzWAf0VkYQDpqNwhx4s5TFlifvG4vpl56q8jHKc1qHGF
+MTdPFPcrIC0Ugy6cL3xGwLmFLMBPFcKhA4W41CZfBNqMiS4T65e8rCzheYDiyKP
6vmMzA==
-----END CERTIFICATE-----
Generated at Sat Feb 24 14:25:02 2024 by rpki-client on console-ams.rpki-client.org