Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/2200a3d3-0721-4a07-b8ef-5041a99c36ec/e809c60d206d756708d56f79117a037b89bd5cb5.roa
File:                     e809c60d206d756708d56f79117a037b89bd5cb5.roa (raw, json)
Hash identifier:          AWGFWHeii6Hw59ZUULURYJlvWdvBOR/U8sgkebZbquA=
Subject key identifier:   75:08:1E:07:F0:DF:DC:5A:1E:58:5F:07:5A:AF:17:8D:13:76:46:BC
Certificate issuer:       /CN=cdf3c4883ddca1519ed46106e0af85f1db80392f
Certificate serial:       07FB1E
Authority key identifier: 46:C2:C8:A1:9E:E3:9F:CB:34:26:C6:F1:3E:6F:59:9A:F8:52:B7:E9
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/cdf3c4883ddca1519ed46106e0af85f1db80392f.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/2200a3d3-0721-4a07-b8ef-5041a99c36ec/e809c60d206d756708d56f79117a037b89bd5cb5.roa
Signing time:             Wed 20 Jul 2022 15:37:37 +0000
ROA not before:           Wed 20 Jul 2022 03:00:00 +0000
ROA not after:            Sat 20 Jul 2024 03:00:00 +0000
asID:                     265703
IP address blocks:        200.114.88.0/21 maxlen: 24
                          2803:420::/32 maxlen: 36

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/2200a3d3-0721-4a07-b8ef-5041a99c36ec/cdf3c4883ddca1519ed46106e0af85f1db80392f.crl
                          rsync://repository.lacnic.net/rpki/lacnic/2200a3d3-0721-4a07-b8ef-5041a99c36ec/cdf3c4883ddca1519ed46106e0af85f1db80392f.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/cdf3c4883ddca1519ed46106e0af85f1db80392f.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 12:22:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 523038 (0x7fb1e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cdf3c4883ddca1519ed46106e0af85f1db80392f
        Validity
            Not Before: Jul 20 03:00:00 2022 GMT
            Not After : Jul 20 03:00:00 2024 GMT
        Subject: CN=e809c60d206d756708d56f79117a037b89bd5cb5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:79:bd:e0:70:49:08:dd:be:82:f4:4c:91:23:
                    84:10:d3:3e:8c:ca:9a:c5:ec:d5:d4:95:75:0e:4a:
                    9d:96:7e:c4:dc:1c:77:5a:18:79:bc:b0:29:b6:d3:
                    a4:8b:1d:22:43:1b:fb:43:b0:6a:58:e4:8f:e1:25:
                    bb:3c:68:22:00:b2:c4:1c:d0:bf:c3:92:45:25:0f:
                    bf:eb:d2:fe:33:66:3f:58:f0:c7:99:46:db:23:bc:
                    81:86:20:a5:04:1c:65:99:a7:ae:ed:bd:37:f8:78:
                    d7:cd:13:61:bc:be:e9:c3:98:1a:35:73:dd:6e:df:
                    ed:25:18:26:91:53:ce:bf:0a:16:c6:b8:dc:07:7f:
                    6f:13:ab:22:8c:56:b6:fd:73:ad:f5:d4:97:1a:0a:
                    c4:a0:59:1e:64:58:e7:31:e8:2f:0e:c6:5d:38:ca:
                    0a:c9:4c:6c:8f:2e:d6:92:23:7d:5a:57:b2:74:a7:
                    89:13:77:c8:3d:5a:30:f7:a7:cd:d2:6a:bc:f2:30:
                    69:3b:1c:71:ad:49:e0:71:73:70:b3:2c:35:5f:d5:
                    a0:8a:71:1a:6d:fc:89:12:5c:d3:6d:50:9f:6f:60:
                    3e:c6:42:1b:36:75:a5:44:3b:95:ea:9e:24:93:fd:
                    00:ee:80:d8:9d:54:74:ee:27:33:66:83:7b:ad:66:
                    88:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                75:08:1E:07:F0:DF:DC:5A:1E:58:5F:07:5A:AF:17:8D:13:76:46:BC
            X509v3 Authority Key Identifier:
                keyid:46:C2:C8:A1:9E:E3:9F:CB:34:26:C6:F1:3E:6F:59:9A:F8:52:B7:E9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/cdf3c4883ddca1519ed46106e0af85f1db80392f.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/2200a3d3-0721-4a07-b8ef-5041a99c36ec/e809c60d206d756708d56f79117a037b89bd5cb5.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/2200a3d3-0721-4a07-b8ef-5041a99c36ec/cdf3c4883ddca1519ed46106e0af85f1db80392f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.114.88.0/21
                IPv6:
                  2803:420::/32

    Signature Algorithm: sha256WithRSAEncryption
         11:0f:65:a1:b3:af:b8:56:a7:8e:90:62:73:47:60:5b:97:43:
         8a:83:56:00:40:50:22:2a:bd:6d:b7:a4:71:9e:04:a2:64:64:
         af:8b:28:1b:c3:12:e9:87:49:af:09:81:34:9a:a0:36:d3:11:
         f8:68:d1:f6:ff:7a:56:5a:2c:1d:e0:75:48:13:59:b2:0c:55:
         80:e9:ec:03:f7:3e:26:f2:89:be:9a:64:5d:9e:7d:54:81:51:
         a7:26:be:b8:46:2c:97:59:b8:03:76:2b:4b:0d:28:67:45:f2:
         cc:96:de:96:e1:cb:b4:6c:ae:f1:f1:75:7f:e8:63:c9:02:13:
         12:57:3f:11:c3:17:2c:c8:16:90:95:f6:3f:fe:f6:8b:91:f6:
         95:45:d6:5e:c1:b9:ac:f6:e1:2b:20:68:31:53:e4:90:ef:94:
         3a:89:ca:ba:d0:58:15:43:a3:41:7e:4c:21:ad:3d:f0:30:5b:
         25:20:ee:62:5e:4d:80:c6:e9:36:9a:79:2d:11:84:1e:d9:b8:
         f8:08:47:90:50:bd:4d:5b:03:30:aa:6f:1f:4c:b9:88:50:b7:
         0c:3e:51:c2:ae:c1:74:69:ba:a9:dc:f9:ce:89:af:4a:3e:f0:
         74:4d:b1:4e:2d:20:de:24:37:97:2a:47:2d:96:15:66:e1:4b:
         5f:07:9d:aa
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgIDB/seMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGNk
ZjNjNDg4M2RkY2ExNTE5ZWQ0NjEwNmUwYWY4NWYxZGI4MDM5MmYwHhcNMjIwNzIw
MDMwMDAwWhcNMjQwNzIwMDMwMDAwWjAzMTEwLwYDVQQDEyhlODA5YzYwZDIwNmQ3
NTY3MDhkNTZmNzkxMTdhMDM3Yjg5YmQ1Y2I1MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAp3m94HBJCN2+gvRMkSOEENM+jMqaxezV1JV1Dkqdln7E3Bx3
Whh5vLApttOkix0iQxv7Q7BqWOSP4SW7PGgiALLEHNC/w5JFJQ+/69L+M2Y/WPDH
mUbbI7yBhiClBBxlmaeu7b03+HjXzRNhvL7pw5gaNXPdbt/tJRgmkVPOvwoWxrjc
B39vE6sijFa2/XOt9dSXGgrEoFkeZFjnMegvDsZdOMoKyUxsjy7WkiN9WleydKeJ
E3fIPVow96fN0mq88jBpOxxxrUngcXNwsyw1X9WginEabfyJElzTbVCfb2A+xkIb
NnWlRDuV6p4kk/0A7oDYnVR07iczZoN7rWaIXQIDAQABo4ICajCCAmYwHQYDVR0O
BBYEFHUIHgfw39xaHlhfB1qvF40Tdka8MB8GA1UdIwQYMBaAFEbCyKGe45/LNCbG
8T5vWZr4UrfpMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvY2RmM2M0
ODgzZGRjYTE1MTllZDQ2MTA2ZTBhZjg1ZjFkYjgwMzkyZi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMjIwMGEzZDMtMDcyMS00YTA3LWI4ZWYtNTA0MWE5
OWMzNmVjL2U4MDljNjBkMjA2ZDc1NjcwOGQ1NmY3OTExN2EwMzdiODliZDVjYjUu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8yMjAwYTNkMy0wNzIxLTRhMDctYjhlZi01MDQx
YTk5YzM2ZWMvY2RmM2M0ODgzZGRjYTE1MTllZDQ2MTA2ZTBhZjg1ZjFkYjgwMzky
Zi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQf
MB0wDAQCAAEwBgMEA8hyWDANBAIAAjAHAwUAKAMEIDANBgkqhkiG9w0BAQsFAAOC
AQEAEQ9lobOvuFanjpBic0dgW5dDioNWAEBQIiq9bbekcZ4EomRkr4soG8MS6YdJ
rwmBNJqgNtMR+GjR9v96VlosHeB1SBNZsgxVgOnsA/c+JvKJvppkXZ59VIFRpya+
uEYsl1m4A3YrSw0oZ0XyzJbeluHLtGyu8fF1f+hjyQITElc/EcMXLMgWkJX2P/72
i5H2lUXWXsG5rPbhKyBoMVPkkO+UOonKutBYFUOjQX5MIa098DBbJSDuYl5NgMbp
Npp5LRGEHtm4+AhHkFC9TVsDMKpvH0y5iFC3DD5Rwq7BdGm6qdz5zomvSj7wdE2x
Ti0g3iQ3lypHLZYVZuFLXwedqg==
-----END CERTIFICATE-----
Generated at Thu Mar 28 16:02:50 2024 by rpki-client on console-ams.rpki-client.org