Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/28fea9c0-e4cd-4da2-af9d-15af48893e00/2122331edc857fa6c09417e1477db72fa3461f24.roa
File:                     2122331edc857fa6c09417e1477db72fa3461f24.roa (raw, json)
Hash identifier:          BTn+Gjl5dMKwAWck+W8dkccxmdEI1/1bX8scPG/hWc0=
Subject key identifier:   06:A9:CD:93:A0:18:23:8C:9D:97:13:C8:04:65:F0:FE:0E:5B:49:5C
Certificate issuer:       /CN=f0f4367cfb3dd5ac0968e62a427d29e004abb9ce
Certificate serial:       06C687
Authority key identifier: 6D:A9:FD:6B:52:1C:00:14:2A:44:4F:FF:8F:50:BB:64:8B:41:DB:A2
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/f0f4367cfb3dd5ac0968e62a427d29e004abb9ce.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/28fea9c0-e4cd-4da2-af9d-15af48893e00/2122331edc857fa6c09417e1477db72fa3461f24.roa
Signing time:             Wed 24 Mar 2021 14:31:22 +0000
ROA not before:           Wed 24 Mar 2021 14:31:22 +0000
ROA not after:            Tue 24 Mar 2026 14:31:22 +0000
asID:                     52240
IP address blocks:        200.1.113.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/28fea9c0-e4cd-4da2-af9d-15af48893e00/f0f4367cfb3dd5ac0968e62a427d29e004abb9ce.crl
                          rsync://repository.lacnic.net/rpki/lacnic/28fea9c0-e4cd-4da2-af9d-15af48893e00/f0f4367cfb3dd5ac0968e62a427d29e004abb9ce.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/f0f4367cfb3dd5ac0968e62a427d29e004abb9ce.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 03:49:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 444039 (0x6c687)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f0f4367cfb3dd5ac0968e62a427d29e004abb9ce
        Validity
            Not Before: Mar 24 14:31:22 2021 GMT
            Not After : Mar 24 14:31:22 2026 GMT
        Subject: CN=2122331edc857fa6c09417e1477db72fa3461f24
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:a5:b0:38:1c:16:73:28:02:1d:76:36:1c:c2:
                    9d:b2:47:05:da:8e:2a:c4:2b:69:ae:2c:5e:33:e1:
                    55:60:95:59:0f:a3:e8:cf:c6:98:d0:36:32:41:36:
                    c0:48:21:69:3f:e3:12:f9:b4:dc:40:f7:5a:b3:ce:
                    ba:9c:1c:22:a8:41:eb:68:d9:b4:fd:ec:7e:92:7f:
                    8b:07:16:29:68:01:d1:8e:15:8d:de:81:c4:1d:5f:
                    70:ab:13:85:19:a9:64:66:9f:be:13:d3:38:8b:80:
                    81:bd:13:8c:90:68:c7:a3:88:50:b4:68:ad:52:5a:
                    d7:49:2d:94:63:88:5b:9c:90:d4:96:bf:de:12:3b:
                    5e:48:92:48:57:9e:b1:bf:a6:f8:f3:2d:c3:ee:c3:
                    08:6f:76:4f:e3:82:d6:1e:72:7d:e1:f1:bd:03:19:
                    f9:43:10:45:59:6a:da:ea:9b:24:49:a7:f6:6d:28:
                    6a:7c:19:b6:5d:27:89:47:71:95:ef:e3:1f:90:f5:
                    7c:34:d2:ed:a6:06:98:e9:b6:ad:66:a3:c6:59:26:
                    4c:da:20:d3:39:0a:a0:6a:dc:ec:9f:ad:f0:b5:a2:
                    87:86:83:01:91:34:ca:e9:92:72:40:a9:71:6d:f3:
                    84:71:ad:39:24:02:6a:a3:63:a9:31:cf:64:8f:ca:
                    64:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                06:A9:CD:93:A0:18:23:8C:9D:97:13:C8:04:65:F0:FE:0E:5B:49:5C
            X509v3 Authority Key Identifier:
                keyid:6D:A9:FD:6B:52:1C:00:14:2A:44:4F:FF:8F:50:BB:64:8B:41:DB:A2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/f0f4367cfb3dd5ac0968e62a427d29e004abb9ce.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/28fea9c0-e4cd-4da2-af9d-15af48893e00/2122331edc857fa6c09417e1477db72fa3461f24.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/28fea9c0-e4cd-4da2-af9d-15af48893e00/f0f4367cfb3dd5ac0968e62a427d29e004abb9ce.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.1.113.0/24

    Signature Algorithm: sha256WithRSAEncryption
         52:5f:c5:76:55:de:c4:f9:0d:de:93:b0:fd:8e:78:1a:f8:bf:
         49:b8:31:e9:bd:76:84:37:d7:78:90:d7:65:54:fe:56:be:ca:
         42:e2:1a:6c:d0:eb:58:7b:a6:c5:ac:f9:c0:47:08:b3:bf:cb:
         bf:42:ee:a4:be:60:b6:a2:48:f2:99:0b:85:88:e7:b5:9e:ca:
         28:c6:a6:3a:f8:f1:a6:14:b5:09:87:ec:c5:06:cd:50:14:7f:
         06:f8:63:48:32:bf:6d:cd:46:61:12:6f:7a:92:d1:59:1f:8a:
         1f:a6:b7:fe:b0:b7:ba:38:a6:5d:b4:05:41:ec:ed:ee:b8:73:
         4c:53:75:c7:94:21:af:26:7a:9b:8a:cc:44:8c:30:15:1c:cb:
         59:20:45:94:6c:18:3c:1f:bf:b8:12:c2:3a:e8:62:e9:c0:ca:
         66:ad:43:94:1e:4d:b0:4a:f6:18:49:72:5d:12:5c:be:1f:00:
         97:1e:c5:a5:06:0e:00:e2:25:a4:a0:a6:31:23:39:4f:46:3c:
         ce:b4:ea:5d:d6:f0:75:87:89:b3:05:1e:f4:a0:74:88:40:c5:
         9d:95:08:18:f4:96:c7:3f:a5:34:fe:41:e0:cd:54:35:79:78:
         c5:23:04:1f:87:06:80:1c:93:1a:fd:17:09:ed:61:7a:46:78:
         95:4f:21:4f
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDBsaHMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGYw
ZjQzNjdjZmIzZGQ1YWMwOTY4ZTYyYTQyN2QyOWUwMDRhYmI5Y2UwHhcNMjEwMzI0
MTQzMTIyWhcNMjYwMzI0MTQzMTIyWjAzMTEwLwYDVQQDEygyMTIyMzMxZWRjODU3
ZmE2YzA5NDE3ZTE0NzdkYjcyZmEzNDYxZjI0MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAiqWwOBwWcygCHXY2HMKdskcF2o4qxCtprixeM+FVYJVZD6Po
z8aY0DYyQTbASCFpP+MS+bTcQPdas866nBwiqEHraNm0/ex+kn+LBxYpaAHRjhWN
3oHEHV9wqxOFGalkZp++E9M4i4CBvROMkGjHo4hQtGitUlrXSS2UY4hbnJDUlr/e
EjteSJJIV56xv6b48y3D7sMIb3ZP44LWHnJ94fG9Axn5QxBFWWra6pskSaf2bShq
fBm2XSeJR3GV7+MfkPV8NNLtpgaY6batZqPGWSZM2iDTOQqgatzsn63wtaKHhoMB
kTTK6ZJyQKlxbfOEca05JAJqo2OpMc9kj8pkaQIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFAapzZOgGCOMnZcTyARl8P4OW0lcMB8GA1UdIwQYMBaAFG2p/WtSHAAUKkRP
/49Qu2SLQduiMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvZjBmNDM2
N2NmYjNkZDVhYzA5NjhlNjJhNDI3ZDI5ZTAwNGFiYjljZS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMjhmZWE5YzAtZTRjZC00ZGEyLWFmOWQtMTVhZjQ4
ODkzZTAwLzIxMjIzMzFlZGM4NTdmYTZjMDk0MTdlMTQ3N2RiNzJmYTM0NjFmMjQu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8yOGZlYTljMC1lNGNkLTRkYTItYWY5ZC0xNWFm
NDg4OTNlMDAvZjBmNDM2N2NmYjNkZDVhYzA5NjhlNjJhNDI3ZDI5ZTAwNGFiYjlj
ZS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAMgBcTANBgkqhkiG9w0BAQsFAAOCAQEAUl/FdlXexPkN3pOw
/Y54Gvi/Sbgx6b12hDfXeJDXZVT+Vr7KQuIabNDrWHumxaz5wEcIs7/Lv0LupL5g
tqJI8pkLhYjntZ7KKMamOvjxphS1CYfsxQbNUBR/BvhjSDK/bc1GYRJvepLRWR+K
H6a3/rC3ujimXbQFQezt7rhzTFN1x5QhryZ6m4rMRIwwFRzLWSBFlGwYPB+/uBLC
Ouhi6cDKZq1DlB5NsEr2GElyXRJcvh8Alx7FpQYOAOIlpKCmMSM5T0Y8zrTqXdbw
dYeJswUe9KB0iEDFnZUIGPSWxz+lNP5B4M1UNXl4xSMEH4cGgByTGv0XCe1hekZ4
lU8hTw==
-----END CERTIFICATE-----
Generated at Thu Mar 28 10:47:01 2024 by rpki-client on console-ams.rpki-client.org