Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/150407f6345de4fdc60d053284679beb37974cd5.roa
File:                     150407f6345de4fdc60d053284679beb37974cd5.roa (raw, json)
Hash identifier:          nps09EONXtBuf71Py610ebAkBmFbvJXnzGo9ny6gt+w=
Subject key identifier:   87:0F:09:EC:AB:C9:0F:DB:C6:B9:6E:10:90:AC:15:F0:0C:11:1D:40
Certificate issuer:       /CN=a883c910f879603b967c0636c6f3e9125b3651b5
Certificate serial:       0D7658
Authority key identifier: 47:A6:7F:38:4E:50:5D:26:62:07:3D:AB:35:56:E6:EE:46:F6:2E:71
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/a883c910f879603b967c0636c6f3e9125b3651b5.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/150407f6345de4fdc60d053284679beb37974cd5.roa
Signing time:             Wed 24 Mar 2021 14:38:08 +0000
ROA not before:           Wed 24 Mar 2021 14:38:07 +0000
ROA not after:            Tue 24 Mar 2026 14:38:07 +0000
asID:                     52233
IP address blocks:        200.26.208.0/20 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/a883c910f879603b967c0636c6f3e9125b3651b5.crl
                          rsync://repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/a883c910f879603b967c0636c6f3e9125b3651b5.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/a883c910f879603b967c0636c6f3e9125b3651b5.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 15 Apr 2024 06:03:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 882264 (0xd7658)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a883c910f879603b967c0636c6f3e9125b3651b5
        Validity
            Not Before: Mar 24 14:38:07 2021 GMT
            Not After : Mar 24 14:38:07 2026 GMT
        Subject: CN=150407f6345de4fdc60d053284679beb37974cd5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:66:8a:b2:2d:a3:7e:a0:e1:4c:87:88:a6:f4:
                    bc:47:97:77:6d:75:2d:28:79:fc:98:85:01:5d:7e:
                    2f:e4:29:b0:d3:7d:e8:e3:57:0c:8e:bb:45:9a:c1:
                    99:b3:b2:5a:9f:25:03:ca:47:dc:cc:7b:97:43:ee:
                    a3:fa:0a:60:6d:2e:09:60:65:7e:d6:b1:15:ee:64:
                    84:18:80:2b:f9:27:8a:57:c9:67:fe:89:17:cf:01:
                    77:0b:6c:34:0c:a5:35:b2:26:df:51:7b:b0:4a:e9:
                    af:8f:78:39:9d:03:55:2e:45:33:c8:f3:7b:49:f5:
                    18:e3:59:a3:09:2b:62:30:a0:cd:f9:53:30:85:e4:
                    8d:71:a8:7f:9a:77:47:98:90:7f:55:33:d8:c5:ca:
                    f3:f5:e9:3b:13:a0:7e:ef:17:6e:27:b5:f3:79:78:
                    5a:7f:3f:ec:c6:f0:30:f8:94:a1:57:0e:74:d4:f0:
                    a8:d5:bf:fb:39:b5:f7:5c:c7:e1:fe:a2:59:dc:b8:
                    3e:bc:ef:5c:37:91:9b:56:2e:57:be:04:93:da:6b:
                    f6:7a:87:97:09:35:9b:6c:22:05:b8:d8:8f:3c:3c:
                    23:bc:7a:31:4e:e2:d4:d5:88:a6:b4:9b:2e:2f:e8:
                    89:4d:07:c0:a7:84:5b:67:e5:ff:bb:56:32:22:4f:
                    f3:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                87:0F:09:EC:AB:C9:0F:DB:C6:B9:6E:10:90:AC:15:F0:0C:11:1D:40
            X509v3 Authority Key Identifier:
                keyid:47:A6:7F:38:4E:50:5D:26:62:07:3D:AB:35:56:E6:EE:46:F6:2E:71

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/a883c910f879603b967c0636c6f3e9125b3651b5.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/150407f6345de4fdc60d053284679beb37974cd5.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/a883c910f879603b967c0636c6f3e9125b3651b5.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.26.208.0/20

    Signature Algorithm: sha256WithRSAEncryption
         70:6f:69:f9:d8:30:c7:3c:ee:43:37:ad:5e:0b:34:d0:5f:bc:
         7b:b8:d1:23:bb:c4:42:53:9b:64:2b:0a:1b:91:a0:2a:22:6f:
         ad:80:95:45:86:11:f2:ed:2a:05:f5:b9:fb:c4:58:2d:07:15:
         80:6c:02:ed:ea:62:e9:7c:93:6a:a2:7a:39:7b:79:24:d0:88:
         b2:9d:de:a8:1b:14:26:14:31:d9:11:c4:17:dc:fd:58:8d:41:
         1d:50:a0:4f:bd:0f:1f:ca:b9:14:66:47:54:75:56:0c:82:58:
         d1:47:42:6a:7e:b7:e1:29:eb:88:e0:4f:61:a1:cd:86:f4:43:
         5c:ca:d1:8e:f1:fd:1d:9a:17:24:69:6c:56:b6:da:ae:43:49:
         8c:3a:9d:9a:6c:1a:1f:96:a4:ef:43:e6:86:b4:76:bb:2f:33:
         33:f5:df:4a:a6:54:43:17:5a:b4:71:95:c4:8d:8c:72:49:b5:
         1b:b0:22:5d:9e:b1:16:eb:45:f8:27:e4:56:45:7b:fc:e4:51:
         c7:8e:e0:77:f9:2f:1f:98:2e:fa:5f:bf:18:f2:48:9f:c9:06:
         df:92:30:72:4e:97:23:4a:fc:8c:75:7d:3f:ad:75:c5:09:21:
         30:b9:78:a2:62:22:a7:e1:30:90:c0:3b:43:e2:6b:da:9d:7b:
         b4:54:cc:35
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDDXZYMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGE4
ODNjOTEwZjg3OTYwM2I5NjdjMDYzNmM2ZjNlOTEyNWIzNjUxYjUwHhcNMjEwMzI0
MTQzODA3WhcNMjYwMzI0MTQzODA3WjAzMTEwLwYDVQQDEygxNTA0MDdmNjM0NWRl
NGZkYzYwZDA1MzI4NDY3OWJlYjM3OTc0Y2Q1MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAm2aKsi2jfqDhTIeIpvS8R5d3bXUtKHn8mIUBXX4v5Cmw033o
41cMjrtFmsGZs7JanyUDykfczHuXQ+6j+gpgbS4JYGV+1rEV7mSEGIAr+SeKV8ln
/okXzwF3C2w0DKU1sibfUXuwSumvj3g5nQNVLkUzyPN7SfUY41mjCStiMKDN+VMw
heSNcah/mndHmJB/VTPYxcrz9ek7E6B+7xduJ7XzeXhafz/sxvAw+JShVw501PCo
1b/7ObX3XMfh/qJZ3Lg+vO9cN5GbVi5XvgST2mv2eoeXCTWbbCIFuNiPPDwjvHox
TuLU1YimtJsuL+iJTQfAp4RbZ+X/u1YyIk/z8QIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFIcPCeyryQ/bxrluEJCsFfAMER1AMB8GA1UdIwQYMBaAFEemfzhOUF0mYgc9
qzVW5u5G9i5xMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYTg4M2M5
MTBmODc5NjAzYjk2N2MwNjM2YzZmM2U5MTI1YjM2NTFiNS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMmFiZDZiMzQtODk1My00YzcyLWEwYTItN2VjYjlk
ZThhYWJhLzE1MDQwN2Y2MzQ1ZGU0ZmRjNjBkMDUzMjg0Njc5YmViMzc5NzRjZDUu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8yYWJkNmIzNC04OTUzLTRjNzItYTBhMi03ZWNi
OWRlOGFhYmEvYTg4M2M5MTBmODc5NjAzYjk2N2MwNjM2YzZmM2U5MTI1YjM2NTFi
NS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEBMga0DANBgkqhkiG9w0BAQsFAAOCAQEAcG9p+dgwxzzuQzet
Xgs00F+8e7jRI7vEQlObZCsKG5GgKiJvrYCVRYYR8u0qBfW5+8RYLQcVgGwC7epi
6XyTaqJ6OXt5JNCIsp3eqBsUJhQx2RHEF9z9WI1BHVCgT70PH8q5FGZHVHVWDIJY
0UdCan634SnriOBPYaHNhvRDXMrRjvH9HZoXJGlsVrbarkNJjDqdmmwaH5ak70Pm
hrR2uy8zM/XfSqZUQxdatHGVxI2Mckm1G7AiXZ6xFutF+CfkVkV7/ORRx47gd/kv
H5gu+l+/GPJIn8kG35Iwck6XI0r8jHV9P611xQkhMLl4omIip+EwkMA7Q+Jr2p17
tFTMNQ==
-----END CERTIFICATE-----
Generated at Fri Apr 12 13:15:03 2024 by rpki-client on console-fra.rpki-client.org