Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/40c642a406bf2133bccfcafb948fd39f80c267ab.roa
File:                     40c642a406bf2133bccfcafb948fd39f80c267ab.roa (raw, json)
Hash identifier:          0wW0enFtf90zYg34ZHqTuQNZpzvWVxMOSDzJCx0BKU8=
Subject key identifier:   CB:A7:42:2C:CF:AF:34:A0:8E:AD:91:95:6A:5D:F6:F7:E2:13:CE:9B
Certificate issuer:       /CN=a883c910f879603b967c0636c6f3e9125b3651b5
Certificate serial:       195497
Authority key identifier: 47:A6:7F:38:4E:50:5D:26:62:07:3D:AB:35:56:E6:EE:46:F6:2E:71
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/a883c910f879603b967c0636c6f3e9125b3651b5.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/40c642a406bf2133bccfcafb948fd39f80c267ab.roa
Signing time:             Sun 17 Jul 2022 19:50:11 +0000
ROA not before:           Fri 09 Apr 2021 03:00:00 +0000
ROA not after:            Tue 24 Mar 2026 03:00:00 +0000
asID:                     52233
IP address blocks:        200.26.205.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/a883c910f879603b967c0636c6f3e9125b3651b5.crl
                          rsync://repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/a883c910f879603b967c0636c6f3e9125b3651b5.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/a883c910f879603b967c0636c6f3e9125b3651b5.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 15 Apr 2024 06:03:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1660055 (0x195497)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a883c910f879603b967c0636c6f3e9125b3651b5
        Validity
            Not Before: Apr  9 03:00:00 2021 GMT
            Not After : Mar 24 03:00:00 2026 GMT
        Subject: CN=40c642a406bf2133bccfcafb948fd39f80c267ab
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:ef:3a:a9:63:8d:e6:c0:90:12:bd:19:ad:f0:
                    79:03:81:9c:bd:16:b9:c2:69:97:c9:e7:69:c2:85:
                    2e:72:dc:86:cd:9a:ae:5f:7e:84:20:99:10:cc:6b:
                    8a:94:55:c5:e2:31:9a:2c:91:62:0c:fc:32:14:0a:
                    10:49:92:2c:7e:73:5b:58:47:41:f6:7f:53:70:f8:
                    af:7d:2e:2d:e7:00:1a:02:1e:05:87:c5:bc:50:28:
                    73:96:51:72:fd:47:07:6f:a8:53:f3:c5:ce:77:d0:
                    7b:cd:01:cc:e2:2e:df:11:0e:c8:44:ca:5e:5d:60:
                    00:64:2b:75:b6:2a:e8:7e:69:81:a8:fb:f6:92:73:
                    bf:c4:a4:2a:dd:c7:c5:3c:fd:7d:fa:16:76:09:ab:
                    cc:72:4e:c7:48:28:2e:ab:4e:22:69:f5:4c:b0:56:
                    ad:ca:eb:25:eb:41:16:9c:72:13:db:ba:1f:38:b2:
                    4a:a4:eb:b3:44:84:68:10:10:58:80:cc:76:97:21:
                    97:12:d2:16:41:f4:0f:b0:e5:5c:23:64:63:08:00:
                    0e:91:ec:dc:07:2c:61:0d:8a:7f:ef:c9:2c:d1:fb:
                    92:14:31:b4:07:cb:71:4c:3b:aa:6f:09:16:2d:fa:
                    c3:38:57:fc:91:3d:33:68:ea:c1:ed:a7:23:ee:82:
                    b5:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CB:A7:42:2C:CF:AF:34:A0:8E:AD:91:95:6A:5D:F6:F7:E2:13:CE:9B
            X509v3 Authority Key Identifier:
                keyid:47:A6:7F:38:4E:50:5D:26:62:07:3D:AB:35:56:E6:EE:46:F6:2E:71

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/a883c910f879603b967c0636c6f3e9125b3651b5.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/40c642a406bf2133bccfcafb948fd39f80c267ab.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/a883c910f879603b967c0636c6f3e9125b3651b5.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.26.205.0/24

    Signature Algorithm: sha256WithRSAEncryption
         79:93:15:2d:63:60:95:0c:84:93:3f:09:21:37:5c:80:45:7f:
         9b:01:e1:50:5c:d8:be:6a:e3:7c:57:d8:33:d3:f5:28:58:43:
         1e:1c:ca:d3:da:54:3b:b8:03:21:4b:57:b7:b4:86:ef:19:45:
         56:ee:42:40:b6:6f:59:0e:2e:7a:98:e0:f9:25:20:81:ba:e6:
         d4:c5:4a:0b:56:5b:99:a9:e3:4e:bd:24:83:3d:2c:79:36:9b:
         57:8c:42:6e:5a:87:97:8c:80:aa:95:55:b3:27:60:63:3b:d6:
         a9:d2:1c:4d:86:69:ff:a5:e4:05:21:f7:ab:f4:12:b6:de:dc:
         81:c5:16:a6:4e:dc:de:3e:0c:c6:2d:aa:99:f4:19:1e:ae:e4:
         4d:3a:7b:42:12:3e:af:df:f3:5d:05:f6:e2:e3:9b:1e:5e:d8:
         9b:fd:70:76:dd:37:48:8a:fc:46:27:be:5d:e0:b0:35:51:9b:
         d5:7f:af:c1:ee:3d:4a:3c:1c:19:23:f2:79:80:26:d3:a0:48:
         dc:cb:60:c5:ec:54:b2:5d:bf:37:02:15:71:c4:5a:09:e0:32:
         81:a2:a3:87:08:e3:90:43:a2:9b:e8:e1:9e:7e:fa:c6:b0:ff:
         b9:95:da:a6:0c:ac:f8:cf:eb:88:f2:40:3d:93:5d:c1:b5:33:
         c2:44:1e:f3
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDGVSXMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGE4
ODNjOTEwZjg3OTYwM2I5NjdjMDYzNmM2ZjNlOTEyNWIzNjUxYjUwHhcNMjEwNDA5
MDMwMDAwWhcNMjYwMzI0MDMwMDAwWjAzMTEwLwYDVQQDEyg0MGM2NDJhNDA2YmYy
MTMzYmNjZmNhZmI5NDhmZDM5ZjgwYzI2N2FiMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAsO86qWON5sCQEr0ZrfB5A4GcvRa5wmmXyedpwoUuctyGzZqu
X36EIJkQzGuKlFXF4jGaLJFiDPwyFAoQSZIsfnNbWEdB9n9TcPivfS4t5wAaAh4F
h8W8UChzllFy/UcHb6hT88XOd9B7zQHM4i7fEQ7IRMpeXWAAZCt1tirofmmBqPv2
knO/xKQq3cfFPP19+hZ2CavMck7HSCguq04iafVMsFatyusl60EWnHIT27ofOLJK
pOuzRIRoEBBYgMx2lyGXEtIWQfQPsOVcI2RjCAAOkezcByxhDYp/78ks0fuSFDG0
B8txTDuqbwkWLfrDOFf8kT0zaOrB7acj7oK1jQIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFMunQizPrzSgjq2RlWpd9vfiE86bMB8GA1UdIwQYMBaAFEemfzhOUF0mYgc9
qzVW5u5G9i5xMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYTg4M2M5
MTBmODc5NjAzYjk2N2MwNjM2YzZmM2U5MTI1YjM2NTFiNS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMmFiZDZiMzQtODk1My00YzcyLWEwYTItN2VjYjlk
ZThhYWJhLzQwYzY0MmE0MDZiZjIxMzNiY2NmY2FmYjk0OGZkMzlmODBjMjY3YWIu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8yYWJkNmIzNC04OTUzLTRjNzItYTBhMi03ZWNi
OWRlOGFhYmEvYTg4M2M5MTBmODc5NjAzYjk2N2MwNjM2YzZmM2U5MTI1YjM2NTFi
NS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAMgazTANBgkqhkiG9w0BAQsFAAOCAQEAeZMVLWNglQyEkz8J
ITdcgEV/mwHhUFzYvmrjfFfYM9P1KFhDHhzK09pUO7gDIUtXt7SG7xlFVu5CQLZv
WQ4uepjg+SUggbrm1MVKC1ZbmanjTr0kgz0seTabV4xCblqHl4yAqpVVsydgYzvW
qdIcTYZp/6XkBSH3q/QStt7cgcUWpk7c3j4Mxi2qmfQZHq7kTTp7QhI+r9/zXQX2
4uObHl7Ym/1wdt03SIr8Rie+XeCwNVGb1X+vwe49SjwcGSPyeYAm06BI3MtgxexU
sl2/NwIVccRaCeAygaKjhwjjkEOim+jhnn76xrD/uZXapgys+M/riPJAPZNdwbUz
wkQe8w==
-----END CERTIFICATE-----
Generated at Fri Apr 12 13:15:03 2024 by rpki-client on console-fra.rpki-client.org