Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/5bff1b13f9f2598435b08acfa22371051e2c4129.roa
File:                     5bff1b13f9f2598435b08acfa22371051e2c4129.roa (raw, json)
Hash identifier:          XFHII9eR4AhCGxJxC50VmQnaxM4Zri2tQ4sgLCkyUMk=
Subject key identifier:   5B:74:85:5E:A8:96:14:90:6A:64:13:7F:8F:5F:A6:39:27:CD:5A:F2
Certificate issuer:       /CN=a883c910f879603b967c0636c6f3e9125b3651b5
Certificate serial:       1958C7
Authority key identifier: 47:A6:7F:38:4E:50:5D:26:62:07:3D:AB:35:56:E6:EE:46:F6:2E:71
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/a883c910f879603b967c0636c6f3e9125b3651b5.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/5bff1b13f9f2598435b08acfa22371051e2c4129.roa
Signing time:             Sun 17 Jul 2022 19:51:24 +0000
ROA not before:           Fri 09 Apr 2021 03:00:00 +0000
ROA not after:            Tue 24 Mar 2026 03:00:00 +0000
asID:                     52233
IP address blocks:        200.26.202.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/a883c910f879603b967c0636c6f3e9125b3651b5.crl
                          rsync://repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/a883c910f879603b967c0636c6f3e9125b3651b5.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/a883c910f879603b967c0636c6f3e9125b3651b5.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 14 Apr 2024 19:18:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1661127 (0x1958c7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a883c910f879603b967c0636c6f3e9125b3651b5
        Validity
            Not Before: Apr  9 03:00:00 2021 GMT
            Not After : Mar 24 03:00:00 2026 GMT
        Subject: CN=5bff1b13f9f2598435b08acfa22371051e2c4129
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:f5:3d:e7:87:36:68:0d:33:86:11:49:28:e7:
                    1b:e9:9f:d1:96:e2:a5:81:89:1d:c3:50:4d:2c:a4:
                    35:4a:fe:e7:9e:6e:2e:23:0f:1e:cc:42:34:c9:f1:
                    f6:dd:3c:cb:ee:0b:de:da:0e:ab:47:b9:66:4c:71:
                    7d:09:19:fa:f1:8c:49:3b:58:3d:52:9d:8e:7d:19:
                    24:78:5f:9a:b9:fa:84:72:31:f7:2b:8f:5b:80:52:
                    bd:22:90:4d:03:9e:11:1c:7c:55:6f:0e:0e:2c:2e:
                    4a:9a:51:87:e3:04:50:63:e3:14:41:5b:82:7d:62:
                    3b:32:87:34:42:22:c4:0f:56:c2:11:44:94:ff:78:
                    81:30:f9:2d:51:0a:a5:15:5e:44:d7:61:39:57:44:
                    5c:77:38:dd:b3:b0:ee:95:91:71:e6:6b:9e:74:4a:
                    df:b7:27:52:e0:1b:ed:2c:d4:b1:1c:a9:4b:bb:ef:
                    25:0e:6b:2d:54:83:42:51:63:55:d5:36:fb:67:af:
                    f1:d5:9e:30:a7:e6:94:a9:87:b0:cf:47:78:c6:6d:
                    b0:c1:8c:9b:90:d2:16:df:e7:c8:2b:4d:1d:36:cd:
                    65:fd:6e:40:8b:2f:5e:5b:42:72:a2:94:fb:38:bf:
                    be:94:92:95:2c:38:c8:7c:07:87:61:97:a5:43:16:
                    a1:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5B:74:85:5E:A8:96:14:90:6A:64:13:7F:8F:5F:A6:39:27:CD:5A:F2
            X509v3 Authority Key Identifier:
                keyid:47:A6:7F:38:4E:50:5D:26:62:07:3D:AB:35:56:E6:EE:46:F6:2E:71

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/a883c910f879603b967c0636c6f3e9125b3651b5.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/5bff1b13f9f2598435b08acfa22371051e2c4129.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/a883c910f879603b967c0636c6f3e9125b3651b5.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.26.202.0/24

    Signature Algorithm: sha256WithRSAEncryption
         73:a0:d3:93:e3:30:77:3f:fa:60:a4:7a:1c:a5:10:36:66:98:
         85:21:e4:fd:8c:90:80:2a:95:68:2d:20:b9:b8:04:33:c2:5a:
         17:84:59:f0:85:c6:15:87:0c:60:42:39:b2:3e:51:7d:b8:d4:
         59:64:a7:70:61:8b:32:02:96:31:57:9c:de:ff:95:10:08:b5:
         a2:4d:e4:cb:33:65:a5:8c:e9:1a:5f:e8:37:18:02:5b:9f:7e:
         09:42:95:30:4c:99:7d:e1:ff:7c:38:84:ad:2c:af:e6:ac:cf:
         dc:a6:87:9c:b0:81:cf:fa:b9:7f:77:29:09:72:2e:18:f9:9d:
         4e:ec:f5:7f:3e:79:e0:4a:87:d7:97:3c:64:c5:46:cb:9f:4a:
         48:5a:c8:0f:3f:04:77:af:08:cf:a4:6d:25:a5:72:16:67:0e:
         d5:42:57:ae:66:ca:03:93:49:ca:cc:b8:5e:5f:ea:55:2a:94:
         da:40:10:2c:57:d5:0c:a4:37:e8:a1:16:c6:b8:8b:a0:9e:bf:
         cd:9f:8b:e2:0c:ca:dc:dc:9c:1e:21:73:9c:cc:a6:ef:95:be:
         d7:f4:38:df:56:6f:da:8c:3f:b3:c3:96:25:db:c5:2c:7d:26:
         66:21:58:85:03:f6:42:db:54:76:49:f2:7d:0e:62:78:9a:99:
         c0:40:45:4a
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDGVjHMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGE4
ODNjOTEwZjg3OTYwM2I5NjdjMDYzNmM2ZjNlOTEyNWIzNjUxYjUwHhcNMjEwNDA5
MDMwMDAwWhcNMjYwMzI0MDMwMDAwWjAzMTEwLwYDVQQDEyg1YmZmMWIxM2Y5ZjI1
OTg0MzViMDhhY2ZhMjIzNzEwNTFlMmM0MTI5MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAy/U954c2aA0zhhFJKOcb6Z/RluKlgYkdw1BNLKQ1Sv7nnm4u
Iw8ezEI0yfH23TzL7gve2g6rR7lmTHF9CRn68YxJO1g9Up2OfRkkeF+aufqEcjH3
K49bgFK9IpBNA54RHHxVbw4OLC5KmlGH4wRQY+MUQVuCfWI7Moc0QiLED1bCEUSU
/3iBMPktUQqlFV5E12E5V0Rcdzjds7DulZFx5muedErftydS4BvtLNSxHKlLu+8l
DmstVINCUWNV1Tb7Z6/x1Z4wp+aUqYewz0d4xm2wwYybkNIW3+fIK00dNs1l/W5A
iy9eW0JyopT7OL++lJKVLDjIfAeHYZelQxahNQIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFFt0hV6olhSQamQTf49fpjknzVryMB8GA1UdIwQYMBaAFEemfzhOUF0mYgc9
qzVW5u5G9i5xMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYTg4M2M5
MTBmODc5NjAzYjk2N2MwNjM2YzZmM2U5MTI1YjM2NTFiNS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMmFiZDZiMzQtODk1My00YzcyLWEwYTItN2VjYjlk
ZThhYWJhLzViZmYxYjEzZjlmMjU5ODQzNWIwOGFjZmEyMjM3MTA1MWUyYzQxMjku
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8yYWJkNmIzNC04OTUzLTRjNzItYTBhMi03ZWNi
OWRlOGFhYmEvYTg4M2M5MTBmODc5NjAzYjk2N2MwNjM2YzZmM2U5MTI1YjM2NTFi
NS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAMgayjANBgkqhkiG9w0BAQsFAAOCAQEAc6DTk+Mwdz/6YKR6
HKUQNmaYhSHk/YyQgCqVaC0gubgEM8JaF4RZ8IXGFYcMYEI5sj5RfbjUWWSncGGL
MgKWMVec3v+VEAi1ok3kyzNlpYzpGl/oNxgCW59+CUKVMEyZfeH/fDiErSyv5qzP
3KaHnLCBz/q5f3cpCXIuGPmdTuz1fz554EqH15c8ZMVGy59KSFrIDz8Ed68Iz6Rt
JaVyFmcO1UJXrmbKA5NJysy4Xl/qVSqU2kAQLFfVDKQ36KEWxriLoJ6/zZ+L4gzK
3NycHiFznMym75W+1/Q431Zv2ow/s8OWJdvFLH0mZiFYhQP2QttUdknyfQ5ieJqZ
wEBFSg==
-----END CERTIFICATE-----
Generated at Fri Apr 12 03:03:44 2024 by rpki-client on console-ams.rpki-client.org