Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/866c97d34a504cca56d614450fb33447ed2b959a.roa
File:                     866c97d34a504cca56d614450fb33447ed2b959a.roa (raw, json)
Hash identifier:          XzBZdFkO3O+XE7HnZ21mbqjqvP+g/U2u5VyFlzVUwi0=
Subject key identifier:   40:E9:DD:AB:B8:7F:68:0E:17:F1:80:FB:E2:89:61:7B:DC:78:10:B5
Certificate issuer:       /CN=a883c910f879603b967c0636c6f3e9125b3651b5
Certificate serial:       1808E4
Authority key identifier: 47:A6:7F:38:4E:50:5D:26:62:07:3D:AB:35:56:E6:EE:46:F6:2E:71
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/a883c910f879603b967c0636c6f3e9125b3651b5.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/866c97d34a504cca56d614450fb33447ed2b959a.roa
Signing time:             Fri 27 May 2022 00:31:11 +0000
ROA not before:           Thu 26 May 2022 03:00:00 +0000
ROA not after:            Tue 24 Mar 2026 03:00:00 +0000
asID:                     52233
IP address blocks:        200.26.206.0/23 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/a883c910f879603b967c0636c6f3e9125b3651b5.crl
                          rsync://repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/a883c910f879603b967c0636c6f3e9125b3651b5.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/a883c910f879603b967c0636c6f3e9125b3651b5.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 15 Apr 2024 06:03:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1575140 (0x1808e4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a883c910f879603b967c0636c6f3e9125b3651b5
        Validity
            Not Before: May 26 03:00:00 2022 GMT
            Not After : Mar 24 03:00:00 2026 GMT
        Subject: CN=866c97d34a504cca56d614450fb33447ed2b959a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:1c:42:73:91:c8:3b:e3:da:93:43:86:d6:b1:
                    fa:d7:76:ea:5d:21:83:25:66:da:4d:2b:23:5a:91:
                    0b:67:70:bb:d1:27:8b:1b:0e:2c:8e:79:40:f0:80:
                    4e:c6:37:dd:9f:92:d8:ed:32:82:1f:21:4b:69:62:
                    3d:b1:92:f7:13:f6:5f:a1:5f:56:34:55:02:e8:0b:
                    3d:18:4b:84:70:5e:7a:11:2d:93:f3:9b:d8:a4:d4:
                    63:33:5f:cd:7f:f6:8c:86:20:6f:f7:56:a6:1e:b7:
                    c5:f5:eb:a1:74:3d:fa:ee:57:d2:76:82:f5:75:b7:
                    01:82:6c:0b:03:00:a3:38:86:ba:60:b5:10:ae:5b:
                    80:d7:3f:20:e5:8d:ea:f2:53:5f:9f:67:a5:da:98:
                    eb:cd:74:c6:00:61:9f:51:9c:be:f4:b9:9e:30:de:
                    c9:5d:e0:85:7f:91:8a:a7:7e:ba:a8:e3:3f:8a:ae:
                    e1:da:e4:a6:95:d1:b8:4d:4c:47:b0:a1:6d:dc:67:
                    7d:51:7b:68:40:9f:d8:00:84:b3:e3:4a:74:0e:f8:
                    7c:31:d8:f1:87:f3:9d:b7:29:ce:7c:7b:bc:9d:a1:
                    9b:28:18:8a:37:f5:c0:b8:72:39:c3:23:98:2b:70:
                    98:99:85:0c:f3:ff:6d:e2:ef:a5:67:4f:02:a6:2c:
                    db:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                40:E9:DD:AB:B8:7F:68:0E:17:F1:80:FB:E2:89:61:7B:DC:78:10:B5
            X509v3 Authority Key Identifier:
                keyid:47:A6:7F:38:4E:50:5D:26:62:07:3D:AB:35:56:E6:EE:46:F6:2E:71

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/a883c910f879603b967c0636c6f3e9125b3651b5.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/866c97d34a504cca56d614450fb33447ed2b959a.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/a883c910f879603b967c0636c6f3e9125b3651b5.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.26.206.0/23

    Signature Algorithm: sha256WithRSAEncryption
         01:33:4d:32:7e:5c:66:c5:96:66:ef:b2:89:f9:b1:fb:48:52:
         c5:9c:22:c6:61:fc:53:69:fa:76:92:8a:3d:b6:df:34:0a:63:
         59:3c:75:27:4f:7d:78:38:9a:56:4b:bd:67:e8:54:95:dd:24:
         36:25:c6:42:3a:e4:4b:ff:59:05:71:f6:ae:40:6b:a0:1b:de:
         84:3b:06:ad:f3:8e:5d:4b:18:ef:63:d4:43:b8:15:40:c7:fd:
         42:16:d4:60:db:db:9f:b6:fa:7f:8d:ef:49:ed:36:b8:dd:e2:
         14:8a:8b:de:69:bc:d5:0a:da:c2:9e:31:2a:d1:47:69:18:96:
         a0:e5:63:a5:9b:ea:ec:75:41:61:42:23:71:8d:21:17:8f:ce:
         bf:a6:b5:d4:2d:b6:f4:d3:b3:2a:ed:fa:c9:62:7b:62:82:57:
         0b:09:c6:dc:2e:d4:85:5c:c6:f5:4d:1b:62:e1:04:be:51:76:
         fd:c0:44:00:c4:80:24:cd:5b:56:e6:ed:87:25:f7:53:17:60:
         12:97:a0:35:a0:b2:a6:e2:f3:9d:4f:19:57:91:26:24:a7:34:
         af:2c:63:89:44:9a:24:59:d6:22:59:cf:a7:51:7d:16:36:1e:
         9f:17:63:02:9f:36:b5:4a:45:5e:0a:29:16:25:5c:04:f1:f8:
         8f:97:dc:22
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDGAjkMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGE4
ODNjOTEwZjg3OTYwM2I5NjdjMDYzNmM2ZjNlOTEyNWIzNjUxYjUwHhcNMjIwNTI2
MDMwMDAwWhcNMjYwMzI0MDMwMDAwWjAzMTEwLwYDVQQDEyg4NjZjOTdkMzRhNTA0
Y2NhNTZkNjE0NDUwZmIzMzQ0N2VkMmI5NTlhMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAiBxCc5HIO+Pak0OG1rH613bqXSGDJWbaTSsjWpELZ3C70SeL
Gw4sjnlA8IBOxjfdn5LY7TKCHyFLaWI9sZL3E/ZfoV9WNFUC6As9GEuEcF56ES2T
85vYpNRjM1/Nf/aMhiBv91amHrfF9euhdD367lfSdoL1dbcBgmwLAwCjOIa6YLUQ
rluA1z8g5Y3q8lNfn2el2pjrzXTGAGGfUZy+9LmeMN7JXeCFf5GKp366qOM/iq7h
2uSmldG4TUxHsKFt3Gd9UXtoQJ/YAISz40p0Dvh8Mdjxh/OdtynOfHu8naGbKBiK
N/XAuHI5wyOYK3CYmYUM8/9t4u+lZ08CpizbKwIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFEDp3au4f2gOF/GA++KJYXvceBC1MB8GA1UdIwQYMBaAFEemfzhOUF0mYgc9
qzVW5u5G9i5xMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYTg4M2M5
MTBmODc5NjAzYjk2N2MwNjM2YzZmM2U5MTI1YjM2NTFiNS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMmFiZDZiMzQtODk1My00YzcyLWEwYTItN2VjYjlk
ZThhYWJhLzg2NmM5N2QzNGE1MDRjY2E1NmQ2MTQ0NTBmYjMzNDQ3ZWQyYjk1OWEu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8yYWJkNmIzNC04OTUzLTRjNzItYTBhMi03ZWNi
OWRlOGFhYmEvYTg4M2M5MTBmODc5NjAzYjk2N2MwNjM2YzZmM2U5MTI1YjM2NTFi
NS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAcgazjANBgkqhkiG9w0BAQsFAAOCAQEAATNNMn5cZsWWZu+y
ifmx+0hSxZwixmH8U2n6dpKKPbbfNApjWTx1J099eDiaVku9Z+hUld0kNiXGQjrk
S/9ZBXH2rkBroBvehDsGrfOOXUsY72PUQ7gVQMf9QhbUYNvbn7b6f43vSe02uN3i
FIqL3mm81Qrawp4xKtFHaRiWoOVjpZvq7HVBYUIjcY0hF4/Ov6a11C229NOzKu36
yWJ7YoJXCwnG3C7UhVzG9U0bYuEEvlF2/cBEAMSAJM1bVubthyX3UxdgEpegNaCy
puLznU8ZV5EmJKc0ryxjiUSaJFnWIlnPp1F9FjYenxdjAp82tUpFXgopFiVcBPH4
j5fcIg==
-----END CERTIFICATE-----
Generated at Fri Apr 12 13:15:03 2024 by rpki-client on console-fra.rpki-client.org