Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/d78c540cd676d766a831506281a2808c1090def0.roa
File:                     d78c540cd676d766a831506281a2808c1090def0.roa (raw, json)
Hash identifier:          gKhi4vI+XzXVUqOadxAN8PauDb1LYrl9r2eJ4lQ+3ig=
Subject key identifier:   A0:FD:58:14:8F:97:11:73:D3:EE:E0:44:65:BF:D0:0F:BC:FC:70:BA
Certificate issuer:       /CN=a883c910f879603b967c0636c6f3e9125b3651b5
Certificate serial:       198C88
Authority key identifier: 47:A6:7F:38:4E:50:5D:26:62:07:3D:AB:35:56:E6:EE:46:F6:2E:71
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/a883c910f879603b967c0636c6f3e9125b3651b5.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/d78c540cd676d766a831506281a2808c1090def0.roa
Signing time:             Mon 18 Jul 2022 20:49:40 +0000
ROA not before:           Mon 18 Jul 2022 20:49:32 +0000
ROA not after:            Sun 18 Jul 2027 20:49:32 +0000
asID:                     11081
IP address blocks:        200.26.208.0/21 maxlen: 21

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/a883c910f879603b967c0636c6f3e9125b3651b5.crl
                          rsync://repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/a883c910f879603b967c0636c6f3e9125b3651b5.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/a883c910f879603b967c0636c6f3e9125b3651b5.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 14 Apr 2024 19:18:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1674376 (0x198c88)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a883c910f879603b967c0636c6f3e9125b3651b5
        Validity
            Not Before: Jul 18 20:49:32 2022 GMT
            Not After : Jul 18 20:49:32 2027 GMT
        Subject: CN=d78c540cd676d766a831506281a2808c1090def0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:a1:ed:0e:4d:12:13:d1:1a:b6:ab:2e:23:12:
                    51:3d:98:4a:40:61:7b:29:1b:9d:cc:81:d4:7c:b6:
                    9f:72:1a:14:99:2f:19:02:0c:2d:62:30:ee:54:aa:
                    ba:34:e9:20:da:c3:1f:ed:44:a0:0a:a6:17:00:e1:
                    e3:ac:77:3c:51:70:7a:b0:e5:1c:54:ab:f8:2c:3b:
                    c9:af:cd:97:85:88:2d:c7:b1:a3:1e:eb:c6:68:07:
                    d2:04:8d:6e:d2:f1:bc:75:39:43:42:4a:29:d6:46:
                    d5:03:ae:b5:82:41:87:1d:de:ae:dd:a5:12:b9:d5:
                    5f:f9:e1:1b:7b:53:a0:9c:b3:0a:f4:bf:5f:83:4c:
                    7b:10:f2:cf:80:6d:46:68:04:d3:d5:31:3b:d9:41:
                    e3:2b:ca:36:42:cf:1c:b5:8b:40:f0:0c:3e:e1:a1:
                    99:33:37:9f:70:4c:bb:d3:17:80:9c:db:c8:1f:58:
                    77:1b:7f:10:4b:75:c8:2b:78:69:ce:e4:c7:6f:95:
                    e0:fe:57:32:ea:b4:90:c3:a9:bf:51:61:fe:7b:41:
                    60:33:ee:13:a1:25:f8:b5:3c:04:76:f0:f5:92:79:
                    5a:13:35:5c:e2:b3:88:2b:73:71:a9:70:84:b4:60:
                    66:15:02:5c:c6:83:74:d5:04:b4:d3:a7:00:be:d9:
                    57:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A0:FD:58:14:8F:97:11:73:D3:EE:E0:44:65:BF:D0:0F:BC:FC:70:BA
            X509v3 Authority Key Identifier:
                keyid:47:A6:7F:38:4E:50:5D:26:62:07:3D:AB:35:56:E6:EE:46:F6:2E:71

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/a883c910f879603b967c0636c6f3e9125b3651b5.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/d78c540cd676d766a831506281a2808c1090def0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/2abd6b34-8953-4c72-a0a2-7ecb9de8aaba/a883c910f879603b967c0636c6f3e9125b3651b5.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.26.208.0/21

    Signature Algorithm: sha256WithRSAEncryption
         1f:e1:20:92:20:30:eb:3a:8d:bb:62:b1:34:cd:d7:b3:df:b7:
         8a:77:2e:de:50:96:6e:b9:ad:22:4a:2f:a8:f0:f8:de:38:e8:
         6c:81:c1:1a:3e:69:a7:ff:87:bb:7c:78:1c:dc:15:8e:bc:d5:
         70:29:78:47:78:36:d5:52:e0:c8:91:7f:56:fd:be:db:61:91:
         ea:0c:31:9c:53:5a:97:e5:cf:78:58:bc:74:2d:d0:90:e5:00:
         40:51:dd:95:06:e2:e3:04:d8:f8:b0:06:2c:79:dd:3a:89:8f:
         36:44:0d:a6:07:9b:20:e3:c7:d2:0c:e7:c5:45:3f:ad:71:65:
         4a:88:5f:6e:aa:a3:09:19:bc:ad:f4:b7:68:1d:15:6b:34:ae:
         0d:49:53:4d:39:32:72:9c:21:df:04:43:1d:63:68:a9:6a:66:
         d1:73:9c:60:85:ad:16:5b:0a:f5:36:8d:2d:d0:df:fb:da:60:
         1f:17:36:06:59:8d:f0:5d:ee:e4:6e:c9:7b:76:a7:d1:e3:b4:
         02:02:c4:e9:82:1a:03:e8:c9:d2:b4:5e:bc:df:92:43:fc:d1:
         f0:84:58:07:c6:af:68:bb:4b:4f:b4:43:fd:4f:23:72:9d:d3:
         ba:cd:36:d5:20:4c:f3:37:b5:35:cd:0a:9f:fb:14:f5:c7:92:
         c5:4d:a8:2d
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDGYyIMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGE4
ODNjOTEwZjg3OTYwM2I5NjdjMDYzNmM2ZjNlOTEyNWIzNjUxYjUwHhcNMjIwNzE4
MjA0OTMyWhcNMjcwNzE4MjA0OTMyWjAzMTEwLwYDVQQDEyhkNzhjNTQwY2Q2NzZk
NzY2YTgzMTUwNjI4MWEyODA4YzEwOTBkZWYwMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAyqHtDk0SE9EatqsuIxJRPZhKQGF7KRudzIHUfLafchoUmS8Z
AgwtYjDuVKq6NOkg2sMf7USgCqYXAOHjrHc8UXB6sOUcVKv4LDvJr82XhYgtx7Gj
HuvGaAfSBI1u0vG8dTlDQkop1kbVA661gkGHHd6u3aUSudVf+eEbe1OgnLMK9L9f
g0x7EPLPgG1GaATT1TE72UHjK8o2Qs8ctYtA8Aw+4aGZMzefcEy70xeAnNvIH1h3
G38QS3XIK3hpzuTHb5Xg/lcy6rSQw6m/UWH+e0FgM+4ToSX4tTwEdvD1knlaEzVc
4rOIK3NxqXCEtGBmFQJcxoN01QS006cAvtlXaQIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFKD9WBSPlxFz0+7gRGW/0A+8/HC6MB8GA1UdIwQYMBaAFEemfzhOUF0mYgc9
qzVW5u5G9i5xMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYTg4M2M5
MTBmODc5NjAzYjk2N2MwNjM2YzZmM2U5MTI1YjM2NTFiNS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMmFiZDZiMzQtODk1My00YzcyLWEwYTItN2VjYjlk
ZThhYWJhL2Q3OGM1NDBjZDY3NmQ3NjZhODMxNTA2MjgxYTI4MDhjMTA5MGRlZjAu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8yYWJkNmIzNC04OTUzLTRjNzItYTBhMi03ZWNi
OWRlOGFhYmEvYTg4M2M5MTBmODc5NjAzYjk2N2MwNjM2YzZmM2U5MTI1YjM2NTFi
NS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEA8ga0DANBgkqhkiG9w0BAQsFAAOCAQEAH+EgkiAw6zqNu2Kx
NM3Xs9+3incu3lCWbrmtIkovqPD43jjobIHBGj5pp/+Hu3x4HNwVjrzVcCl4R3g2
1VLgyJF/Vv2+22GR6gwxnFNal+XPeFi8dC3QkOUAQFHdlQbi4wTY+LAGLHndOomP
NkQNpgebIOPH0gznxUU/rXFlSohfbqqjCRm8rfS3aB0VazSuDUlTTTkycpwh3wRD
HWNoqWpm0XOcYIWtFlsK9TaNLdDf+9pgHxc2BlmN8F3u5G7Je3an0eO0AgLE6YIa
A+jJ0rRevN+SQ/zR8IRYB8avaLtLT7RD/U8jcp3Tus021SBM8ze1Nc0Kn/sU9ceS
xU2oLQ==
-----END CERTIFICATE-----
Generated at Fri Apr 12 03:03:44 2024 by rpki-client on console-ams.rpki-client.org