Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/2be0a3e2-214e-4a58-8273-9bc3c1fcc022/0961edf1f9e20fcedf0fe3a244abb307f08b95a7.roa
File:                     0961edf1f9e20fcedf0fe3a244abb307f08b95a7.roa (raw, json)
Hash identifier:          w6wOhURf1DoxTzyUOSRdzXdoKszMb23JxY4EEiPw5DM=
Subject key identifier:   08:A3:CA:DF:F2:3F:BE:C8:17:63:17:90:E8:4D:6A:20:62:63:10:31
Certificate issuer:       /CN=3f7aac1ebb4a94b7e0894611ee24072627e16f9e
Certificate serial:       0D3C46
Authority key identifier: 55:12:0B:90:13:D3:A8:DC:DD:47:B6:84:9A:E3:8D:91:F2:6B:12:D7
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/3f7aac1ebb4a94b7e0894611ee24072627e16f9e.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/2be0a3e2-214e-4a58-8273-9bc3c1fcc022/0961edf1f9e20fcedf0fe3a244abb307f08b95a7.roa
Signing time:             Wed 24 Mar 2021 14:34:03 +0000
ROA not before:           Wed 24 Mar 2021 14:34:03 +0000
ROA not after:            Tue 24 Mar 2026 14:34:03 +0000
asID:                     52306
IP address blocks:        200.16.112.0/24 maxlen: 24
                          2001:1398:275::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/2be0a3e2-214e-4a58-8273-9bc3c1fcc022/3f7aac1ebb4a94b7e0894611ee24072627e16f9e.crl
                          rsync://repository.lacnic.net/rpki/lacnic/2be0a3e2-214e-4a58-8273-9bc3c1fcc022/3f7aac1ebb4a94b7e0894611ee24072627e16f9e.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/3f7aac1ebb4a94b7e0894611ee24072627e16f9e.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 30 Mar 2024 16:20:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 867398 (0xd3c46)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3f7aac1ebb4a94b7e0894611ee24072627e16f9e
        Validity
            Not Before: Mar 24 14:34:03 2021 GMT
            Not After : Mar 24 14:34:03 2026 GMT
        Subject: CN=0961edf1f9e20fcedf0fe3a244abb307f08b95a7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:a1:12:8a:64:06:f0:0c:53:a9:8d:d4:aa:8f:
                    9f:e8:d1:e2:34:75:f1:17:53:c7:77:65:49:0a:c9:
                    0b:ac:7f:f8:98:40:6d:30:49:dd:f2:87:a3:e2:91:
                    59:76:7c:7e:09:c6:fa:d9:9c:b1:ea:de:a0:be:ec:
                    2d:06:a9:bb:07:db:7e:c0:bb:e6:b4:dc:3a:58:43:
                    1b:74:98:4f:30:36:1e:f5:2f:fe:43:d5:8a:bd:19:
                    52:a3:91:d9:1a:90:1f:22:ac:16:34:47:88:f3:e0:
                    3f:7d:70:a5:75:55:31:45:88:05:10:19:a1:61:b0:
                    a9:b4:8e:da:11:a7:a1:59:70:2b:a7:e5:22:e3:78:
                    d2:ca:9d:9d:24:93:03:e3:50:0b:bf:48:e4:c0:f1:
                    f0:4f:e5:5b:e9:40:f1:4a:e1:42:16:82:f3:7f:23:
                    ac:40:48:63:0f:8e:c3:80:45:ee:61:bc:e3:a3:bf:
                    b9:a2:82:9b:6b:b4:85:64:1e:93:24:b6:c0:fd:9e:
                    d1:bc:1a:36:41:bd:37:48:15:87:a1:db:6b:21:32:
                    be:ed:00:55:d4:99:41:e6:1f:33:52:9c:69:6b:98:
                    59:0c:8c:eb:5d:89:e6:e2:78:e2:0b:1a:f6:b5:b0:
                    a9:0c:63:55:f4:4b:ec:b7:b0:f0:5b:35:2f:f7:72:
                    cc:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                08:A3:CA:DF:F2:3F:BE:C8:17:63:17:90:E8:4D:6A:20:62:63:10:31
            X509v3 Authority Key Identifier:
                keyid:55:12:0B:90:13:D3:A8:DC:DD:47:B6:84:9A:E3:8D:91:F2:6B:12:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/3f7aac1ebb4a94b7e0894611ee24072627e16f9e.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/2be0a3e2-214e-4a58-8273-9bc3c1fcc022/0961edf1f9e20fcedf0fe3a244abb307f08b95a7.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/2be0a3e2-214e-4a58-8273-9bc3c1fcc022/3f7aac1ebb4a94b7e0894611ee24072627e16f9e.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.16.112.0/24
                IPv6:
                  2001:1398:275::/48

    Signature Algorithm: sha256WithRSAEncryption
         4d:8d:ab:2f:36:da:98:cc:a6:3c:c8:46:28:c4:a9:5e:2c:4b:
         3a:05:70:37:a0:58:21:30:55:3e:41:84:e3:a6:92:43:4d:a8:
         e6:aa:0f:64:59:ad:a9:1f:b3:c9:98:c9:c0:22:dc:a6:92:2e:
         f5:88:09:93:8e:2d:cc:3c:80:96:f7:9d:ed:87:ed:0a:bd:84:
         c4:a0:81:92:aa:32:09:cb:0a:06:21:58:38:38:82:9a:24:40:
         d4:7d:aa:f5:fd:98:de:28:47:a9:a3:2c:aa:3a:f1:7c:43:eb:
         22:14:84:26:5e:7e:4f:73:4a:1d:3b:c4:b8:11:3c:33:f3:ee:
         03:e3:1f:1d:a3:fe:5b:21:11:9e:62:99:8a:ba:dd:49:85:1a:
         de:e9:ea:77:8a:44:db:c7:8c:96:a6:c3:be:91:0a:12:b7:86:
         47:ad:1d:49:65:9d:61:44:d4:ce:5f:8f:24:08:bb:f6:b5:19:
         8a:e0:9e:c8:26:c4:e4:d1:d9:50:ce:c3:37:06:39:8b:47:d0:
         22:60:a6:0b:0e:80:0d:63:f7:20:fa:19:d7:8b:4a:b5:63:7b:
         58:89:0e:62:91:2d:2b:f0:5d:ae:ce:21:4f:16:6b:cb:de:62:
         f3:a1:d7:d3:1a:30:9b:86:7f:b4:95:20:2d:93:92:57:6e:ed:
         11:26:a1:2e
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgIDDTxGMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDNm
N2FhYzFlYmI0YTk0YjdlMDg5NDYxMWVlMjQwNzI2MjdlMTZmOWUwHhcNMjEwMzI0
MTQzNDAzWhcNMjYwMzI0MTQzNDAzWjAzMTEwLwYDVQQDEygwOTYxZWRmMWY5ZTIw
ZmNlZGYwZmUzYTI0NGFiYjMwN2YwOGI5NWE3MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEApKESimQG8AxTqY3Uqo+f6NHiNHXxF1PHd2VJCskLrH/4mEBt
MEnd8oej4pFZdnx+Ccb62Zyx6t6gvuwtBqm7B9t+wLvmtNw6WEMbdJhPMDYe9S/+
Q9WKvRlSo5HZGpAfIqwWNEeI8+A/fXCldVUxRYgFEBmhYbCptI7aEaehWXArp+Ui
43jSyp2dJJMD41ALv0jkwPHwT+Vb6UDxSuFCFoLzfyOsQEhjD47DgEXuYbzjo7+5
ooKba7SFZB6TJLbA/Z7RvBo2Qb03SBWHodtrITK+7QBV1JlB5h8zUpxpa5hZDIzr
XYnm4njiCxr2tbCpDGNV9Evst7DwWzUv93LM/wIDAQABo4ICbDCCAmgwHQYDVR0O
BBYEFAijyt/yP77IF2MXkOhNaiBiYxAxMB8GA1UdIwQYMBaAFFUSC5AT06jc3Ue2
hJrjjZHyaxLXMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvM2Y3YWFj
MWViYjRhOTRiN2UwODk0NjExZWUyNDA3MjYyN2UxNmY5ZS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMmJlMGEzZTItMjE0ZS00YTU4LTgyNzMtOWJjM2Mx
ZmNjMDIyLzA5NjFlZGYxZjllMjBmY2VkZjBmZTNhMjQ0YWJiMzA3ZjA4Yjk1YTcu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8yYmUwYTNlMi0yMTRlLTRhNTgtODI3My05YmMz
YzFmY2MwMjIvM2Y3YWFjMWViYjRhOTRiN2UwODk0NjExZWUyNDA3MjYyN2UxNmY5
ZS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAwBggrBgEFBQcBBwEB/wQh
MB8wDAQCAAEwBgMEAMgQcDAPBAIAAjAJAwcAIAETmAJ1MA0GCSqGSIb3DQEBCwUA
A4IBAQBNjasvNtqYzKY8yEYoxKleLEs6BXA3oFghMFU+QYTjppJDTajmqg9kWa2p
H7PJmMnAItymki71iAmTji3MPICW953th+0KvYTEoIGSqjIJywoGIVg4OIKaJEDU
far1/ZjeKEepoyyqOvF8Q+siFIQmXn5Pc0odO8S4ETwz8+4D4x8do/5bIRGeYpmK
ut1JhRre6ep3ikTbx4yWpsO+kQoSt4ZHrR1JZZ1hRNTOX48kCLv2tRmK4J7IJsTk
0dlQzsM3BjmLR9AiYKYLDoANY/cg+hnXi0q1Y3tYiQ5ikS0r8F2uziFPFmvL3mLz
odfTGjCbhn+0lSAtk5JXbu0RJqEu
-----END CERTIFICATE-----
Generated at Thu Mar 28 00:59:15 2024 by rpki-client on console-fra.rpki-client.org