Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/3141cedd-f816-435d-bc09-161f3961401c/11ab9ecf71ab0945370e00622a8e0a67a1878fdf.roa
File:                     11ab9ecf71ab0945370e00622a8e0a67a1878fdf.roa (raw, json)
Hash identifier:          Gm7ElYWpDTQLC0z1EfDoC8pitEjCnHWWX/53vvnUfwg=
Subject key identifier:   AF:EB:9B:95:38:F8:22:DF:BD:4C:E0:36:BC:DA:BD:A2:00:4C:36:28
Certificate issuer:       /CN=3d2bb3c8581116125c6e09f758e3d59db1bcc4e4
Certificate serial:       22D457
Authority key identifier: 54:F7:3B:80:35:06:A2:C8:9A:B6:74:58:BA:A3:18:35:37:CE:1F:7E
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/3d2bb3c8581116125c6e09f758e3d59db1bcc4e4.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/3141cedd-f816-435d-bc09-161f3961401c/11ab9ecf71ab0945370e00622a8e0a67a1878fdf.roa
Signing time:             Mon 11 Sep 2023 15:43:19 +0000
ROA not before:           Sun 10 Sep 2023 15:43:19 +0000
ROA not after:            Thu 11 Sep 2025 15:43:19 +0000
asID:                     273027
IP address blocks:        200.24.16.0/20 maxlen: 20

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/3141cedd-f816-435d-bc09-161f3961401c/3d2bb3c8581116125c6e09f758e3d59db1bcc4e4.crl
                          rsync://repository.lacnic.net/rpki/lacnic/3141cedd-f816-435d-bc09-161f3961401c/3d2bb3c8581116125c6e09f758e3d59db1bcc4e4.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/3d2bb3c8581116125c6e09f758e3d59db1bcc4e4.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 03 Mar 2024 00:36:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2282583 (0x22d457)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3d2bb3c8581116125c6e09f758e3d59db1bcc4e4
        Validity
            Not Before: Sep 10 15:43:19 2023 GMT
            Not After : Sep 11 15:43:19 2025 GMT
        Subject: CN=11ab9ecf71ab0945370e00622a8e0a67a1878fdf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:89:40:9f:02:3f:48:80:13:38:af:f3:34:15:
                    85:bf:a9:c3:41:e0:d3:68:db:19:d9:4b:25:80:63:
                    a7:95:7b:20:eb:e9:3e:58:67:2b:7e:bd:c7:de:5b:
                    63:3b:d1:fd:b9:5c:19:39:9e:40:4b:a8:36:df:2c:
                    4c:92:4b:07:cc:81:19:db:11:ce:b6:af:bb:89:dd:
                    9b:1b:9a:60:0e:a7:4c:d3:a5:d9:15:03:41:a3:9f:
                    15:2a:3a:43:57:2e:87:c6:cf:1f:22:8c:ce:8a:b2:
                    75:4e:7c:c7:72:c7:35:39:60:df:02:2c:df:ea:ae:
                    4e:b0:92:cc:22:9f:b8:7d:63:9a:5d:1d:c3:2f:92:
                    90:77:44:93:36:a5:5c:79:d1:d2:fb:b6:76:04:0f:
                    b3:8e:a0:7a:20:3e:46:e1:82:9f:f6:b5:32:cb:1b:
                    04:6d:74:93:4f:55:93:34:3d:ce:85:93:c9:09:3d:
                    a3:d7:32:05:ff:c2:19:cc:99:2f:a7:ae:f0:62:5c:
                    4c:86:5a:3f:89:11:21:d7:d8:91:f8:f4:ef:f1:c6:
                    49:3c:6e:be:e3:9b:9b:be:c8:75:6c:15:ac:54:f5:
                    41:83:3c:a7:82:a2:14:99:8e:cb:0b:dd:3a:7e:56:
                    78:63:8a:b9:bb:77:a0:fb:a9:c9:e1:71:eb:03:93:
                    ac:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AF:EB:9B:95:38:F8:22:DF:BD:4C:E0:36:BC:DA:BD:A2:00:4C:36:28
            X509v3 Authority Key Identifier:
                keyid:54:F7:3B:80:35:06:A2:C8:9A:B6:74:58:BA:A3:18:35:37:CE:1F:7E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/3d2bb3c8581116125c6e09f758e3d59db1bcc4e4.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/3141cedd-f816-435d-bc09-161f3961401c/11ab9ecf71ab0945370e00622a8e0a67a1878fdf.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/3141cedd-f816-435d-bc09-161f3961401c/3d2bb3c8581116125c6e09f758e3d59db1bcc4e4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.24.16.0/20

    Signature Algorithm: sha256WithRSAEncryption
         57:c3:a6:4c:aa:19:63:c1:4d:b4:16:8c:7d:c1:10:a5:f0:9b:
         62:8d:70:5a:06:d4:99:f8:37:cb:54:91:b2:31:fc:68:a1:32:
         68:c9:4b:29:94:a6:6c:26:28:47:b1:1d:08:37:00:c1:59:f5:
         b4:4d:b2:b2:c1:d9:da:38:eb:b8:19:cc:c5:e0:ca:90:9a:57:
         88:53:b0:4b:14:59:cc:cd:af:69:c2:83:59:80:d8:dc:cd:ff:
         b4:6c:76:11:f2:c1:aa:63:07:bf:e8:d9:4e:e2:f8:bb:f2:34:
         0b:54:d8:ed:02:3d:0b:43:1c:da:94:0b:36:68:d1:50:0f:a0:
         98:71:23:4e:95:d1:1c:f7:10:65:52:b6:bc:1e:31:aa:a4:7a:
         8f:7d:37:95:be:d9:62:2b:1a:2a:94:86:02:ca:91:25:8b:1b:
         14:79:d0:c7:9e:6a:d6:58:c5:34:56:b0:ce:d4:b2:f5:93:d8:
         1c:fa:6a:0d:31:3a:30:5a:3d:f9:34:38:dc:a1:12:0d:60:0c:
         e3:92:1b:00:f6:9b:28:d7:05:08:d2:de:ee:e5:5f:88:fd:e8:
         bb:59:70:44:78:75:a5:f9:8f:75:6d:a6:2b:96:a1:6a:5a:05:
         a4:92:2d:54:90:f9:aa:9c:48:eb:bb:2f:eb:34:d9:1b:93:65:
         90:38:6b:93
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDItRXMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDNk
MmJiM2M4NTgxMTE2MTI1YzZlMDlmNzU4ZTNkNTlkYjFiY2M0ZTQwHhcNMjMwOTEw
MTU0MzE5WhcNMjUwOTExMTU0MzE5WjAzMTEwLwYDVQQDEygxMWFiOWVjZjcxYWIw
OTQ1MzcwZTAwNjIyYThlMGE2N2ExODc4ZmRmMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAuYlAnwI/SIATOK/zNBWFv6nDQeDTaNsZ2UslgGOnlXsg6+k+
WGcrfr3H3ltjO9H9uVwZOZ5AS6g23yxMkksHzIEZ2xHOtq+7id2bG5pgDqdM06XZ
FQNBo58VKjpDVy6Hxs8fIozOirJ1TnzHcsc1OWDfAizf6q5OsJLMIp+4fWOaXR3D
L5KQd0STNqVcedHS+7Z2BA+zjqB6ID5G4YKf9rUyyxsEbXSTT1WTND3OhZPJCT2j
1zIF/8IZzJkvp67wYlxMhlo/iREh19iR+PTv8cZJPG6+45ubvsh1bBWsVPVBgzyn
gqIUmY7LC906flZ4Y4q5u3eg+6nJ4XHrA5OspQIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFK/rm5U4+CLfvUzgNrzavaIATDYoMB8GA1UdIwQYMBaAFFT3O4A1BqLImrZ0
WLqjGDU3zh9+MA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvM2QyYmIz
Yzg1ODExMTYxMjVjNmUwOWY3NThlM2Q1OWRiMWJjYzRlNC5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMzE0MWNlZGQtZjgxNi00MzVkLWJjMDktMTYxZjM5
NjE0MDFjLzExYWI5ZWNmNzFhYjA5NDUzNzBlMDA2MjJhOGUwYTY3YTE4NzhmZGYu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8zMTQxY2VkZC1mODE2LTQzNWQtYmMwOS0xNjFm
Mzk2MTQwMWMvM2QyYmIzYzg1ODExMTYxMjVjNmUwOWY3NThlM2Q1OWRiMWJjYzRl
NC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEBMgYEDANBgkqhkiG9w0BAQsFAAOCAQEAV8OmTKoZY8FNtBaM
fcEQpfCbYo1wWgbUmfg3y1SRsjH8aKEyaMlLKZSmbCYoR7EdCDcAwVn1tE2yssHZ
2jjruBnMxeDKkJpXiFOwSxRZzM2vacKDWYDY3M3/tGx2EfLBqmMHv+jZTuL4u/I0
C1TY7QI9C0Mc2pQLNmjRUA+gmHEjTpXRHPcQZVK2vB4xqqR6j303lb7ZYisaKpSG
AsqRJYsbFHnQx55q1ljFNFawztSy9ZPYHPpqDTE6MFo9+TQ43KESDWAM45IbAPab
KNcFCNLe7uVfiP3ou1lwRHh1pfmPdW2mK5ahaloFpJItVJD5qpxI67sv6zTZG5Nl
kDhrkw==
-----END CERTIFICATE-----
Generated at Thu Feb 29 02:43:32 2024 by rpki-client on console-ams.rpki-client.org