Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/36700014-adba-4be4-8b79-9b31432e29be/c4b22255f3602db8970ff66562b41f7aef48c0a2.roa
File:                     c4b22255f3602db8970ff66562b41f7aef48c0a2.roa (raw, json)
Hash identifier:          FYMe/TL+WQRGVolgjq4SC+9erb9gv8+yRI/1B9DlzX0=
Subject key identifier:   D5:BC:10:C6:79:36:DF:89:AF:0B:DC:C6:93:46:5A:72:15:1C:0F:BD
Certificate issuer:       /CN=c143a9a223751cb68971cd886abedb1b29019262
Certificate serial:       0367
Authority key identifier: 71:62:1C:D6:14:86:86:37:4E:E8:5C:E4:16:66:26:BD:69:8F:D3:6E
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/c143a9a223751cb68971cd886abedb1b29019262.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/36700014-adba-4be4-8b79-9b31432e29be/c4b22255f3602db8970ff66562b41f7aef48c0a2.roa
Signing time:             Wed 27 Oct 2021 18:37:02 +0000
ROA not before:           Wed 27 Oct 2021 03:00:00 +0000
ROA not after:            Tue 27 Oct 2026 03:00:00 +0000
asID:                     266749
IP address blocks:        200.26.236.0/22 maxlen: 24
                          2803:8ce0::/32 maxlen: 48

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/36700014-adba-4be4-8b79-9b31432e29be/c143a9a223751cb68971cd886abedb1b29019262.crl
                          rsync://repository.lacnic.net/rpki/lacnic/36700014-adba-4be4-8b79-9b31432e29be/c143a9a223751cb68971cd886abedb1b29019262.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/c143a9a223751cb68971cd886abedb1b29019262.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 25 Feb 2024 03:09:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 871 (0x367)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c143a9a223751cb68971cd886abedb1b29019262
        Validity
            Not Before: Oct 27 03:00:00 2021 GMT
            Not After : Oct 27 03:00:00 2026 GMT
        Subject: CN=c4b22255f3602db8970ff66562b41f7aef48c0a2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:80:a6:d9:25:ff:48:5d:d1:7d:9d:f3:7a:7e:04:
                    5b:4c:61:85:ec:cd:66:c2:56:c3:89:db:81:44:c3:
                    af:4b:cc:34:e8:f0:8e:68:ec:35:84:9f:71:21:ef:
                    1c:dd:44:8e:53:85:e4:17:d7:12:f2:97:75:a0:48:
                    b8:b6:23:ae:c1:8d:60:08:93:b5:23:50:8b:2d:b1:
                    f1:e4:01:b8:e6:7f:2f:9d:74:b7:6f:ce:1d:e1:38:
                    85:46:4c:c9:cf:b2:14:67:25:f0:7f:86:fe:60:c8:
                    3f:08:b9:d6:62:d8:5a:64:4d:6b:6e:b6:8e:ce:63:
                    ad:38:44:df:98:82:10:58:eb:ef:6d:b9:aa:10:6c:
                    62:3a:a9:30:0c:1b:a7:2c:6b:7b:b8:62:50:fd:e7:
                    36:ea:ce:b8:22:23:12:bf:ea:a3:c0:b1:d4:0f:a4:
                    7f:c5:09:ab:18:9d:4a:95:59:4b:ee:29:84:b1:e9:
                    6d:d7:a8:0a:0f:d5:f3:28:37:50:ff:10:43:6f:7d:
                    53:40:16:9d:d3:98:16:87:7d:f4:08:67:c6:10:6c:
                    04:90:ca:d0:88:7f:95:84:82:2d:e4:20:16:87:0f:
                    5d:9b:59:13:4b:8c:77:70:6e:36:bd:44:07:9c:a4:
                    a9:71:f8:e3:95:3f:34:d2:7b:ba:f9:3e:88:bf:21:
                    c9:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D5:BC:10:C6:79:36:DF:89:AF:0B:DC:C6:93:46:5A:72:15:1C:0F:BD
            X509v3 Authority Key Identifier:
                keyid:71:62:1C:D6:14:86:86:37:4E:E8:5C:E4:16:66:26:BD:69:8F:D3:6E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/c143a9a223751cb68971cd886abedb1b29019262.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/36700014-adba-4be4-8b79-9b31432e29be/c4b22255f3602db8970ff66562b41f7aef48c0a2.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/36700014-adba-4be4-8b79-9b31432e29be/c143a9a223751cb68971cd886abedb1b29019262.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.26.236.0/22
                IPv6:
                  2803:8ce0::/32

    Signature Algorithm: sha256WithRSAEncryption
         0d:fa:01:30:b5:03:11:21:14:f1:f3:2e:32:4f:eb:c5:93:6d:
         5f:51:bf:bc:d1:28:87:56:49:7e:47:82:ca:0b:fd:38:12:49:
         dd:35:74:f3:26:ba:92:97:be:bf:86:b9:29:b7:81:75:2b:a1:
         2c:35:d1:d2:42:27:2c:75:f0:bd:7b:ae:75:03:09:06:96:43:
         16:00:3f:20:d2:be:1f:30:4d:cb:10:65:e0:20:53:b3:db:92:
         c5:43:27:89:2f:d7:93:a2:e5:89:56:97:2d:77:3f:27:d2:77:
         c7:b6:be:08:80:3c:95:ad:a2:7b:19:3a:14:72:c8:f4:1c:4c:
         1a:62:a7:88:22:a7:d8:05:a6:8f:62:88:26:bf:04:46:0a:c6:
         c7:61:e9:1e:42:96:6a:64:6a:f4:57:16:1e:c3:30:a7:7b:85:
         08:bc:00:52:9a:f6:2b:b3:a3:af:a1:d4:b3:60:f9:73:88:4c:
         5d:56:fd:1a:81:7d:5f:e1:21:73:27:7e:61:a9:79:4a:16:f7:
         e0:f3:64:1e:57:24:f0:20:49:39:24:7d:0a:97:04:00:3c:05:
         51:a0:79:b9:17:87:95:50:f3:92:90:1e:26:06:2f:3c:6a:98:
         bd:75:49:71:86:cf:b7:21:ea:a0:08:21:6d:8d:22:16:c8:de:
         ad:4e:5c:25
-----BEGIN CERTIFICATE-----
MIIFTjCCBDagAwIBAgICA2cwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoYzE0
M2E5YTIyMzc1MWNiNjg5NzFjZDg4NmFiZWRiMWIyOTAxOTI2MjAeFw0yMTEwMjcw
MzAwMDBaFw0yNjEwMjcwMzAwMDBaMDMxMTAvBgNVBAMTKGM0YjIyMjU1ZjM2MDJk
Yjg5NzBmZjY2NTYyYjQxZjdhZWY0OGMwYTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCAptkl/0hd0X2d83p+BFtMYYXszWbCVsOJ24FEw69LzDTo8I5o
7DWEn3Eh7xzdRI5TheQX1xLyl3WgSLi2I67BjWAIk7UjUIstsfHkAbjmfy+ddLdv
zh3hOIVGTMnPshRnJfB/hv5gyD8IudZi2FpkTWtuto7OY604RN+YghBY6+9tuaoQ
bGI6qTAMG6csa3u4YlD95zbqzrgiIxK/6qPAsdQPpH/FCasYnUqVWUvuKYSx6W3X
qAoP1fMoN1D/EENvfVNAFp3TmBaHffQIZ8YQbASQytCIf5WEgi3kIBaHD12bWRNL
jHdwbja9RAecpKlx+OOVPzTSe7r5Poi/IckPAgMBAAGjggJqMIICZjAdBgNVHQ4E
FgQU1bwQxnk234mvC9zGk0ZachUcD70wHwYDVR0jBBgwFoAUcWIc1hSGhjdO6Fzk
FmYmvWmP024wDgYDVR0PAQH/BAQDAgeAMIGaBggrBgEFBQcBAQSBjTCBijCBhwYI
KwYBBQUHMAKGe3JzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jwa2kvbGFj
bmljLzQ4ZjA4M2JiLWY2MDMtNDg5My05OTkwLTAyODRjMDRjZWI4NS9jMTQzYTlh
MjIzNzUxY2I2ODk3MWNkODg2YWJlZGIxYjI5MDE5MjYyLmNlcjCBmgYIKwYBBQUH
AQsEgY0wgYowgYcGCCsGAQUFBzALhntyc3luYzovL3JlcG9zaXRvcnkubGFjbmlj
Lm5ldC9ycGtpL2xhY25pYy8zNjcwMDAxNC1hZGJhLTRiZTQtOGI3OS05YjMxNDMy
ZTI5YmUvYzRiMjIyNTVmMzYwMmRiODk3MGZmNjY1NjJiNDFmN2FlZjQ4YzBhMi5y
b2EwgY8GA1UdHwSBhzCBhDCBgaB/oH2Ge3JzeW5jOi8vcmVwb3NpdG9yeS5sYWNu
aWMubmV0L3Jwa2kvbGFjbmljLzM2NzAwMDE0LWFkYmEtNGJlNC04Yjc5LTliMzE0
MzJlMjliZS9jMTQzYTlhMjIzNzUxY2I2ODk3MWNkODg2YWJlZGIxYjI5MDE5MjYy
LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8w
HTAMBAIAATAGAwQCyBrsMA0EAgACMAcDBQAoA4zgMA0GCSqGSIb3DQEBCwUAA4IB
AQAN+gEwtQMRIRTx8y4yT+vFk21fUb+80SiHVkl+R4LKC/04EkndNXTzJrqSl76/
hrkpt4F1K6EsNdHSQicsdfC9e651AwkGlkMWAD8g0r4fME3LEGXgIFOz25LFQyeJ
L9eTouWJVpctdz8n0nfHtr4IgDyVraJ7GToUcsj0HEwaYqeIIqfYBaaPYogmvwRG
CsbHYekeQpZqZGr0VxYewzCne4UIvABSmvYrs6OvodSzYPlziExdVv0agX1f4SFz
J35hqXlKFvfg82QeVyTwIEk5JH0KlwQAPAVRoHm5F4eVUPOSkB4mBi88api9dUlx
hs+3IeqgCCFtjSIWyN6tTlwl
-----END CERTIFICATE-----
Generated at Thu Feb 22 05:21:58 2024 by rpki-client on console-ams.rpki-client.org