Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/375f7fcf-6aa6-446c-b911-61e9100d6a11/a49df014d0cca14b8db7b11f5971c43ef7c0374d.roa
File:                     a49df014d0cca14b8db7b11f5971c43ef7c0374d.roa (raw, json)
Hash identifier:          mZGnWyQ0yVLJ9/6yhhKrj6mzrAVTEpoT8CLUI+bWYNk=
Subject key identifier:   4B:09:3D:E3:A9:9F:A1:C5:B9:74:D5:28:FA:34:5E:F7:49:47:55:71
Certificate issuer:       /CN=c72bbcdcc728b5d6248dc78bf634a7196ddb8cc8
Certificate serial:       15EAA5
Authority key identifier: 8D:E9:41:B8:42:17:51:AD:B3:D6:51:93:BA:40:A3:3F:6B:79:C0:37
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/c72bbcdcc728b5d6248dc78bf634a7196ddb8cc8.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/375f7fcf-6aa6-446c-b911-61e9100d6a11/a49df014d0cca14b8db7b11f5971c43ef7c0374d.roa
Signing time:             Mon 14 Mar 2022 16:33:09 +0000
ROA not before:           Mon 14 Mar 2022 03:00:00 +0000
ROA not after:            Thu 14 Mar 2024 03:00:00 +0000
asID:                     28021
IP address blocks:        200.90.152.0/21 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/375f7fcf-6aa6-446c-b911-61e9100d6a11/c72bbcdcc728b5d6248dc78bf634a7196ddb8cc8.crl
                          rsync://repository.lacnic.net/rpki/lacnic/375f7fcf-6aa6-446c-b911-61e9100d6a11/c72bbcdcc728b5d6248dc78bf634a7196ddb8cc8.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/c72bbcdcc728b5d6248dc78bf634a7196ddb8cc8.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 26 Feb 2024 14:04:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1436325 (0x15eaa5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c72bbcdcc728b5d6248dc78bf634a7196ddb8cc8
        Validity
            Not Before: Mar 14 03:00:00 2022 GMT
            Not After : Mar 14 03:00:00 2024 GMT
        Subject: CN=a49df014d0cca14b8db7b11f5971c43ef7c0374d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:43:c6:76:07:60:27:24:c7:98:63:d2:be:93:
                    46:80:cf:6f:7a:6d:e0:17:2f:83:b6:e9:82:96:c8:
                    41:f5:f4:a4:72:05:41:c1:b8:63:53:1f:e8:25:c3:
                    11:0e:bb:6c:dc:3d:cf:f1:5a:65:86:a9:c0:9f:20:
                    a2:1b:68:64:ce:72:a4:de:af:5c:af:00:66:76:4e:
                    b4:eb:d7:6e:60:cc:f0:c3:f6:82:ff:98:6d:6a:eb:
                    0f:20:14:52:21:90:0f:89:2a:07:85:a3:8f:84:d7:
                    0a:c7:ee:1d:0f:5a:3f:59:6f:8c:92:24:f3:bc:db:
                    0c:08:69:92:88:ff:25:61:84:5d:e4:42:ed:24:4d:
                    12:91:18:12:a4:a0:b5:56:dd:53:dc:e6:8a:86:3e:
                    82:eb:41:27:6f:fd:a2:53:31:38:c6:39:9a:ee:9c:
                    97:9d:1d:9d:1b:90:ed:1e:e0:f3:d9:ae:11:5c:d4:
                    ce:e1:57:46:91:62:5b:31:f0:68:fd:e8:11:b5:9a:
                    cb:49:85:57:16:5f:11:a1:8d:29:9f:71:00:de:11:
                    58:b4:75:6e:92:da:7a:70:43:6b:20:00:e5:d0:32:
                    a6:a3:fe:8d:1a:91:7e:aa:af:35:68:d4:f4:0e:e2:
                    79:e7:99:29:85:46:49:10:fd:26:1f:31:63:77:88:
                    c9:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4B:09:3D:E3:A9:9F:A1:C5:B9:74:D5:28:FA:34:5E:F7:49:47:55:71
            X509v3 Authority Key Identifier:
                keyid:8D:E9:41:B8:42:17:51:AD:B3:D6:51:93:BA:40:A3:3F:6B:79:C0:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/c72bbcdcc728b5d6248dc78bf634a7196ddb8cc8.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/375f7fcf-6aa6-446c-b911-61e9100d6a11/a49df014d0cca14b8db7b11f5971c43ef7c0374d.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/375f7fcf-6aa6-446c-b911-61e9100d6a11/c72bbcdcc728b5d6248dc78bf634a7196ddb8cc8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.90.152.0/21

    Signature Algorithm: sha256WithRSAEncryption
         5f:ba:9a:5d:a2:ae:e0:9c:61:6e:06:2b:57:2a:f5:12:07:70:
         06:da:d8:f3:6d:c4:9a:95:38:fd:09:de:83:44:7c:df:8d:85:
         20:a0:45:b3:c5:a5:59:00:d1:f8:f5:41:ba:89:0a:69:6c:a9:
         67:96:0a:c8:d4:b6:67:f3:29:82:0f:59:79:d9:a0:a1:4b:95:
         99:57:8d:7a:89:a4:14:3a:b8:90:ec:b8:55:7a:dc:ba:09:ee:
         98:d4:3f:f6:1a:3a:d6:e8:81:df:00:ef:b2:84:3e:d8:91:41:
         07:57:bf:e7:ac:23:e2:94:9e:b9:1a:f0:a1:a5:bc:85:7f:d9:
         dc:28:c6:8f:ac:1f:4e:80:4f:f0:92:57:b1:16:8d:ba:a3:ff:
         a3:e4:80:f8:1b:aa:e3:ad:ed:e5:86:ba:07:9e:63:2a:57:e4:
         89:eb:c3:1a:c3:51:6a:75:f1:a0:72:72:80:48:8f:04:c9:8a:
         b6:1d:23:7f:0f:c3:ea:3c:29:a4:0d:1f:53:5a:59:d7:75:dc:
         50:ed:27:b2:1c:6c:12:5d:cc:be:f4:20:39:58:a4:09:f9:96:
         6d:7d:f0:69:3e:82:ed:4d:5e:9c:fe:2b:9e:e7:e2:53:b1:5c:
         19:0f:1a:6e:80:dd:68:12:4c:17:5a:c2:fb:65:1e:66:47:67:
         72:c2:16:29
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDFeqlMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGM3
MmJiY2RjYzcyOGI1ZDYyNDhkYzc4YmY2MzRhNzE5NmRkYjhjYzgwHhcNMjIwMzE0
MDMwMDAwWhcNMjQwMzE0MDMwMDAwWjAzMTEwLwYDVQQDEyhhNDlkZjAxNGQwY2Nh
MTRiOGRiN2IxMWY1OTcxYzQzZWY3YzAzNzRkMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAm0PGdgdgJyTHmGPSvpNGgM9vem3gFy+DtumClshB9fSkcgVB
wbhjUx/oJcMRDrts3D3P8VplhqnAnyCiG2hkznKk3q9crwBmdk6069duYMzww/aC
/5htausPIBRSIZAPiSoHhaOPhNcKx+4dD1o/WW+MkiTzvNsMCGmSiP8lYYRd5ELt
JE0SkRgSpKC1Vt1T3OaKhj6C60Enb/2iUzE4xjma7pyXnR2dG5DtHuDz2a4RXNTO
4VdGkWJbMfBo/egRtZrLSYVXFl8RoY0pn3EA3hFYtHVuktp6cENrIADl0DKmo/6N
GpF+qq81aNT0DuJ555kphUZJEP0mHzFjd4jJ2QIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFEsJPeOpn6HFuXTVKPo0XvdJR1VxMB8GA1UdIwQYMBaAFI3pQbhCF1Gts9ZR
k7pAoz9recA3MA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYzcyYmJj
ZGNjNzI4YjVkNjI0OGRjNzhiZjYzNGE3MTk2ZGRiOGNjOC5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMzc1ZjdmY2YtNmFhNi00NDZjLWI5MTEtNjFlOTEw
MGQ2YTExL2E0OWRmMDE0ZDBjY2ExNGI4ZGI3YjExZjU5NzFjNDNlZjdjMDM3NGQu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8zNzVmN2ZjZi02YWE2LTQ0NmMtYjkxMS02MWU5
MTAwZDZhMTEvYzcyYmJjZGNjNzI4YjVkNjI0OGRjNzhiZjYzNGE3MTk2ZGRiOGNj
OC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEA8hamDANBgkqhkiG9w0BAQsFAAOCAQEAX7qaXaKu4JxhbgYr
Vyr1EgdwBtrY823EmpU4/Qneg0R8342FIKBFs8WlWQDR+PVBuokKaWypZ5YKyNS2
Z/Mpgg9ZedmgoUuVmVeNeomkFDq4kOy4VXrcugnumNQ/9ho61uiB3wDvsoQ+2JFB
B1e/56wj4pSeuRrwoaW8hX/Z3CjGj6wfToBP8JJXsRaNuqP/o+SA+Buq463t5Ya6
B55jKlfkievDGsNRanXxoHJygEiPBMmKth0jfw/D6jwppA0fU1pZ13XcUO0nshxs
El3MvvQgOVikCfmWbX3waT6C7U1enP4rnufiU7FcGQ8aboDdaBJMF1rC+2UeZkdn
csIWKQ==
-----END CERTIFICATE-----
Generated at Fri Feb 23 14:20:48 2024 by rpki-client on console-ams.rpki-client.org