Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/38283047-8834-43d5-82f7-4d938e60571e/842853655551b1298abf20af1bafc9a8296cb0c8.roa
File:                     842853655551b1298abf20af1bafc9a8296cb0c8.roa (raw, json)
Hash identifier:          uEwPXP+UdCng107aMTLe6sVMygp2DGL5hbv1IbrLnNI=
Subject key identifier:   60:C6:F8:D5:A3:58:A2:92:DB:A6:04:DB:28:E2:21:13:74:49:0A:A5
Certificate issuer:       /CN=c178e735cba3ee6de4d7789247cc09a6ad9bc2b2
Certificate serial:       2A8C1D
Authority key identifier: C0:82:73:D3:37:38:17:9E:49:76:3F:05:C9:13:99:93:8E:39:75:B0
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/c178e735cba3ee6de4d7789247cc09a6ad9bc2b2.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/38283047-8834-43d5-82f7-4d938e60571e/842853655551b1298abf20af1bafc9a8296cb0c8.roa
Signing time:             Thu 15 Feb 2024 20:41:28 +0000
ROA not before:           Thu 15 Feb 2024 20:41:24 +0000
ROA not after:            Thu 15 Feb 2029 20:41:24 +0000
asID:                     272862
IP address blocks:        200.50.190.0/24 maxlen: 24
                          200.50.167.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/38283047-8834-43d5-82f7-4d938e60571e/c178e735cba3ee6de4d7789247cc09a6ad9bc2b2.crl
                          rsync://repository.lacnic.net/rpki/lacnic/38283047-8834-43d5-82f7-4d938e60571e/c178e735cba3ee6de4d7789247cc09a6ad9bc2b2.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/c178e735cba3ee6de4d7789247cc09a6ad9bc2b2.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Tue 16 Apr 2024 13:30:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2788381 (0x2a8c1d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c178e735cba3ee6de4d7789247cc09a6ad9bc2b2
        Validity
            Not Before: Feb 15 20:41:24 2024 GMT
            Not After : Feb 15 20:41:24 2029 GMT
        Subject: CN=842853655551b1298abf20af1bafc9a8296cb0c8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f9:a4:b5:93:35:35:12:d8:e6:c4:8d:f0:22:18:
                    d4:a9:39:35:4a:e8:60:f7:b0:87:50:91:3f:6b:61:
                    49:ee:05:d5:1c:93:94:1d:3b:37:65:70:dc:7e:c4:
                    68:a5:e7:7d:ee:bc:99:f1:49:a7:87:e6:ce:14:19:
                    d2:12:2b:da:28:7a:f1:5f:6f:5e:54:d0:2b:72:ee:
                    d0:42:b3:8b:52:f1:2e:44:ff:3d:e8:f8:32:b9:76:
                    3d:c7:8f:f2:3a:27:cf:c1:5f:34:37:23:f7:75:72:
                    8f:93:fb:fd:7d:f6:b7:74:b9:36:3c:cb:98:32:9d:
                    7f:91:04:f8:a8:f5:17:0c:b4:0c:23:c8:89:eb:f4:
                    56:d5:93:eb:bd:78:a7:d1:08:9c:23:a8:4b:6d:c1:
                    2b:da:cd:4a:25:4e:6a:a9:9c:fe:25:91:95:2d:a0:
                    1f:eb:f6:ec:2e:9e:65:83:9c:61:b7:d4:7e:cf:a2:
                    cb:b8:57:ce:b8:54:b5:16:b7:94:57:46:e2:b6:3a:
                    5b:3f:06:c5:a5:2a:0a:35:e9:1f:62:7f:2f:58:59:
                    10:97:ef:83:42:d5:be:f6:07:11:53:c3:83:89:61:
                    a9:d7:6c:10:67:c9:5f:e4:ec:6b:eb:87:5c:83:67:
                    c5:3b:a4:cf:55:d1:d9:a2:be:c6:0a:21:82:97:f2:
                    40:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                60:C6:F8:D5:A3:58:A2:92:DB:A6:04:DB:28:E2:21:13:74:49:0A:A5
            X509v3 Authority Key Identifier:
                keyid:C0:82:73:D3:37:38:17:9E:49:76:3F:05:C9:13:99:93:8E:39:75:B0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/c178e735cba3ee6de4d7789247cc09a6ad9bc2b2.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/38283047-8834-43d5-82f7-4d938e60571e/842853655551b1298abf20af1bafc9a8296cb0c8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/38283047-8834-43d5-82f7-4d938e60571e/c178e735cba3ee6de4d7789247cc09a6ad9bc2b2.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.50.167.0/24
                  200.50.190.0/24

    Signature Algorithm: sha256WithRSAEncryption
         68:82:fe:14:40:a3:70:3a:a6:1a:8b:87:e9:6f:b8:97:d6:fa:
         38:93:54:a7:da:e4:73:ac:2c:e9:73:1c:07:d2:6a:c0:7e:7b:
         05:7a:32:d2:75:ff:30:e8:76:fd:6d:53:8c:a3:1e:bb:21:b6:
         3a:10:90:62:bd:0d:95:64:26:e8:32:d3:92:b2:ea:b2:20:f8:
         6f:54:d6:1b:c2:d8:fa:a5:8b:60:3f:28:ea:f5:f7:1e:b8:1e:
         e7:b0:73:67:89:cd:03:8d:73:01:4e:b9:af:d7:20:cd:6d:b0:
         5e:30:c1:f9:70:bf:e0:db:c6:42:f4:b2:ef:c7:80:4f:43:bc:
         05:de:d9:07:16:e1:95:95:5a:b6:f8:be:01:97:e7:59:1c:5e:
         f8:7d:15:52:0e:18:07:a0:44:31:e0:96:1f:1c:42:c9:ae:da:
         fb:4b:da:6d:aa:51:9e:4d:c3:33:e0:15:5b:ed:e5:74:c6:90:
         67:ff:fb:3c:2a:7e:58:61:95:73:b2:cb:b7:6f:17:e1:80:0e:
         7a:8d:3a:98:6a:25:3e:8f:38:13:69:0c:6f:9e:86:14:ee:b9:
         e5:9a:0b:c4:1e:71:ca:a5:17:ce:fa:b2:1b:8c:ed:47:3a:d4:
         7c:3d:bb:0d:3e:d2:3f:c3:8d:56:b0:fd:f9:2d:4d:d3:fa:40:
         9d:f9:1d:7d
-----BEGIN CERTIFICATE-----
MIIFRjCCBC6gAwIBAgIDKowdMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGMx
NzhlNzM1Y2JhM2VlNmRlNGQ3Nzg5MjQ3Y2MwOWE2YWQ5YmMyYjIwHhcNMjQwMjE1
MjA0MTI0WhcNMjkwMjE1MjA0MTI0WjAzMTEwLwYDVQQDEyg4NDI4NTM2NTU1NTFi
MTI5OGFiZjIwYWYxYmFmYzlhODI5NmNiMGM4MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA+aS1kzU1EtjmxI3wIhjUqTk1Suhg97CHUJE/a2FJ7gXVHJOU
HTs3ZXDcfsRoped97ryZ8Umnh+bOFBnSEivaKHrxX29eVNArcu7QQrOLUvEuRP89
6PgyuXY9x4/yOifPwV80NyP3dXKPk/v9ffa3dLk2PMuYMp1/kQT4qPUXDLQMI8iJ
6/RW1ZPrvXin0QicI6hLbcEr2s1KJU5qqZz+JZGVLaAf6/bsLp5lg5xht9R+z6LL
uFfOuFS1FreUV0bitjpbPwbFpSoKNekfYn8vWFkQl++DQtW+9gcRU8ODiWGp12wQ
Z8lf5Oxr64dcg2fFO6TPVdHZor7GCiGCl/JAHwIDAQABo4ICYTCCAl0wHQYDVR0O
BBYEFGDG+NWjWKKS26YE2yjiIRN0SQqlMB8GA1UdIwQYMBaAFMCCc9M3OBeeSXY/
BckTmZOOOXWwMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYzE3OGU3
MzVjYmEzZWU2ZGU0ZDc3ODkyNDdjYzA5YTZhZDliYzJiMi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMzgyODMwNDctODgzNC00M2Q1LTgyZjctNGQ5Mzhl
NjA1NzFlLzg0Mjg1MzY1NTU1MWIxMjk4YWJmMjBhZjFiYWZjOWE4Mjk2Y2IwYzgu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8zODI4MzA0Ny04ODM0LTQzZDUtODJmNy00ZDkz
OGU2MDU3MWUvYzE3OGU3MzVjYmEzZWU2ZGU0ZDc3ODkyNDdjYzA5YTZhZDliYzJi
Mi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQW
MBQwEgQCAAEwDAMEAMgypwMEAMgyvjANBgkqhkiG9w0BAQsFAAOCAQEAaIL+FECj
cDqmGouH6W+4l9b6OJNUp9rkc6ws6XMcB9JqwH57BXoy0nX/MOh2/W1TjKMeuyG2
OhCQYr0NlWQm6DLTkrLqsiD4b1TWG8LY+qWLYD8o6vX3Hrge57BzZ4nNA41zAU65
r9cgzW2wXjDB+XC/4NvGQvSy78eAT0O8Bd7ZBxbhlZVatvi+AZfnWRxe+H0VUg4Y
B6BEMeCWHxxCya7a+0vabapRnk3DM+AVW+3ldMaQZ//7PCp+WGGVc7LLt28X4YAO
eo06mGolPo84E2kMb56GFO655ZoLxB5xyqUXzvqyG4ztRzrUfD27DT7SP8ONVrD9
+S1N0/pAnfkdfQ==
-----END CERTIFICATE-----
Generated at Sat Apr 13 14:08:16 2024 by rpki-client on console-ams.rpki-client.org