Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/3d93e62f-f319-4da0-89f0-1030eb1ea4f0/cb47420400b44b88f7d47f242750e11f9553c14b.roa
File:                     cb47420400b44b88f7d47f242750e11f9553c14b.roa (raw, json)
Hash identifier:          yr5DIjgY4HtTlg+7Z+UmY0QNgIsH4PSdDrk+pRN6U5Y=
Subject key identifier:   1B:2B:B0:22:12:CE:6B:15:7D:CE:CF:1A:90:67:DD:37:86:48:3B:B3
Certificate issuer:       /CN=85b1a2c06554c00ab825464899ef9dd4872af08b
Certificate serial:       0BED
Authority key identifier: 6E:60:33:BC:7F:C8:28:80:64:6E:60:C6:9C:17:03:97:74:3F:EB:57
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/85b1a2c06554c00ab825464899ef9dd4872af08b.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/3d93e62f-f319-4da0-89f0-1030eb1ea4f0/cb47420400b44b88f7d47f242750e11f9553c14b.roa
Signing time:             Fri 13 May 2022 14:08:30 +0000
ROA not before:           Fri 13 May 2022 03:00:00 +0000
ROA not after:            Mon 13 May 2024 03:00:00 +0000
asID:                     271943
IP address blocks:        200.215.232.0/22 maxlen: 24
                          2803:a610::/32 maxlen: 32

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/3d93e62f-f319-4da0-89f0-1030eb1ea4f0/85b1a2c06554c00ab825464899ef9dd4872af08b.crl
                          rsync://repository.lacnic.net/rpki/lacnic/3d93e62f-f319-4da0-89f0-1030eb1ea4f0/85b1a2c06554c00ab825464899ef9dd4872af08b.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/85b1a2c06554c00ab825464899ef9dd4872af08b.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 03:49:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3053 (0xbed)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=85b1a2c06554c00ab825464899ef9dd4872af08b
        Validity
            Not Before: May 13 03:00:00 2022 GMT
            Not After : May 13 03:00:00 2024 GMT
        Subject: CN=cb47420400b44b88f7d47f242750e11f9553c14b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:26:76:6c:a8:ce:bc:fb:ec:30:bc:6c:ef:55:
                    1d:62:89:e0:db:fd:50:8b:46:11:f5:21:84:eb:2b:
                    12:ad:dc:e1:44:f5:5a:c9:f6:55:5b:71:61:3a:df:
                    6c:67:6a:89:bf:c1:e6:ea:22:c0:ad:25:83:61:c1:
                    cb:db:40:41:9b:ae:37:ff:2f:23:c4:2b:42:a2:db:
                    78:ea:b8:8d:60:89:b9:24:31:ef:84:84:89:9c:73:
                    fb:9a:d2:d3:59:d6:f0:1b:65:6a:9f:75:bc:02:ff:
                    b1:1e:42:99:16:4a:a5:fd:33:28:c9:1d:0a:e4:7b:
                    5a:a0:bb:5d:ec:ef:2e:e6:e4:46:bb:6c:59:3d:32:
                    bd:cb:a4:cd:68:33:a5:44:5c:71:ec:33:0e:08:f8:
                    a2:eb:52:b5:bf:62:a4:bd:5e:96:7f:2a:ba:eb:6e:
                    bc:5f:5d:7a:f8:63:32:73:73:13:48:73:15:66:b5:
                    ab:20:b5:c5:26:b4:83:0a:2c:bc:4e:ba:f8:c7:e6:
                    d7:55:17:19:98:d8:6d:6c:8f:20:2b:79:3d:04:8d:
                    02:30:4d:96:50:ca:44:00:3c:e0:54:5e:b9:92:4c:
                    2c:af:32:3b:24:8d:50:5c:d5:31:d4:8b:b5:83:c9:
                    ee:32:44:68:4c:f3:a6:c8:7c:6f:95:a1:e3:b0:07:
                    70:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1B:2B:B0:22:12:CE:6B:15:7D:CE:CF:1A:90:67:DD:37:86:48:3B:B3
            X509v3 Authority Key Identifier:
                keyid:6E:60:33:BC:7F:C8:28:80:64:6E:60:C6:9C:17:03:97:74:3F:EB:57

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/85b1a2c06554c00ab825464899ef9dd4872af08b.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/3d93e62f-f319-4da0-89f0-1030eb1ea4f0/cb47420400b44b88f7d47f242750e11f9553c14b.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/3d93e62f-f319-4da0-89f0-1030eb1ea4f0/85b1a2c06554c00ab825464899ef9dd4872af08b.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.215.232.0/22
                IPv6:
                  2803:a610::/32

    Signature Algorithm: sha256WithRSAEncryption
         68:16:c1:f4:8b:bc:be:87:92:0d:a8:cc:1e:2c:73:c6:d5:46:
         bf:03:34:8e:c7:43:ad:ef:42:26:92:bd:eb:8d:06:9c:2e:cd:
         d5:10:7a:d4:c9:da:f2:6f:ad:24:ab:49:e2:b8:ef:68:20:7c:
         9d:a0:97:70:9e:56:f0:5c:54:6b:e5:d3:64:7d:69:98:eb:a7:
         c6:0d:d1:63:60:ca:34:dc:1d:e7:30:90:48:df:85:30:48:eb:
         5c:46:35:ea:00:7a:47:6e:05:fb:33:d7:31:ca:7e:4b:6b:a0:
         ed:ed:60:3d:05:29:83:ee:50:2c:46:6b:b2:8b:5d:2b:38:44:
         76:a8:c7:0d:42:dd:59:96:03:94:c8:e1:51:1f:ec:e2:98:49:
         44:b3:a4:57:11:91:93:9a:2c:54:9d:cc:42:f8:13:73:08:1f:
         df:86:ea:4a:5f:3d:17:6a:78:44:8d:e8:25:ac:97:f4:bf:18:
         c8:64:32:84:a6:51:74:a9:d9:86:c4:88:4d:a2:ce:69:cd:95:
         0d:83:77:1f:2b:7a:6b:21:ea:f3:4d:79:81:a6:03:7b:2a:50:
         2b:73:e4:39:f3:6e:47:8b:88:c5:ca:92:42:80:5e:95:5c:2d:
         6c:42:81:cb:9f:80:4f:c6:c0:fa:ed:01:2b:6b:c6:ea:bc:1d:
         8e:1d:1f:9a
-----BEGIN CERTIFICATE-----
MIIFTjCCBDagAwIBAgICC+0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODVi
MWEyYzA2NTU0YzAwYWI4MjU0NjQ4OTllZjlkZDQ4NzJhZjA4YjAeFw0yMjA1MTMw
MzAwMDBaFw0yNDA1MTMwMzAwMDBaMDMxMTAvBgNVBAMTKGNiNDc0MjA0MDBiNDRi
ODhmN2Q0N2YyNDI3NTBlMTFmOTU1M2MxNGIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQClJnZsqM68++wwvGzvVR1iieDb/VCLRhH1IYTrKxKt3OFE9VrJ
9lVbcWE632xnaom/webqIsCtJYNhwcvbQEGbrjf/LyPEK0Ki23jquI1gibkkMe+E
hImcc/ua0tNZ1vAbZWqfdbwC/7EeQpkWSqX9MyjJHQrke1qgu13s7y7m5Ea7bFk9
Mr3LpM1oM6VEXHHsMw4I+KLrUrW/YqS9XpZ/KrrrbrxfXXr4YzJzcxNIcxVmtasg
tcUmtIMKLLxOuvjH5tdVFxmY2G1sjyAreT0EjQIwTZZQykQAPOBUXrmSTCyvMjsk
jVBc1THUi7WDye4yRGhM86bIfG+VoeOwB3CJAgMBAAGjggJqMIICZjAdBgNVHQ4E
FgQUGyuwIhLOaxV9zs8akGfdN4ZIO7MwHwYDVR0jBBgwFoAUbmAzvH/IKIBkbmDG
nBcDl3Q/61cwDgYDVR0PAQH/BAQDAgeAMIGaBggrBgEFBQcBAQSBjTCBijCBhwYI
KwYBBQUHMAKGe3JzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jwa2kvbGFj
bmljLzQ4ZjA4M2JiLWY2MDMtNDg5My05OTkwLTAyODRjMDRjZWI4NS84NWIxYTJj
MDY1NTRjMDBhYjgyNTQ2NDg5OWVmOWRkNDg3MmFmMDhiLmNlcjCBmgYIKwYBBQUH
AQsEgY0wgYowgYcGCCsGAQUFBzALhntyc3luYzovL3JlcG9zaXRvcnkubGFjbmlj
Lm5ldC9ycGtpL2xhY25pYy8zZDkzZTYyZi1mMzE5LTRkYTAtODlmMC0xMDMwZWIx
ZWE0ZjAvY2I0NzQyMDQwMGI0NGI4OGY3ZDQ3ZjI0Mjc1MGUxMWY5NTUzYzE0Yi5y
b2EwgY8GA1UdHwSBhzCBhDCBgaB/oH2Ge3JzeW5jOi8vcmVwb3NpdG9yeS5sYWNu
aWMubmV0L3Jwa2kvbGFjbmljLzNkOTNlNjJmLWYzMTktNGRhMC04OWYwLTEwMzBl
YjFlYTRmMC84NWIxYTJjMDY1NTRjMDBhYjgyNTQ2NDg5OWVmOWRkNDg3MmFmMDhi
LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8w
HTAMBAIAATAGAwQCyNfoMA0EAgACMAcDBQAoA6YQMA0GCSqGSIb3DQEBCwUAA4IB
AQBoFsH0i7y+h5INqMweLHPG1Ua/AzSOx0Ot70Imkr3rjQacLs3VEHrUydryb60k
q0niuO9oIHydoJdwnlbwXFRr5dNkfWmY66fGDdFjYMo03B3nMJBI34UwSOtcRjXq
AHpHbgX7M9cxyn5La6Dt7WA9BSmD7lAsRmuyi10rOER2qMcNQt1ZlgOUyOFRH+zi
mElEs6RXEZGTmixUncxC+BNzCB/fhupKXz0XanhEjeglrJf0vxjIZDKEplF0qdmG
xIhNos5pzZUNg3cfK3prIerzTXmBpgN7KlArc+Q5825Hi4jFypJCgF6VXC1sQoHL
n4BPxsD67QEra8bqvB2OHR+a
-----END CERTIFICATE-----
Generated at Thu Mar 28 08:34:31 2024 by rpki-client on console-fra.rpki-client.org