Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/40dfe202-07d3-47c3-84d3-7f050c014547/ea8763cd033f6dd31fd902950944776e793ad490.roa
File:                     ea8763cd033f6dd31fd902950944776e793ad490.roa (raw, json)
Hash identifier:          +BYWLVrpru9UdQ+0wXitzcQE3prW/ydBPxN6QxWxNQw=
Subject key identifier:   BF:7C:63:31:FA:BE:7A:75:4E:FA:BC:1F:FE:0B:B0:B8:20:06:57:4E
Certificate issuer:       /CN=2683ef2da91fbc72839936eeb61d41ca90b91733
Certificate serial:       046BE7
Authority key identifier: FD:5A:B9:AC:D7:31:82:07:34:19:9A:C4:01:F8:FA:C9:B9:99:F9:C0
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/2683ef2da91fbc72839936eeb61d41ca90b91733.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/40dfe202-07d3-47c3-84d3-7f050c014547/ea8763cd033f6dd31fd902950944776e793ad490.roa
Signing time:             Wed 24 Mar 2021 14:32:37 +0000
ROA not before:           Wed 24 Mar 2021 14:32:37 +0000
ROA not after:            Tue 24 Mar 2026 14:32:37 +0000
asID:                     27770
IP address blocks:        200.7.128.0/20 maxlen: 24
                          2800:1c0::/32 maxlen: 32

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/40dfe202-07d3-47c3-84d3-7f050c014547/2683ef2da91fbc72839936eeb61d41ca90b91733.crl
                          rsync://repository.lacnic.net/rpki/lacnic/40dfe202-07d3-47c3-84d3-7f050c014547/2683ef2da91fbc72839936eeb61d41ca90b91733.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/2683ef2da91fbc72839936eeb61d41ca90b91733.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 26 Feb 2024 11:55:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 289767 (0x46be7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2683ef2da91fbc72839936eeb61d41ca90b91733
        Validity
            Not Before: Mar 24 14:32:37 2021 GMT
            Not After : Mar 24 14:32:37 2026 GMT
        Subject: CN=ea8763cd033f6dd31fd902950944776e793ad490
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:8f:a8:63:7e:7a:f1:de:92:fc:ee:25:f4:8c:
                    21:11:80:d3:bd:69:91:14:d0:e6:4b:e5:7b:ac:28:
                    19:6e:07:cc:ba:c3:1d:64:74:4b:11:39:cf:d3:ab:
                    47:ad:9f:95:ec:f9:74:d9:e9:b6:0f:fe:36:87:78:
                    60:c8:ef:ac:9b:5c:e9:ff:0f:64:32:61:82:ae:78:
                    a7:07:2a:01:43:2b:13:c6:1a:ad:f7:28:ea:29:06:
                    30:c6:eb:44:d8:a0:fa:f9:b9:13:1d:eb:93:1c:39:
                    d9:0b:ae:e0:e0:2d:c8:43:1a:a6:70:f3:ab:77:f6:
                    c6:0b:f9:37:13:59:4d:c4:d8:d3:27:eb:b5:40:3a:
                    ac:21:41:c4:6d:43:04:5b:d9:78:b0:39:05:9d:3b:
                    7c:a6:b2:e2:c5:19:0e:02:74:ba:28:a0:9a:d1:39:
                    0f:96:99:b6:1e:b3:c8:56:2f:fb:c3:1d:76:78:bc:
                    60:b8:5f:e7:97:3b:eb:10:e8:5e:34:2b:63:73:a5:
                    bb:05:48:fa:37:9c:eb:c5:ea:30:a8:99:a4:39:62:
                    b5:a9:db:1d:79:5c:ac:24:b2:ee:3e:11:eb:1c:af:
                    69:10:81:0d:6c:5d:09:ba:ae:cb:d7:0e:43:ac:22:
                    60:95:00:ea:23:0c:67:72:3c:8e:0a:34:c7:f9:55:
                    40:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BF:7C:63:31:FA:BE:7A:75:4E:FA:BC:1F:FE:0B:B0:B8:20:06:57:4E
            X509v3 Authority Key Identifier:
                keyid:FD:5A:B9:AC:D7:31:82:07:34:19:9A:C4:01:F8:FA:C9:B9:99:F9:C0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/2683ef2da91fbc72839936eeb61d41ca90b91733.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/40dfe202-07d3-47c3-84d3-7f050c014547/ea8763cd033f6dd31fd902950944776e793ad490.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/40dfe202-07d3-47c3-84d3-7f050c014547/2683ef2da91fbc72839936eeb61d41ca90b91733.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.7.128.0/20
                IPv6:
                  2800:1c0::/32

    Signature Algorithm: sha256WithRSAEncryption
         97:7d:bf:c6:1b:26:ae:f5:3e:37:12:22:b6:d2:08:29:af:69:
         77:6e:27:93:12:a9:26:f4:53:5c:b8:d7:57:b6:97:9c:9c:3c:
         51:bd:9a:05:0f:ae:6b:60:09:56:f7:b8:8e:be:c7:84:b9:01:
         a3:4d:a3:0a:ff:ed:a8:87:36:4d:d0:6b:ed:1f:ee:e9:54:56:
         ff:2d:45:23:e3:91:99:86:37:15:b3:ed:07:f3:bd:82:39:b7:
         bf:95:18:c2:f1:92:6a:c9:a3:af:00:69:ae:03:f3:f6:c7:6b:
         f8:ef:d3:e0:07:67:17:75:da:98:53:98:ed:49:e4:fe:7f:a3:
         dd:7a:aa:be:e6:4b:93:a5:0c:8d:05:ce:ed:69:20:e1:06:7d:
         84:2b:65:3b:d8:51:7c:7e:99:3d:16:bf:18:57:ec:a5:78:37:
         89:b2:d2:55:15:29:de:79:d4:d3:5f:00:ae:45:a6:86:f1:be:
         09:2b:8d:cb:6f:57:8e:b9:7d:25:b0:90:8a:5c:5d:73:a6:76:
         69:84:20:c8:7b:cb:61:a6:e6:84:7c:ca:b7:40:71:9e:8b:45:
         e0:54:51:98:c8:26:65:20:0f:e6:df:70:74:25:5f:a0:3a:b8:
         50:9c:22:ad:c2:f2:49:8b:c7:d1:e1:a0:21:f4:cf:a4:d8:d0:
         fd:2f:e9:24
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgIDBGvnMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDI2
ODNlZjJkYTkxZmJjNzI4Mzk5MzZlZWI2MWQ0MWNhOTBiOTE3MzMwHhcNMjEwMzI0
MTQzMjM3WhcNMjYwMzI0MTQzMjM3WjAzMTEwLwYDVQQDEyhlYTg3NjNjZDAzM2Y2
ZGQzMWZkOTAyOTUwOTQ0Nzc2ZTc5M2FkNDkwMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAhY+oY3568d6S/O4l9IwhEYDTvWmRFNDmS+V7rCgZbgfMusMd
ZHRLETnP06tHrZ+V7Pl02em2D/42h3hgyO+sm1zp/w9kMmGCrninByoBQysTxhqt
9yjqKQYwxutE2KD6+bkTHeuTHDnZC67g4C3IQxqmcPOrd/bGC/k3E1lNxNjTJ+u1
QDqsIUHEbUMEW9l4sDkFnTt8prLixRkOAnS6KKCa0TkPlpm2HrPIVi/7wx12eLxg
uF/nlzvrEOheNCtjc6W7BUj6N5zrxeowqJmkOWK1qdsdeVysJLLuPhHrHK9pEIEN
bF0Juq7L1w5DrCJglQDqIwxncjyOCjTH+VVA8QIDAQABo4ICajCCAmYwHQYDVR0O
BBYEFL98YzH6vnp1Tvq8H/4LsLggBldOMB8GA1UdIwQYMBaAFP1auazXMYIHNBma
xAH4+sm5mfnAMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvMjY4M2Vm
MmRhOTFmYmM3MjgzOTkzNmVlYjYxZDQxY2E5MGI5MTczMy5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNDBkZmUyMDItMDdkMy00N2MzLTg0ZDMtN2YwNTBj
MDE0NTQ3L2VhODc2M2NkMDMzZjZkZDMxZmQ5MDI5NTA5NDQ3NzZlNzkzYWQ0OTAu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy80MGRmZTIwMi0wN2QzLTQ3YzMtODRkMy03ZjA1
MGMwMTQ1NDcvMjY4M2VmMmRhOTFmYmM3MjgzOTkzNmVlYjYxZDQxY2E5MGI5MTcz
My5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQf
MB0wDAQCAAEwBgMEBMgHgDANBAIAAjAHAwUAKAABwDANBgkqhkiG9w0BAQsFAAOC
AQEAl32/xhsmrvU+NxIittIIKa9pd24nkxKpJvRTXLjXV7aXnJw8Ub2aBQ+ua2AJ
Vve4jr7HhLkBo02jCv/tqIc2TdBr7R/u6VRW/y1FI+ORmYY3FbPtB/O9gjm3v5UY
wvGSasmjrwBprgPz9sdr+O/T4AdnF3XamFOY7Unk/n+j3XqqvuZLk6UMjQXO7Wkg
4QZ9hCtlO9hRfH6ZPRa/GFfspXg3ibLSVRUp3nnU018ArkWmhvG+CSuNy29Xjrl9
JbCQilxdc6Z2aYQgyHvLYabmhHzKt0BxnotF4FRRmMgmZSAP5t9wdCVfoDq4UJwi
rcLySYvH0eGgIfTPpNjQ/S/pJA==
-----END CERTIFICATE-----
Generated at Fri Feb 23 14:20:50 2024 by rpki-client on console-ams.rpki-client.org