Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/4460b283-322a-4719-b76f-eed9423a4dcb/35dbfd2309b3ccb8c372392fedc53062cbf8536a.roa
File:                     35dbfd2309b3ccb8c372392fedc53062cbf8536a.roa (raw, json)
Hash identifier:          9Cs1YY2fWeepBytblx3ss+9tiq3mil11rrnfNcyAjOI=
Subject key identifier:   2D:7A:C2:79:D6:13:C2:D6:BA:8B:54:3B:BA:99:66:F7:0A:84:0C:66
Certificate issuer:       /CN=811ec91611079aa974294c3db5fa3ab9e67a61af
Certificate serial:       063406
Authority key identifier: 6A:FA:C0:35:0F:0E:79:12:40:0A:B8:E3:B8:55:3A:33:8E:40:54:58
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/811ec91611079aa974294c3db5fa3ab9e67a61af.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/4460b283-322a-4719-b76f-eed9423a4dcb/35dbfd2309b3ccb8c372392fedc53062cbf8536a.roa
Signing time:             Wed 24 Mar 2021 14:35:29 +0000
ROA not before:           Wed 24 Mar 2021 14:35:28 +0000
ROA not after:            Tue 24 Mar 2026 14:35:28 +0000
asID:                     270028
IP address blocks:        200.11.33.0/24 maxlen: 24
                          2801:13a::/44 maxlen: 44

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/4460b283-322a-4719-b76f-eed9423a4dcb/811ec91611079aa974294c3db5fa3ab9e67a61af.crl
                          rsync://repository.lacnic.net/rpki/lacnic/4460b283-322a-4719-b76f-eed9423a4dcb/811ec91611079aa974294c3db5fa3ab9e67a61af.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/811ec91611079aa974294c3db5fa3ab9e67a61af.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 24 Feb 2024 17:37:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 406534 (0x63406)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=811ec91611079aa974294c3db5fa3ab9e67a61af
        Validity
            Not Before: Mar 24 14:35:28 2021 GMT
            Not After : Mar 24 14:35:28 2026 GMT
        Subject: CN=35dbfd2309b3ccb8c372392fedc53062cbf8536a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:24:8f:e4:7b:35:3d:03:a0:68:cf:19:0c:54:
                    3a:db:2e:6e:46:be:12:60:be:cd:36:73:b9:97:2a:
                    96:43:ba:14:30:b2:a9:ef:6c:71:1b:5f:44:1a:a7:
                    fd:c2:e1:84:44:40:6a:b1:05:3b:8b:90:d7:38:1e:
                    f2:2b:84:df:69:d3:57:0d:95:d1:be:05:da:fe:5a:
                    2d:a4:ad:2c:41:8f:96:f0:2f:c9:2a:82:78:03:c4:
                    b5:f2:46:33:ad:d4:53:9d:54:0d:ca:ba:2f:e1:4b:
                    2a:b3:0e:c4:cc:0c:39:23:59:c3:4e:f4:0b:38:8f:
                    49:14:e3:5c:96:ed:b7:f8:56:75:8e:5c:92:24:4f:
                    18:08:44:27:53:24:32:c1:93:20:85:be:0a:83:b2:
                    00:b3:00:5d:7b:8f:ad:aa:f9:e3:b7:a7:41:3a:fd:
                    a5:3e:ba:57:ca:fe:f1:53:9e:85:02:2a:90:ad:b3:
                    7c:cb:00:34:f7:0d:9e:eb:dd:bc:2c:5b:b8:6f:d9:
                    26:ed:fe:6e:84:a3:23:39:4c:8d:93:d0:b3:0b:ed:
                    97:3f:20:97:76:86:9b:51:d9:75:fe:7c:4c:20:1f:
                    89:8c:8c:61:24:df:46:ff:51:9f:d6:1d:6a:f3:5d:
                    61:50:d1:6a:74:20:19:fa:58:3c:53:41:87:0a:33:
                    fa:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2D:7A:C2:79:D6:13:C2:D6:BA:8B:54:3B:BA:99:66:F7:0A:84:0C:66
            X509v3 Authority Key Identifier:
                keyid:6A:FA:C0:35:0F:0E:79:12:40:0A:B8:E3:B8:55:3A:33:8E:40:54:58

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/811ec91611079aa974294c3db5fa3ab9e67a61af.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/4460b283-322a-4719-b76f-eed9423a4dcb/35dbfd2309b3ccb8c372392fedc53062cbf8536a.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/4460b283-322a-4719-b76f-eed9423a4dcb/811ec91611079aa974294c3db5fa3ab9e67a61af.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.11.33.0/24
                IPv6:
                  2801:13a::/44

    Signature Algorithm: sha256WithRSAEncryption
         04:95:61:f7:5c:13:52:70:d0:09:ea:bc:82:3a:ed:52:c5:ee:
         f0:e0:05:9c:48:b1:29:77:25:62:f7:93:34:13:84:a7:3e:42:
         a7:79:fe:d6:f1:1b:b5:24:52:4c:d8:5f:d4:07:5a:f4:79:1b:
         8b:77:16:50:1f:6b:b0:b1:c8:1f:9b:67:33:5a:80:1f:c5:d0:
         10:fd:36:2a:23:e7:f4:19:28:4f:30:83:6f:83:15:79:1b:e7:
         59:31:16:91:9a:a3:c2:14:65:a7:02:6a:94:50:78:88:34:7f:
         d8:0d:30:9e:e9:0a:3c:a2:f0:fe:37:5e:97:7d:61:bd:ff:f7:
         74:72:b1:80:0f:85:d8:84:32:5a:af:50:ca:90:f6:e1:7a:13:
         58:c3:cc:c6:8c:90:64:4d:9a:b5:1d:10:bb:ca:2c:b6:ac:cb:
         31:8d:73:8d:17:8e:92:c7:5d:9b:2a:0f:d7:7d:cc:e2:74:7e:
         4b:d8:a7:0a:80:52:4c:36:20:34:68:68:b2:40:a8:42:2d:ac:
         e3:6d:ee:32:5c:4b:08:65:2a:d5:d8:21:47:f8:9b:b4:f2:d1:
         b2:e7:ff:a3:f3:f9:9e:99:2c:d4:4b:77:3a:f4:fe:a6:3c:47:
         2a:88:d1:dd:8e:da:74:8a:a5:ba:29:8a:7f:71:21:80:1c:95:
         a7:55:16:4c
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgIDBjQGMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDgx
MWVjOTE2MTEwNzlhYTk3NDI5NGMzZGI1ZmEzYWI5ZTY3YTYxYWYwHhcNMjEwMzI0
MTQzNTI4WhcNMjYwMzI0MTQzNTI4WjAzMTEwLwYDVQQDEygzNWRiZmQyMzA5YjNj
Y2I4YzM3MjM5MmZlZGM1MzA2MmNiZjg1MzZhMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAuiSP5Hs1PQOgaM8ZDFQ62y5uRr4SYL7NNnO5lyqWQ7oUMLKp
72xxG19EGqf9wuGEREBqsQU7i5DXOB7yK4TfadNXDZXRvgXa/lotpK0sQY+W8C/J
KoJ4A8S18kYzrdRTnVQNyrov4Usqsw7EzAw5I1nDTvQLOI9JFONclu23+FZ1jlyS
JE8YCEQnUyQywZMghb4Kg7IAswBde4+tqvnjt6dBOv2lPrpXyv7xU56FAiqQrbN8
ywA09w2e6928LFu4b9km7f5uhKMjOUyNk9CzC+2XPyCXdoabUdl1/nxMIB+JjIxh
JN9G/1Gf1h1q811hUNFqdCAZ+lg8U0GHCjP68wIDAQABo4ICbDCCAmgwHQYDVR0O
BBYEFC16wnnWE8LWuotUO7qZZvcKhAxmMB8GA1UdIwQYMBaAFGr6wDUPDnkSQAq4
47hVOjOOQFRYMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvODExZWM5
MTYxMTA3OWFhOTc0Mjk0YzNkYjVmYTNhYjllNjdhNjFhZi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNDQ2MGIyODMtMzIyYS00NzE5LWI3NmYtZWVkOTQy
M2E0ZGNiLzM1ZGJmZDIzMDliM2NjYjhjMzcyMzkyZmVkYzUzMDYyY2JmODUzNmEu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy80NDYwYjI4My0zMjJhLTQ3MTktYjc2Zi1lZWQ5
NDIzYTRkY2IvODExZWM5MTYxMTA3OWFhOTc0Mjk0YzNkYjVmYTNhYjllNjdhNjFh
Zi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAwBggrBgEFBQcBBwEB/wQh
MB8wDAQCAAEwBgMEAMgLITAPBAIAAjAJAwcEKAEBOgAAMA0GCSqGSIb3DQEBCwUA
A4IBAQAElWH3XBNScNAJ6ryCOu1Sxe7w4AWcSLEpdyVi95M0E4SnPkKnef7W8Ru1
JFJM2F/UB1r0eRuLdxZQH2uwscgfm2czWoAfxdAQ/TYqI+f0GShPMINvgxV5G+dZ
MRaRmqPCFGWnAmqUUHiINH/YDTCe6Qo8ovD+N16XfWG9//d0crGAD4XYhDJar1DK
kPbhehNYw8zGjJBkTZq1HRC7yiy2rMsxjXONF46Sx12bKg/XfczidH5L2KcKgFJM
NiA0aGiyQKhCLazjbe4yXEsIZSrV2CFH+Ju08tGy5/+j8/memSzUS3c69P6mPEcq
iNHdjtp0iqW6KYp/cSGAHJWnVRZM
-----END CERTIFICATE-----
Generated at Wed Feb 21 19:48:34 2024 by rpki-client on console-ams.rpki-client.org