Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/4d8df0f0-41c4-401d-ac15-de0db40ac9cb/06b3cc920a658ea5d15985035139f3c6aa3596a4.roa
File:                     06b3cc920a658ea5d15985035139f3c6aa3596a4.roa (raw, json)
Hash identifier:          6xGaZN70rRJczXPswKqLKEVhiQYxo35r/4faAbwwmxg=
Subject key identifier:   CB:B4:5E:3D:EF:54:D9:CD:69:F9:F0:4B:C3:1E:DF:41:85:5E:5F:59
Certificate issuer:       /CN=297e119ebe51a00d6560ab73fd79c51ada403f19
Certificate serial:       0169F2
Authority key identifier: 07:09:37:88:ED:4A:80:C2:0C:DE:CE:10:A7:FF:BB:31:21:A2:72:9E
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/297e119ebe51a00d6560ab73fd79c51ada403f19.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/4d8df0f0-41c4-401d-ac15-de0db40ac9cb/06b3cc920a658ea5d15985035139f3c6aa3596a4.roa
Signing time:             Wed 14 Sep 2022 14:38:35 +0000
ROA not before:           Fri 19 Aug 2022 16:19:43 +0000
ROA not after:            Mon 19 Aug 2024 16:19:43 +0000
asID:                     27823
IP address blocks:        200.58.114.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/4d8df0f0-41c4-401d-ac15-de0db40ac9cb/297e119ebe51a00d6560ab73fd79c51ada403f19.crl
                          rsync://repository.lacnic.net/rpki/lacnic/4d8df0f0-41c4-401d-ac15-de0db40ac9cb/297e119ebe51a00d6560ab73fd79c51ada403f19.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/297e119ebe51a00d6560ab73fd79c51ada403f19.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 03:49:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 92658 (0x169f2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=297e119ebe51a00d6560ab73fd79c51ada403f19
        Validity
            Not Before: Aug 19 16:19:43 2022 GMT
            Not After : Aug 19 16:19:43 2024 GMT
        Subject: CN=06b3cc920a658ea5d15985035139f3c6aa3596a4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:7d:21:a3:b7:57:6e:f7:e5:bb:33:a0:35:42:
                    60:77:21:af:a0:07:a5:ee:b5:68:a1:d8:aa:8a:4e:
                    94:e9:9b:7b:1f:ad:c4:7a:11:90:39:d0:46:34:a2:
                    c2:ee:f8:71:a9:8a:ee:0d:22:f4:06:46:50:4c:d9:
                    19:d4:ec:f5:d8:4c:c4:d4:26:c8:6c:0f:c3:91:be:
                    48:85:81:25:a2:94:54:44:90:1d:7b:5a:f7:2f:68:
                    2f:c1:c7:c2:fc:b9:9c:74:e4:00:95:fe:46:64:6d:
                    2a:2b:68:2c:fc:8b:4d:20:46:15:7e:c2:6d:40:9a:
                    6c:18:27:cf:2e:67:0b:e9:70:5c:c1:d8:ec:c8:4a:
                    8c:5a:e2:32:19:d4:cc:91:1c:a2:cd:65:63:39:0e:
                    85:8f:06:53:90:f1:c8:3e:dd:a6:98:b8:73:93:36:
                    80:4e:1a:b5:ce:31:f8:d9:92:bd:ad:9c:b7:47:94:
                    71:fb:54:dc:7b:98:17:5f:e5:ed:b0:cb:f7:ec:0c:
                    32:24:df:4e:0f:e5:59:e1:9a:8a:14:9a:01:23:7d:
                    63:cc:d3:65:e3:55:77:88:eb:b8:73:cd:84:37:06:
                    e0:b1:2f:4d:85:6c:b0:60:b1:09:29:df:dc:d7:09:
                    ec:c0:d2:92:a2:35:85:bf:b7:68:a1:0f:e3:cd:08:
                    68:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CB:B4:5E:3D:EF:54:D9:CD:69:F9:F0:4B:C3:1E:DF:41:85:5E:5F:59
            X509v3 Authority Key Identifier:
                keyid:07:09:37:88:ED:4A:80:C2:0C:DE:CE:10:A7:FF:BB:31:21:A2:72:9E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/297e119ebe51a00d6560ab73fd79c51ada403f19.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/4d8df0f0-41c4-401d-ac15-de0db40ac9cb/06b3cc920a658ea5d15985035139f3c6aa3596a4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/4d8df0f0-41c4-401d-ac15-de0db40ac9cb/297e119ebe51a00d6560ab73fd79c51ada403f19.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.58.114.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0e:e7:34:87:e2:77:d7:6c:d9:e1:bc:1a:ca:46:ef:c7:c0:93:
         4a:d2:19:60:ba:af:f7:04:1e:95:4c:0c:48:cb:f8:51:5f:3c:
         77:14:ed:7e:7a:5d:81:b4:62:b2:b4:4e:b1:8d:ad:03:75:61:
         04:0d:2e:52:98:b4:50:12:7c:2f:bd:b6:b8:7c:be:ed:2c:53:
         74:9b:34:b4:dc:ad:3b:39:fc:29:a5:83:b9:c8:f8:eb:d4:71:
         bf:88:c2:f4:fa:d8:09:c4:24:71:3f:6b:21:f8:23:60:97:6e:
         d8:98:11:a4:8e:33:ba:c9:48:96:b4:52:29:7f:c9:22:37:ea:
         c3:a3:1b:b6:c1:da:f9:73:e4:c7:ae:1c:f7:37:af:57:fd:e5:
         3a:ab:1a:fd:40:72:31:f4:2a:0c:1d:79:30:a5:f4:48:3f:c2:
         41:62:5c:20:45:7d:12:c3:63:21:b9:a1:cf:4a:f7:f2:0e:4f:
         a0:ff:28:eb:03:37:a1:fb:19:2d:7e:79:40:27:f6:83:71:4a:
         4c:67:09:3a:49:7c:ab:51:a8:1e:5a:c3:6d:03:17:5a:fe:02:
         d9:9f:70:f2:f9:b5:78:f2:6c:1a:b0:43:92:d9:09:de:64:d4:
         95:9a:dc:80:28:55:5c:b6:65:6c:a1:10:e8:67:81:72:42:14:
         4f:49:0e:86
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDAWnyMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDI5
N2UxMTllYmU1MWEwMGQ2NTYwYWI3M2ZkNzljNTFhZGE0MDNmMTkwHhcNMjIwODE5
MTYxOTQzWhcNMjQwODE5MTYxOTQzWjAzMTEwLwYDVQQDEygwNmIzY2M5MjBhNjU4
ZWE1ZDE1OTg1MDM1MTM5ZjNjNmFhMzU5NmE0MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAoH0ho7dXbvfluzOgNUJgdyGvoAel7rVoodiqik6U6Zt7H63E
ehGQOdBGNKLC7vhxqYruDSL0BkZQTNkZ1Oz12EzE1CbIbA/Dkb5IhYElopRURJAd
e1r3L2gvwcfC/LmcdOQAlf5GZG0qK2gs/ItNIEYVfsJtQJpsGCfPLmcL6XBcwdjs
yEqMWuIyGdTMkRyizWVjOQ6FjwZTkPHIPt2mmLhzkzaAThq1zjH42ZK9rZy3R5Rx
+1Tce5gXX+XtsMv37AwyJN9OD+VZ4ZqKFJoBI31jzNNl41V3iOu4c82ENwbgsS9N
hWywYLEJKd/c1wnswNKSojWFv7dooQ/jzQhovQIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFMu0Xj3vVNnNafnwS8Me30GFXl9ZMB8GA1UdIwQYMBaAFAcJN4jtSoDCDN7O
EKf/uzEhonKeMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvMjk3ZTEx
OWViZTUxYTAwZDY1NjBhYjczZmQ3OWM1MWFkYTQwM2YxOS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNGQ4ZGYwZjAtNDFjNC00MDFkLWFjMTUtZGUwZGI0
MGFjOWNiLzA2YjNjYzkyMGE2NThlYTVkMTU5ODUwMzUxMzlmM2M2YWEzNTk2YTQu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy80ZDhkZjBmMC00MWM0LTQwMWQtYWMxNS1kZTBk
YjQwYWM5Y2IvMjk3ZTExOWViZTUxYTAwZDY1NjBhYjczZmQ3OWM1MWFkYTQwM2Yx
OS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAMg6cjANBgkqhkiG9w0BAQsFAAOCAQEADuc0h+J312zZ4bwa
ykbvx8CTStIZYLqv9wQelUwMSMv4UV88dxTtfnpdgbRisrROsY2tA3VhBA0uUpi0
UBJ8L722uHy+7SxTdJs0tNytOzn8KaWDucj469Rxv4jC9PrYCcQkcT9rIfgjYJdu
2JgRpI4zuslIlrRSKX/JIjfqw6MbtsHa+XPkx64c9zevV/3lOqsa/UByMfQqDB15
MKX0SD/CQWJcIEV9EsNjIbmhz0r38g5PoP8o6wM3ofsZLX55QCf2g3FKTGcJOkl8
q1GoHlrDbQMXWv4C2Z9w8vm1ePJsGrBDktkJ3mTUlZrcgChVXLZlbKEQ6GeBckIU
T0kOhg==
-----END CERTIFICATE-----
Generated at Thu Mar 28 10:47:04 2024 by rpki-client on console-ams.rpki-client.org