Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/4d8df0f0-41c4-401d-ac15-de0db40ac9cb/db5c29c12e17b6fb8cf36f56945305a8649f4792.roa
File:                     db5c29c12e17b6fb8cf36f56945305a8649f4792.roa (raw, json)
Hash identifier:          XXyVivkl3Ae4DOaGPPReYGy+hcSN1haU/4OG9gmWhwI=
Subject key identifier:   13:A7:B7:9A:9F:BD:6E:D3:CE:00:0C:D3:61:C1:33:C3:7F:57:D3:4F
Certificate issuer:       /CN=297e119ebe51a00d6560ab73fd79c51ada403f19
Certificate serial:       2256
Authority key identifier: 07:09:37:88:ED:4A:80:C2:0C:DE:CE:10:A7:FF:BB:31:21:A2:72:9E
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/297e119ebe51a00d6560ab73fd79c51ada403f19.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/4d8df0f0-41c4-401d-ac15-de0db40ac9cb/db5c29c12e17b6fb8cf36f56945305a8649f4792.roa
Signing time:             Fri 19 Aug 2022 16:21:10 +0000
ROA not before:           Fri 19 Aug 2022 16:20:25 +0000
ROA not after:            Mon 19 Aug 2024 16:20:25 +0000
asID:                     27823
IP address blocks:        200.58.96.0/20 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/4d8df0f0-41c4-401d-ac15-de0db40ac9cb/297e119ebe51a00d6560ab73fd79c51ada403f19.crl
                          rsync://repository.lacnic.net/rpki/lacnic/4d8df0f0-41c4-401d-ac15-de0db40ac9cb/297e119ebe51a00d6560ab73fd79c51ada403f19.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/297e119ebe51a00d6560ab73fd79c51ada403f19.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 03:49:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 8790 (0x2256)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=297e119ebe51a00d6560ab73fd79c51ada403f19
        Validity
            Not Before: Aug 19 16:20:25 2022 GMT
            Not After : Aug 19 16:20:25 2024 GMT
        Subject: CN=db5c29c12e17b6fb8cf36f56945305a8649f4792
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ee:2d:6d:48:98:fd:ec:93:0b:78:e8:06:5c:f6:
                    12:89:36:81:ec:cf:87:f8:b5:11:d7:e4:0a:41:0f:
                    e7:08:ba:6a:62:48:57:25:ba:05:fc:5c:c5:86:4f:
                    94:f1:e6:37:81:94:07:5f:f3:eb:28:7e:65:bb:e7:
                    c7:1a:2f:80:cd:87:db:c5:0e:4d:28:41:6e:cb:c0:
                    a9:03:56:20:7b:b8:65:0d:b0:42:21:dc:f1:05:ae:
                    e7:e0:88:d2:89:29:fa:c5:a8:fa:9b:e6:58:8d:62:
                    3e:53:19:5e:1c:c6:77:68:76:b4:43:ea:44:fb:f7:
                    85:55:e0:31:6f:27:b0:e8:80:3f:59:30:04:c2:6f:
                    e1:49:e1:ab:8d:58:ee:ca:e9:0b:4e:00:1b:22:c6:
                    9d:2c:61:14:a4:43:a8:12:13:c3:8e:a7:06:b1:23:
                    f6:b6:e3:95:cf:4a:4a:41:00:e8:b6:d3:88:aa:0b:
                    bc:1d:ac:1d:fd:44:9d:f9:ee:f3:28:f6:53:94:e2:
                    30:3a:91:14:4d:7e:95:76:ce:07:7a:0d:7e:2d:78:
                    a5:08:ec:01:83:d7:0f:76:1e:16:e0:51:9e:12:c1:
                    ab:81:19:44:53:d3:49:04:76:3f:8c:51:18:65:d1:
                    3f:26:16:f1:d3:7b:7c:e2:05:93:1f:fb:a7:4c:89:
                    f2:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                13:A7:B7:9A:9F:BD:6E:D3:CE:00:0C:D3:61:C1:33:C3:7F:57:D3:4F
            X509v3 Authority Key Identifier:
                keyid:07:09:37:88:ED:4A:80:C2:0C:DE:CE:10:A7:FF:BB:31:21:A2:72:9E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/297e119ebe51a00d6560ab73fd79c51ada403f19.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/4d8df0f0-41c4-401d-ac15-de0db40ac9cb/db5c29c12e17b6fb8cf36f56945305a8649f4792.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/4d8df0f0-41c4-401d-ac15-de0db40ac9cb/297e119ebe51a00d6560ab73fd79c51ada403f19.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.58.96.0/20

    Signature Algorithm: sha256WithRSAEncryption
         19:7b:ef:ce:2a:ba:65:ed:84:6d:f6:d2:18:f0:08:cf:01:d9:
         90:0b:74:8b:ff:54:cb:f1:c7:ca:5a:c2:b6:37:e3:a9:20:fe:
         ea:8e:12:8f:b1:37:7e:7d:6d:03:33:ec:43:3b:3e:38:dc:5d:
         cb:7c:8e:84:f8:b6:dc:83:84:df:f2:96:a9:c9:52:48:9b:d1:
         c2:92:08:82:55:31:d5:84:8d:fb:3a:c9:5f:9e:b1:5a:e7:d3:
         e5:cb:24:7d:7d:79:fa:cc:68:a5:d8:c4:c3:f5:33:ed:1b:e3:
         4c:47:24:c6:b1:a1:8d:44:45:51:c8:20:f3:69:9c:bc:e2:06:
         12:c1:ca:a1:6a:9a:7b:45:23:25:b9:47:bd:ac:36:a7:5c:d0:
         76:9a:90:00:f0:e1:27:ba:04:6c:82:f4:f7:85:82:be:6e:62:
         c7:07:95:ba:ce:9b:bc:ce:5b:d6:be:90:8f:db:37:5d:1c:e5:
         a5:2b:b2:78:99:b3:8f:26:b1:d1:c2:bb:b5:b0:c4:59:cc:74:
         63:4f:91:58:59:e6:4a:80:cb:cf:74:77:11:bc:5b:85:2b:ff:
         cb:e9:a9:52:a4:47:74:9b:d0:5b:67:f5:4d:28:13:f0:a2:2c:
         02:8a:07:71:fd:52:63:16:76:cf:af:58:27:67:3c:c8:86:42:
         06:3a:cc:cd
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgICIlYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMjk3
ZTExOWViZTUxYTAwZDY1NjBhYjczZmQ3OWM1MWFkYTQwM2YxOTAeFw0yMjA4MTkx
NjIwMjVaFw0yNDA4MTkxNjIwMjVaMDMxMTAvBgNVBAMTKGRiNWMyOWMxMmUxN2I2
ZmI4Y2YzNmY1Njk0NTMwNWE4NjQ5ZjQ3OTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDuLW1ImP3skwt46AZc9hKJNoHsz4f4tRHX5ApBD+cIumpiSFcl
ugX8XMWGT5Tx5jeBlAdf8+sofmW758caL4DNh9vFDk0oQW7LwKkDViB7uGUNsEIh
3PEFrufgiNKJKfrFqPqb5liNYj5TGV4cxndodrRD6kT794VV4DFvJ7DogD9ZMATC
b+FJ4auNWO7K6QtOABsixp0sYRSkQ6gSE8OOpwaxI/a245XPSkpBAOi204iqC7wd
rB39RJ357vMo9lOU4jA6kRRNfpV2zgd6DX4teKUI7AGD1w92HhbgUZ4SwauBGURT
00kEdj+MURhl0T8mFvHTe3ziBZMf+6dMifJFAgMBAAGjggJbMIICVzAdBgNVHQ4E
FgQUE6e3mp+9btPOAAzTYcEzw39X008wHwYDVR0jBBgwFoAUBwk3iO1KgMIM3s4Q
p/+7MSGicp4wDgYDVR0PAQH/BAQDAgeAMIGaBggrBgEFBQcBAQSBjTCBijCBhwYI
KwYBBQUHMAKGe3JzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jwa2kvbGFj
bmljLzQ4ZjA4M2JiLWY2MDMtNDg5My05OTkwLTAyODRjMDRjZWI4NS8yOTdlMTE5
ZWJlNTFhMDBkNjU2MGFiNzNmZDc5YzUxYWRhNDAzZjE5LmNlcjCBmgYIKwYBBQUH
AQsEgY0wgYowgYcGCCsGAQUFBzALhntyc3luYzovL3JlcG9zaXRvcnkubGFjbmlj
Lm5ldC9ycGtpL2xhY25pYy80ZDhkZjBmMC00MWM0LTQwMWQtYWMxNS1kZTBkYjQw
YWM5Y2IvZGI1YzI5YzEyZTE3YjZmYjhjZjM2ZjU2OTQ1MzA1YTg2NDlmNDc5Mi5y
b2EwgY8GA1UdHwSBhzCBhDCBgaB/oH2Ge3JzeW5jOi8vcmVwb3NpdG9yeS5sYWNu
aWMubmV0L3Jwa2kvbGFjbmljLzRkOGRmMGYwLTQxYzQtNDAxZC1hYzE1LWRlMGRi
NDBhYzljYi8yOTdlMTE5ZWJlNTFhMDBkNjU2MGFiNzNmZDc5YzUxYWRhNDAzZjE5
LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAw
DjAMBAIAATAGAwQEyDpgMA0GCSqGSIb3DQEBCwUAA4IBAQAZe+/OKrpl7YRt9tIY
8AjPAdmQC3SL/1TL8cfKWsK2N+OpIP7qjhKPsTd+fW0DM+xDOz443F3LfI6E+Lbc
g4Tf8papyVJIm9HCkgiCVTHVhI37OslfnrFa59PlyyR9fXn6zGil2MTD9TPtG+NM
RyTGsaGNREVRyCDzaZy84gYSwcqhapp7RSMluUe9rDanXNB2mpAA8OEnugRsgvT3
hYK+bmLHB5W6zpu8zlvWvpCP2zddHOWlK7J4mbOPJrHRwru1sMRZzHRjT5FYWeZK
gMvPdHcRvFuFK//L6alSpEd0m9BbZ/VNKBPwoiwCigdx/VJjFnbPr1gnZzzIhkIG
OszN
-----END CERTIFICATE-----
Generated at Thu Mar 28 11:17:43 2024 by rpki-client on console-fra.rpki-client.org