Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/09cbf2c4ea76b0fbe38aff7b7a013b7df8bd2b13.roa
File:                     09cbf2c4ea76b0fbe38aff7b7a013b7df8bd2b13.roa (raw, json)
Hash identifier:          yz1NiYbtVhtsW/k0hx3YeEc0Jyt5S76k4xJ9ujGcfNk=
Subject key identifier:   9D:67:9B:43:F2:43:5D:B0:37:32:F5:6F:5E:38:FF:B1:5A:5C:38:51
Certificate issuer:       /CN=bfbb4d3a6dd5e649a6554c4817ce0ed277429136
Certificate serial:       11DDAE
Authority key identifier: 76:7F:42:4D:48:34:06:C4:20:E5:DF:19:BE:BE:99:3F:72:5A:F7:B6
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/09cbf2c4ea76b0fbe38aff7b7a013b7df8bd2b13.roa
Signing time:             Wed 29 Nov 2023 14:14:35 +0000
ROA not before:           Wed 29 Nov 2023 14:14:35 +0000
ROA not after:            Sat 29 Nov 2025 14:14:35 +0000
asID:                     52477
IP address blocks:        179.40.42.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.crl
                          rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Thu 18 Apr 2024 06:11:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1170862 (0x11ddae)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bfbb4d3a6dd5e649a6554c4817ce0ed277429136
        Validity
            Not Before: Nov 29 14:14:35 2023 GMT
            Not After : Nov 29 14:14:35 2025 GMT
        Subject: CN=09cbf2c4ea76b0fbe38aff7b7a013b7df8bd2b13
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:12:63:d3:a1:6b:6d:a7:8d:04:07:fd:a9:db:
                    22:da:78:4e:30:c9:a7:6a:5a:ed:22:d2:ad:37:54:
                    69:39:46:e1:c8:a3:2d:15:5c:c7:4c:53:73:98:0e:
                    54:4e:fd:90:91:23:7a:93:a4:db:20:41:ff:bc:6c:
                    5a:00:1b:2f:d6:12:90:0e:af:6b:41:a7:98:ca:d3:
                    53:77:d3:99:d7:ca:2b:1e:57:40:12:86:ee:26:89:
                    81:8b:91:b7:08:3e:b4:09:d2:b6:ee:75:8b:6f:46:
                    c9:4e:dc:f8:bb:90:27:ac:f4:9b:05:34:57:09:18:
                    2e:b0:29:bb:dd:66:77:5f:a9:eb:b0:34:8d:d5:f0:
                    ba:77:a1:3a:92:04:af:22:9f:fc:76:60:5e:f9:39:
                    5a:d1:69:09:ca:0a:7d:54:83:32:49:a8:e6:57:48:
                    e4:4c:f0:9d:0e:65:91:5e:b8:18:57:c7:1c:56:c1:
                    17:84:97:d4:ba:bb:af:77:c0:80:cc:1d:de:0f:dc:
                    0a:c9:94:9a:ce:ca:fb:63:59:ba:57:c0:11:54:2f:
                    44:a9:30:ce:4c:03:3d:f9:c0:14:29:37:c9:cd:f6:
                    14:7b:af:d0:9c:ec:0c:cf:6b:fc:1d:eb:86:93:45:
                    79:af:36:f9:ff:e6:e2:9c:9e:d9:5e:aa:11:f1:79:
                    07:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9D:67:9B:43:F2:43:5D:B0:37:32:F5:6F:5E:38:FF:B1:5A:5C:38:51
            X509v3 Authority Key Identifier:
                keyid:76:7F:42:4D:48:34:06:C4:20:E5:DF:19:BE:BE:99:3F:72:5A:F7:B6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/09cbf2c4ea76b0fbe38aff7b7a013b7df8bd2b13.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  179.40.42.0/24

    Signature Algorithm: sha256WithRSAEncryption
         60:63:5c:77:a1:14:19:fc:84:18:27:63:c5:00:96:17:6c:b6:
         c4:df:ea:4c:36:d9:a3:37:1e:32:33:53:1f:3d:07:aa:7c:9f:
         22:76:b5:ed:c4:d3:68:ee:56:0b:5e:ff:5b:57:b1:40:e0:e8:
         be:18:a9:cd:44:7d:c7:2a:ef:61:60:a6:3f:fd:4b:59:76:74:
         b2:aa:c6:0e:c0:f8:77:0b:67:2a:f0:ff:49:fb:c1:7e:4f:99:
         62:91:3e:a3:dc:7c:de:23:2a:4c:f9:f3:16:0d:c6:1a:0c:ef:
         3a:e1:4d:f4:41:1d:ab:97:a9:c8:d0:74:f3:44:66:41:95:f1:
         8a:ed:6b:86:41:fc:86:8b:1a:15:99:e7:95:41:99:74:e5:04:
         3a:10:b1:48:5b:c4:b1:f3:30:f6:06:1a:dc:42:64:0a:cc:a2:
         e7:22:cd:00:1f:c3:5c:a8:45:ea:07:ae:e6:13:10:d3:c6:e1:
         22:1f:4f:4d:5b:e5:35:b7:26:a1:35:58:4a:9d:78:25:99:01:
         e1:ab:06:6d:97:23:15:46:4d:35:e9:c3:c6:12:b5:84:c6:56:
         de:a0:8e:58:3e:13:40:57:90:7c:50:08:2e:ed:bb:f7:14:fc:
         81:ef:15:b7:b0:3a:d8:66:a3:2c:54:27:6a:97:fb:8e:41:13:
         9c:f1:4b:c9
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDEd2uMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGJm
YmI0ZDNhNmRkNWU2NDlhNjU1NGM0ODE3Y2UwZWQyNzc0MjkxMzYwHhcNMjMxMTI5
MTQxNDM1WhcNMjUxMTI5MTQxNDM1WjAzMTEwLwYDVQQDEygwOWNiZjJjNGVhNzZi
MGZiZTM4YWZmN2I3YTAxM2I3ZGY4YmQyYjEzMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAqhJj06FrbaeNBAf9qdsi2nhOMMmnalrtItKtN1RpOUbhyKMt
FVzHTFNzmA5UTv2QkSN6k6TbIEH/vGxaABsv1hKQDq9rQaeYytNTd9OZ18orHldA
EobuJomBi5G3CD60CdK27nWLb0bJTtz4u5AnrPSbBTRXCRgusCm73WZ3X6nrsDSN
1fC6d6E6kgSvIp/8dmBe+Tla0WkJygp9VIMySajmV0jkTPCdDmWRXrgYV8ccVsEX
hJfUuruvd8CAzB3eD9wKyZSazsr7Y1m6V8ARVC9EqTDOTAM9+cAUKTfJzfYUe6/Q
nOwMz2v8HeuGk0V5rzb5/+binJ7ZXqoR8XkHkQIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFJ1nm0PyQ12wNzL1b144/7FaXDhRMB8GA1UdIwQYMBaAFHZ/Qk1INAbEIOXf
Gb6+mT9yWve2MA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYmZiYjRk
M2E2ZGQ1ZTY0OWE2NTU0YzQ4MTdjZTBlZDI3NzQyOTEzNi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNTM3NWJjZmMtOGI4Ni00NTJlLTg1MGQtODNjZmUz
YjUwZjA2LzA5Y2JmMmM0ZWE3NmIwZmJlMzhhZmY3YjdhMDEzYjdkZjhiZDJiMTMu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy81Mzc1YmNmYy04Yjg2LTQ1MmUtODUwZC04M2Nm
ZTNiNTBmMDYvYmZiYjRkM2E2ZGQ1ZTY0OWE2NTU0YzQ4MTdjZTBlZDI3NzQyOTEz
Ni5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEALMoKjANBgkqhkiG9w0BAQsFAAOCAQEAYGNcd6EUGfyEGCdj
xQCWF2y2xN/qTDbZozceMjNTHz0HqnyfIna17cTTaO5WC17/W1exQODovhipzUR9
xyrvYWCmP/1LWXZ0sqrGDsD4dwtnKvD/SfvBfk+ZYpE+o9x83iMqTPnzFg3GGgzv
OuFN9EEdq5epyNB080RmQZXxiu1rhkH8hosaFZnnlUGZdOUEOhCxSFvEsfMw9gYa
3EJkCsyi5yLNAB/DXKhF6geu5hMQ08bhIh9PTVvlNbcmoTVYSp14JZkB4asGbZcj
FUZNNenDxhK1hMZW3qCOWD4TQFeQfFAILu279xT8ge8Vt7A62GajLFQnapf7jkET
nPFLyQ==
-----END CERTIFICATE-----
Generated at Mon Apr 15 10:07:20 2024 by rpki-client on console-fra.rpki-client.org