Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/0e7ebdc08fb578ac2112586a14f4585263999be1.roa
File:                     0e7ebdc08fb578ac2112586a14f4585263999be1.roa (raw, json)
Hash identifier:          HH1axBHu0Wah82IYCAdhutm6iwzrlJaaP83UORdlJmg=
Subject key identifier:   C3:ED:91:4A:AD:5D:8B:E5:DD:B5:65:A5:A8:8B:14:9E:3E:BA:A9:F1
Certificate issuer:       /CN=bfbb4d3a6dd5e649a6554c4817ce0ed277429136
Certificate serial:       1415FF
Authority key identifier: 76:7F:42:4D:48:34:06:C4:20:E5:DF:19:BE:BE:99:3F:72:5A:F7:B6
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/0e7ebdc08fb578ac2112586a14f4585263999be1.roa
Signing time:             Tue 30 Jan 2024 17:48:25 +0000
ROA not before:           Tue 30 Jan 2024 17:48:25 +0000
ROA not after:            Fri 30 Jan 2026 17:48:25 +0000
asID:                     20117
IP address blocks:        200.5.78.0/23 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.crl
                          rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Thu 18 Apr 2024 06:11:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1316351 (0x1415ff)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bfbb4d3a6dd5e649a6554c4817ce0ed277429136
        Validity
            Not Before: Jan 30 17:48:25 2024 GMT
            Not After : Jan 30 17:48:25 2026 GMT
        Subject: CN=0e7ebdc08fb578ac2112586a14f4585263999be1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:80:6f:07:7b:bc:4f:0b:21:7c:4a:e1:e3:2a:63:
                    50:9a:8b:74:3e:a1:4b:03:8c:78:9f:62:1f:ef:38:
                    ec:4d:67:83:05:e8:90:f5:67:58:55:ec:ba:57:f6:
                    5d:1c:13:8d:ef:f2:c8:ec:66:7f:ed:82:42:cd:83:
                    37:1e:cd:d7:ff:94:6b:57:3c:8d:82:dd:80:1f:b5:
                    82:1d:c0:bf:4f:a7:e7:65:15:54:38:ae:8c:f5:40:
                    27:8d:c4:bc:a1:99:bd:05:cb:d9:f1:d4:41:48:b6:
                    bb:e9:7a:35:fe:4f:92:39:d0:56:56:d4:e8:9a:d6:
                    4d:f8:31:b5:82:4c:d0:28:96:b7:c8:d3:a7:b3:8b:
                    93:e5:76:ec:e9:85:4a:ce:c8:52:09:52:b7:ae:3a:
                    8f:67:a9:fe:03:17:bb:48:e1:6d:b5:a8:b6:ff:35:
                    58:6b:b5:b2:fb:f2:ad:c0:22:7c:1d:0b:ff:af:9d:
                    9c:37:62:38:a9:be:8b:dc:c7:b1:85:38:b5:fb:31:
                    f5:9d:f4:d5:ce:28:e2:34:00:a6:3c:f3:5a:ce:cf:
                    5c:8c:d7:21:24:16:87:cb:69:1b:b5:9b:cb:7a:09:
                    08:3e:9a:c0:54:8b:8d:de:7f:44:c9:08:82:b1:f2:
                    85:ef:72:6a:02:f8:e4:0b:84:5e:f5:db:cf:39:3b:
                    5b:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C3:ED:91:4A:AD:5D:8B:E5:DD:B5:65:A5:A8:8B:14:9E:3E:BA:A9:F1
            X509v3 Authority Key Identifier:
                keyid:76:7F:42:4D:48:34:06:C4:20:E5:DF:19:BE:BE:99:3F:72:5A:F7:B6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/0e7ebdc08fb578ac2112586a14f4585263999be1.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.5.78.0/23

    Signature Algorithm: sha256WithRSAEncryption
         2b:7f:79:f9:30:29:7e:3a:2e:bd:a2:b9:a5:fc:40:2c:8d:3d:
         e1:53:8f:69:c4:ee:a1:de:20:c9:67:ba:f6:f4:bc:ce:4e:af:
         6e:94:e0:4a:55:5c:fc:8f:b1:2e:56:ff:7d:0d:55:9f:f6:b0:
         8e:74:57:d5:9f:47:4c:9f:43:f4:d3:0e:f1:1e:94:f0:2f:89:
         2a:33:2d:9b:4a:7e:68:e4:bf:fb:20:f7:dc:b9:8e:7d:6c:d2:
         f1:0b:ba:23:a6:08:64:cd:58:05:f2:7b:93:b6:fa:fa:b7:c7:
         02:5c:68:37:f5:a8:e4:bf:ba:9d:98:77:2f:a5:ad:07:ff:5d:
         db:54:fc:ec:78:2e:2b:c3:fb:67:4f:89:87:7a:e4:2f:ea:f6:
         72:6f:a3:6b:41:04:31:15:48:5c:d1:f8:d9:f1:27:38:65:fa:
         ef:d9:86:e4:47:39:33:67:7c:1d:be:00:40:ea:a5:34:4c:82:
         fe:14:3e:03:1e:55:f2:29:63:b8:95:a5:66:e6:f2:6a:3e:c1:
         7c:61:14:05:05:1a:78:09:56:b4:40:64:64:0e:ca:a8:5b:f5:
         70:36:a7:73:33:f2:81:57:bf:50:29:7c:52:64:60:0f:d5:89:
         56:c1:5c:bc:3c:8a:83:1b:09:4a:30:34:74:06:61:be:a5:78:
         b6:1a:bd:82
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDFBX/MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGJm
YmI0ZDNhNmRkNWU2NDlhNjU1NGM0ODE3Y2UwZWQyNzc0MjkxMzYwHhcNMjQwMTMw
MTc0ODI1WhcNMjYwMTMwMTc0ODI1WjAzMTEwLwYDVQQDEygwZTdlYmRjMDhmYjU3
OGFjMjExMjU4NmExNGY0NTg1MjYzOTk5YmUxMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAgG8He7xPCyF8SuHjKmNQmot0PqFLA4x4n2If7zjsTWeDBeiQ
9WdYVey6V/ZdHBON7/LI7GZ/7YJCzYM3Hs3X/5RrVzyNgt2AH7WCHcC/T6fnZRVU
OK6M9UAnjcS8oZm9BcvZ8dRBSLa76Xo1/k+SOdBWVtTomtZN+DG1gkzQKJa3yNOn
s4uT5Xbs6YVKzshSCVK3rjqPZ6n+Axe7SOFttai2/zVYa7Wy+/KtwCJ8HQv/r52c
N2I4qb6L3MexhTi1+zH1nfTVzijiNACmPPNazs9cjNchJBaHy2kbtZvLegkIPprA
VIuN3n9EyQiCsfKF73JqAvjkC4Re9dvPOTtbFQIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFMPtkUqtXYvl3bVlpaiLFJ4+uqnxMB8GA1UdIwQYMBaAFHZ/Qk1INAbEIOXf
Gb6+mT9yWve2MA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYmZiYjRk
M2E2ZGQ1ZTY0OWE2NTU0YzQ4MTdjZTBlZDI3NzQyOTEzNi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNTM3NWJjZmMtOGI4Ni00NTJlLTg1MGQtODNjZmUz
YjUwZjA2LzBlN2ViZGMwOGZiNTc4YWMyMTEyNTg2YTE0ZjQ1ODUyNjM5OTliZTEu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy81Mzc1YmNmYy04Yjg2LTQ1MmUtODUwZC04M2Nm
ZTNiNTBmMDYvYmZiYjRkM2E2ZGQ1ZTY0OWE2NTU0YzQ4MTdjZTBlZDI3NzQyOTEz
Ni5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAcgFTjANBgkqhkiG9w0BAQsFAAOCAQEAK395+TApfjouvaK5
pfxALI094VOPacTuod4gyWe69vS8zk6vbpTgSlVc/I+xLlb/fQ1Vn/awjnRX1Z9H
TJ9D9NMO8R6U8C+JKjMtm0p+aOS/+yD33LmOfWzS8Qu6I6YIZM1YBfJ7k7b6+rfH
AlxoN/Wo5L+6nZh3L6WtB/9d21T87HguK8P7Z0+Jh3rkL+r2cm+ja0EEMRVIXNH4
2fEnOGX679mG5Ec5M2d8Hb4AQOqlNEyC/hQ+Ax5V8iljuJWlZubyaj7BfGEUBQUa
eAlWtEBkZA7KqFv1cDanczPygVe/UCl8UmRgD9WJVsFcvDyKgxsJSjA0dAZhvqV4
thq9gg==
-----END CERTIFICATE-----
Generated at Mon Apr 15 10:07:20 2024 by rpki-client on console-fra.rpki-client.org