Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/155c79727f5f33b413a8a49ffe1b22424dec4416.roa
File:                     155c79727f5f33b413a8a49ffe1b22424dec4416.roa (raw, json)
Hash identifier:          JDX0DHrBA6ZWUtVFg1s37IyCYt003JnyD2oU9Zc5kiE=
Subject key identifier:   06:62:CD:25:0F:91:DB:87:ED:69:29:6A:4A:9C:BA:AC:ED:96:28:FF
Certificate issuer:       /CN=bfbb4d3a6dd5e649a6554c4817ce0ed277429136
Certificate serial:       125B44
Authority key identifier: 76:7F:42:4D:48:34:06:C4:20:E5:DF:19:BE:BE:99:3F:72:5A:F7:B6
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/155c79727f5f33b413a8a49ffe1b22424dec4416.roa
Signing time:             Wed 29 Nov 2023 21:05:21 +0000
ROA not before:           Wed 29 Nov 2023 21:05:21 +0000
ROA not after:            Sat 29 Nov 2025 21:05:21 +0000
asID:                     265689
IP address blocks:        186.56.7.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.crl
                          rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Thu 18 Apr 2024 06:11:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1203012 (0x125b44)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bfbb4d3a6dd5e649a6554c4817ce0ed277429136
        Validity
            Not Before: Nov 29 21:05:21 2023 GMT
            Not After : Nov 29 21:05:21 2025 GMT
        Subject: CN=155c79727f5f33b413a8a49ffe1b22424dec4416
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f8:3c:67:87:d7:ad:5f:d8:5d:d6:b4:ab:95:65:
                    6f:92:37:0e:d2:e5:af:43:d3:68:48:47:28:30:24:
                    2b:37:72:8a:1c:00:cf:3d:d4:31:4e:bb:93:93:02:
                    53:e7:fc:a0:f1:e1:c6:33:9e:06:18:51:6e:c0:35:
                    40:db:d0:ae:f8:69:9f:8d:92:ef:d7:4d:76:57:61:
                    14:e2:c5:9c:38:81:86:84:93:79:71:5b:74:ab:9f:
                    0f:5c:c1:3f:ae:0e:86:57:37:73:83:1f:f1:f0:89:
                    42:cb:48:5a:a0:95:ad:01:35:e1:b6:6d:44:10:bd:
                    b9:31:ac:fe:e2:68:f8:1a:84:ba:8f:90:fb:96:77:
                    0b:81:57:0e:0a:66:2b:77:62:58:82:79:7f:0e:79:
                    f9:67:e0:93:19:12:62:3a:3a:58:ca:47:68:7e:3a:
                    c3:ba:1d:ac:65:46:a2:59:29:f9:c5:17:ef:f9:ae:
                    21:b2:d7:2e:70:45:c5:2e:1d:8b:d6:d8:42:d2:33:
                    f9:1a:66:a7:fe:20:a7:a3:74:f6:b8:18:68:16:0a:
                    24:18:77:ca:a8:f3:04:ab:79:c1:9d:8d:69:07:88:
                    98:a0:5a:39:0e:95:5b:fb:00:ef:3d:bb:99:f8:47:
                    7a:77:79:9f:10:6d:07:2f:05:4d:e1:69:69:5f:b0:
                    b0:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                06:62:CD:25:0F:91:DB:87:ED:69:29:6A:4A:9C:BA:AC:ED:96:28:FF
            X509v3 Authority Key Identifier:
                keyid:76:7F:42:4D:48:34:06:C4:20:E5:DF:19:BE:BE:99:3F:72:5A:F7:B6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/155c79727f5f33b413a8a49ffe1b22424dec4416.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  186.56.7.0/24

    Signature Algorithm: sha256WithRSAEncryption
         93:0d:5e:2e:23:1b:ef:29:11:f2:4c:13:09:fa:de:d8:4e:ca:
         5e:96:df:c1:13:b3:a2:59:d8:7f:3e:7e:ef:9c:72:9e:e9:f9:
         43:56:8c:f7:38:be:d1:c8:c9:23:49:46:fe:90:20:e0:e0:5c:
         1d:cd:8d:f1:6c:55:23:e0:16:6e:f2:f9:39:d5:68:41:2d:15:
         f6:8b:76:d7:03:c3:d8:ca:ba:23:06:be:34:8e:6c:7a:f3:39:
         b3:81:fe:20:68:b7:5a:a9:ea:af:d6:a1:a4:7a:30:d8:9b:67:
         dc:d1:46:45:91:0a:74:9f:f4:21:b4:10:7a:11:5a:41:2a:41:
         6b:3b:c7:70:74:8c:28:ca:19:2d:4c:07:fe:18:03:49:dd:4e:
         68:ef:3c:3c:1c:b9:01:65:e3:0a:b3:a6:66:9f:f5:d3:b9:c9:
         2a:a0:f1:d4:26:eb:90:77:6b:b0:82:d1:8f:f8:e1:ba:ed:5b:
         79:fc:02:40:18:db:55:1e:5e:2b:13:f1:35:d1:7d:ab:5c:e3:
         0b:a6:a6:88:dd:45:aa:2c:c4:70:43:63:5b:4d:23:f0:ca:65:
         2b:63:c5:96:f3:8c:e3:21:ec:e2:55:ba:be:e1:60:43:cf:12:
         2a:60:04:72:1d:bc:e2:15:e2:a7:ef:26:eb:2a:aa:b2:28:e8:
         d1:9e:86:cc
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDEltEMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGJm
YmI0ZDNhNmRkNWU2NDlhNjU1NGM0ODE3Y2UwZWQyNzc0MjkxMzYwHhcNMjMxMTI5
MjEwNTIxWhcNMjUxMTI5MjEwNTIxWjAzMTEwLwYDVQQDEygxNTVjNzk3MjdmNWYz
M2I0MTNhOGE0OWZmZTFiMjI0MjRkZWM0NDE2MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA+Dxnh9etX9hd1rSrlWVvkjcO0uWvQ9NoSEcoMCQrN3KKHADP
PdQxTruTkwJT5/yg8eHGM54GGFFuwDVA29Cu+GmfjZLv1012V2EU4sWcOIGGhJN5
cVt0q58PXME/rg6GVzdzgx/x8IlCy0haoJWtATXhtm1EEL25Maz+4mj4GoS6j5D7
lncLgVcOCmYrd2JYgnl/Dnn5Z+CTGRJiOjpYykdofjrDuh2sZUaiWSn5xRfv+a4h
stcucEXFLh2L1thC0jP5Gman/iCno3T2uBhoFgokGHfKqPMEq3nBnY1pB4iYoFo5
DpVb+wDvPbuZ+Ed6d3mfEG0HLwVN4WlpX7Cw9wIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFAZizSUPkduH7Wkpakqcuqztlij/MB8GA1UdIwQYMBaAFHZ/Qk1INAbEIOXf
Gb6+mT9yWve2MA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYmZiYjRk
M2E2ZGQ1ZTY0OWE2NTU0YzQ4MTdjZTBlZDI3NzQyOTEzNi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNTM3NWJjZmMtOGI4Ni00NTJlLTg1MGQtODNjZmUz
YjUwZjA2LzE1NWM3OTcyN2Y1ZjMzYjQxM2E4YTQ5ZmZlMWIyMjQyNGRlYzQ0MTYu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy81Mzc1YmNmYy04Yjg2LTQ1MmUtODUwZC04M2Nm
ZTNiNTBmMDYvYmZiYjRkM2E2ZGQ1ZTY0OWE2NTU0YzQ4MTdjZTBlZDI3NzQyOTEz
Ni5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEALo4BzANBgkqhkiG9w0BAQsFAAOCAQEAkw1eLiMb7ykR8kwT
Cfre2E7KXpbfwROzolnYfz5+75xynun5Q1aM9zi+0cjJI0lG/pAg4OBcHc2N8WxV
I+AWbvL5OdVoQS0V9ot21wPD2Mq6Iwa+NI5sevM5s4H+IGi3Wqnqr9ahpHow2Jtn
3NFGRZEKdJ/0IbQQehFaQSpBazvHcHSMKMoZLUwH/hgDSd1OaO88PBy5AWXjCrOm
Zp/107nJKqDx1CbrkHdrsILRj/jhuu1befwCQBjbVR5eKxPxNdF9q1zjC6amiN1F
qizEcENjW00j8MplK2PFlvOM4yHs4lW6vuFgQ88SKmAEch284hXip+8m6yqqsijo
0Z6GzA==
-----END CERTIFICATE-----
Generated at Mon Apr 15 09:53:54 2024 by rpki-client on console-ams.rpki-client.org