Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/23ba9363c4978e195ddba9a96fccba7a55545862.roa
File:                     23ba9363c4978e195ddba9a96fccba7a55545862.roa (raw, json)
Hash identifier:          cBhZ1+WLBanu/fdfyUgp1jMqwDaNfFXzDuWkAQS7rCk=
Subject key identifier:   8D:19:F8:44:44:77:2C:ED:76:AF:07:31:CC:FE:CE:FE:B7:1A:93:3F
Certificate issuer:       /CN=bfbb4d3a6dd5e649a6554c4817ce0ed277429136
Certificate serial:       122B6C
Authority key identifier: 76:7F:42:4D:48:34:06:C4:20:E5:DF:19:BE:BE:99:3F:72:5A:F7:B6
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/23ba9363c4978e195ddba9a96fccba7a55545862.roa
Signing time:             Wed 29 Nov 2023 15:36:31 +0000
ROA not before:           Wed 29 Nov 2023 15:36:31 +0000
ROA not after:            Sat 29 Nov 2025 15:36:31 +0000
asID:                     264830
IP address blocks:        201.251.215.0/24 maxlen: 24
                          201.251.216.0/22 maxlen: 24
                          201.251.220.0/24 maxlen: 24
                          201.251.235.0/24 maxlen: 24
                          201.251.236.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.crl
                          rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Thu 18 Apr 2024 06:11:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1190764 (0x122b6c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bfbb4d3a6dd5e649a6554c4817ce0ed277429136
        Validity
            Not Before: Nov 29 15:36:31 2023 GMT
            Not After : Nov 29 15:36:31 2025 GMT
        Subject: CN=23ba9363c4978e195ddba9a96fccba7a55545862
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:30:83:19:ed:e8:a3:f8:be:02:9c:d6:f9:31:
                    c8:4c:2f:fd:25:a1:31:09:a3:e0:29:85:83:de:30:
                    72:1f:fa:fa:af:69:b7:6c:2e:e9:b3:b7:26:34:2a:
                    9c:3c:39:ed:70:8c:67:73:9f:1c:47:4c:4c:18:59:
                    5a:99:04:7a:68:ee:ac:cd:1a:10:28:a8:17:63:df:
                    f2:71:fa:b7:ca:99:4d:02:45:dc:54:a5:40:c8:fd:
                    06:1d:30:c3:92:4a:49:dc:c2:f5:68:29:72:27:54:
                    04:18:66:86:19:26:d3:50:79:b8:f9:c6:4b:cd:e5:
                    0f:1d:cc:d4:05:74:30:01:b5:a5:ab:93:0a:32:2b:
                    dc:a4:ce:e4:aa:5b:33:33:e7:4d:29:89:0b:34:e1:
                    f3:92:54:95:e8:15:34:7b:6c:6b:23:38:00:61:12:
                    c3:0d:fc:02:dc:de:30:cd:10:dd:82:1b:01:b4:01:
                    47:f7:9a:eb:fe:a1:bf:39:81:a8:8b:12:e9:f9:db:
                    ec:4d:d0:52:ca:60:0c:25:c1:a3:98:64:e8:aa:67:
                    38:d6:be:67:59:f4:f7:80:db:d5:d6:5f:3e:94:17:
                    41:ec:cd:0b:82:0d:64:ab:85:ff:2f:3f:1b:d4:78:
                    02:8f:94:67:43:97:02:53:f5:f5:94:60:cd:76:f3:
                    87:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8D:19:F8:44:44:77:2C:ED:76:AF:07:31:CC:FE:CE:FE:B7:1A:93:3F
            X509v3 Authority Key Identifier:
                keyid:76:7F:42:4D:48:34:06:C4:20:E5:DF:19:BE:BE:99:3F:72:5A:F7:B6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/23ba9363c4978e195ddba9a96fccba7a55545862.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  201.251.215.0-201.251.220.255
                  201.251.235.0-201.251.236.255

    Signature Algorithm: sha256WithRSAEncryption
         95:b6:e4:d4:a5:22:21:4a:59:27:ef:89:a0:67:6d:8a:a1:e6:
         1a:94:b4:41:35:84:75:5a:14:4a:22:4e:f0:14:ad:c4:2b:e8:
         37:53:39:ef:02:ee:0d:06:11:d0:9b:27:e2:be:b3:7a:88:3e:
         b9:bc:ff:b0:18:bc:1a:7e:63:a2:32:03:00:f6:81:34:ca:e7:
         00:41:5e:8d:46:66:0c:83:ce:9f:67:6b:eb:89:96:91:59:91:
         52:da:0c:dd:da:7a:29:8a:88:25:53:64:6d:e2:12:30:a0:b3:
         7d:77:2e:96:ad:ea:6b:69:e8:b3:68:6d:80:81:f0:e3:c3:e5:
         55:ed:dc:5d:b9:a3:fe:09:42:99:87:a3:ca:cd:a0:a2:3c:55:
         4d:bd:68:b4:f3:6a:74:d0:d8:0a:5e:d1:53:f7:2e:14:ff:9d:
         06:48:5a:fc:45:ee:2c:63:c6:79:7e:17:23:54:40:2e:e0:6b:
         50:e1:bf:83:d8:21:f2:58:5c:5d:c6:f8:cc:bd:06:81:15:2b:
         68:93:e0:fa:8c:7d:9e:8b:7e:db:14:14:45:67:7d:48:37:01:
         d1:fa:b9:d0:0e:a8:ec:eb:cf:a3:70:2c:87:c7:a5:68:f9:dc:
         dc:5d:71:1c:f8:1e:db:9d:b4:91:59:9f:c0:9f:a1:dd:90:b4:
         e8:27:21:cf
-----BEGIN CERTIFICATE-----
MIIFVjCCBD6gAwIBAgIDEitsMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGJm
YmI0ZDNhNmRkNWU2NDlhNjU1NGM0ODE3Y2UwZWQyNzc0MjkxMzYwHhcNMjMxMTI5
MTUzNjMxWhcNMjUxMTI5MTUzNjMxWjAzMTEwLwYDVQQDEygyM2JhOTM2M2M0OTc4
ZTE5NWRkYmE5YTk2ZmNjYmE3YTU1NTQ1ODYyMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAmDCDGe3oo/i+ApzW+THITC/9JaExCaPgKYWD3jByH/r6r2m3
bC7ps7cmNCqcPDntcIxnc58cR0xMGFlamQR6aO6szRoQKKgXY9/ycfq3yplNAkXc
VKVAyP0GHTDDkkpJ3ML1aClyJ1QEGGaGGSbTUHm4+cZLzeUPHczUBXQwAbWlq5MK
MivcpM7kqlszM+dNKYkLNOHzklSV6BU0e2xrIzgAYRLDDfwC3N4wzRDdghsBtAFH
95rr/qG/OYGoixLp+dvsTdBSymAMJcGjmGToqmc41r5nWfT3gNvV1l8+lBdB7M0L
gg1kq4X/Lz8b1HgCj5RnQ5cCU/X1lGDNdvOHsQIDAQABo4ICcTCCAm0wHQYDVR0O
BBYEFI0Z+EREdyztdq8HMcz+zv63GpM/MB8GA1UdIwQYMBaAFHZ/Qk1INAbEIOXf
Gb6+mT9yWve2MA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYmZiYjRk
M2E2ZGQ1ZTY0OWE2NTU0YzQ4MTdjZTBlZDI3NzQyOTEzNi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNTM3NWJjZmMtOGI4Ni00NTJlLTg1MGQtODNjZmUz
YjUwZjA2LzIzYmE5MzYzYzQ5NzhlMTk1ZGRiYTlhOTZmY2NiYTdhNTU1NDU4NjIu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy81Mzc1YmNmYy04Yjg2LTQ1MmUtODUwZC04M2Nm
ZTNiNTBmMDYvYmZiYjRkM2E2ZGQ1ZTY0OWE2NTU0YzQ4MTdjZTBlZDI3NzQyOTEz
Ni5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA1BggrBgEFBQcBBwEB/wQm
MCQwIgQCAAEwHDAMAwQAyfvXAwQAyfvcMAwDBADJ++sDBADJ++wwDQYJKoZIhvcN
AQELBQADggEBAJW25NSlIiFKWSfviaBnbYqh5hqUtEE1hHVaFEoiTvAUrcQr6DdT
Oe8C7g0GEdCbJ+K+s3qIPrm8/7AYvBp+Y6IyAwD2gTTK5wBBXo1GZgyDzp9na+uJ
lpFZkVLaDN3aeimKiCVTZG3iEjCgs313Lpat6mtp6LNobYCB8OPD5VXt3F25o/4J
QpmHo8rNoKI8VU29aLTzanTQ2Ape0VP3LhT/nQZIWvxF7ixjxnl+FyNUQC7ga1Dh
v4PYIfJYXF3G+My9BoEVK2iT4PqMfZ6LftsUFEVnfUg3AdH6udAOqOzrz6NwLIfH
pWj53NxdcRz4HtudtJFZn8Cfod2QtOgnIc8=
-----END CERTIFICATE-----
Generated at Mon Apr 15 09:53:54 2024 by rpki-client on console-ams.rpki-client.org