Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/2ccf8cf25e051eae2b77cf6b38612d5faf399e4b.roa
File:                     2ccf8cf25e051eae2b77cf6b38612d5faf399e4b.roa (raw, json)
Hash identifier:          JLU8agsx/tXQ4Z1WGtfZsmEhkwSK8hJkA9G5AJy9ogE=
Subject key identifier:   49:4B:3B:D8:ED:D2:35:A0:D1:D6:34:5E:41:8E:0A:E0:C6:74:E8:F8
Certificate issuer:       /CN=bfbb4d3a6dd5e649a6554c4817ce0ed277429136
Certificate serial:       128400
Authority key identifier: 76:7F:42:4D:48:34:06:C4:20:E5:DF:19:BE:BE:99:3F:72:5A:F7:B6
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/2ccf8cf25e051eae2b77cf6b38612d5faf399e4b.roa
Signing time:             Wed 29 Nov 2023 21:28:45 +0000
ROA not before:           Wed 29 Nov 2023 21:28:45 +0000
ROA not after:            Sat 29 Nov 2025 21:28:45 +0000
asID:                     263181
IP address blocks:        201.251.0.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.crl
                          rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Thu 18 Apr 2024 06:11:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1213440 (0x128400)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bfbb4d3a6dd5e649a6554c4817ce0ed277429136
        Validity
            Not Before: Nov 29 21:28:45 2023 GMT
            Not After : Nov 29 21:28:45 2025 GMT
        Subject: CN=2ccf8cf25e051eae2b77cf6b38612d5faf399e4b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:4b:ce:3a:26:1a:b8:21:e1:a5:b6:cd:48:25:
                    07:c1:ab:bc:aa:63:2d:18:cd:df:2d:5c:30:90:82:
                    a7:20:5e:5b:88:61:45:73:1a:05:8e:54:3f:39:6e:
                    b5:d7:7b:d8:f1:bc:74:9c:98:f9:74:52:e2:98:d1:
                    15:6e:60:f9:40:75:3f:d6:e4:04:75:87:99:63:6c:
                    2c:71:5b:95:6f:27:3a:86:b2:fb:d0:25:5e:83:78:
                    a5:81:49:7e:53:04:b1:5d:fa:f1:ec:a8:78:9d:e4:
                    5e:7f:36:37:6c:70:34:42:3c:df:0e:24:f9:e0:ca:
                    46:f0:d3:f2:83:df:11:44:75:d5:72:50:bc:3d:a4:
                    62:e1:0a:f0:a8:a3:57:31:96:a1:43:f0:11:0c:bb:
                    20:db:80:12:e8:d8:8b:28:04:27:1d:b0:55:5e:09:
                    0d:73:21:30:73:28:34:e3:ad:31:37:e9:dd:41:e8:
                    97:67:9c:8c:e8:5b:01:7c:e3:2a:fe:59:a7:63:14:
                    30:c0:6e:e4:78:5a:0e:9a:66:ac:ec:1a:dc:2c:83:
                    4c:db:b7:66:b0:ba:0d:9d:e1:8c:d0:c5:ef:cc:e3:
                    b3:ed:64:c3:e9:82:30:9a:ce:27:7e:30:69:ff:09:
                    28:9b:31:a4:b1:67:44:03:8d:ce:72:58:80:df:eb:
                    0b:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                49:4B:3B:D8:ED:D2:35:A0:D1:D6:34:5E:41:8E:0A:E0:C6:74:E8:F8
            X509v3 Authority Key Identifier:
                keyid:76:7F:42:4D:48:34:06:C4:20:E5:DF:19:BE:BE:99:3F:72:5A:F7:B6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/2ccf8cf25e051eae2b77cf6b38612d5faf399e4b.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  201.251.0.0/24

    Signature Algorithm: sha256WithRSAEncryption
         86:e8:9c:9f:b4:52:0f:35:28:6b:95:17:e8:7c:a1:48:20:3d:
         59:7d:85:52:06:11:17:2b:69:5b:ad:39:0b:a3:08:ec:61:b8:
         43:b5:63:86:c3:cc:67:cd:b3:7c:86:b6:89:31:80:a4:35:2e:
         1f:ba:1b:16:75:0e:cb:30:7e:63:c0:a2:b0:10:38:38:4b:70:
         07:47:cc:1b:38:af:8a:f2:df:cd:fd:7d:b4:c8:79:59:65:85:
         d3:bd:68:5a:fc:0a:42:5b:f5:7f:dd:35:60:db:75:15:91:9f:
         e8:eb:4b:7a:e2:14:25:a0:81:ab:78:32:2e:e9:14:1a:16:0f:
         c7:c6:c3:d0:67:58:cf:f2:10:ad:56:f2:1c:81:5b:44:25:c5:
         cc:b8:d1:d4:b1:38:a5:98:a8:64:70:ea:1d:de:81:88:25:03:
         e1:ca:99:88:db:10:6d:7f:24:b8:e7:79:c1:29:fc:45:34:1f:
         0c:0a:d6:c5:a6:9e:69:cd:6e:44:43:eb:08:bb:79:2c:80:00:
         fe:e7:1c:6f:f9:99:f1:db:54:21:a6:dd:20:00:0a:7f:38:c1:
         4b:39:e2:72:be:80:21:2c:c5:d8:15:8a:03:30:d4:ee:24:a7:
         ea:e5:8e:25:5f:08:08:bb:85:64:81:29:c4:7c:55:99:5e:3c:
         6a:ad:9a:6e
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDEoQAMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGJm
YmI0ZDNhNmRkNWU2NDlhNjU1NGM0ODE3Y2UwZWQyNzc0MjkxMzYwHhcNMjMxMTI5
MjEyODQ1WhcNMjUxMTI5MjEyODQ1WjAzMTEwLwYDVQQDEygyY2NmOGNmMjVlMDUx
ZWFlMmI3N2NmNmIzODYxMmQ1ZmFmMzk5ZTRiMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAz0vOOiYauCHhpbbNSCUHwau8qmMtGM3fLVwwkIKnIF5biGFF
cxoFjlQ/OW6113vY8bx0nJj5dFLimNEVbmD5QHU/1uQEdYeZY2wscVuVbyc6hrL7
0CVeg3ilgUl+UwSxXfrx7Kh4neRefzY3bHA0QjzfDiT54MpG8NPyg98RRHXVclC8
PaRi4QrwqKNXMZahQ/ARDLsg24AS6NiLKAQnHbBVXgkNcyEwcyg0460xN+ndQeiX
Z5yM6FsBfOMq/lmnYxQwwG7keFoOmmas7BrcLINM27dmsLoNneGM0MXvzOOz7WTD
6YIwms4nfjBp/wkomzGksWdEA43OcliA3+sLUQIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFElLO9jt0jWg0dY0XkGOCuDGdOj4MB8GA1UdIwQYMBaAFHZ/Qk1INAbEIOXf
Gb6+mT9yWve2MA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYmZiYjRk
M2E2ZGQ1ZTY0OWE2NTU0YzQ4MTdjZTBlZDI3NzQyOTEzNi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNTM3NWJjZmMtOGI4Ni00NTJlLTg1MGQtODNjZmUz
YjUwZjA2LzJjY2Y4Y2YyNWUwNTFlYWUyYjc3Y2Y2YjM4NjEyZDVmYWYzOTllNGIu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy81Mzc1YmNmYy04Yjg2LTQ1MmUtODUwZC04M2Nm
ZTNiNTBmMDYvYmZiYjRkM2E2ZGQ1ZTY0OWE2NTU0YzQ4MTdjZTBlZDI3NzQyOTEz
Ni5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAMn7ADANBgkqhkiG9w0BAQsFAAOCAQEAhuicn7RSDzUoa5UX
6HyhSCA9WX2FUgYRFytpW605C6MI7GG4Q7VjhsPMZ82zfIa2iTGApDUuH7obFnUO
yzB+Y8CisBA4OEtwB0fMGzivivLfzf19tMh5WWWF071oWvwKQlv1f901YNt1FZGf
6OtLeuIUJaCBq3gyLukUGhYPx8bD0GdYz/IQrVbyHIFbRCXFzLjR1LE4pZioZHDq
Hd6BiCUD4cqZiNsQbX8kuOd5wSn8RTQfDArWxaaeac1uREPrCLt5LIAA/uccb/mZ
8dtUIabdIAAKfzjBSznicr6AISzF2BWKAzDU7iSn6uWOJV8ICLuFZIEpxHxVmV48
aq2abg==
-----END CERTIFICATE-----
Generated at Mon Apr 15 09:53:54 2024 by rpki-client on console-ams.rpki-client.org