Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/2d704d2a78fd3cf8f398db72e3cc88cfa5eea98a.roa
File:                     2d704d2a78fd3cf8f398db72e3cc88cfa5eea98a.roa (raw, json)
Hash identifier:          n6w5qF/Jiw5AsH7p+X3qaBKxrzGWaBk8wpHzxfDPv/s=
Subject key identifier:   74:C5:D0:C7:42:EA:FE:42:8D:0B:86:A7:4E:CF:68:BB:2D:8F:B7:54
Certificate issuer:       /CN=bfbb4d3a6dd5e649a6554c4817ce0ed277429136
Certificate serial:       121C56
Authority key identifier: 76:7F:42:4D:48:34:06:C4:20:E5:DF:19:BE:BE:99:3F:72:5A:F7:B6
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/2d704d2a78fd3cf8f398db72e3cc88cfa5eea98a.roa
Signing time:             Wed 29 Nov 2023 15:27:52 +0000
ROA not before:           Wed 29 Nov 2023 15:27:52 +0000
ROA not after:            Sat 29 Nov 2025 15:27:52 +0000
asID:                     52367
IP address blocks:        201.251.140.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.crl
                          rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Thu 18 Apr 2024 06:11:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1186902 (0x121c56)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bfbb4d3a6dd5e649a6554c4817ce0ed277429136
        Validity
            Not Before: Nov 29 15:27:52 2023 GMT
            Not After : Nov 29 15:27:52 2025 GMT
        Subject: CN=2d704d2a78fd3cf8f398db72e3cc88cfa5eea98a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:a2:a3:c8:f0:e2:c6:78:c4:c8:a6:d4:af:28:
                    bb:f0:df:77:12:d3:22:cf:fc:b1:fd:e9:85:fd:d2:
                    35:8c:49:40:67:ac:8e:d8:49:53:c7:ec:18:34:b8:
                    c1:a2:33:3a:f1:7f:8d:76:35:7c:f1:98:06:da:b7:
                    3b:49:05:e6:00:0d:bb:9c:60:4a:70:e9:48:2f:c2:
                    b2:10:09:19:0b:4e:da:4a:52:90:a5:9c:76:db:6e:
                    b9:e8:14:c6:1c:a3:52:a8:f0:4d:19:b4:8d:36:57:
                    da:25:5e:20:79:ad:83:89:24:32:2a:eb:8a:dc:4b:
                    c0:5a:6f:73:8e:5c:86:fa:a3:d6:a5:0f:da:ee:a2:
                    9d:03:5a:e0:c8:51:0c:68:5e:16:e1:ce:a3:d8:83:
                    b9:ce:20:84:90:50:46:47:13:8d:51:f4:74:a2:0a:
                    5e:fd:ad:53:5f:49:4c:2d:45:f3:27:b1:dc:ba:5d:
                    67:04:87:e3:06:8c:d7:89:51:c1:5c:1f:6e:a2:d3:
                    cb:21:18:12:48:66:25:7d:c1:41:cb:ea:ca:ca:d7:
                    e1:07:ea:cf:00:27:c8:d3:a8:18:f1:2d:7a:ab:fd:
                    a2:31:46:68:5b:e9:68:8c:f1:57:4a:45:50:d6:22:
                    74:3d:c2:b1:04:37:e1:7f:1b:cc:89:92:61:e8:c4:
                    b7:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                74:C5:D0:C7:42:EA:FE:42:8D:0B:86:A7:4E:CF:68:BB:2D:8F:B7:54
            X509v3 Authority Key Identifier:
                keyid:76:7F:42:4D:48:34:06:C4:20:E5:DF:19:BE:BE:99:3F:72:5A:F7:B6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/2d704d2a78fd3cf8f398db72e3cc88cfa5eea98a.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  201.251.140.0/24

    Signature Algorithm: sha256WithRSAEncryption
         36:d4:26:0c:c6:99:fd:ec:b1:7a:c6:39:ea:13:42:ec:9a:e1:
         d4:1e:55:04:1a:65:0a:21:4c:ea:1b:f7:c3:bf:d1:b0:f5:a3:
         70:43:c6:fd:18:1b:c9:70:35:eb:51:21:51:64:81:bd:48:6f:
         1a:48:82:26:51:39:76:09:a0:4c:ab:0d:08:64:a1:62:cf:ba:
         d4:bd:04:2f:c0:2d:48:2e:22:3b:3d:5d:e2:04:b7:b4:be:58:
         2a:4e:3b:8c:8c:ef:39:92:84:aa:30:1e:fe:2d:19:3b:43:45:
         cb:76:d0:3f:a2:d8:81:95:13:88:d4:ba:14:0b:4e:cc:64:df:
         9a:5f:12:7e:5c:66:71:53:84:a5:8b:2a:cb:91:7f:8d:92:7d:
         63:9e:14:32:bc:f2:b1:e5:d7:7a:3d:ca:1b:ba:90:57:fb:62:
         e2:12:fa:17:58:a9:7c:d5:4a:08:a9:6c:39:ee:7e:11:79:ab:
         38:a5:e2:98:bd:dc:5f:86:e2:0a:25:c3:de:50:2b:a6:5a:43:
         62:ea:74:d9:2b:84:7f:2a:b0:5c:93:28:0a:a5:90:82:68:3e:
         84:df:cb:41:59:92:d0:af:92:be:cf:2c:be:82:b0:01:eb:a6:
         ae:a1:3e:6c:de:86:04:17:51:57:99:97:7e:c0:ce:39:d6:ff:
         e0:e5:95:a8
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDEhxWMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGJm
YmI0ZDNhNmRkNWU2NDlhNjU1NGM0ODE3Y2UwZWQyNzc0MjkxMzYwHhcNMjMxMTI5
MTUyNzUyWhcNMjUxMTI5MTUyNzUyWjAzMTEwLwYDVQQDEygyZDcwNGQyYTc4ZmQz
Y2Y4ZjM5OGRiNzJlM2NjODhjZmE1ZWVhOThhMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAiaKjyPDixnjEyKbUryi78N93EtMiz/yx/emF/dI1jElAZ6yO
2ElTx+wYNLjBojM68X+NdjV88ZgG2rc7SQXmAA27nGBKcOlIL8KyEAkZC07aSlKQ
pZx222656BTGHKNSqPBNGbSNNlfaJV4gea2DiSQyKuuK3EvAWm9zjlyG+qPWpQ/a
7qKdA1rgyFEMaF4W4c6j2IO5ziCEkFBGRxONUfR0ogpe/a1TX0lMLUXzJ7Hcul1n
BIfjBozXiVHBXB9uotPLIRgSSGYlfcFBy+rKytfhB+rPACfI06gY8S16q/2iMUZo
W+lojPFXSkVQ1iJ0PcKxBDfhfxvMiZJh6MS3DwIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFHTF0MdC6v5CjQuGp07PaLstj7dUMB8GA1UdIwQYMBaAFHZ/Qk1INAbEIOXf
Gb6+mT9yWve2MA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYmZiYjRk
M2E2ZGQ1ZTY0OWE2NTU0YzQ4MTdjZTBlZDI3NzQyOTEzNi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNTM3NWJjZmMtOGI4Ni00NTJlLTg1MGQtODNjZmUz
YjUwZjA2LzJkNzA0ZDJhNzhmZDNjZjhmMzk4ZGI3MmUzY2M4OGNmYTVlZWE5OGEu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy81Mzc1YmNmYy04Yjg2LTQ1MmUtODUwZC04M2Nm
ZTNiNTBmMDYvYmZiYjRkM2E2ZGQ1ZTY0OWE2NTU0YzQ4MTdjZTBlZDI3NzQyOTEz
Ni5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAMn7jDANBgkqhkiG9w0BAQsFAAOCAQEANtQmDMaZ/eyxesY5
6hNC7Jrh1B5VBBplCiFM6hv3w7/RsPWjcEPG/RgbyXA161EhUWSBvUhvGkiCJlE5
dgmgTKsNCGShYs+61L0EL8AtSC4iOz1d4gS3tL5YKk47jIzvOZKEqjAe/i0ZO0NF
y3bQP6LYgZUTiNS6FAtOzGTfml8SflxmcVOEpYsqy5F/jZJ9Y54UMrzyseXXej3K
G7qQV/ti4hL6F1ipfNVKCKlsOe5+EXmrOKXimL3cX4biCiXD3lArplpDYup02SuE
fyqwXJMoCqWQgmg+hN/LQVmS0K+Svs8svoKwAeumrqE+bN6GBBdRV5mXfsDOOdb/
4OWVqA==
-----END CERTIFICATE-----
Generated at Mon Apr 15 10:07:20 2024 by rpki-client on console-fra.rpki-client.org