Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/33d1a4b67d1bafb588a20f77e0f8c3ec2b240aa8.roa
File:                     33d1a4b67d1bafb588a20f77e0f8c3ec2b240aa8.roa (raw, json)
Hash identifier:          YdpGTZU4R4NEhKdqH2JKIvAAVetP20byDPwMYUmHKbE=
Subject key identifier:   18:AC:45:0E:24:63:EE:50:70:82:81:A7:09:98:60:98:02:11:D9:15
Certificate issuer:       /CN=bfbb4d3a6dd5e649a6554c4817ce0ed277429136
Certificate serial:       141C76
Authority key identifier: 76:7F:42:4D:48:34:06:C4:20:E5:DF:19:BE:BE:99:3F:72:5A:F7:B6
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/33d1a4b67d1bafb588a20f77e0f8c3ec2b240aa8.roa
Signing time:             Tue 30 Jan 2024 17:55:26 +0000
ROA not before:           Tue 30 Jan 2024 17:55:25 +0000
ROA not after:            Fri 30 Jan 2026 17:55:25 +0000
asID:                     22927
IP address blocks:        200.5.218.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.crl
                          rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Thu 18 Apr 2024 06:11:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1318006 (0x141c76)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bfbb4d3a6dd5e649a6554c4817ce0ed277429136
        Validity
            Not Before: Jan 30 17:55:25 2024 GMT
            Not After : Jan 30 17:55:25 2026 GMT
        Subject: CN=33d1a4b67d1bafb588a20f77e0f8c3ec2b240aa8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:4f:ad:5a:30:8c:64:7d:3b:e8:fb:60:49:8b:
                    00:e1:30:2d:d7:90:c3:2f:35:d3:e9:07:1c:1c:23:
                    b8:a7:d3:50:72:b3:25:19:0a:fc:05:cc:14:a3:34:
                    89:cd:2d:ca:9a:4b:5c:00:88:0c:c2:ba:f4:01:a5:
                    f2:c7:2f:28:09:08:50:40:58:18:0c:3b:24:d1:70:
                    9a:f1:01:fe:6f:4b:1a:3f:6b:8b:04:0a:60:cb:5a:
                    8e:25:ee:cc:47:7d:20:a3:46:48:05:2b:ff:9e:2b:
                    37:47:0c:7a:68:a8:7d:96:20:4f:45:43:1a:8d:47:
                    d6:5b:1b:78:d1:bc:43:c3:2e:90:b3:be:96:01:97:
                    58:50:48:db:02:18:2e:ec:43:01:f3:ed:c2:36:67:
                    dd:9f:12:aa:51:84:26:7a:46:5d:f8:df:c8:0d:d4:
                    ff:8c:bd:9a:d2:78:9b:b8:61:09:57:f8:49:74:0a:
                    12:62:b0:54:bd:3b:7f:ad:d7:10:31:33:c1:f8:bd:
                    ed:25:15:45:cd:80:34:de:7b:fd:d6:d6:91:8a:d4:
                    3b:eb:6d:4e:ec:62:1e:6d:0b:6a:a3:a6:fe:ce:8d:
                    8d:8f:0f:db:4c:eb:49:d9:c4:5e:39:f9:d8:21:31:
                    8b:e4:27:94:e6:a4:f8:3c:55:06:4f:93:55:7e:68:
                    bb:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                18:AC:45:0E:24:63:EE:50:70:82:81:A7:09:98:60:98:02:11:D9:15
            X509v3 Authority Key Identifier:
                keyid:76:7F:42:4D:48:34:06:C4:20:E5:DF:19:BE:BE:99:3F:72:5A:F7:B6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/33d1a4b67d1bafb588a20f77e0f8c3ec2b240aa8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.5.218.0/24

    Signature Algorithm: sha256WithRSAEncryption
         89:87:d2:fe:a9:d2:02:5b:21:c1:1f:10:61:16:ad:83:81:2e:
         9d:fe:04:88:9e:d7:7c:ee:a6:f1:e7:62:bf:f4:02:8a:74:a8:
         47:03:9b:ae:36:2b:0a:6d:0f:c2:29:ce:8c:d3:d2:c1:fa:17:
         9d:30:f3:3f:04:be:ad:d8:3c:95:0a:38:ba:99:b6:94:ff:ce:
         c8:55:38:e9:75:30:0c:62:e5:a1:9f:7b:06:0b:91:30:0b:42:
         d8:b5:b7:a1:85:1b:26:9f:5e:d3:b5:6e:51:54:47:e6:7d:81:
         7f:74:59:94:19:60:0c:f1:b4:56:38:93:c3:6d:d9:75:0a:f5:
         aa:11:2a:88:d5:c5:4b:6e:c4:0d:ed:59:1f:04:9a:7d:02:79:
         b1:d3:58:fb:dc:d1:e2:fe:e6:36:3d:4b:90:bc:67:74:04:05:
         8b:0d:25:58:63:3a:1c:ac:78:d8:7a:dc:58:53:5c:f8:d6:c6:
         a2:11:b5:0d:f6:c1:3e:01:bd:e8:ac:f7:0b:da:2b:74:aa:48:
         0b:a6:bd:f8:4e:a1:00:5a:95:b9:d8:b2:9d:b8:09:d9:11:1d:
         7d:ce:8a:ef:c5:4d:6b:18:03:46:22:49:b1:7b:cd:5f:db:6b:
         d6:1d:53:48:89:81:c0:5a:90:19:1d:6f:fb:f7:73:af:0a:fb:
         78:30:ec:fa
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDFBx2MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGJm
YmI0ZDNhNmRkNWU2NDlhNjU1NGM0ODE3Y2UwZWQyNzc0MjkxMzYwHhcNMjQwMTMw
MTc1NTI1WhcNMjYwMTMwMTc1NTI1WjAzMTEwLwYDVQQDEygzM2QxYTRiNjdkMWJh
ZmI1ODhhMjBmNzdlMGY4YzNlYzJiMjQwYWE4MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAxU+tWjCMZH076PtgSYsA4TAt15DDLzXT6QccHCO4p9NQcrMl
GQr8BcwUozSJzS3KmktcAIgMwrr0AaXyxy8oCQhQQFgYDDsk0XCa8QH+b0saP2uL
BApgy1qOJe7MR30go0ZIBSv/nis3Rwx6aKh9liBPRUMajUfWWxt40bxDwy6Qs76W
AZdYUEjbAhgu7EMB8+3CNmfdnxKqUYQmekZd+N/IDdT/jL2a0nibuGEJV/hJdAoS
YrBUvTt/rdcQMTPB+L3tJRVFzYA03nv91taRitQ7621O7GIebQtqo6b+zo2Njw/b
TOtJ2cReOfnYITGL5CeU5qT4PFUGT5NVfmi7rQIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFBisRQ4kY+5QcIKBpwmYYJgCEdkVMB8GA1UdIwQYMBaAFHZ/Qk1INAbEIOXf
Gb6+mT9yWve2MA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYmZiYjRk
M2E2ZGQ1ZTY0OWE2NTU0YzQ4MTdjZTBlZDI3NzQyOTEzNi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNTM3NWJjZmMtOGI4Ni00NTJlLTg1MGQtODNjZmUz
YjUwZjA2LzMzZDFhNGI2N2QxYmFmYjU4OGEyMGY3N2UwZjhjM2VjMmIyNDBhYTgu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy81Mzc1YmNmYy04Yjg2LTQ1MmUtODUwZC04M2Nm
ZTNiNTBmMDYvYmZiYjRkM2E2ZGQ1ZTY0OWE2NTU0YzQ4MTdjZTBlZDI3NzQyOTEz
Ni5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAMgF2jANBgkqhkiG9w0BAQsFAAOCAQEAiYfS/qnSAlshwR8Q
YRatg4Eunf4EiJ7XfO6m8ediv/QCinSoRwObrjYrCm0PwinOjNPSwfoXnTDzPwS+
rdg8lQo4upm2lP/OyFU46XUwDGLloZ97BguRMAtC2LW3oYUbJp9e07VuUVRH5n2B
f3RZlBlgDPG0VjiTw23ZdQr1qhEqiNXFS27EDe1ZHwSafQJ5sdNY+9zR4v7mNj1L
kLxndAQFiw0lWGM6HKx42HrcWFNc+NbGohG1DfbBPgG96Kz3C9ordKpIC6a9+E6h
AFqVudiynbgJ2REdfc6K78VNaxgDRiJJsXvNX9tr1h1TSImBwFqQGR1v+/dzrwr7
eDDs+g==
-----END CERTIFICATE-----
Generated at Mon Apr 15 10:07:20 2024 by rpki-client on console-fra.rpki-client.org