Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/3fdeeeb228f03759405a7876fe24296bee84d067.roa
File:                     3fdeeeb228f03759405a7876fe24296bee84d067.roa (raw, json)
Hash identifier:          crfaEv9ekHvnvDxsN9GFOlmwWG4NDkPBhAnp5WUc7YI=
Subject key identifier:   55:C8:F1:F2:E6:CE:FE:95:7B:78:D7:56:40:5C:43:7B:40:79:9F:3B
Certificate issuer:       /CN=bfbb4d3a6dd5e649a6554c4817ce0ed277429136
Certificate serial:       1422D8
Authority key identifier: 76:7F:42:4D:48:34:06:C4:20:E5:DF:19:BE:BE:99:3F:72:5A:F7:B6
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/3fdeeeb228f03759405a7876fe24296bee84d067.roa
Signing time:             Tue 30 Jan 2024 18:08:39 +0000
ROA not before:           Tue 30 Jan 2024 18:08:39 +0000
ROA not after:            Fri 30 Jan 2026 18:08:39 +0000
asID:                     10834
IP address blocks:        200.10.96.0/19 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.crl
                          rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Thu 18 Apr 2024 06:11:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1319640 (0x1422d8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bfbb4d3a6dd5e649a6554c4817ce0ed277429136
        Validity
            Not Before: Jan 30 18:08:39 2024 GMT
            Not After : Jan 30 18:08:39 2026 GMT
        Subject: CN=3fdeeeb228f03759405a7876fe24296bee84d067
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:5d:1f:32:dc:ae:a0:4e:98:4e:95:20:64:3e:
                    04:6e:54:9e:49:3a:3d:4b:f2:72:f0:eb:f4:04:ea:
                    e4:23:24:74:d5:64:c9:f6:4e:49:f4:97:b4:0b:ff:
                    d5:b8:3b:e2:f5:58:e8:5b:93:2e:a3:55:1d:b2:0a:
                    45:b3:4b:84:90:5d:e3:76:5f:b7:07:33:6b:8b:58:
                    f1:08:cf:f5:fb:2b:c3:3d:36:af:bd:08:8c:0f:a0:
                    1c:b9:50:3f:6e:99:d8:04:b8:56:4e:32:b0:1e:93:
                    93:bd:62:41:bf:00:f7:39:7a:5d:58:9f:dd:02:eb:
                    c1:dd:5c:b3:a0:8c:9d:2b:44:e3:de:65:da:4b:cc:
                    4b:76:bd:93:82:53:a0:f5:f4:bb:e5:c8:f0:2d:58:
                    ac:a8:a9:9e:d9:e3:30:b2:91:f6:99:88:b3:7a:36:
                    13:7c:12:fe:e4:b0:7b:75:2f:54:ee:4c:2d:52:ca:
                    a0:7d:65:b5:91:af:ae:ea:b4:44:62:fe:ce:19:1b:
                    b1:aa:a0:0a:d2:f2:20:54:c7:3b:5b:0e:c5:e0:79:
                    14:cb:bd:c3:68:f2:99:54:b7:67:82:f6:48:3d:d9:
                    0e:aa:d3:06:77:a8:39:23:79:8b:35:18:f5:a5:14:
                    44:58:f8:7f:ae:b5:45:0f:59:4f:5e:c6:00:13:76:
                    07:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                55:C8:F1:F2:E6:CE:FE:95:7B:78:D7:56:40:5C:43:7B:40:79:9F:3B
            X509v3 Authority Key Identifier:
                keyid:76:7F:42:4D:48:34:06:C4:20:E5:DF:19:BE:BE:99:3F:72:5A:F7:B6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/3fdeeeb228f03759405a7876fe24296bee84d067.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.10.96.0/19

    Signature Algorithm: sha256WithRSAEncryption
         56:a1:78:f5:bd:4d:df:51:d6:fa:9f:b7:66:b3:ec:b5:74:53:
         28:ca:4b:ca:43:cb:01:8c:13:12:d9:fb:35:ef:47:aa:01:ae:
         c0:b9:8b:f0:e5:07:4b:8b:9b:44:c0:d5:cc:84:ce:d7:e8:57:
         c8:1f:2f:b5:5c:6f:78:ed:bc:ce:78:2e:40:43:c7:bd:a4:d5:
         61:19:cd:6e:cd:86:24:79:e9:b4:18:fb:83:96:b5:8b:81:91:
         62:4a:ae:01:3a:5f:28:bf:af:8c:57:f6:59:17:72:5d:a6:52:
         f6:07:3b:65:35:62:a1:65:e0:ff:18:05:6f:e3:c3:38:0a:9c:
         cb:ef:71:a4:55:6b:bb:3c:26:36:ad:40:3c:b9:02:f5:ed:da:
         a6:15:38:36:59:0c:29:28:67:ea:c7:70:1e:d3:c3:e1:b6:92:
         6e:e6:21:54:07:b8:0d:df:6b:0a:eb:2e:6e:dc:3b:7c:e3:45:
         c2:38:b9:84:8e:0f:27:26:2f:00:05:cf:9b:0e:6f:fe:69:14:
         eb:24:c6:47:8f:a2:91:ee:73:bb:1c:6a:ae:85:dc:3b:84:25:
         65:4f:28:be:07:d4:eb:19:61:5e:b0:21:9f:ae:46:56:66:4c:
         fe:84:45:5f:9d:de:9e:fc:77:82:a3:d0:b6:a2:2a:15:99:f5:
         38:7c:db:1d
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDFCLYMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGJm
YmI0ZDNhNmRkNWU2NDlhNjU1NGM0ODE3Y2UwZWQyNzc0MjkxMzYwHhcNMjQwMTMw
MTgwODM5WhcNMjYwMTMwMTgwODM5WjAzMTEwLwYDVQQDEygzZmRlZWViMjI4ZjAz
NzU5NDA1YTc4NzZmZTI0Mjk2YmVlODRkMDY3MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAy10fMtyuoE6YTpUgZD4EblSeSTo9S/Jy8Ov0BOrkIyR01WTJ
9k5J9Je0C//VuDvi9VjoW5Muo1UdsgpFs0uEkF3jdl+3BzNri1jxCM/1+yvDPTav
vQiMD6AcuVA/bpnYBLhWTjKwHpOTvWJBvwD3OXpdWJ/dAuvB3VyzoIydK0Tj3mXa
S8xLdr2TglOg9fS75cjwLVisqKme2eMwspH2mYizejYTfBL+5LB7dS9U7kwtUsqg
fWW1ka+u6rREYv7OGRuxqqAK0vIgVMc7Ww7F4HkUy73DaPKZVLdngvZIPdkOqtMG
d6g5I3mLNRj1pRREWPh/rrVFD1lPXsYAE3YHFQIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFFXI8fLmzv6Ve3jXVkBcQ3tAeZ87MB8GA1UdIwQYMBaAFHZ/Qk1INAbEIOXf
Gb6+mT9yWve2MA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYmZiYjRk
M2E2ZGQ1ZTY0OWE2NTU0YzQ4MTdjZTBlZDI3NzQyOTEzNi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNTM3NWJjZmMtOGI4Ni00NTJlLTg1MGQtODNjZmUz
YjUwZjA2LzNmZGVlZWIyMjhmMDM3NTk0MDVhNzg3NmZlMjQyOTZiZWU4NGQwNjcu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy81Mzc1YmNmYy04Yjg2LTQ1MmUtODUwZC04M2Nm
ZTNiNTBmMDYvYmZiYjRkM2E2ZGQ1ZTY0OWE2NTU0YzQ4MTdjZTBlZDI3NzQyOTEz
Ni5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEBcgKYDANBgkqhkiG9w0BAQsFAAOCAQEAVqF49b1N31HW+p+3
ZrPstXRTKMpLykPLAYwTEtn7Ne9HqgGuwLmL8OUHS4ubRMDVzITO1+hXyB8vtVxv
eO28znguQEPHvaTVYRnNbs2GJHnptBj7g5a1i4GRYkquATpfKL+vjFf2WRdyXaZS
9gc7ZTVioWXg/xgFb+PDOAqcy+9xpFVruzwmNq1APLkC9e3aphU4NlkMKShn6sdw
HtPD4baSbuYhVAe4Dd9rCusubtw7fONFwji5hI4PJyYvAAXPmw5v/mkU6yTGR4+i
ke5zuxxqroXcO4QlZU8ovgfU6xlhXrAhn65GVmZM/oRFX53envx3gqPQtqIqFZn1
OHzbHQ==
-----END CERTIFICATE-----
Generated at Mon Apr 15 10:07:20 2024 by rpki-client on console-fra.rpki-client.org