Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/5cb5af4e81bb71c10246ab853690bd8382664813.roa
File:                     5cb5af4e81bb71c10246ab853690bd8382664813.roa (raw, json)
Hash identifier:          r2GDg9seJyC791KjVvx4QOCZ2EqSYNiACMRgWMgjvUY=
Subject key identifier:   D5:8E:F7:E2:4A:60:CF:6D:20:96:D1:8C:36:0F:9B:CF:D3:57:6D:50
Certificate issuer:       /CN=bfbb4d3a6dd5e649a6554c4817ce0ed277429136
Certificate serial:       14190A
Authority key identifier: 76:7F:42:4D:48:34:06:C4:20:E5:DF:19:BE:BE:99:3F:72:5A:F7:B6
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/5cb5af4e81bb71c10246ab853690bd8382664813.roa
Signing time:             Tue 30 Jan 2024 17:49:46 +0000
ROA not before:           Tue 30 Jan 2024 17:49:45 +0000
ROA not after:            Fri 30 Jan 2026 17:49:45 +0000
asID:                     27730
IP address blocks:        200.5.92.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.crl
                          rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Thu 18 Apr 2024 06:11:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1317130 (0x14190a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bfbb4d3a6dd5e649a6554c4817ce0ed277429136
        Validity
            Not Before: Jan 30 17:49:45 2024 GMT
            Not After : Jan 30 17:49:45 2026 GMT
        Subject: CN=5cb5af4e81bb71c10246ab853690bd8382664813
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:d6:36:3b:33:f8:6d:49:1a:6c:26:c2:a7:d5:
                    8a:84:e2:ff:35:40:bd:f7:a3:79:23:02:43:74:3d:
                    20:08:0c:be:63:22:be:b7:a2:02:c3:9f:84:7d:2d:
                    89:c4:37:65:f1:43:85:e6:78:9a:30:49:09:37:18:
                    61:b8:26:63:e9:f3:29:e1:ae:04:2e:9b:32:99:d6:
                    f0:0d:99:de:17:3b:6f:a9:e8:59:90:6b:25:3a:28:
                    fa:e4:c6:c1:06:a3:04:31:59:ff:c7:13:ef:03:cc:
                    94:42:78:f2:02:e1:91:84:82:cc:46:4e:33:19:1e:
                    d1:b9:cc:04:80:9a:40:82:ae:52:51:fd:33:6e:d0:
                    18:5d:c1:62:d9:a7:1a:4e:a7:58:1c:b4:f3:c0:40:
                    d5:24:f6:9c:d3:ee:82:49:3c:35:8b:a9:da:d5:a7:
                    48:f1:1e:65:e4:6b:dd:a6:ab:9b:8a:c9:0a:f4:cb:
                    71:06:6d:43:1d:c9:56:51:bf:be:96:b3:3c:3d:81:
                    a4:2e:7e:68:0d:27:a4:0b:5b:eb:71:30:02:ec:ff:
                    3b:d6:34:32:37:22:9c:04:b4:82:08:6c:b5:67:8a:
                    20:6f:87:1b:57:2d:35:68:de:0e:e2:4e:45:6d:f4:
                    07:3a:dc:5f:db:2e:1b:33:19:df:cb:9a:2e:23:75:
                    7a:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D5:8E:F7:E2:4A:60:CF:6D:20:96:D1:8C:36:0F:9B:CF:D3:57:6D:50
            X509v3 Authority Key Identifier:
                keyid:76:7F:42:4D:48:34:06:C4:20:E5:DF:19:BE:BE:99:3F:72:5A:F7:B6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/5cb5af4e81bb71c10246ab853690bd8382664813.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.5.92.0/24

    Signature Algorithm: sha256WithRSAEncryption
         80:21:c8:07:6e:02:96:d7:fa:e4:78:51:37:0c:76:39:78:82:
         54:c5:12:f3:8f:cc:c2:ef:76:14:2d:34:25:46:c0:00:49:eb:
         6c:ab:e2:25:2b:93:d0:c7:f9:8b:df:3b:6b:96:fc:8d:58:84:
         74:81:62:bb:f8:e3:06:ce:01:55:fb:ed:05:cf:0e:d3:55:c4:
         bd:2e:fa:fd:f0:d0:f1:c1:11:16:3f:5a:1b:d5:da:93:96:b8:
         08:b7:d4:fe:91:ea:d6:e0:59:d0:ee:67:b0:0b:94:cf:32:0e:
         3d:f3:72:b2:3a:02:09:2b:c8:9d:7b:a3:66:6e:da:af:db:63:
         0a:3a:b9:66:20:ee:96:fa:6b:45:04:4c:72:4f:8a:77:b0:5d:
         29:77:2a:f6:91:df:8b:a9:9a:0b:86:df:03:62:f2:78:59:74:
         24:9e:c4:b8:98:08:45:70:e0:0b:1b:d7:8e:ee:63:b3:8c:24:
         bb:58:fa:8b:67:f7:c6:39:eb:fc:e2:5e:67:6e:60:e7:86:a9:
         dc:f3:60:fa:89:98:11:c5:e8:65:32:6b:39:c9:aa:27:41:3a:
         27:a3:9d:ad:bc:e3:05:59:37:b1:b6:9c:ef:21:17:7e:8c:d3:
         72:5d:0d:a7:7d:e8:e5:9c:ba:17:28:c3:8c:5f:87:39:6e:7a:
         36:9f:22:92
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDFBkKMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGJm
YmI0ZDNhNmRkNWU2NDlhNjU1NGM0ODE3Y2UwZWQyNzc0MjkxMzYwHhcNMjQwMTMw
MTc0OTQ1WhcNMjYwMTMwMTc0OTQ1WjAzMTEwLwYDVQQDEyg1Y2I1YWY0ZTgxYmI3
MWMxMDI0NmFiODUzNjkwYmQ4MzgyNjY0ODEzMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAsdY2OzP4bUkabCbCp9WKhOL/NUC996N5IwJDdD0gCAy+YyK+
t6ICw5+EfS2JxDdl8UOF5niaMEkJNxhhuCZj6fMp4a4ELpsymdbwDZneFztvqehZ
kGslOij65MbBBqMEMVn/xxPvA8yUQnjyAuGRhILMRk4zGR7RucwEgJpAgq5SUf0z
btAYXcFi2acaTqdYHLTzwEDVJPac0+6CSTw1i6na1adI8R5l5GvdpqubiskK9Mtx
Bm1DHclWUb++lrM8PYGkLn5oDSekC1vrcTAC7P871jQyNyKcBLSCCGy1Z4ogb4cb
Vy01aN4O4k5FbfQHOtxf2y4bMxnfy5ouI3V6eQIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFNWO9+JKYM9tIJbRjDYPm8/TV21QMB8GA1UdIwQYMBaAFHZ/Qk1INAbEIOXf
Gb6+mT9yWve2MA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYmZiYjRk
M2E2ZGQ1ZTY0OWE2NTU0YzQ4MTdjZTBlZDI3NzQyOTEzNi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNTM3NWJjZmMtOGI4Ni00NTJlLTg1MGQtODNjZmUz
YjUwZjA2LzVjYjVhZjRlODFiYjcxYzEwMjQ2YWI4NTM2OTBiZDgzODI2NjQ4MTMu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy81Mzc1YmNmYy04Yjg2LTQ1MmUtODUwZC04M2Nm
ZTNiNTBmMDYvYmZiYjRkM2E2ZGQ1ZTY0OWE2NTU0YzQ4MTdjZTBlZDI3NzQyOTEz
Ni5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAMgFXDANBgkqhkiG9w0BAQsFAAOCAQEAgCHIB24Cltf65HhR
Nwx2OXiCVMUS84/Mwu92FC00JUbAAEnrbKviJSuT0Mf5i987a5b8jViEdIFiu/jj
Bs4BVfvtBc8O01XEvS76/fDQ8cERFj9aG9Xak5a4CLfU/pHq1uBZ0O5nsAuUzzIO
PfNysjoCCSvInXujZm7ar9tjCjq5ZiDulvprRQRMck+Kd7BdKXcq9pHfi6maC4bf
A2LyeFl0JJ7EuJgIRXDgCxvXju5js4wku1j6i2f3xjnr/OJeZ25g54ap3PNg+omY
EcXoZTJrOcmqJ0E6J6OdrbzjBVk3sbac7yEXfozTcl0Np33o5Zy6FyjDjF+HOW56
Np8ikg==
-----END CERTIFICATE-----
Generated at Mon Apr 15 10:07:20 2024 by rpki-client on console-fra.rpki-client.org