Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/5ce8c0a4f5fde4eb8c6dd27979419f122cfa967b.roa
File:                     5ce8c0a4f5fde4eb8c6dd27979419f122cfa967b.roa (raw, json)
Hash identifier:          DuTVh53AOVMnX2XfVNbDq4fQq+qhaA01iPThO2Cm4yQ=
Subject key identifier:   97:7A:F8:14:BF:7D:BE:4E:98:86:76:81:D3:B2:14:79:F1:20:A5:09
Certificate issuer:       /CN=bfbb4d3a6dd5e649a6554c4817ce0ed277429136
Certificate serial:       140B15
Authority key identifier: 76:7F:42:4D:48:34:06:C4:20:E5:DF:19:BE:BE:99:3F:72:5A:F7:B6
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/5ce8c0a4f5fde4eb8c6dd27979419f122cfa967b.roa
Signing time:             Tue 30 Jan 2024 17:38:41 +0000
ROA not before:           Tue 30 Jan 2024 17:38:40 +0000
ROA not after:            Fri 30 Jan 2026 17:38:40 +0000
asID:                     10834
IP address blocks:        200.0.224.0/19 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.crl
                          rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Thu 18 Apr 2024 06:11:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1313557 (0x140b15)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bfbb4d3a6dd5e649a6554c4817ce0ed277429136
        Validity
            Not Before: Jan 30 17:38:40 2024 GMT
            Not After : Jan 30 17:38:40 2026 GMT
        Subject: CN=5ce8c0a4f5fde4eb8c6dd27979419f122cfa967b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:08:49:9d:b0:96:be:5d:35:30:69:bd:db:be:
                    5e:82:60:17:a8:96:ae:d1:71:f5:48:2c:0a:ef:e9:
                    80:8f:fb:69:11:e5:25:3f:b4:90:3d:a2:1c:ed:89:
                    a5:23:2f:26:6d:7f:43:a2:92:ed:bd:02:9d:9b:55:
                    55:d3:c4:60:09:4a:20:28:be:78:9b:5a:b1:d0:9c:
                    5e:52:2a:b1:78:8d:0c:ed:94:a8:b6:de:9e:35:78:
                    46:04:b4:98:e5:73:4d:f2:61:c1:0b:9d:10:21:72:
                    b6:6a:e3:c3:75:2c:8a:b5:68:8a:97:84:fd:45:3c:
                    ec:ef:55:c5:6b:85:e5:8c:2a:51:21:af:03:e3:1e:
                    cf:26:76:8f:28:37:17:61:bd:17:8b:c2:6a:f5:a2:
                    87:aa:15:64:d2:fa:d4:a2:dd:31:81:2b:0e:32:9e:
                    22:b6:1f:29:c3:af:fe:99:80:f2:af:d1:5f:12:7c:
                    43:f2:f7:33:91:74:92:24:fb:43:28:9e:4d:61:a7:
                    98:e0:89:1f:3d:19:5a:41:24:8f:99:18:41:55:c7:
                    ac:26:83:da:dd:01:02:f8:1c:b8:67:ac:8f:ae:59:
                    a4:f0:96:56:8a:fd:e0:dd:d5:82:38:20:94:7f:ca:
                    a6:46:22:86:76:96:1c:68:c6:2f:4b:34:1e:55:0d:
                    eb:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                97:7A:F8:14:BF:7D:BE:4E:98:86:76:81:D3:B2:14:79:F1:20:A5:09
            X509v3 Authority Key Identifier:
                keyid:76:7F:42:4D:48:34:06:C4:20:E5:DF:19:BE:BE:99:3F:72:5A:F7:B6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/5ce8c0a4f5fde4eb8c6dd27979419f122cfa967b.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.0.224.0/19

    Signature Algorithm: sha256WithRSAEncryption
         25:0a:f0:11:3a:3c:23:68:06:df:99:83:2b:72:50:5e:99:ef:
         f6:0b:8e:21:45:49:8f:c4:81:08:07:d9:4a:58:ed:26:89:55:
         1c:6c:57:ec:57:28:4f:26:2c:43:cc:f9:9a:09:c6:c8:d1:cb:
         25:e5:02:3a:f4:63:6e:0d:99:36:12:4a:c1:b8:79:4b:55:b6:
         00:9b:04:e3:c7:4e:c8:bd:0c:04:f0:90:e5:cf:54:a4:d7:52:
         a7:74:52:38:f0:f3:65:ad:46:c0:31:26:86:68:90:2d:6c:ba:
         33:9d:3e:10:52:f3:0e:4e:4f:0a:5d:e2:d7:a0:d4:44:1a:88:
         f7:c3:ed:49:da:bf:bc:7a:df:ea:5a:61:6a:e5:6c:1e:23:d7:
         e9:be:ba:b3:6a:64:32:56:c9:17:fd:14:aa:bd:ff:11:a5:64:
         d2:04:45:18:88:5d:14:5b:0a:8a:1a:30:e7:21:0a:19:f0:ce:
         73:60:d9:13:7d:4a:e7:73:61:6f:56:e3:28:04:7c:ff:21:fc:
         8d:54:a6:8a:b2:e0:d3:8d:59:d0:a4:34:1a:53:8e:2b:d8:3e:
         5b:5d:e2:e2:bf:fa:84:3f:36:39:83:bd:2e:cd:c1:b8:0c:5b:
         c2:1e:81:ab:68:88:bd:8b:bb:9c:66:10:bb:35:1d:ec:0f:2d:
         15:fb:d2:83
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDFAsVMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGJm
YmI0ZDNhNmRkNWU2NDlhNjU1NGM0ODE3Y2UwZWQyNzc0MjkxMzYwHhcNMjQwMTMw
MTczODQwWhcNMjYwMTMwMTczODQwWjAzMTEwLwYDVQQDEyg1Y2U4YzBhNGY1ZmRl
NGViOGM2ZGQyNzk3OTQxOWYxMjJjZmE5NjdiMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAjQhJnbCWvl01MGm9275egmAXqJau0XH1SCwK7+mAj/tpEeUl
P7SQPaIc7YmlIy8mbX9DopLtvQKdm1VV08RgCUogKL54m1qx0JxeUiqxeI0M7ZSo
tt6eNXhGBLSY5XNN8mHBC50QIXK2auPDdSyKtWiKl4T9RTzs71XFa4XljCpRIa8D
4x7PJnaPKDcXYb0Xi8Jq9aKHqhVk0vrUot0xgSsOMp4ith8pw6/+mYDyr9FfEnxD
8vczkXSSJPtDKJ5NYaeY4IkfPRlaQSSPmRhBVcesJoPa3QEC+By4Z6yPrlmk8JZW
iv3g3dWCOCCUf8qmRiKGdpYcaMYvSzQeVQ3rBQIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFJd6+BS/fb5OmIZ2gdOyFHnxIKUJMB8GA1UdIwQYMBaAFHZ/Qk1INAbEIOXf
Gb6+mT9yWve2MA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYmZiYjRk
M2E2ZGQ1ZTY0OWE2NTU0YzQ4MTdjZTBlZDI3NzQyOTEzNi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNTM3NWJjZmMtOGI4Ni00NTJlLTg1MGQtODNjZmUz
YjUwZjA2LzVjZThjMGE0ZjVmZGU0ZWI4YzZkZDI3OTc5NDE5ZjEyMmNmYTk2N2Iu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy81Mzc1YmNmYy04Yjg2LTQ1MmUtODUwZC04M2Nm
ZTNiNTBmMDYvYmZiYjRkM2E2ZGQ1ZTY0OWE2NTU0YzQ4MTdjZTBlZDI3NzQyOTEz
Ni5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEBcgA4DANBgkqhkiG9w0BAQsFAAOCAQEAJQrwETo8I2gG35mD
K3JQXpnv9guOIUVJj8SBCAfZSljtJolVHGxX7FcoTyYsQ8z5mgnGyNHLJeUCOvRj
bg2ZNhJKwbh5S1W2AJsE48dOyL0MBPCQ5c9UpNdSp3RSOPDzZa1GwDEmhmiQLWy6
M50+EFLzDk5PCl3i16DURBqI98PtSdq/vHrf6lphauVsHiPX6b66s2pkMlbJF/0U
qr3/EaVk0gRFGIhdFFsKihow5yEKGfDOc2DZE31K53Nhb1bjKAR8/yH8jVSmirLg
041Z0KQ0GlOOK9g+W13i4r/6hD82OYO9Ls3BuAxbwh6Bq2iIvYu7nGYQuzUd7A8t
FfvSgw==
-----END CERTIFICATE-----
Generated at Mon Apr 15 09:53:54 2024 by rpki-client on console-ams.rpki-client.org