Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/66e014d713a6992d7e35f0a6aaa59b1a081bce81.roa
File:                     66e014d713a6992d7e35f0a6aaa59b1a081bce81.roa (raw, json)
Hash identifier:          yr4n9whglqw9Tl72cSwusDT9DcNebBUtYHRqK8goirA=
Subject key identifier:   3A:9C:3F:0C:86:1E:9A:4C:03:7C:BB:1B:24:AC:B7:D9:CF:F8:07:8F
Certificate issuer:       /CN=bfbb4d3a6dd5e649a6554c4817ce0ed277429136
Certificate serial:       11DB1F
Authority key identifier: 76:7F:42:4D:48:34:06:C4:20:E5:DF:19:BE:BE:99:3F:72:5A:F7:B6
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/66e014d713a6992d7e35f0a6aaa59b1a081bce81.roa
Signing time:             Wed 29 Nov 2023 13:00:42 +0000
ROA not before:           Wed 29 Nov 2023 13:00:42 +0000
ROA not after:            Sat 29 Nov 2025 13:00:42 +0000
asID:                     265689
IP address blocks:        179.40.33.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.crl
                          rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Thu 18 Apr 2024 06:11:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1170207 (0x11db1f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bfbb4d3a6dd5e649a6554c4817ce0ed277429136
        Validity
            Not Before: Nov 29 13:00:42 2023 GMT
            Not After : Nov 29 13:00:42 2025 GMT
        Subject: CN=66e014d713a6992d7e35f0a6aaa59b1a081bce81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:41:6e:65:98:81:dd:06:e0:4e:1f:ad:69:49:
                    37:d8:7c:f9:de:ab:93:15:63:b4:c3:dc:73:e0:39:
                    6a:ef:8e:5a:b4:c4:99:40:d6:dd:04:31:3f:1b:e7:
                    d2:a9:37:e4:37:25:ba:27:02:bd:3a:86:03:66:e4:
                    98:71:3c:75:d0:c6:47:d3:4d:50:be:48:66:f7:82:
                    b0:44:ff:1b:60:07:1f:06:7f:65:8e:9c:b0:53:9d:
                    60:e1:76:a0:a0:49:40:78:ae:c0:0d:b7:55:3e:47:
                    97:c1:29:03:fd:e7:c6:a7:ad:4e:ca:52:5f:32:28:
                    22:20:17:70:97:72:dd:e4:61:21:8f:30:e6:65:1a:
                    10:81:44:ed:45:61:6e:ac:e5:2d:a4:4f:dd:7d:32:
                    be:79:5b:d5:2c:03:a5:1f:c8:f2:9e:26:b5:aa:b0:
                    b1:83:92:6d:1d:a1:16:bb:1e:62:1f:99:d8:45:f1:
                    8d:de:a9:fb:3d:62:4f:df:d2:c2:f3:44:69:b8:83:
                    c3:e0:4e:30:32:c0:f3:da:b7:79:c3:19:ed:4e:5f:
                    00:a5:7e:cb:da:fc:5b:f3:27:4b:90:24:58:9e:e3:
                    03:10:b5:ed:b0:11:80:c6:85:d4:e4:4e:d8:1c:bc:
                    c8:90:dd:97:18:f9:e5:81:d5:3b:7a:31:8a:1d:be:
                    b9:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3A:9C:3F:0C:86:1E:9A:4C:03:7C:BB:1B:24:AC:B7:D9:CF:F8:07:8F
            X509v3 Authority Key Identifier:
                keyid:76:7F:42:4D:48:34:06:C4:20:E5:DF:19:BE:BE:99:3F:72:5A:F7:B6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/66e014d713a6992d7e35f0a6aaa59b1a081bce81.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  179.40.33.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4e:a9:3d:33:70:3f:1e:35:25:44:b2:37:2a:08:33:77:dd:11:
         70:7e:b9:f6:e7:3d:89:7e:06:3f:22:25:fa:6f:bb:bf:90:4c:
         67:e1:7b:01:7a:e7:4a:8f:93:7f:dd:77:f7:a2:bb:7a:15:8a:
         05:ca:42:27:37:29:20:2f:04:22:1f:cb:df:2f:10:3d:04:9e:
         02:d0:9d:44:f4:e4:14:dc:d3:7c:ea:c7:d7:66:16:4b:4b:b6:
         2e:68:d3:6c:46:c3:17:0b:22:af:0d:10:04:b7:39:04:1f:34:
         db:6d:41:36:d7:ea:9b:64:08:45:63:34:69:e2:59:fe:b6:05:
         26:2b:49:71:c2:60:bc:68:7e:80:c7:71:83:71:bd:cc:69:93:
         e5:da:c2:7b:52:5c:2e:ed:64:27:0d:b8:05:75:64:52:51:67:
         93:44:30:49:e9:73:ab:ed:d4:ce:0c:f0:5f:5e:eb:0c:79:45:
         e0:9b:c9:23:ac:fe:3d:bf:74:e9:58:fd:7b:73:68:da:29:23:
         ea:45:fe:10:5a:a8:d1:c7:9f:d5:17:ee:23:5a:cb:57:a2:65:
         59:b9:f2:2e:4a:08:e7:0d:8a:da:b4:58:56:64:40:23:84:ad:
         8d:21:41:65:4c:b8:4f:90:72:96:18:2b:82:61:f9:57:5c:25:
         76:fe:bc:29
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDEdsfMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGJm
YmI0ZDNhNmRkNWU2NDlhNjU1NGM0ODE3Y2UwZWQyNzc0MjkxMzYwHhcNMjMxMTI5
MTMwMDQyWhcNMjUxMTI5MTMwMDQyWjAzMTEwLwYDVQQDEyg2NmUwMTRkNzEzYTY5
OTJkN2UzNWYwYTZhYWE1OWIxYTA4MWJjZTgxMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEArEFuZZiB3QbgTh+taUk32Hz53quTFWO0w9xz4Dlq745atMSZ
QNbdBDE/G+fSqTfkNyW6JwK9OoYDZuSYcTx10MZH001Qvkhm94KwRP8bYAcfBn9l
jpywU51g4XagoElAeK7ADbdVPkeXwSkD/efGp61OylJfMigiIBdwl3Ld5GEhjzDm
ZRoQgUTtRWFurOUtpE/dfTK+eVvVLAOlH8jynia1qrCxg5JtHaEWux5iH5nYRfGN
3qn7PWJP39LC80RpuIPD4E4wMsDz2rd5wxntTl8ApX7L2vxb8ydLkCRYnuMDELXt
sBGAxoXU5E7YHLzIkN2XGPnlgdU7ejGKHb659wIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFDqcPwyGHppMA3y7GySst9nP+AePMB8GA1UdIwQYMBaAFHZ/Qk1INAbEIOXf
Gb6+mT9yWve2MA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYmZiYjRk
M2E2ZGQ1ZTY0OWE2NTU0YzQ4MTdjZTBlZDI3NzQyOTEzNi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNTM3NWJjZmMtOGI4Ni00NTJlLTg1MGQtODNjZmUz
YjUwZjA2LzY2ZTAxNGQ3MTNhNjk5MmQ3ZTM1ZjBhNmFhYTU5YjFhMDgxYmNlODEu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy81Mzc1YmNmYy04Yjg2LTQ1MmUtODUwZC04M2Nm
ZTNiNTBmMDYvYmZiYjRkM2E2ZGQ1ZTY0OWE2NTU0YzQ4MTdjZTBlZDI3NzQyOTEz
Ni5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEALMoITANBgkqhkiG9w0BAQsFAAOCAQEATqk9M3A/HjUlRLI3
Kggzd90RcH659uc9iX4GPyIl+m+7v5BMZ+F7AXrnSo+Tf91396K7ehWKBcpCJzcp
IC8EIh/L3y8QPQSeAtCdRPTkFNzTfOrH12YWS0u2LmjTbEbDFwsirw0QBLc5BB80
221BNtfqm2QIRWM0aeJZ/rYFJitJccJgvGh+gMdxg3G9zGmT5drCe1JcLu1kJw24
BXVkUlFnk0QwSelzq+3UzgzwX17rDHlF4JvJI6z+Pb906Vj9e3No2ikj6kX+EFqo
0cef1RfuI1rLV6JlWbnyLkoI5w2K2rRYVmRAI4StjSFBZUy4T5BylhgrgmH5V1wl
dv68KQ==
-----END CERTIFICATE-----
Generated at Mon Apr 15 10:07:20 2024 by rpki-client on console-fra.rpki-client.org