Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/6d1d968a5cd39d0aa21939ea168be7ef5fe89958.roa
File:                     6d1d968a5cd39d0aa21939ea168be7ef5fe89958.roa (raw, json)
Hash identifier:          fjwJjMobioIwBZspWKCmCzW0auoNLGTsE1uas3/43X4=
Subject key identifier:   66:2E:39:B3:F9:92:02:07:43:14:51:DB:19:88:A7:B4:40:B2:FE:79
Certificate issuer:       /CN=bfbb4d3a6dd5e649a6554c4817ce0ed277429136
Certificate serial:       12458D
Authority key identifier: 76:7F:42:4D:48:34:06:C4:20:E5:DF:19:BE:BE:99:3F:72:5A:F7:B6
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/6d1d968a5cd39d0aa21939ea168be7ef5fe89958.roa
Signing time:             Wed 29 Nov 2023 15:44:13 +0000
ROA not before:           Wed 29 Nov 2023 15:44:12 +0000
ROA not after:            Sat 29 Nov 2025 15:44:12 +0000
asID:                     22927
IP address blocks:        201.251.128.0/17 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.crl
                          rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Thu 18 Apr 2024 06:11:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1197453 (0x12458d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bfbb4d3a6dd5e649a6554c4817ce0ed277429136
        Validity
            Not Before: Nov 29 15:44:12 2023 GMT
            Not After : Nov 29 15:44:12 2025 GMT
        Subject: CN=6d1d968a5cd39d0aa21939ea168be7ef5fe89958
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:d3:a2:f0:ab:c3:df:b0:96:88:d5:a7:1b:92:
                    9d:fa:a0:35:28:96:7b:2e:f5:f2:13:b4:ed:f2:9b:
                    66:a6:33:e5:e4:ce:2c:fc:56:6f:75:49:5f:6a:b5:
                    aa:70:d1:6f:cc:e3:c7:fc:e8:24:3d:d2:91:e1:b0:
                    02:2d:33:e7:7b:f9:1a:04:cb:00:0d:b3:2f:0e:29:
                    53:dd:59:e8:69:48:f0:db:b9:b3:a6:10:dc:5d:ad:
                    a3:30:5e:86:28:af:8b:0c:5f:1b:b9:60:a8:98:c2:
                    ba:4f:fb:82:97:5b:f2:1b:7c:da:a7:0d:8c:ac:f5:
                    93:4f:f3:66:3b:98:f2:f0:a4:b5:1f:e8:8d:c3:8e:
                    7f:cc:5f:28:5b:d7:ad:e3:10:15:0c:e5:2a:54:50:
                    ae:b5:28:e8:17:dc:b4:9c:1a:4a:09:4c:33:e6:d1:
                    12:23:21:47:0f:2b:2e:49:d4:b0:a8:b4:b8:7d:63:
                    ff:98:6e:ae:98:37:f7:a8:84:75:1a:20:91:75:8d:
                    86:15:9c:02:0e:43:62:93:f0:9a:b1:f8:6b:da:41:
                    88:eb:b7:9c:d3:8a:7b:4b:7a:ed:f8:d9:24:be:e9:
                    ea:cf:ff:13:d4:49:8d:ed:f7:a1:c2:6b:3d:62:97:
                    ce:76:d9:04:6a:08:5d:b8:79:df:ab:f1:e7:6a:d9:
                    a8:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                66:2E:39:B3:F9:92:02:07:43:14:51:DB:19:88:A7:B4:40:B2:FE:79
            X509v3 Authority Key Identifier:
                keyid:76:7F:42:4D:48:34:06:C4:20:E5:DF:19:BE:BE:99:3F:72:5A:F7:B6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/6d1d968a5cd39d0aa21939ea168be7ef5fe89958.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  201.251.128.0/17

    Signature Algorithm: sha256WithRSAEncryption
         48:3a:b8:b5:7a:42:2f:f6:56:a9:ff:72:df:d0:e1:4d:f1:2f:
         72:c3:18:0a:11:6d:a5:1c:97:ca:27:79:c7:5e:e0:61:e1:33:
         46:71:26:3c:af:d9:b1:70:c5:61:df:29:bd:86:1b:0f:6e:82:
         9c:a0:25:6c:3d:ee:ae:2a:0e:0b:d4:5b:ba:5e:c6:c2:91:c1:
         5f:e6:9d:e9:7e:f9:fd:c4:22:6f:d3:f1:b5:c1:f2:99:7d:e1:
         93:0d:42:64:b7:0e:3c:15:6c:22:63:6c:89:36:53:3b:35:8c:
         bc:cf:8b:6c:07:f2:b8:1b:f3:51:83:a7:53:b6:65:b5:cb:2d:
         51:0a:a0:4f:35:71:b9:53:7b:3f:df:7b:c6:59:e8:39:b2:96:
         7a:21:6b:c5:b9:8f:fc:73:66:f0:e9:1b:a1:d1:0a:01:a4:d4:
         94:e4:5b:22:16:85:93:77:3c:ba:92:17:d5:22:8f:21:0f:f8:
         1c:5a:65:4f:e4:50:00:73:c5:84:47:d5:ca:a7:b5:16:ee:fc:
         39:a3:27:5f:9f:da:7f:65:56:be:56:9a:9a:c2:a2:d8:0f:34:
         a0:eb:63:36:b1:c7:ff:80:68:2b:0f:4e:f9:02:f9:f9:55:d3:
         f5:5e:60:83:2e:6a:c2:1b:68:76:09:e5:3c:ce:1c:dd:6a:56:
         99:83:8c:46
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDEkWNMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGJm
YmI0ZDNhNmRkNWU2NDlhNjU1NGM0ODE3Y2UwZWQyNzc0MjkxMzYwHhcNMjMxMTI5
MTU0NDEyWhcNMjUxMTI5MTU0NDEyWjAzMTEwLwYDVQQDEyg2ZDFkOTY4YTVjZDM5
ZDBhYTIxOTM5ZWExNjhiZTdlZjVmZTg5OTU4MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAhNOi8KvD37CWiNWnG5Kd+qA1KJZ7LvXyE7Tt8ptmpjPl5M4s
/FZvdUlfarWqcNFvzOPH/OgkPdKR4bACLTPne/kaBMsADbMvDilT3VnoaUjw27mz
phDcXa2jMF6GKK+LDF8buWComMK6T/uCl1vyG3zapw2MrPWTT/NmO5jy8KS1H+iN
w45/zF8oW9et4xAVDOUqVFCutSjoF9y0nBpKCUwz5tESIyFHDysuSdSwqLS4fWP/
mG6umDf3qIR1GiCRdY2GFZwCDkNik/Casfhr2kGI67ec04p7S3rt+Nkkvunqz/8T
1EmN7fehwms9YpfOdtkEaghduHnfq/HnatmoywIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFGYuObP5kgIHQxRR2xmIp7RAsv55MB8GA1UdIwQYMBaAFHZ/Qk1INAbEIOXf
Gb6+mT9yWve2MA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYmZiYjRk
M2E2ZGQ1ZTY0OWE2NTU0YzQ4MTdjZTBlZDI3NzQyOTEzNi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNTM3NWJjZmMtOGI4Ni00NTJlLTg1MGQtODNjZmUz
YjUwZjA2LzZkMWQ5NjhhNWNkMzlkMGFhMjE5MzllYTE2OGJlN2VmNWZlODk5NTgu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy81Mzc1YmNmYy04Yjg2LTQ1MmUtODUwZC04M2Nm
ZTNiNTBmMDYvYmZiYjRkM2E2ZGQ1ZTY0OWE2NTU0YzQ4MTdjZTBlZDI3NzQyOTEz
Ni5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEB8n7gDANBgkqhkiG9w0BAQsFAAOCAQEASDq4tXpCL/ZWqf9y
39DhTfEvcsMYChFtpRyXyid5x17gYeEzRnEmPK/ZsXDFYd8pvYYbD26CnKAlbD3u
rioOC9Rbul7GwpHBX+ad6X75/cQib9PxtcHymX3hkw1CZLcOPBVsImNsiTZTOzWM
vM+LbAfyuBvzUYOnU7ZltcstUQqgTzVxuVN7P997xlnoObKWeiFrxbmP/HNm8Okb
odEKAaTUlORbIhaFk3c8upIX1SKPIQ/4HFplT+RQAHPFhEfVyqe1Fu78OaMnX5/a
f2VWvlaamsKi2A80oOtjNrHH/4BoKw9O+QL5+VXT9V5ggy5qwhtodgnlPM4c3WpW
mYOMRg==
-----END CERTIFICATE-----
Generated at Mon Apr 15 10:07:20 2024 by rpki-client on console-fra.rpki-client.org