Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/6d95b9e285796e1c7e257b5c52b66936ba8e4992.roa
File:                     6d95b9e285796e1c7e257b5c52b66936ba8e4992.roa (raw, json)
Hash identifier:          3x0pAw5Bcjrlq4GHnB2+GySgQNRvaBnKyr5JBjW8faU=
Subject key identifier:   23:CB:56:6C:1B:E5:8C:BC:FB:37:73:7D:F9:AA:1A:DB:67:2D:23:FD
Certificate issuer:       /CN=bfbb4d3a6dd5e649a6554c4817ce0ed277429136
Certificate serial:       128324
Authority key identifier: 76:7F:42:4D:48:34:06:C4:20:E5:DF:19:BE:BE:99:3F:72:5A:F7:B6
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/6d95b9e285796e1c7e257b5c52b66936ba8e4992.roa
Signing time:             Wed 29 Nov 2023 21:26:02 +0000
ROA not before:           Wed 29 Nov 2023 21:26:02 +0000
ROA not after:            Sat 29 Nov 2025 21:26:02 +0000
asID:                     22927
IP address blocks:        201.250.0.0/16 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.crl
                          rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Thu 18 Apr 2024 06:11:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1213220 (0x128324)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bfbb4d3a6dd5e649a6554c4817ce0ed277429136
        Validity
            Not Before: Nov 29 21:26:02 2023 GMT
            Not After : Nov 29 21:26:02 2025 GMT
        Subject: CN=6d95b9e285796e1c7e257b5c52b66936ba8e4992
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:97:6f:1c:ba:d0:5c:da:47:d1:c9:ef:49:6d:
                    cc:72:03:e7:cc:7f:da:7c:a8:4c:26:f7:dc:50:11:
                    f2:4f:e6:9e:01:dc:d2:8f:5c:57:79:d6:28:da:ef:
                    94:df:fe:cf:12:25:90:cc:b3:c1:57:69:87:ac:6e:
                    36:84:c7:80:ae:2a:46:ff:f5:86:f4:4b:c6:32:51:
                    e2:fb:68:18:74:70:59:71:3c:93:32:66:26:e8:e9:
                    25:61:c9:11:15:a5:83:24:46:6c:7f:32:a0:6e:7a:
                    11:a0:d2:cb:29:68:3b:f3:e3:3f:a1:74:fc:2e:94:
                    27:e0:ff:99:75:32:a0:29:e8:75:7c:ee:0c:c7:31:
                    f2:40:f2:fa:4e:fa:05:c1:b9:bc:74:a5:6a:fa:77:
                    fa:5f:40:3e:4d:c9:92:22:f9:83:ae:0b:f5:c6:cc:
                    f1:82:20:70:da:58:88:b3:1c:32:2d:e3:2b:cc:a1:
                    9f:d9:43:e0:38:3f:be:6f:69:f3:7d:32:66:fb:79:
                    ec:cb:74:e2:85:61:4c:9b:12:34:41:22:a2:64:1a:
                    f5:24:58:3e:b9:15:50:c6:52:66:89:36:87:6e:13:
                    11:0c:3c:f5:c5:57:40:8d:54:fc:7f:ed:50:17:65:
                    08:8d:e0:16:b0:14:58:9c:8c:db:4f:23:5a:b1:9d:
                    88:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                23:CB:56:6C:1B:E5:8C:BC:FB:37:73:7D:F9:AA:1A:DB:67:2D:23:FD
            X509v3 Authority Key Identifier:
                keyid:76:7F:42:4D:48:34:06:C4:20:E5:DF:19:BE:BE:99:3F:72:5A:F7:B6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/6d95b9e285796e1c7e257b5c52b66936ba8e4992.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  201.250.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         45:a9:d1:fc:bd:cb:64:63:7f:6c:bb:7e:c2:a2:41:42:d1:a7:
         c7:9e:e1:95:24:53:af:8d:f0:7e:ab:82:00:86:72:4f:39:a5:
         1f:a6:d3:f4:1e:b7:82:fb:dc:d7:0c:5d:49:36:2a:45:5c:d7:
         51:93:b7:59:5d:70:98:d6:5d:35:e0:b3:1e:63:5e:ec:3b:50:
         3a:82:a7:74:bf:10:32:f6:7f:12:5f:9f:06:3b:9a:c6:43:f0:
         14:32:06:17:06:b6:5e:1d:97:d7:b0:e1:d7:d5:7a:b1:0d:c4:
         8f:c1:a0:2f:c7:e3:a7:4d:fa:6a:aa:30:7b:3f:d1:47:7b:2f:
         69:85:65:f9:4a:d1:78:40:d4:f0:68:c0:9c:54:8a:a1:ec:16:
         f8:1e:75:ff:b1:1f:98:fc:82:90:5e:59:cf:c5:d8:c1:df:42:
         e7:a5:9a:6b:de:8d:4c:cc:93:96:ab:88:5d:7d:a3:9b:b7:b3:
         27:00:bc:1f:87:9c:a6:ff:5c:9d:97:1b:02:7b:0b:5b:b8:2c:
         03:1a:d6:45:ec:e8:c5:75:07:f6:49:c9:26:3a:e9:84:d5:32:
         06:55:c6:16:73:4c:0e:48:56:73:25:77:c5:8a:72:1e:9d:5a:
         cd:66:5a:26:c6:1f:20:90:7f:83:a7:4c:2e:9c:46:1b:32:80:
         13:96:0f:ca
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgIDEoMkMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGJm
YmI0ZDNhNmRkNWU2NDlhNjU1NGM0ODE3Y2UwZWQyNzc0MjkxMzYwHhcNMjMxMTI5
MjEyNjAyWhcNMjUxMTI5MjEyNjAyWjAzMTEwLwYDVQQDEyg2ZDk1YjllMjg1Nzk2
ZTFjN2UyNTdiNWM1MmI2NjkzNmJhOGU0OTkyMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAk5dvHLrQXNpH0cnvSW3McgPnzH/afKhMJvfcUBHyT+aeAdzS
j1xXedYo2u+U3/7PEiWQzLPBV2mHrG42hMeAripG//WG9EvGMlHi+2gYdHBZcTyT
MmYm6OklYckRFaWDJEZsfzKgbnoRoNLLKWg78+M/oXT8LpQn4P+ZdTKgKeh1fO4M
xzHyQPL6TvoFwbm8dKVq+nf6X0A+TcmSIvmDrgv1xszxgiBw2liIsxwyLeMrzKGf
2UPgOD++b2nzfTJm+3nsy3TihWFMmxI0QSKiZBr1JFg+uRVQxlJmiTaHbhMRDDz1
xVdAjVT8f+1QF2UIjeAWsBRYnIzbTyNasZ2I0QIDAQABo4ICWjCCAlYwHQYDVR0O
BBYEFCPLVmwb5Yy8+zdzffmqGttnLSP9MB8GA1UdIwQYMBaAFHZ/Qk1INAbEIOXf
Gb6+mT9yWve2MA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYmZiYjRk
M2E2ZGQ1ZTY0OWE2NTU0YzQ4MTdjZTBlZDI3NzQyOTEzNi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNTM3NWJjZmMtOGI4Ni00NTJlLTg1MGQtODNjZmUz
YjUwZjA2LzZkOTViOWUyODU3OTZlMWM3ZTI1N2I1YzUyYjY2OTM2YmE4ZTQ5OTIu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy81Mzc1YmNmYy04Yjg2LTQ1MmUtODUwZC04M2Nm
ZTNiNTBmMDYvYmZiYjRkM2E2ZGQ1ZTY0OWE2NTU0YzQ4MTdjZTBlZDI3NzQyOTEz
Ni5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQP
MA0wCwQCAAEwBQMDAMn6MA0GCSqGSIb3DQEBCwUAA4IBAQBFqdH8vctkY39su37C
okFC0afHnuGVJFOvjfB+q4IAhnJPOaUfptP0HreC+9zXDF1JNipFXNdRk7dZXXCY
1l014LMeY17sO1A6gqd0vxAy9n8SX58GO5rGQ/AUMgYXBrZeHZfXsOHX1XqxDcSP
waAvx+OnTfpqqjB7P9FHey9phWX5StF4QNTwaMCcVIqh7Bb4HnX/sR+Y/IKQXlnP
xdjB30LnpZpr3o1MzJOWq4hdfaObt7MnALwfh5ym/1ydlxsCewtbuCwDGtZF7OjF
dQf2SckmOumE1TIGVcYWc0wOSFZzJXfFinIenVrNZlomxh8gkH+Dp0wunEYbMoAT
lg/K
-----END CERTIFICATE-----
Generated at Mon Apr 15 10:07:20 2024 by rpki-client on console-fra.rpki-client.org