Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/7739e91f4b310d8c1c4f3000fd3b1152ce410443.roa
File:                     7739e91f4b310d8c1c4f3000fd3b1152ce410443.roa (raw, json)
Hash identifier:          v60kz5B358//tUZBzFl4UfKaqzbbPQnoZErXdqHcRfQ=
Subject key identifier:   F5:FC:F4:AF:A9:BE:A1:84:02:D8:DA:7C:8B:A3:72:1C:DF:98:AD:ED
Certificate issuer:       /CN=bfbb4d3a6dd5e649a6554c4817ce0ed277429136
Certificate serial:       140767
Authority key identifier: 76:7F:42:4D:48:34:06:C4:20:E5:DF:19:BE:BE:99:3F:72:5A:F7:B6
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/7739e91f4b310d8c1c4f3000fd3b1152ce410443.roa
Signing time:             Tue 30 Jan 2024 15:53:56 +0000
ROA not before:           Tue 30 Jan 2024 15:53:56 +0000
ROA not after:            Fri 30 Jan 2026 15:53:56 +0000
asID:                     10834
IP address blocks:        200.0.193.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.crl
                          rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Thu 18 Apr 2024 06:11:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1312615 (0x140767)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bfbb4d3a6dd5e649a6554c4817ce0ed277429136
        Validity
            Not Before: Jan 30 15:53:56 2024 GMT
            Not After : Jan 30 15:53:56 2026 GMT
        Subject: CN=7739e91f4b310d8c1c4f3000fd3b1152ce410443
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:db:f6:db:ca:c9:95:da:de:a7:36:0a:66:69:
                    57:9f:61:7d:a1:ea:0f:e0:b4:de:c7:69:d3:ed:9a:
                    bc:6f:d2:ba:75:dc:15:45:5b:e0:98:07:11:6a:7d:
                    bb:2d:69:a2:71:9e:0b:b2:fd:f7:0f:57:da:a9:4a:
                    66:a8:cd:f2:bd:bc:93:a7:e8:eb:0b:25:cd:73:81:
                    a6:e1:17:4b:62:54:c3:4d:26:55:59:b6:dd:c3:76:
                    92:71:ff:a0:71:ab:02:a9:d7:9f:14:ef:c1:60:cb:
                    10:8e:2f:b6:30:99:ef:74:6b:f2:b9:bc:05:a0:34:
                    c7:5d:b0:ff:b0:89:8c:ef:3b:06:52:35:4b:33:91:
                    0d:bf:e3:a4:3f:54:cc:fd:cc:62:05:49:97:30:d8:
                    28:b2:7d:b1:88:3e:93:8f:b7:c4:5e:5c:00:a0:df:
                    ea:83:e7:48:89:c5:b7:5b:6e:4f:f7:97:0d:c5:b4:
                    fc:30:45:eb:b1:61:08:7d:1a:0e:05:50:1d:b7:73:
                    94:7e:b3:99:67:2f:47:86:fe:59:e8:ba:b7:5a:d7:
                    2a:13:0d:09:c0:83:b8:80:b5:9d:03:0f:ab:f8:28:
                    51:97:99:9e:b8:1c:b9:38:7b:eb:59:b8:42:6b:2b:
                    eb:5d:c5:dc:e6:45:42:4b:50:a3:1c:58:e9:c8:92:
                    8e:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F5:FC:F4:AF:A9:BE:A1:84:02:D8:DA:7C:8B:A3:72:1C:DF:98:AD:ED
            X509v3 Authority Key Identifier:
                keyid:76:7F:42:4D:48:34:06:C4:20:E5:DF:19:BE:BE:99:3F:72:5A:F7:B6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/7739e91f4b310d8c1c4f3000fd3b1152ce410443.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.0.193.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1a:5e:55:1e:a3:cf:e4:57:ea:5c:5b:16:8c:1f:2d:6e:00:cb:
         17:63:04:81:9b:de:4a:eb:b9:ad:8f:b5:2f:cc:b8:69:f7:27:
         85:3a:5e:1d:7c:a2:51:2e:93:07:21:d4:0e:20:b2:1e:d5:3d:
         57:71:c7:c8:37:36:9b:2b:e5:ea:3b:b0:bb:cb:03:02:30:ee:
         e4:83:6c:21:24:be:f4:64:b2:cb:7d:1f:be:b6:7f:f3:75:74:
         20:26:84:bf:99:8e:25:0a:ac:d9:00:c5:5f:c7:43:0b:45:3b:
         e0:69:26:5e:22:32:78:6f:e3:e7:c9:33:aa:a5:61:88:68:0e:
         23:46:8b:77:9f:a8:ba:7e:00:3f:64:b6:05:f9:46:e1:69:2c:
         dd:dc:2f:8c:24:5e:07:ec:50:c8:66:e7:34:9f:29:98:56:be:
         70:3b:17:e3:7b:e1:d1:28:19:fd:fc:bf:19:b2:03:4c:af:84:
         57:33:46:0a:7e:0a:dc:a7:cd:20:e2:1e:84:73:dd:0f:a5:7c:
         36:a8:f6:28:5d:c7:d5:37:5f:87:a5:0f:d9:38:3b:2c:0d:46:
         fc:9b:54:c6:0b:60:a3:e0:90:4d:a5:b1:f4:1e:a1:a6:e7:2d:
         3f:5d:76:52:7a:65:f7:5a:53:ff:cb:bf:99:5c:d9:66:02:c5:
         1d:3e:51:af
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDFAdnMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGJm
YmI0ZDNhNmRkNWU2NDlhNjU1NGM0ODE3Y2UwZWQyNzc0MjkxMzYwHhcNMjQwMTMw
MTU1MzU2WhcNMjYwMTMwMTU1MzU2WjAzMTEwLwYDVQQDEyg3NzM5ZTkxZjRiMzEw
ZDhjMWM0ZjMwMDBmZDNiMTE1MmNlNDEwNDQzMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAktv228rJldrepzYKZmlXn2F9oeoP4LTex2nT7Zq8b9K6ddwV
RVvgmAcRan27LWmicZ4Lsv33D1faqUpmqM3yvbyTp+jrCyXNc4Gm4RdLYlTDTSZV
Wbbdw3aScf+gcasCqdefFO/BYMsQji+2MJnvdGvyubwFoDTHXbD/sImM7zsGUjVL
M5ENv+OkP1TM/cxiBUmXMNgosn2xiD6Tj7fEXlwAoN/qg+dIicW3W25P95cNxbT8
MEXrsWEIfRoOBVAdt3OUfrOZZy9Hhv5Z6Lq3WtcqEw0JwIO4gLWdAw+r+ChRl5me
uBy5OHvrWbhCayvrXcXc5kVCS1CjHFjpyJKO5wIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFPX89K+pvqGEAtjafIujchzfmK3tMB8GA1UdIwQYMBaAFHZ/Qk1INAbEIOXf
Gb6+mT9yWve2MA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYmZiYjRk
M2E2ZGQ1ZTY0OWE2NTU0YzQ4MTdjZTBlZDI3NzQyOTEzNi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNTM3NWJjZmMtOGI4Ni00NTJlLTg1MGQtODNjZmUz
YjUwZjA2Lzc3MzllOTFmNGIzMTBkOGMxYzRmMzAwMGZkM2IxMTUyY2U0MTA0NDMu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy81Mzc1YmNmYy04Yjg2LTQ1MmUtODUwZC04M2Nm
ZTNiNTBmMDYvYmZiYjRkM2E2ZGQ1ZTY0OWE2NTU0YzQ4MTdjZTBlZDI3NzQyOTEz
Ni5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAMgAwTANBgkqhkiG9w0BAQsFAAOCAQEAGl5VHqPP5FfqXFsW
jB8tbgDLF2MEgZveSuu5rY+1L8y4afcnhTpeHXyiUS6TByHUDiCyHtU9V3HHyDc2
myvl6juwu8sDAjDu5INsISS+9GSyy30fvrZ/83V0ICaEv5mOJQqs2QDFX8dDC0U7
4GkmXiIyeG/j58kzqqVhiGgOI0aLd5+oun4AP2S2BflG4Wks3dwvjCReB+xQyGbn
NJ8pmFa+cDsX43vh0SgZ/fy/GbIDTK+EVzNGCn4K3KfNIOIehHPdD6V8Nqj2KF3H
1Tdfh6UP2Tg7LA1G/JtUxgtgo+CQTaWx9B6hpuctP112Unpl91pT/8u/mVzZZgLF
HT5Rrw==
-----END CERTIFICATE-----
Generated at Mon Apr 15 09:53:54 2024 by rpki-client on console-ams.rpki-client.org