Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/99125a5e59c3d611647b7562c8bba10210bb9fe5.roa
File:                     99125a5e59c3d611647b7562c8bba10210bb9fe5.roa (raw, json)
Hash identifier:          2lkC2szCCR1x16SOnt/EMsAupJxYTB2EzNAN5+s9RDY=
Subject key identifier:   93:1D:1A:02:00:4E:D2:6E:7A:D1:8A:57:6C:D4:24:37:79:0B:04:C9
Certificate issuer:       /CN=bfbb4d3a6dd5e649a6554c4817ce0ed277429136
Certificate serial:       123272
Authority key identifier: 76:7F:42:4D:48:34:06:C4:20:E5:DF:19:BE:BE:99:3F:72:5A:F7:B6
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/99125a5e59c3d611647b7562c8bba10210bb9fe5.roa
Signing time:             Wed 29 Nov 2023 15:38:45 +0000
ROA not before:           Wed 29 Nov 2023 15:38:45 +0000
ROA not after:            Sat 29 Nov 2025 15:38:45 +0000
asID:                     269823
IP address blocks:        201.251.239.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.crl
                          rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Thu 18 Apr 2024 06:11:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1192562 (0x123272)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bfbb4d3a6dd5e649a6554c4817ce0ed277429136
        Validity
            Not Before: Nov 29 15:38:45 2023 GMT
            Not After : Nov 29 15:38:45 2025 GMT
        Subject: CN=99125a5e59c3d611647b7562c8bba10210bb9fe5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:c8:4b:0c:ca:c1:23:90:64:29:05:2b:b4:08:
                    6e:19:c5:98:29:c1:b6:e7:3b:26:9d:03:26:95:0c:
                    76:c8:d3:ba:91:ef:4e:e8:7b:78:a6:db:e1:51:d6:
                    14:24:18:8c:03:e8:8a:9a:e6:7c:16:4d:1d:f0:a9:
                    ad:12:50:d0:77:e5:6c:c7:2d:af:a0:9b:64:44:ca:
                    11:d7:82:fa:07:df:49:ca:21:a7:3b:b2:45:6e:7c:
                    da:63:65:50:f6:c0:4e:de:31:61:c2:23:4a:9c:0e:
                    62:be:72:9d:20:40:67:e1:94:cb:22:11:06:66:93:
                    fa:ba:35:9f:99:fb:b2:b4:5a:c7:cd:43:9f:5f:f7:
                    4d:ab:a0:fe:a0:f7:0c:d2:f9:ee:27:1f:e2:2f:01:
                    46:4a:a5:ea:c7:05:50:66:43:ed:a3:61:0a:1d:4c:
                    3d:81:01:3e:98:b6:1c:a9:4f:c9:48:59:0e:92:ea:
                    14:a0:92:90:a4:0f:7a:8e:c1:e3:ec:aa:a8:06:9f:
                    19:de:15:f8:90:6f:50:bf:0e:c9:45:a1:38:14:20:
                    0a:c5:4e:94:20:1e:0f:68:a0:63:1c:4d:c2:1e:b7:
                    e0:6d:9d:67:16:b0:4a:ed:e0:c3:0a:26:dc:23:9b:
                    2f:8b:31:b3:2b:a5:72:51:f7:62:59:88:67:98:5d:
                    fd:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                93:1D:1A:02:00:4E:D2:6E:7A:D1:8A:57:6C:D4:24:37:79:0B:04:C9
            X509v3 Authority Key Identifier:
                keyid:76:7F:42:4D:48:34:06:C4:20:E5:DF:19:BE:BE:99:3F:72:5A:F7:B6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/99125a5e59c3d611647b7562c8bba10210bb9fe5.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  201.251.239.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5f:64:4e:3f:7a:89:4b:e9:6c:2a:b8:a5:b9:42:50:ac:2a:f8:
         03:2e:80:5c:06:c3:0f:9e:bf:9b:b2:fc:2c:e8:db:db:e7:62:
         9a:31:8e:e9:4a:2e:d8:b6:2e:43:8b:fb:36:5a:3b:8a:e2:5d:
         c5:cc:74:b5:d0:4c:c3:04:47:5e:90:61:28:15:2b:ea:af:a5:
         08:e1:ca:76:da:bf:8b:5c:c8:a5:ca:69:ef:d2:51:5a:e4:d5:
         09:1c:41:dc:c1:d4:fa:ac:3c:d6:35:aa:23:d5:f2:f7:0b:5d:
         95:96:e0:8e:43:13:12:88:f7:b2:5c:41:36:cd:33:2e:11:80:
         6c:8c:f0:ce:32:61:eb:9e:1f:87:02:4d:19:f4:c8:d4:be:a9:
         6b:d1:be:a6:2b:6e:e4:85:71:f4:80:9f:a4:d4:86:b2:89:df:
         5c:a3:f7:3a:22:e3:10:62:6b:b4:f9:1c:d5:de:b1:7c:6d:2f:
         f7:df:e0:20:c3:9b:92:3a:ba:ed:6e:d3:7f:64:15:1f:90:65:
         c2:d6:74:f4:ee:65:fe:d2:aa:58:87:5d:79:04:d3:fb:78:b4:
         3c:5c:32:3b:0c:87:8d:a9:2a:15:58:c6:41:af:b5:54:9e:c2:
         6c:f2:bf:8a:45:83:2e:cf:ec:dd:10:b2:d5:54:cf:97:b6:21:
         fd:6f:6e:c1
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDEjJyMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGJm
YmI0ZDNhNmRkNWU2NDlhNjU1NGM0ODE3Y2UwZWQyNzc0MjkxMzYwHhcNMjMxMTI5
MTUzODQ1WhcNMjUxMTI5MTUzODQ1WjAzMTEwLwYDVQQDEyg5OTEyNWE1ZTU5YzNk
NjExNjQ3Yjc1NjJjOGJiYTEwMjEwYmI5ZmU1MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAsMhLDMrBI5BkKQUrtAhuGcWYKcG25zsmnQMmlQx2yNO6ke9O
6Ht4ptvhUdYUJBiMA+iKmuZ8Fk0d8KmtElDQd+Vsxy2voJtkRMoR14L6B99JyiGn
O7JFbnzaY2VQ9sBO3jFhwiNKnA5ivnKdIEBn4ZTLIhEGZpP6ujWfmfuytFrHzUOf
X/dNq6D+oPcM0vnuJx/iLwFGSqXqxwVQZkPto2EKHUw9gQE+mLYcqU/JSFkOkuoU
oJKQpA96jsHj7KqoBp8Z3hX4kG9Qvw7JRaE4FCAKxU6UIB4PaKBjHE3CHrfgbZ1n
FrBK7eDDCibcI5svizGzK6VyUfdiWYhnmF39hwIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFJMdGgIATtJuetGKV2zUJDd5CwTJMB8GA1UdIwQYMBaAFHZ/Qk1INAbEIOXf
Gb6+mT9yWve2MA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYmZiYjRk
M2E2ZGQ1ZTY0OWE2NTU0YzQ4MTdjZTBlZDI3NzQyOTEzNi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNTM3NWJjZmMtOGI4Ni00NTJlLTg1MGQtODNjZmUz
YjUwZjA2Lzk5MTI1YTVlNTljM2Q2MTE2NDdiNzU2MmM4YmJhMTAyMTBiYjlmZTUu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy81Mzc1YmNmYy04Yjg2LTQ1MmUtODUwZC04M2Nm
ZTNiNTBmMDYvYmZiYjRkM2E2ZGQ1ZTY0OWE2NTU0YzQ4MTdjZTBlZDI3NzQyOTEz
Ni5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAMn77zANBgkqhkiG9w0BAQsFAAOCAQEAX2ROP3qJS+lsKril
uUJQrCr4Ay6AXAbDD56/m7L8LOjb2+dimjGO6Uou2LYuQ4v7Nlo7iuJdxcx0tdBM
wwRHXpBhKBUr6q+lCOHKdtq/i1zIpcpp79JRWuTVCRxB3MHU+qw81jWqI9Xy9wtd
lZbgjkMTEoj3slxBNs0zLhGAbIzwzjJh654fhwJNGfTI1L6pa9G+pitu5IVx9ICf
pNSGsonfXKP3OiLjEGJrtPkc1d6xfG0v99/gIMObkjq67W7Tf2QVH5BlwtZ09O5l
/tKqWIddeQTT+3i0PFwyOwyHjakqFVjGQa+1VJ7CbPK/ikWDLs/s3RCy1VTPl7Yh
/W9uwQ==
-----END CERTIFICATE-----
Generated at Mon Apr 15 09:53:54 2024 by rpki-client on console-ams.rpki-client.org