Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/a0e973da5f0732f8911b42237cdc62b9a4f046d0.roa
File:                     a0e973da5f0732f8911b42237cdc62b9a4f046d0.roa (raw, json)
Hash identifier:          2MHoliYmA8o03yuAlrD1K7zGTE8wbRbNZuSMjRrpCUM=
Subject key identifier:   8A:E2:41:FB:18:6C:55:3D:9E:52:9E:82:16:36:0F:BC:D5:A3:BD:FC
Certificate issuer:       /CN=bfbb4d3a6dd5e649a6554c4817ce0ed277429136
Certificate serial:       142711
Authority key identifier: 76:7F:42:4D:48:34:06:C4:20:E5:DF:19:BE:BE:99:3F:72:5A:F7:B6
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/a0e973da5f0732f8911b42237cdc62b9a4f046d0.roa
Signing time:             Tue 30 Jan 2024 18:29:28 +0000
ROA not before:           Tue 30 Jan 2024 18:29:28 +0000
ROA not after:            Fri 30 Jan 2026 18:29:28 +0000
asID:                     10834
IP address blocks:        200.32.32.0/19 maxlen: 24
                          200.41.128.0/17 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.crl
                          rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Thu 18 Apr 2024 06:11:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1320721 (0x142711)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bfbb4d3a6dd5e649a6554c4817ce0ed277429136
        Validity
            Not Before: Jan 30 18:29:28 2024 GMT
            Not After : Jan 30 18:29:28 2026 GMT
        Subject: CN=a0e973da5f0732f8911b42237cdc62b9a4f046d0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:b0:96:5d:6f:b4:42:c8:05:a0:b6:70:6a:1d:
                    2c:d9:ca:cd:fb:e5:db:88:9f:0d:bb:b6:bd:04:74:
                    8c:ad:40:e4:c4:da:29:ee:48:da:94:56:4e:9e:87:
                    5e:a8:44:ab:f1:0c:81:1a:a4:c3:e8:c3:9a:92:94:
                    ef:cf:ce:b1:8a:3e:42:c6:d8:d2:79:4a:ff:a5:a7:
                    85:bf:ec:2c:67:78:9f:70:be:0b:f1:f8:8e:e6:7e:
                    b7:d1:ac:93:14:ad:0e:32:fc:fc:fd:77:b6:33:ee:
                    29:5f:aa:e4:9a:d5:a3:4a:e0:44:88:e9:db:c6:b7:
                    1e:8c:25:27:89:41:b8:f2:26:46:8c:cb:0a:61:0e:
                    08:2a:a6:66:88:e8:2f:48:cf:1b:78:55:66:b8:80:
                    61:c0:28:ff:9c:9c:60:2c:f1:8f:b3:86:be:48:23:
                    4c:7d:67:64:a3:c4:3a:d1:b2:f6:6d:a3:3e:16:c7:
                    45:64:f8:10:d8:f1:8d:a0:99:8a:2d:c9:99:b9:92:
                    76:9d:ab:a5:fb:68:b4:1e:33:6a:07:54:c8:69:62:
                    e7:61:63:80:86:56:be:d0:37:14:6c:26:dc:6d:db:
                    3e:93:42:4d:18:d2:08:75:4a:39:cb:38:bb:56:c4:
                    64:d9:bc:9e:58:bd:22:99:3c:08:99:da:79:7f:e7:
                    9d:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8A:E2:41:FB:18:6C:55:3D:9E:52:9E:82:16:36:0F:BC:D5:A3:BD:FC
            X509v3 Authority Key Identifier:
                keyid:76:7F:42:4D:48:34:06:C4:20:E5:DF:19:BE:BE:99:3F:72:5A:F7:B6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/a0e973da5f0732f8911b42237cdc62b9a4f046d0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.32.32.0/19
                  200.41.128.0/17

    Signature Algorithm: sha256WithRSAEncryption
         71:c8:7f:5b:42:f7:03:c5:ad:76:5a:28:1d:0e:63:8c:d8:61:
         be:ff:86:0c:8f:dc:ce:4e:ee:7a:c7:c3:f8:7e:59:15:68:16:
         76:23:82:a4:51:16:58:d1:cb:e7:2d:5e:ae:39:c0:85:e6:15:
         88:da:05:2f:91:f2:ca:98:9b:95:1a:31:a4:15:e2:83:53:21:
         93:ff:a5:6a:e7:71:27:c0:c1:38:1d:ea:9e:c2:14:b2:82:95:
         fc:1d:fe:6a:5b:b5:93:8d:71:22:f2:43:5d:bf:c4:97:dc:ae:
         de:32:33:22:55:b8:33:c1:73:e5:75:4e:ba:22:a0:45:0f:2a:
         81:db:bb:14:3c:8b:26:4c:0c:3b:5e:c2:09:b0:e0:89:a6:f1:
         a2:3d:84:1d:ed:51:76:32:d0:b3:57:27:19:14:01:83:67:8e:
         e8:7b:ab:1d:29:eb:cf:e6:51:cc:13:8b:07:3a:ed:ff:9e:79:
         20:ce:b2:46:87:d8:f4:12:ae:a0:20:23:eb:39:91:74:99:b3:
         0b:09:e4:6a:28:08:27:3b:20:2a:88:42:71:9e:1c:a5:a2:c4:
         6e:28:7f:cf:4d:99:41:33:f7:a6:bb:c1:3c:22:21:20:8c:c6:
         9c:44:5a:e3:d9:7b:54:9c:3b:f4:bc:77:cd:9b:b5:27:eb:f8:
         0e:13:e8:30
-----BEGIN CERTIFICATE-----
MIIFRjCCBC6gAwIBAgIDFCcRMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGJm
YmI0ZDNhNmRkNWU2NDlhNjU1NGM0ODE3Y2UwZWQyNzc0MjkxMzYwHhcNMjQwMTMw
MTgyOTI4WhcNMjYwMTMwMTgyOTI4WjAzMTEwLwYDVQQDEyhhMGU5NzNkYTVmMDcz
MmY4OTExYjQyMjM3Y2RjNjJiOWE0ZjA0NmQwMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAu7CWXW+0QsgFoLZwah0s2crN++XbiJ8Nu7a9BHSMrUDkxNop
7kjalFZOnodeqESr8QyBGqTD6MOakpTvz86xij5CxtjSeUr/paeFv+wsZ3ifcL4L
8fiO5n630ayTFK0OMvz8/Xe2M+4pX6rkmtWjSuBEiOnbxrcejCUniUG48iZGjMsK
YQ4IKqZmiOgvSM8beFVmuIBhwCj/nJxgLPGPs4a+SCNMfWdko8Q60bL2baM+FsdF
ZPgQ2PGNoJmKLcmZuZJ2naul+2i0HjNqB1TIaWLnYWOAhla+0DcUbCbcbds+k0JN
GNIIdUo5yzi7VsRk2byeWL0imTwImdp5f+edPwIDAQABo4ICYTCCAl0wHQYDVR0O
BBYEFIriQfsYbFU9nlKeghY2D7zVo738MB8GA1UdIwQYMBaAFHZ/Qk1INAbEIOXf
Gb6+mT9yWve2MA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYmZiYjRk
M2E2ZGQ1ZTY0OWE2NTU0YzQ4MTdjZTBlZDI3NzQyOTEzNi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNTM3NWJjZmMtOGI4Ni00NTJlLTg1MGQtODNjZmUz
YjUwZjA2L2EwZTk3M2RhNWYwNzMyZjg5MTFiNDIyMzdjZGM2MmI5YTRmMDQ2ZDAu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy81Mzc1YmNmYy04Yjg2LTQ1MmUtODUwZC04M2Nm
ZTNiNTBmMDYvYmZiYjRkM2E2ZGQ1ZTY0OWE2NTU0YzQ4MTdjZTBlZDI3NzQyOTEz
Ni5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQW
MBQwEgQCAAEwDAMEBcggIAMEB8gpgDANBgkqhkiG9w0BAQsFAAOCAQEAcch/W0L3
A8WtdlooHQ5jjNhhvv+GDI/czk7uesfD+H5ZFWgWdiOCpFEWWNHL5y1erjnAheYV
iNoFL5HyypiblRoxpBXig1Mhk/+laudxJ8DBOB3qnsIUsoKV/B3+alu1k41xIvJD
Xb/El9yu3jIzIlW4M8Fz5XVOuiKgRQ8qgdu7FDyLJkwMO17CCbDgiabxoj2EHe1R
djLQs1cnGRQBg2eO6HurHSnrz+ZRzBOLBzrt/555IM6yRofY9BKuoCAj6zmRdJmz
CwnkaigIJzsgKohCcZ4cpaLEbih/z02ZQTP3prvBPCIhIIzGnERa49l7VJw79Lx3
zZu1J+v4DhPoMA==
-----END CERTIFICATE-----
Generated at Mon Apr 15 10:07:20 2024 by rpki-client on console-fra.rpki-client.org