Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/b46d7c25e696ed377507b900d5ff91a54c07716f.roa
File:                     b46d7c25e696ed377507b900d5ff91a54c07716f.roa (raw, json)
Hash identifier:          Jzy4paRhfIQzPpR9rUG2BpAMFqCQRNYjCW9YlDA0oGQ=
Subject key identifier:   76:8D:04:45:16:A3:3A:DF:B0:FC:22:77:72:72:E3:56:14:CF:6C:4F
Certificate issuer:       /CN=bfbb4d3a6dd5e649a6554c4817ce0ed277429136
Certificate serial:       13EDBB
Authority key identifier: 76:7F:42:4D:48:34:06:C4:20:E5:DF:19:BE:BE:99:3F:72:5A:F7:B6
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/b46d7c25e696ed377507b900d5ff91a54c07716f.roa
Signing time:             Thu 25 Jan 2024 18:49:55 +0000
ROA not before:           Thu 25 Jan 2024 18:49:55 +0000
ROA not after:            Sun 25 Jan 2026 18:49:55 +0000
asID:                     264656
IP address blocks:        201.251.250.0/23 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.crl
                          rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Thu 18 Apr 2024 06:11:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1306043 (0x13edbb)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bfbb4d3a6dd5e649a6554c4817ce0ed277429136
        Validity
            Not Before: Jan 25 18:49:55 2024 GMT
            Not After : Jan 25 18:49:55 2026 GMT
        Subject: CN=b46d7c25e696ed377507b900d5ff91a54c07716f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:86:af:84:47:7a:4b:21:76:c9:b4:d5:9b:4b:
                    0d:a2:f7:c5:65:15:4b:61:cc:f0:37:a3:92:8b:54:
                    16:2e:3f:a9:1c:ac:4e:50:9f:fb:1c:d5:44:64:c9:
                    04:e3:2c:11:0c:b4:91:0c:23:ee:c1:7e:c0:04:e2:
                    7d:f6:82:b0:f3:2b:a6:03:55:c1:8a:dd:1b:5b:81:
                    d1:87:c1:38:d5:b6:d2:e3:99:63:20:4e:9b:4b:81:
                    5c:52:9f:5f:dc:a1:e5:a0:94:f9:e0:1e:9d:0a:23:
                    e8:f9:79:4c:05:a9:98:37:29:f8:ee:41:5c:91:ab:
                    34:da:24:ec:05:ba:59:14:18:19:46:45:c4:c5:0a:
                    d2:b2:0f:14:62:f5:8d:63:f6:82:b6:53:02:ff:97:
                    5c:16:2e:5f:8d:67:0f:c6:2f:65:60:69:77:7c:55:
                    6e:15:14:88:82:1e:45:5e:59:93:b8:54:cc:3e:59:
                    ff:81:ba:ac:38:ee:74:f2:26:0c:37:29:05:59:9f:
                    8f:61:23:71:d5:d0:7a:b4:38:aa:b5:49:b3:0e:c5:
                    af:94:c1:6b:5c:38:fd:38:68:df:f1:f5:c7:af:15:
                    1a:ab:5c:7b:74:5c:be:9d:3e:9a:e3:12:2f:81:01:
                    27:92:64:6f:a8:9c:f6:fe:f1:e7:ae:2c:ca:08:bd:
                    a9:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                76:8D:04:45:16:A3:3A:DF:B0:FC:22:77:72:72:E3:56:14:CF:6C:4F
            X509v3 Authority Key Identifier:
                keyid:76:7F:42:4D:48:34:06:C4:20:E5:DF:19:BE:BE:99:3F:72:5A:F7:B6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/b46d7c25e696ed377507b900d5ff91a54c07716f.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  201.251.250.0/23

    Signature Algorithm: sha256WithRSAEncryption
         7b:fb:51:ef:ca:55:cf:a9:49:a6:c2:60:75:5c:50:e3:03:fc:
         c4:9e:ff:72:b1:e8:9b:2e:da:04:31:e0:a0:e3:ed:a5:7e:d0:
         e0:d3:d8:b1:ae:77:9f:c2:6a:98:93:98:c2:9f:35:65:17:5b:
         08:64:34:ef:46:8d:52:c0:4c:aa:fa:8b:0c:cb:8a:e4:60:ab:
         a3:3c:10:23:cb:42:90:53:a0:83:60:37:a3:7b:64:d6:cd:da:
         ef:27:03:47:b5:54:71:2d:61:52:b7:67:70:cf:bb:fe:93:3f:
         2e:ed:8b:c9:c7:d6:4e:78:32:44:55:10:3f:f6:12:70:fc:e7:
         e3:31:6e:6c:9c:26:be:2f:93:b9:e5:c6:0a:48:5f:90:75:5c:
         e3:eb:3d:e1:24:2a:04:13:f8:67:09:a4:ec:f9:8f:00:c6:7d:
         8d:e1:82:10:74:41:b0:12:e2:08:e1:31:eb:5c:4e:ac:24:aa:
         57:32:9f:98:72:25:6a:9e:ff:3b:9d:2f:d9:00:82:f0:02:3c:
         f3:1a:2d:49:9a:c6:39:ba:92:fc:52:31:3c:fe:67:17:7e:bc:
         12:56:76:6f:51:b6:d0:c0:76:89:b7:77:c9:42:a0:0c:3e:91:
         bf:6d:47:30:ac:56:fb:13:f6:d2:72:e8:c1:3f:b7:ff:bb:3b:
         10:4c:62:10
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDE+27MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGJm
YmI0ZDNhNmRkNWU2NDlhNjU1NGM0ODE3Y2UwZWQyNzc0MjkxMzYwHhcNMjQwMTI1
MTg0OTU1WhcNMjYwMTI1MTg0OTU1WjAzMTEwLwYDVQQDEyhiNDZkN2MyNWU2OTZl
ZDM3NzUwN2I5MDBkNWZmOTFhNTRjMDc3MTZmMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAroavhEd6SyF2ybTVm0sNovfFZRVLYczwN6OSi1QWLj+pHKxO
UJ/7HNVEZMkE4ywRDLSRDCPuwX7ABOJ99oKw8yumA1XBit0bW4HRh8E41bbS45lj
IE6bS4FcUp9f3KHloJT54B6dCiPo+XlMBamYNyn47kFckas02iTsBbpZFBgZRkXE
xQrSsg8UYvWNY/aCtlMC/5dcFi5fjWcPxi9lYGl3fFVuFRSIgh5FXlmTuFTMPln/
gbqsOO508iYMNykFWZ+PYSNx1dB6tDiqtUmzDsWvlMFrXDj9OGjf8fXHrxUaq1x7
dFy+nT6a4xIvgQEnkmRvqJz2/vHnrizKCL2poQIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFHaNBEUWozrfsPwid3Jy41YUz2xPMB8GA1UdIwQYMBaAFHZ/Qk1INAbEIOXf
Gb6+mT9yWve2MA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYmZiYjRk
M2E2ZGQ1ZTY0OWE2NTU0YzQ4MTdjZTBlZDI3NzQyOTEzNi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNTM3NWJjZmMtOGI4Ni00NTJlLTg1MGQtODNjZmUz
YjUwZjA2L2I0NmQ3YzI1ZTY5NmVkMzc3NTA3YjkwMGQ1ZmY5MWE1NGMwNzcxNmYu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy81Mzc1YmNmYy04Yjg2LTQ1MmUtODUwZC04M2Nm
ZTNiNTBmMDYvYmZiYjRkM2E2ZGQ1ZTY0OWE2NTU0YzQ4MTdjZTBlZDI3NzQyOTEz
Ni5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAcn7+jANBgkqhkiG9w0BAQsFAAOCAQEAe/tR78pVz6lJpsJg
dVxQ4wP8xJ7/crHomy7aBDHgoOPtpX7Q4NPYsa53n8JqmJOYwp81ZRdbCGQ070aN
UsBMqvqLDMuK5GCrozwQI8tCkFOgg2A3o3tk1s3a7ycDR7VUcS1hUrdncM+7/pM/
Lu2LycfWTngyRFUQP/YScPzn4zFubJwmvi+TueXGCkhfkHVc4+s94SQqBBP4Zwmk
7PmPAMZ9jeGCEHRBsBLiCOEx61xOrCSqVzKfmHIlap7/O50v2QCC8AI88xotSZrG
ObqS/FIxPP5nF368ElZ2b1G20MB2ibd3yUKgDD6Rv21HMKxW+xP20nLowT+3/7s7
EExiEA==
-----END CERTIFICATE-----
Generated at Mon Apr 15 09:53:54 2024 by rpki-client on console-ams.rpki-client.org