Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/b9c4f2196f3686e9b9c6bf3450e04d37dcc2bdb7.roa
File:                     b9c4f2196f3686e9b9c6bf3450e04d37dcc2bdb7.roa (raw, json)
Hash identifier:          NzSoFOLLK41t9F6sL8uTowZuGemialVyTBHfaj1JRZs=
Subject key identifier:   8C:F1:B7:D1:97:0F:48:45:1D:C0:CC:41:F6:22:CD:98:82:FD:45:E2
Certificate issuer:       /CN=bfbb4d3a6dd5e649a6554c4817ce0ed277429136
Certificate serial:       144369
Authority key identifier: 76:7F:42:4D:48:34:06:C4:20:E5:DF:19:BE:BE:99:3F:72:5A:F7:B6
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/b9c4f2196f3686e9b9c6bf3450e04d37dcc2bdb7.roa
Signing time:             Thu 01 Feb 2024 00:02:17 +0000
ROA not before:           Thu 01 Feb 2024 00:02:16 +0000
ROA not after:            Sun 01 Feb 2026 00:02:16 +0000
asID:                     10834
IP address blocks:        209.13.0.0/16 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.crl
                          rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Thu 18 Apr 2024 06:11:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1327977 (0x144369)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bfbb4d3a6dd5e649a6554c4817ce0ed277429136
        Validity
            Not Before: Feb  1 00:02:16 2024 GMT
            Not After : Feb  1 00:02:16 2026 GMT
        Subject: CN=b9c4f2196f3686e9b9c6bf3450e04d37dcc2bdb7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:26:65:f5:10:5d:43:57:e8:cd:52:13:86:64:
                    93:ce:76:17:7a:ab:33:5c:47:b0:86:1c:84:f5:dd:
                    d6:0e:3d:15:56:85:ad:56:67:85:3c:40:a1:b2:7e:
                    f2:89:2d:6f:f1:7a:f2:ee:85:83:34:3d:80:06:43:
                    f2:83:1b:7e:02:58:43:fe:d3:7c:d7:a8:1e:24:f9:
                    89:fd:f7:ac:90:66:6e:19:39:42:22:ac:69:c4:d0:
                    e5:bf:b8:dd:34:ba:24:d2:92:b9:e9:f4:af:7f:b4:
                    af:10:be:e6:6f:42:2c:01:9b:99:94:c6:8b:2c:d1:
                    13:77:92:18:27:85:5b:b6:29:9d:10:de:01:a3:39:
                    2d:40:e6:35:d1:0b:ea:f3:d7:74:b4:f8:ac:6f:10:
                    6d:f6:a8:06:46:59:69:e5:51:7c:9d:5c:92:13:33:
                    0b:b0:c6:11:ae:e0:65:b8:65:a0:22:37:d3:47:d5:
                    3c:74:37:bb:f9:ca:e4:07:20:5e:f2:94:a7:af:31:
                    64:86:ef:05:60:59:9b:fd:1f:6f:28:e7:13:fd:86:
                    29:f9:3d:51:c8:a6:4f:72:03:dd:4c:10:de:ff:c7:
                    cc:33:c9:8e:51:0e:9e:f4:50:ef:c2:c0:c4:6b:a3:
                    04:78:4d:2a:22:f7:81:39:26:39:f9:10:1a:0f:be:
                    f2:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8C:F1:B7:D1:97:0F:48:45:1D:C0:CC:41:F6:22:CD:98:82:FD:45:E2
            X509v3 Authority Key Identifier:
                keyid:76:7F:42:4D:48:34:06:C4:20:E5:DF:19:BE:BE:99:3F:72:5A:F7:B6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/b9c4f2196f3686e9b9c6bf3450e04d37dcc2bdb7.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  209.13.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         23:a5:2d:95:79:d9:fb:5c:ef:69:2a:f4:96:b7:f0:50:b3:ba:
         42:55:f7:3c:ec:9d:e8:a6:63:e6:44:bd:96:94:4c:d2:6b:3e:
         4c:83:98:4f:c1:1b:84:33:15:fe:5a:2b:03:24:55:79:01:20:
         12:8b:9f:d3:ed:2e:44:da:d8:de:54:cf:df:dd:e2:36:0b:f9:
         5f:1a:ac:40:6c:c9:a6:27:3e:a5:d5:8e:eb:d1:e5:1a:f6:22:
         fd:68:d5:7c:b8:f0:a2:c7:05:b0:3d:89:87:ef:49:8e:1d:89:
         44:9f:23:fd:82:50:48:cc:0c:2f:8f:3a:f2:94:2c:9d:dd:0a:
         3d:56:59:37:a6:ae:7f:85:47:e4:82:81:26:8b:76:57:22:8c:
         dd:70:8b:1b:ac:29:bf:64:0d:ff:cc:e3:d0:6e:78:58:a8:e8:
         2f:93:c7:3e:20:92:3e:11:a6:a8:77:50:bf:6a:48:31:fe:b0:
         2a:bd:3c:62:39:df:1e:c3:96:ba:26:0a:74:1e:31:53:62:aa:
         b4:4c:93:24:68:5f:79:0d:fe:a8:a1:b2:1c:0c:ac:76:b8:2b:
         c1:e3:a2:86:a9:bb:2d:ce:f9:33:49:4a:22:bd:5a:b5:ce:44:
         bd:20:25:b5:e9:68:d7:74:e4:61:5f:02:77:30:1d:dc:4b:d3:
         67:31:c7:8d
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgIDFENpMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGJm
YmI0ZDNhNmRkNWU2NDlhNjU1NGM0ODE3Y2UwZWQyNzc0MjkxMzYwHhcNMjQwMjAx
MDAwMjE2WhcNMjYwMjAxMDAwMjE2WjAzMTEwLwYDVQQDEyhiOWM0ZjIxOTZmMzY4
NmU5YjljNmJmMzQ1MGUwNGQzN2RjYzJiZGI3MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAkSZl9RBdQ1fozVIThmSTznYXeqszXEewhhyE9d3WDj0VVoWt
VmeFPEChsn7yiS1v8Xry7oWDND2ABkPygxt+AlhD/tN816geJPmJ/feskGZuGTlC
IqxpxNDlv7jdNLok0pK56fSvf7SvEL7mb0IsAZuZlMaLLNETd5IYJ4VbtimdEN4B
ozktQOY10Qvq89d0tPisbxBt9qgGRllp5VF8nVySEzMLsMYRruBluGWgIjfTR9U8
dDe7+crkByBe8pSnrzFkhu8FYFmb/R9vKOcT/YYp+T1RyKZPcgPdTBDe/8fMM8mO
UQ6e9FDvwsDEa6MEeE0qIveBOSY5+RAaD77ydwIDAQABo4ICWjCCAlYwHQYDVR0O
BBYEFIzxt9GXD0hFHcDMQfYizZiC/UXiMB8GA1UdIwQYMBaAFHZ/Qk1INAbEIOXf
Gb6+mT9yWve2MA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYmZiYjRk
M2E2ZGQ1ZTY0OWE2NTU0YzQ4MTdjZTBlZDI3NzQyOTEzNi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNTM3NWJjZmMtOGI4Ni00NTJlLTg1MGQtODNjZmUz
YjUwZjA2L2I5YzRmMjE5NmYzNjg2ZTliOWM2YmYzNDUwZTA0ZDM3ZGNjMmJkYjcu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy81Mzc1YmNmYy04Yjg2LTQ1MmUtODUwZC04M2Nm
ZTNiNTBmMDYvYmZiYjRkM2E2ZGQ1ZTY0OWE2NTU0YzQ4MTdjZTBlZDI3NzQyOTEz
Ni5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQP
MA0wCwQCAAEwBQMDANENMA0GCSqGSIb3DQEBCwUAA4IBAQAjpS2Vedn7XO9pKvSW
t/BQs7pCVfc87J3opmPmRL2WlEzSaz5Mg5hPwRuEMxX+WisDJFV5ASASi5/T7S5E
2tjeVM/f3eI2C/lfGqxAbMmmJz6l1Y7r0eUa9iL9aNV8uPCixwWwPYmH70mOHYlE
nyP9glBIzAwvjzrylCyd3Qo9Vlk3pq5/hUfkgoEmi3ZXIozdcIsbrCm/ZA3/zOPQ
bnhYqOgvk8c+IJI+Eaaod1C/akgx/rAqvTxiOd8ew5a6Jgp0HjFTYqq0TJMkaF95
Df6oobIcDKx2uCvB46KGqbstzvkzSUoivVq1zkS9ICW16WjXdORhXwJ3MB3cS9Nn
MceN
-----END CERTIFICATE-----
Generated at Mon Apr 15 09:53:54 2024 by rpki-client on console-ams.rpki-client.org