Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/d97af3916006cef9ba81d931f142058fe37a2d5d.roa
File:                     d97af3916006cef9ba81d931f142058fe37a2d5d.roa (raw, json)
Hash identifier:          k1Dc7TumBo7pg5N5L7RtGBB6qbb3fG0kNtOpggUlVM4=
Subject key identifier:   20:37:0E:6A:AC:C7:7B:F4:57:25:0E:98:B0:84:E1:A1:09:AA:86:19
Certificate issuer:       /CN=bfbb4d3a6dd5e649a6554c4817ce0ed277429136
Certificate serial:       12897F
Authority key identifier: 76:7F:42:4D:48:34:06:C4:20:E5:DF:19:BE:BE:99:3F:72:5A:F7:B6
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/d97af3916006cef9ba81d931f142058fe37a2d5d.roa
Signing time:             Wed 29 Nov 2023 21:31:03 +0000
ROA not before:           Wed 29 Nov 2023 21:31:03 +0000
ROA not after:            Sat 29 Nov 2025 21:31:03 +0000
asID:                     27927
IP address blocks:        201.251.13.0/24 maxlen: 24
                          201.251.14.0/23 maxlen: 24
                          201.251.16.0/23 maxlen: 24
                          201.251.20.0/24 maxlen: 24
                          201.251.24.0/24 maxlen: 24
                          201.251.26.0/23 maxlen: 24
                          201.251.28.0/24 maxlen: 24
                          201.251.32.0/23 maxlen: 24
                          201.251.34.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.crl
                          rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Thu 18 Apr 2024 06:11:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1214847 (0x12897f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bfbb4d3a6dd5e649a6554c4817ce0ed277429136
        Validity
            Not Before: Nov 29 21:31:03 2023 GMT
            Not After : Nov 29 21:31:03 2025 GMT
        Subject: CN=d97af3916006cef9ba81d931f142058fe37a2d5d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:44:18:b6:19:01:37:e5:ec:90:86:d5:93:3e:
                    61:6f:a3:23:4d:57:eb:02:42:5f:19:69:fa:5d:aa:
                    22:58:5d:11:3a:da:f3:9f:d3:9e:89:ac:86:57:c2:
                    9f:b9:6d:3c:27:87:ed:89:81:df:37:bb:37:05:8c:
                    16:77:02:44:14:91:03:f0:c0:99:60:4c:f6:c3:23:
                    01:3b:29:5b:f7:3a:c0:fc:79:08:35:e7:7b:49:49:
                    ec:be:6a:38:fe:cf:1a:0d:dc:63:bc:0f:0b:4a:82:
                    bd:13:c1:3b:96:00:0f:90:46:14:ad:1d:d4:34:77:
                    9b:34:d5:a8:38:e4:44:28:51:85:48:67:10:9d:d3:
                    80:a9:44:a0:94:cd:91:24:c9:6c:77:bc:ea:1a:86:
                    00:01:e8:7b:bf:d3:be:b1:1e:7a:96:b2:88:17:03:
                    ef:56:f5:f8:b6:a8:e4:3f:08:88:55:5f:d9:41:97:
                    bc:e3:99:78:02:b6:57:b2:49:08:1b:ea:61:7f:24:
                    8f:ad:75:47:e0:94:58:16:a1:d6:ee:80:ff:99:00:
                    23:84:8c:c0:dc:ac:21:82:27:71:c7:07:4d:7b:fd:
                    b2:39:4c:9e:ae:4d:58:f9:bd:19:22:ab:1e:3a:f4:
                    eb:85:45:95:a6:0f:2f:bf:4b:cc:13:68:ca:12:50:
                    31:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                20:37:0E:6A:AC:C7:7B:F4:57:25:0E:98:B0:84:E1:A1:09:AA:86:19
            X509v3 Authority Key Identifier:
                keyid:76:7F:42:4D:48:34:06:C4:20:E5:DF:19:BE:BE:99:3F:72:5A:F7:B6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/d97af3916006cef9ba81d931f142058fe37a2d5d.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  201.251.13.0-201.251.17.255
                  201.251.20.0/24
                  201.251.24.0/24
                  201.251.26.0-201.251.28.255
                  201.251.32.0-201.251.34.255

    Signature Algorithm: sha256WithRSAEncryption
         6c:e2:6d:99:a4:d8:e0:40:2a:5d:90:23:8d:8f:ae:94:2e:57:
         bb:29:85:31:d8:50:ae:20:b0:60:61:ef:ce:32:e6:b4:78:e0:
         3a:6e:8f:96:0d:b8:57:a6:6e:74:48:74:e7:76:10:64:3c:13:
         1a:34:23:5a:46:63:fd:7f:c4:7c:72:06:c1:54:de:6a:c2:21:
         8a:e7:56:b4:47:7e:74:f5:46:0d:e4:e5:10:40:7d:2e:df:f9:
         ce:30:99:da:6b:8d:8e:8a:2a:67:29:03:7f:13:bd:46:2e:35:
         79:c6:b0:e7:c0:12:50:31:a6:a5:f8:2c:14:50:ef:20:f6:9a:
         2c:06:ec:79:4f:52:92:97:f8:4d:dc:31:89:ac:3f:a0:92:cf:
         46:ec:dc:18:de:de:c9:09:69:ef:e2:6c:7a:df:87:f0:61:79:
         cb:65:2d:43:2a:82:a2:ac:08:ae:99:a6:ce:d8:27:9e:35:38:
         f6:fc:81:e4:1e:09:ad:f1:07:a2:89:29:3b:08:13:fe:67:b0:
         1b:3d:4c:1f:2c:99:12:93:c3:07:1b:1e:b5:e2:0a:c9:21:8a:
         80:82:23:6f:d9:72:92:fb:04:54:3b:59:30:44:4f:79:76:b9:
         3e:96:57:cb:86:fc:81:db:9d:28:ab:f6:fd:18:94:83:61:80:
         42:54:b3:4f
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIDEol/MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGJm
YmI0ZDNhNmRkNWU2NDlhNjU1NGM0ODE3Y2UwZWQyNzc0MjkxMzYwHhcNMjMxMTI5
MjEzMTAzWhcNMjUxMTI5MjEzMTAzWjAzMTEwLwYDVQQDEyhkOTdhZjM5MTYwMDZj
ZWY5YmE4MWQ5MzFmMTQyMDU4ZmUzN2EyZDVkMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAjkQYthkBN+XskIbVkz5hb6MjTVfrAkJfGWn6XaoiWF0ROtrz
n9OeiayGV8KfuW08J4ftiYHfN7s3BYwWdwJEFJED8MCZYEz2wyMBOylb9zrA/HkI
Ned7SUnsvmo4/s8aDdxjvA8LSoK9E8E7lgAPkEYUrR3UNHebNNWoOOREKFGFSGcQ
ndOAqUSglM2RJMlsd7zqGoYAAeh7v9O+sR56lrKIFwPvVvX4tqjkPwiIVV/ZQZe8
45l4ArZXskkIG+phfySPrXVH4JRYFqHW7oD/mQAjhIzA3KwhgidxxwdNe/2yOUye
rk1Y+b0ZIqseOvTrhUWVpg8vv0vME2jKElAx+wIDAQABo4ICizCCAocwHQYDVR0O
BBYEFCA3Dmqsx3v0VyUOmLCE4aEJqoYZMB8GA1UdIwQYMBaAFHZ/Qk1INAbEIOXf
Gb6+mT9yWve2MA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYmZiYjRk
M2E2ZGQ1ZTY0OWE2NTU0YzQ4MTdjZTBlZDI3NzQyOTEzNi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNTM3NWJjZmMtOGI4Ni00NTJlLTg1MGQtODNjZmUz
YjUwZjA2L2Q5N2FmMzkxNjAwNmNlZjliYTgxZDkzMWYxNDIwNThmZTM3YTJkNWQu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy81Mzc1YmNmYy04Yjg2LTQ1MmUtODUwZC04M2Nm
ZTNiNTBmMDYvYmZiYjRkM2E2ZGQ1ZTY0OWE2NTU0YzQ4MTdjZTBlZDI3NzQyOTEz
Ni5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBPBggrBgEFBQcBBwEB/wRA
MD4wPAQCAAEwNjAMAwQAyfsNAwQByfsQAwQAyfsUAwQAyfsYMAwDBAHJ+xoDBADJ
+xwwDAMEBcn7IAMEAMn7IjANBgkqhkiG9w0BAQsFAAOCAQEAbOJtmaTY4EAqXZAj
jY+ulC5XuymFMdhQriCwYGHvzjLmtHjgOm6Plg24V6ZudEh053YQZDwTGjQjWkZj
/X/EfHIGwVTeasIhiudWtEd+dPVGDeTlEEB9Lt/5zjCZ2muNjooqZykDfxO9Ri41
ecaw58ASUDGmpfgsFFDvIPaaLAbseU9Skpf4Tdwxiaw/oJLPRuzcGN7eyQlp7+Js
et+H8GF5y2UtQyqCoqwIrpmmztgnnjU49vyB5B4JrfEHookpOwgT/mewGz1MHyyZ
EpPDBxseteIKySGKgIIjb9lykvsEVDtZMERPeXa5PpZXy4b8gdudKKv2/RiUg2GA
QlSzTw==
-----END CERTIFICATE-----
Generated at Mon Apr 15 10:07:20 2024 by rpki-client on console-fra.rpki-client.org