Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/f6420aeb78a4a3d7b839687b17e91858a41465f6.roa
File:                     f6420aeb78a4a3d7b839687b17e91858a41465f6.roa (raw, json)
Hash identifier:          mQJbx8EsBczpxxsOiSPNxqzYw/rE9AlqyVKIDOPepUc=
Subject key identifier:   89:10:80:22:8E:EC:D4:4C:47:4B:05:33:39:14:4D:C4:57:10:B3:51
Certificate issuer:       /CN=bfbb4d3a6dd5e649a6554c4817ce0ed277429136
Certificate serial:       12949D
Authority key identifier: 76:7F:42:4D:48:34:06:C4:20:E5:DF:19:BE:BE:99:3F:72:5A:F7:B6
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/f6420aeb78a4a3d7b839687b17e91858a41465f6.roa
Signing time:             Wed 29 Nov 2023 21:33:32 +0000
ROA not before:           Wed 29 Nov 2023 21:33:32 +0000
ROA not after:            Sat 29 Nov 2025 21:33:32 +0000
asID:                     263742
IP address blocks:        201.251.102.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.crl
                          rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Thu 18 Apr 2024 06:11:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1217693 (0x12949d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bfbb4d3a6dd5e649a6554c4817ce0ed277429136
        Validity
            Not Before: Nov 29 21:33:32 2023 GMT
            Not After : Nov 29 21:33:32 2025 GMT
        Subject: CN=f6420aeb78a4a3d7b839687b17e91858a41465f6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:93:83:a4:c2:12:f9:6f:d2:73:40:5b:03:ec:
                    6b:71:fb:df:d5:5c:65:87:0e:52:b6:37:8b:1c:eb:
                    20:f4:55:9f:fa:8c:89:a4:32:b3:ae:94:eb:f8:5e:
                    dc:08:53:d7:22:c8:70:90:85:d8:08:3d:75:ef:25:
                    5d:1e:32:94:ac:07:92:d5:fd:d9:86:74:bf:57:62:
                    45:06:e9:c4:6b:30:c9:2b:3a:c1:34:25:20:fb:10:
                    ef:ef:62:7a:bd:95:fe:8d:e9:88:22:99:3c:9e:65:
                    5d:83:3a:90:55:67:6e:0c:39:d5:90:87:54:5d:a1:
                    79:18:4e:e5:91:5a:e0:70:bd:bb:34:0f:5d:e1:39:
                    0a:d7:33:35:7b:9c:09:49:66:f5:78:20:8f:4c:1a:
                    6c:dc:a2:d6:fd:63:4f:0a:4d:be:67:48:c5:15:b2:
                    3a:05:be:fd:25:ed:b7:58:b3:12:b5:8a:bf:c1:a3:
                    0d:0a:cb:85:04:79:0a:1c:32:2a:71:d8:d9:1f:6c:
                    c1:fa:e9:45:95:a2:ef:ae:39:90:4d:95:26:32:af:
                    48:b4:c3:63:82:28:d0:ee:7c:cf:ce:f7:04:08:9f:
                    a6:c3:2f:ba:e5:63:35:dd:f9:83:bc:23:20:36:27:
                    40:05:16:d0:d6:af:77:6e:fd:96:af:03:b2:6f:82:
                    46:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                89:10:80:22:8E:EC:D4:4C:47:4B:05:33:39:14:4D:C4:57:10:B3:51
            X509v3 Authority Key Identifier:
                keyid:76:7F:42:4D:48:34:06:C4:20:E5:DF:19:BE:BE:99:3F:72:5A:F7:B6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/f6420aeb78a4a3d7b839687b17e91858a41465f6.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  201.251.102.0/24

    Signature Algorithm: sha256WithRSAEncryption
         80:1b:f6:1e:84:fc:9d:63:f5:1f:6b:a0:d9:74:80:c0:b2:39:
         df:20:84:17:d9:40:fd:79:f0:77:db:7a:ac:f7:b9:25:79:b3:
         c4:bf:51:ef:f5:c4:68:1d:66:7b:b3:69:bb:2d:42:0e:15:ad:
         d7:f8:19:98:e4:7f:85:92:a8:f7:a5:28:a2:40:ae:19:08:41:
         89:eb:b0:fc:a7:78:2b:7f:04:b2:74:eb:c1:a9:be:bb:b4:71:
         00:7d:b9:8c:cb:e6:d1:58:9e:fb:38:cf:44:8d:ca:0f:ff:38:
         17:7f:1d:a2:bf:f1:b4:95:50:63:2a:2b:b0:78:c8:2d:3b:89:
         c4:af:90:c1:38:69:5e:d2:c9:e4:49:cd:39:41:0a:ff:59:38:
         06:d5:c5:0c:21:35:a4:f8:fb:4e:3e:d7:8c:5f:e6:22:8b:d7:
         8f:19:fc:88:37:94:52:84:6a:00:05:38:f5:38:2c:2b:6f:d6:
         a7:cd:54:2e:83:41:90:89:9c:aa:46:d4:e7:69:fb:cc:e0:83:
         3b:cf:00:cc:ba:b2:67:fc:fb:88:1d:41:7b:9b:77:ea:e5:df:
         f8:cd:51:b5:1f:2e:cf:92:33:3c:fa:f8:60:e0:52:78:05:0d:
         f8:f4:e9:49:61:bf:e0:df:d4:03:04:b6:18:a4:0a:39:60:37:
         74:73:9c:f4
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDEpSdMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGJm
YmI0ZDNhNmRkNWU2NDlhNjU1NGM0ODE3Y2UwZWQyNzc0MjkxMzYwHhcNMjMxMTI5
MjEzMzMyWhcNMjUxMTI5MjEzMzMyWjAzMTEwLwYDVQQDEyhmNjQyMGFlYjc4YTRh
M2Q3YjgzOTY4N2IxN2U5MTg1OGE0MTQ2NWY2MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAp5ODpMIS+W/Sc0BbA+xrcfvf1Vxlhw5StjeLHOsg9FWf+oyJ
pDKzrpTr+F7cCFPXIshwkIXYCD117yVdHjKUrAeS1f3ZhnS/V2JFBunEazDJKzrB
NCUg+xDv72J6vZX+jemIIpk8nmVdgzqQVWduDDnVkIdUXaF5GE7lkVrgcL27NA9d
4TkK1zM1e5wJSWb1eCCPTBps3KLW/WNPCk2+Z0jFFbI6Bb79Je23WLMStYq/waMN
CsuFBHkKHDIqcdjZH2zB+ulFlaLvrjmQTZUmMq9ItMNjgijQ7nzPzvcECJ+mwy+6
5WM13fmDvCMgNidABRbQ1q93bv2WrwOyb4JG9wIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFIkQgCKO7NRMR0sFMzkUTcRXELNRMB8GA1UdIwQYMBaAFHZ/Qk1INAbEIOXf
Gb6+mT9yWve2MA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYmZiYjRk
M2E2ZGQ1ZTY0OWE2NTU0YzQ4MTdjZTBlZDI3NzQyOTEzNi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNTM3NWJjZmMtOGI4Ni00NTJlLTg1MGQtODNjZmUz
YjUwZjA2L2Y2NDIwYWViNzhhNGEzZDdiODM5Njg3YjE3ZTkxODU4YTQxNDY1ZjYu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy81Mzc1YmNmYy04Yjg2LTQ1MmUtODUwZC04M2Nm
ZTNiNTBmMDYvYmZiYjRkM2E2ZGQ1ZTY0OWE2NTU0YzQ4MTdjZTBlZDI3NzQyOTEz
Ni5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAMn7ZjANBgkqhkiG9w0BAQsFAAOCAQEAgBv2HoT8nWP1H2ug
2XSAwLI53yCEF9lA/Xnwd9t6rPe5JXmzxL9R7/XEaB1me7Npuy1CDhWt1/gZmOR/
hZKo96UookCuGQhBieuw/Kd4K38EsnTrwam+u7RxAH25jMvm0Vie+zjPRI3KD/84
F38dor/xtJVQYyorsHjILTuJxK+QwThpXtLJ5EnNOUEK/1k4BtXFDCE1pPj7Tj7X
jF/mIovXjxn8iDeUUoRqAAU49TgsK2/Wp81ULoNBkImcqkbU52n7zOCDO88AzLqy
Z/z7iB1Be5t36uXf+M1RtR8uz5IzPPr4YOBSeAUN+PTpSWG/4N/UAwS2GKQKOWA3
dHOc9A==
-----END CERTIFICATE-----
Generated at Mon Apr 15 10:07:20 2024 by rpki-client on console-fra.rpki-client.org