Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/5573f7ae-9904-4e6f-a420-753d9cccf11c/163808f02b97c6e2d4e14c4968c935521943e765.roa
File:                     163808f02b97c6e2d4e14c4968c935521943e765.roa (raw, json)
Hash identifier:          O2sackLDk0FDWg40xdjc7X8gyYhat1Cc2cWHOLZuDUs=
Subject key identifier:   9D:6D:B7:8D:FE:B8:DB:02:E1:FB:5B:5F:52:01:73:7C:20:70:27:17
Certificate issuer:       /CN=6629fdd5cda4c01f202e4b42e2e1d4bd2db9e248
Certificate serial:       21A3CC
Authority key identifier: FC:66:FD:90:96:46:B3:DB:D4:BD:4E:67:07:C6:F5:E9:E4:52:A0:16
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/6629fdd5cda4c01f202e4b42e2e1d4bd2db9e248.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/5573f7ae-9904-4e6f-a420-753d9cccf11c/163808f02b97c6e2d4e14c4968c935521943e765.roa
Signing time:             Mon 03 Jul 2023 12:25:30 +0000
ROA not before:           Sun 02 Jul 2023 12:25:29 +0000
ROA not after:            Mon 03 Jul 2028 12:25:29 +0000
asID:                     27711
IP address blocks:        200.80.205.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/5573f7ae-9904-4e6f-a420-753d9cccf11c/6629fdd5cda4c01f202e4b42e2e1d4bd2db9e248.crl
                          rsync://repository.lacnic.net/rpki/lacnic/5573f7ae-9904-4e6f-a420-753d9cccf11c/6629fdd5cda4c01f202e4b42e2e1d4bd2db9e248.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/6629fdd5cda4c01f202e4b42e2e1d4bd2db9e248.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 03 Mar 2024 11:46:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2204620 (0x21a3cc)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6629fdd5cda4c01f202e4b42e2e1d4bd2db9e248
        Validity
            Not Before: Jul  2 12:25:29 2023 GMT
            Not After : Jul  3 12:25:29 2028 GMT
        Subject: CN=163808f02b97c6e2d4e14c4968c935521943e765
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:ef:0a:35:22:e3:98:93:f8:fc:eb:3b:c2:7f:
                    9d:c5:10:07:38:3d:7f:d6:37:bd:1d:b5:a5:6d:12:
                    15:86:4d:03:17:79:29:7c:03:dc:09:8f:78:e5:7a:
                    41:38:10:e3:70:10:b7:ee:aa:6f:fd:b1:21:07:fd:
                    58:48:ca:ae:ac:e1:c4:dc:0c:b6:54:3d:6b:2d:01:
                    a7:b5:f9:bc:2d:bd:cb:70:93:ef:de:7e:3a:44:db:
                    96:e9:17:96:c9:45:7c:21:2b:10:85:ce:ab:03:c7:
                    d7:2b:af:39:ff:98:11:32:f8:f5:d1:11:fc:23:a5:
                    00:52:b4:0e:84:20:a4:ab:13:04:3f:85:e8:11:d3:
                    cf:f2:b3:f7:63:5a:83:0c:bb:18:47:d9:3c:9b:69:
                    ce:3f:54:dd:93:bc:7d:7c:0b:4f:6c:22:d8:5a:d3:
                    43:80:56:cc:06:6c:1f:59:08:17:92:46:f9:fc:83:
                    0a:a9:4d:8f:fd:66:22:6a:a8:1f:33:1c:87:c6:64:
                    c3:76:c2:16:b7:bd:56:89:39:13:a2:3f:e5:27:8d:
                    90:b1:c9:09:72:81:1f:16:e3:83:0f:b6:38:e7:9e:
                    ce:76:b8:2e:a5:29:b8:15:e5:37:40:c7:ab:b4:25:
                    7a:28:eb:c0:28:3f:0b:71:52:cb:d9:40:94:68:0e:
                    f8:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9D:6D:B7:8D:FE:B8:DB:02:E1:FB:5B:5F:52:01:73:7C:20:70:27:17
            X509v3 Authority Key Identifier:
                keyid:FC:66:FD:90:96:46:B3:DB:D4:BD:4E:67:07:C6:F5:E9:E4:52:A0:16

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/6629fdd5cda4c01f202e4b42e2e1d4bd2db9e248.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/5573f7ae-9904-4e6f-a420-753d9cccf11c/163808f02b97c6e2d4e14c4968c935521943e765.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/5573f7ae-9904-4e6f-a420-753d9cccf11c/6629fdd5cda4c01f202e4b42e2e1d4bd2db9e248.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.80.205.0/24

    Signature Algorithm: sha256WithRSAEncryption
         55:e6:2b:3c:76:f4:33:9c:18:30:a3:4a:cc:92:f3:cb:3b:b3:
         76:1b:10:6d:ad:c1:12:24:40:99:cf:a7:76:ed:3f:d7:65:23:
         9b:5a:ec:8f:bf:ff:b6:f4:e9:59:bb:eb:f0:d6:11:d4:7e:1d:
         6b:4b:79:82:24:26:d8:d1:fe:8a:2a:86:67:bf:62:0d:e4:12:
         99:05:94:ed:c1:2b:1f:63:73:0e:a0:0a:0b:61:52:ea:b8:43:
         b9:63:70:f1:7b:89:22:00:93:00:ca:2a:be:e0:59:7b:e9:5a:
         a5:82:26:63:3b:07:23:4f:da:4a:1e:cd:08:eb:97:6d:6b:f6:
         21:57:96:40:25:04:30:9c:a9:d8:0b:89:25:8f:11:be:35:9a:
         b8:17:d7:ce:93:67:df:0d:4c:41:5a:3e:8e:b8:9b:b0:a5:27:
         9b:16:d5:7e:7e:e5:0d:5b:0b:aa:b3:44:72:24:26:48:c6:6e:
         48:d0:de:94:01:48:c1:40:27:0e:71:bd:26:96:94:b0:23:fc:
         fc:6d:22:af:25:8f:f2:3c:20:33:62:98:b1:72:74:0e:f3:31:
         a7:28:5f:2a:7c:2b:76:a9:78:fb:cd:94:bd:ae:af:66:73:b1:
         b1:eb:af:33:f6:a8:01:b1:72:b7:d2:eb:34:66:94:7c:de:dc:
         32:50:1e:47
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDIaPMMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDY2
MjlmZGQ1Y2RhNGMwMWYyMDJlNGI0MmUyZTFkNGJkMmRiOWUyNDgwHhcNMjMwNzAy
MTIyNTI5WhcNMjgwNzAzMTIyNTI5WjAzMTEwLwYDVQQDEygxNjM4MDhmMDJiOTdj
NmUyZDRlMTRjNDk2OGM5MzU1MjE5NDNlNzY1MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAiO8KNSLjmJP4/Os7wn+dxRAHOD1/1je9HbWlbRIVhk0DF3kp
fAPcCY945XpBOBDjcBC37qpv/bEhB/1YSMqurOHE3Ay2VD1rLQGntfm8Lb3LcJPv
3n46RNuW6ReWyUV8ISsQhc6rA8fXK685/5gRMvj10RH8I6UAUrQOhCCkqxMEP4Xo
EdPP8rP3Y1qDDLsYR9k8m2nOP1Tdk7x9fAtPbCLYWtNDgFbMBmwfWQgXkkb5/IMK
qU2P/WYiaqgfMxyHxmTDdsIWt71WiTkToj/lJ42QsckJcoEfFuODD7Y4557Odrgu
pSm4FeU3QMertCV6KOvAKD8LcVLL2UCUaA743wIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFJ1tt43+uNsC4ftbX1IBc3wgcCcXMB8GA1UdIwQYMBaAFPxm/ZCWRrPb1L1O
ZwfG9enkUqAWMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvNjYyOWZk
ZDVjZGE0YzAxZjIwMmU0YjQyZTJlMWQ0YmQyZGI5ZTI0OC5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNTU3M2Y3YWUtOTkwNC00ZTZmLWE0MjAtNzUzZDlj
Y2NmMTFjLzE2MzgwOGYwMmI5N2M2ZTJkNGUxNGM0OTY4YzkzNTUyMTk0M2U3NjUu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy81NTczZjdhZS05OTA0LTRlNmYtYTQyMC03NTNk
OWNjY2YxMWMvNjYyOWZkZDVjZGE0YzAxZjIwMmU0YjQyZTJlMWQ0YmQyZGI5ZTI0
OC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAMhQzTANBgkqhkiG9w0BAQsFAAOCAQEAVeYrPHb0M5wYMKNK
zJLzyzuzdhsQba3BEiRAmc+ndu0/12Ujm1rsj7//tvTpWbvr8NYR1H4da0t5giQm
2NH+iiqGZ79iDeQSmQWU7cErH2NzDqAKC2FS6rhDuWNw8XuJIgCTAMoqvuBZe+la
pYImYzsHI0/aSh7NCOuXbWv2IVeWQCUEMJyp2AuJJY8RvjWauBfXzpNn3w1MQVo+
jribsKUnmxbVfn7lDVsLqrNEciQmSMZuSNDelAFIwUAnDnG9JpaUsCP8/G0iryWP
8jwgM2KYsXJ0DvMxpyhfKnwrdql4+82Uva6vZnOxseuvM/aoAbFyt9LrNGaUfN7c
MlAeRw==
-----END CERTIFICATE-----
Generated at Thu Feb 29 19:48:11 2024 by rpki-client on console-ams.rpki-client.org