Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/58a7451f-2617-4d0f-9e75-6d2ae9ccf566/df162264ca180a6125a579ee61aa42bf83e94aed.roa
File:                     df162264ca180a6125a579ee61aa42bf83e94aed.roa (raw, json)
Hash identifier:          Y25kNN1cg3b4MUgyBGC+PcWYrjIQZB9rS3L06ENlLMw=
Subject key identifier:   82:D3:D6:07:0A:AF:DD:B3:A8:3C:26:03:1E:93:10:76:AC:7F:95:66
Certificate issuer:       /CN=43a1dd4035b8d29ba7566c64529634ff64783a4f
Certificate serial:       29818E
Authority key identifier: 10:C0:5B:66:2A:57:45:36:50:20:F1:D6:FA:8F:59:EF:4D:94:FE:DC
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/43a1dd4035b8d29ba7566c64529634ff64783a4f.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/58a7451f-2617-4d0f-9e75-6d2ae9ccf566/df162264ca180a6125a579ee61aa42bf83e94aed.roa
Signing time:             Tue 06 Feb 2024 15:36:53 +0000
ROA not before:           Tue 06 Feb 2024 15:36:47 +0000
ROA not after:            Tue 06 Feb 2029 15:36:47 +0000
asID:                     263738
IP address blocks:        200.7.211.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/58a7451f-2617-4d0f-9e75-6d2ae9ccf566/43a1dd4035b8d29ba7566c64529634ff64783a4f.crl
                          rsync://repository.lacnic.net/rpki/lacnic/58a7451f-2617-4d0f-9e75-6d2ae9ccf566/43a1dd4035b8d29ba7566c64529634ff64783a4f.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/43a1dd4035b8d29ba7566c64529634ff64783a4f.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 15 Apr 2024 06:03:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2720142 (0x29818e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=43a1dd4035b8d29ba7566c64529634ff64783a4f
        Validity
            Not Before: Feb  6 15:36:47 2024 GMT
            Not After : Feb  6 15:36:47 2029 GMT
        Subject: CN=df162264ca180a6125a579ee61aa42bf83e94aed
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:c5:24:70:bb:ba:39:09:95:77:9b:c1:1d:2d:
                    7f:ee:ac:f1:f7:2a:e1:47:f0:40:81:59:8e:b2:36:
                    fc:f6:04:d6:31:df:0f:b6:a1:70:31:cb:9e:a3:d4:
                    4f:d3:55:f4:12:8f:8c:f4:a8:c0:27:e2:fe:fe:72:
                    4a:78:75:cc:ee:8b:7b:2d:2a:a5:66:03:b7:0f:87:
                    34:13:f3:c5:02:f3:c5:63:4c:e4:fb:b3:0c:11:94:
                    b6:3a:36:0e:d2:7b:51:aa:7a:bd:39:ad:4f:06:ac:
                    b5:f1:97:34:1e:03:4f:0d:26:5b:d0:81:77:6d:bf:
                    d4:eb:ec:fa:bf:6d:6c:98:ba:54:35:c5:c1:7c:d1:
                    b9:b0:10:df:34:ee:e9:36:b0:c4:89:e9:73:32:c7:
                    70:df:19:66:4e:d3:c0:16:90:cb:30:fa:a5:70:b2:
                    41:ca:54:3e:3c:a2:0b:76:db:a0:6f:15:ba:7f:df:
                    5d:c0:0e:a0:54:32:1f:96:f4:68:d1:c4:33:b7:d0:
                    9b:c2:17:e1:2c:33:b0:c7:b0:5b:a2:be:e3:09:b9:
                    d1:bb:24:f8:b5:bf:a3:db:b8:b7:64:e8:b3:c5:26:
                    66:21:f1:a3:c5:80:f9:d8:af:d0:10:53:45:d8:a2:
                    3c:e9:8d:37:07:b8:1d:bd:fc:32:5e:29:3a:37:22:
                    c2:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                82:D3:D6:07:0A:AF:DD:B3:A8:3C:26:03:1E:93:10:76:AC:7F:95:66
            X509v3 Authority Key Identifier:
                keyid:10:C0:5B:66:2A:57:45:36:50:20:F1:D6:FA:8F:59:EF:4D:94:FE:DC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/43a1dd4035b8d29ba7566c64529634ff64783a4f.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/58a7451f-2617-4d0f-9e75-6d2ae9ccf566/df162264ca180a6125a579ee61aa42bf83e94aed.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/58a7451f-2617-4d0f-9e75-6d2ae9ccf566/43a1dd4035b8d29ba7566c64529634ff64783a4f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.7.211.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0b:96:45:00:12:87:65:73:35:60:7d:35:7c:0a:dc:f2:5e:96:
         b6:43:c0:35:6b:3e:17:d4:8e:b9:42:72:9c:44:28:b7:54:1c:
         07:61:d8:4e:44:ce:eb:b6:1c:83:d4:10:0e:9a:85:47:52:94:
         c0:ac:d6:eb:19:5a:b3:fd:3d:24:60:f5:33:a5:86:71:b6:09:
         be:ce:af:3a:79:a0:24:cc:e4:26:d5:57:bc:57:ab:65:8e:0b:
         2f:7f:be:26:ec:d9:09:ee:96:a6:2b:e2:1d:99:36:9e:eb:06:
         83:5d:92:97:88:65:aa:16:de:d9:36:35:f0:45:67:29:65:97:
         a0:f7:4a:6a:a3:8d:c1:16:bd:27:b9:84:83:50:0b:74:a0:a6:
         04:f6:3b:0c:f2:fc:0c:b0:b6:26:3e:f2:35:cb:08:39:91:ee:
         0f:4e:6a:94:0e:1c:d2:b3:6c:4c:46:ea:e1:c3:6f:0a:53:41:
         6a:ff:a5:e2:ae:9f:ef:72:5c:8a:9c:ac:aa:e7:fc:a2:0b:30:
         dc:e7:57:9b:45:9a:b6:74:e9:47:17:d8:87:73:95:48:51:39:
         a8:d0:7e:e9:d2:e3:98:95:94:ad:56:93:26:f1:ce:5d:3a:31:
         1d:25:22:44:b9:92:21:1d:93:91:75:11:82:b1:9e:03:c9:af:
         0a:34:cb:64
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDKYGOMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDQz
YTFkZDQwMzViOGQyOWJhNzU2NmM2NDUyOTYzNGZmNjQ3ODNhNGYwHhcNMjQwMjA2
MTUzNjQ3WhcNMjkwMjA2MTUzNjQ3WjAzMTEwLwYDVQQDEyhkZjE2MjI2NGNhMTgw
YTYxMjVhNTc5ZWU2MWFhNDJiZjgzZTk0YWVkMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAjsUkcLu6OQmVd5vBHS1/7qzx9yrhR/BAgVmOsjb89gTWMd8P
tqFwMcueo9RP01X0Eo+M9KjAJ+L+/nJKeHXM7ot7LSqlZgO3D4c0E/PFAvPFY0zk
+7MMEZS2OjYO0ntRqnq9Oa1PBqy18Zc0HgNPDSZb0IF3bb/U6+z6v21smLpUNcXB
fNG5sBDfNO7pNrDEielzMsdw3xlmTtPAFpDLMPqlcLJBylQ+PKILdtugbxW6f99d
wA6gVDIflvRo0cQzt9CbwhfhLDOwx7Bbor7jCbnRuyT4tb+j27i3ZOizxSZmIfGj
xYD52K/QEFNF2KI86Y03B7gdvfwyXik6NyLC/wIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFILT1gcKr92zqDwmAx6TEHasf5VmMB8GA1UdIwQYMBaAFBDAW2YqV0U2UCDx
1vqPWe9NlP7cMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvNDNhMWRk
NDAzNWI4ZDI5YmE3NTY2YzY0NTI5NjM0ZmY2NDc4M2E0Zi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNThhNzQ1MWYtMjYxNy00ZDBmLTllNzUtNmQyYWU5
Y2NmNTY2L2RmMTYyMjY0Y2ExODBhNjEyNWE1NzllZTYxYWE0MmJmODNlOTRhZWQu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy81OGE3NDUxZi0yNjE3LTRkMGYtOWU3NS02ZDJh
ZTljY2Y1NjYvNDNhMWRkNDAzNWI4ZDI5YmE3NTY2YzY0NTI5NjM0ZmY2NDc4M2E0
Zi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAMgH0zANBgkqhkiG9w0BAQsFAAOCAQEAC5ZFABKHZXM1YH01
fArc8l6WtkPANWs+F9SOuUJynEQot1QcB2HYTkTO67Ycg9QQDpqFR1KUwKzW6xla
s/09JGD1M6WGcbYJvs6vOnmgJMzkJtVXvFerZY4LL3++JuzZCe6WpiviHZk2nusG
g12Sl4hlqhbe2TY18EVnKWWXoPdKaqONwRa9J7mEg1ALdKCmBPY7DPL8DLC2Jj7y
NcsIOZHuD05qlA4c0rNsTEbq4cNvClNBav+l4q6f73Jcipysquf8ogsw3OdXm0Wa
tnTpRxfYh3OVSFE5qNB+6dLjmJWUrVaTJvHOXToxHSUiRLmSIR2TkXURgrGeA8mv
CjTLZA==
-----END CERTIFICATE-----
Generated at Fri Apr 12 07:45:07 2024 by rpki-client on console-ams.rpki-client.org