Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/79ca696a-a520-4632-9856-c8c301ee19bf/aba0f1b577b50ad37045c9b57bbfca931e0be44a.roa
File:                     aba0f1b577b50ad37045c9b57bbfca931e0be44a.roa (raw, json)
Hash identifier:          ej752sH4lWo8JkUkASdwxh1Uq2PvFQrN0lhNQnTpnhI=
Subject key identifier:   F0:AF:F1:4A:49:FA:7F:34:F5:E0:68:FF:D8:C7:80:CA:C3:79:91:3E
Certificate issuer:       /CN=cc8da9cbf7f9e8b8a84570a7a82f2d68027cb60b
Certificate serial:       0CEF9D
Authority key identifier: B0:DC:AD:E6:7B:75:6C:49:04:1C:82:B6:0D:1A:4B:17:2C:69:7C:24
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/cc8da9cbf7f9e8b8a84570a7a82f2d68027cb60b.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/79ca696a-a520-4632-9856-c8c301ee19bf/aba0f1b577b50ad37045c9b57bbfca931e0be44a.roa
Signing time:             Wed 24 Mar 2021 14:34:10 +0000
ROA not before:           Wed 24 Mar 2021 14:34:10 +0000
ROA not after:            Tue 24 Mar 2026 14:34:10 +0000
asID:                     263237
IP address blocks:        200.73.112.0/21 maxlen: 24
                          201.217.240.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/79ca696a-a520-4632-9856-c8c301ee19bf/cc8da9cbf7f9e8b8a84570a7a82f2d68027cb60b.crl
                          rsync://repository.lacnic.net/rpki/lacnic/79ca696a-a520-4632-9856-c8c301ee19bf/cc8da9cbf7f9e8b8a84570a7a82f2d68027cb60b.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/cc8da9cbf7f9e8b8a84570a7a82f2d68027cb60b.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 03:49:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 847773 (0xcef9d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cc8da9cbf7f9e8b8a84570a7a82f2d68027cb60b
        Validity
            Not Before: Mar 24 14:34:10 2021 GMT
            Not After : Mar 24 14:34:10 2026 GMT
        Subject: CN=aba0f1b577b50ad37045c9b57bbfca931e0be44a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:ff:2b:da:79:ff:1e:b0:a8:1c:2b:4b:31:27:
                    1b:80:37:4e:69:dc:84:63:67:20:dc:b4:6d:f8:06:
                    d3:e8:32:5a:83:14:65:ae:a8:10:22:97:11:0b:1d:
                    22:a7:9b:34:42:e1:b2:49:d3:84:ee:0f:eb:9e:b8:
                    b1:19:ad:03:ff:85:2d:b6:18:d6:35:e3:38:63:c3:
                    a7:2c:35:a6:ee:da:86:40:e7:1e:06:d1:25:6b:a3:
                    7b:37:e7:1c:b4:e8:76:02:96:cd:b9:69:79:b3:ff:
                    ba:58:3e:65:9f:28:0a:4e:a8:02:30:b5:b3:54:92:
                    0c:9a:3f:67:b0:d0:ec:01:2e:56:bb:d6:e8:02:98:
                    d5:86:97:09:f4:7d:a2:5d:3b:11:ad:96:34:98:76:
                    d3:92:8d:24:03:45:d2:ed:10:d0:d5:cf:01:86:be:
                    a6:a6:2c:ba:33:6a:ec:51:9e:56:01:52:78:42:62:
                    f3:53:14:d8:68:16:d1:c1:ed:f8:03:41:2f:de:65:
                    84:e6:4b:38:3e:27:02:ae:a1:5b:9a:fc:07:7d:50:
                    d1:7a:e6:32:25:bc:19:f9:6a:ba:81:b0:24:bf:35:
                    96:04:05:0e:76:b2:97:50:09:30:6d:6f:9c:06:ba:
                    26:99:76:9d:9a:f3:52:54:73:21:58:57:0d:3b:f3:
                    ec:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F0:AF:F1:4A:49:FA:7F:34:F5:E0:68:FF:D8:C7:80:CA:C3:79:91:3E
            X509v3 Authority Key Identifier:
                keyid:B0:DC:AD:E6:7B:75:6C:49:04:1C:82:B6:0D:1A:4B:17:2C:69:7C:24

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/cc8da9cbf7f9e8b8a84570a7a82f2d68027cb60b.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/79ca696a-a520-4632-9856-c8c301ee19bf/aba0f1b577b50ad37045c9b57bbfca931e0be44a.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/79ca696a-a520-4632-9856-c8c301ee19bf/cc8da9cbf7f9e8b8a84570a7a82f2d68027cb60b.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.73.112.0/21
                  201.217.240.0/22

    Signature Algorithm: sha256WithRSAEncryption
         1f:53:c4:ce:3f:b6:e9:9f:74:e1:ea:42:4f:71:4f:10:ff:0e:
         41:b4:b0:cf:74:6c:6e:4a:32:e8:66:d6:d2:0a:02:0f:52:9e:
         bf:39:6d:da:1c:85:e7:ed:f6:19:99:ad:e8:df:aa:e5:13:4f:
         f6:e2:cd:fa:af:ba:98:b1:06:8d:9d:ec:0a:e0:9f:72:4b:83:
         d9:b0:20:7a:56:17:f5:85:cc:da:bc:70:e3:8f:87:1e:8f:43:
         e7:92:a2:bb:52:6b:8a:10:c8:52:b3:2a:06:2f:24:f4:bc:df:
         cc:a0:ca:5c:f0:74:b6:e1:15:50:8e:14:16:b9:98:d4:8b:11:
         07:5e:b0:67:57:3f:99:36:ca:28:fe:69:1a:f0:2a:fa:f1:d0:
         ef:92:93:a3:76:7e:e7:f7:47:55:c6:8e:89:91:f7:49:f2:03:
         63:f7:a3:50:4e:b5:24:73:4e:e8:3d:ba:8f:f0:4b:b1:c8:09:
         64:be:e1:de:ec:06:38:8a:c3:7e:b6:8f:2d:07:9b:46:81:36:
         34:73:0d:e0:9b:8d:12:04:f6:b4:24:7d:0e:b0:31:4b:c7:e6:
         09:1e:1d:ce:ef:21:ba:0e:a0:05:6d:46:90:03:dd:62:05:b2:
         71:60:48:48:55:ad:6b:13:94:b6:ca:29:c7:4c:8b:bd:15:41:
         44:40:22:a8
-----BEGIN CERTIFICATE-----
MIIFRjCCBC6gAwIBAgIDDO+dMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGNj
OGRhOWNiZjdmOWU4YjhhODQ1NzBhN2E4MmYyZDY4MDI3Y2I2MGIwHhcNMjEwMzI0
MTQzNDEwWhcNMjYwMzI0MTQzNDEwWjAzMTEwLwYDVQQDEyhhYmEwZjFiNTc3YjUw
YWQzNzA0NWM5YjU3YmJmY2E5MzFlMGJlNDRhMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAhP8r2nn/HrCoHCtLMScbgDdOadyEY2cg3LRt+AbT6DJagxRl
rqgQIpcRCx0ip5s0QuGySdOE7g/rnrixGa0D/4UtthjWNeM4Y8OnLDWm7tqGQOce
BtEla6N7N+cctOh2ApbNuWl5s/+6WD5lnygKTqgCMLWzVJIMmj9nsNDsAS5Wu9bo
ApjVhpcJ9H2iXTsRrZY0mHbTko0kA0XS7RDQ1c8Bhr6mpiy6M2rsUZ5WAVJ4QmLz
UxTYaBbRwe34A0Ev3mWE5ks4PicCrqFbmvwHfVDReuYyJbwZ+Wq6gbAkvzWWBAUO
drKXUAkwbW+cBrommXadmvNSVHMhWFcNO/PsBwIDAQABo4ICYTCCAl0wHQYDVR0O
BBYEFPCv8UpJ+n809eBo/9jHgMrDeZE+MB8GA1UdIwQYMBaAFLDcreZ7dWxJBByC
tg0aSxcsaXwkMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvY2M4ZGE5
Y2JmN2Y5ZThiOGE4NDU3MGE3YTgyZjJkNjgwMjdjYjYwYi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNzljYTY5NmEtYTUyMC00NjMyLTk4NTYtYzhjMzAx
ZWUxOWJmL2FiYTBmMWI1NzdiNTBhZDM3MDQ1YzliNTdiYmZjYTkzMWUwYmU0NGEu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy83OWNhNjk2YS1hNTIwLTQ2MzItOTg1Ni1jOGMz
MDFlZTE5YmYvY2M4ZGE5Y2JmN2Y5ZThiOGE4NDU3MGE3YTgyZjJkNjgwMjdjYjYw
Yi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQW
MBQwEgQCAAEwDAMEA8hJcAMEAsnZ8DANBgkqhkiG9w0BAQsFAAOCAQEAH1PEzj+2
6Z904epCT3FPEP8OQbSwz3Rsbkoy6GbW0goCD1Kevzlt2hyF5+32GZmt6N+q5RNP
9uLN+q+6mLEGjZ3sCuCfckuD2bAgelYX9YXM2rxw44+HHo9D55Kiu1JrihDIUrMq
Bi8k9LzfzKDKXPB0tuEVUI4UFrmY1IsRB16wZ1c/mTbKKP5pGvAq+vHQ75KTo3Z+
5/dHVcaOiZH3SfIDY/ejUE61JHNO6D26j/BLscgJZL7h3uwGOIrDfraPLQebRoE2
NHMN4JuNEgT2tCR9DrAxS8fmCR4dzu8hug6gBW1GkAPdYgWycWBISFWtaxOUtsop
x0yLvRVBREAiqA==
-----END CERTIFICATE-----
Generated at Thu Mar 28 06:01:05 2024 by rpki-client on console-fra.rpki-client.org