Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/8b066309-a923-4581-a1b3-d11e46a96866/7b2627680f0cf4129a9b93f0aba5aba38f74305b.roa
File:                     7b2627680f0cf4129a9b93f0aba5aba38f74305b.roa (raw, json)
Hash identifier:          K8dieEujmgGT54tczOShgf3xHvRLLEcnIg9lq6OJfF8=
Subject key identifier:   10:12:68:7D:74:66:90:73:29:F3:2E:FB:B4:E2:8D:25:73:3E:6A:54
Certificate issuer:       /CN=1976970d3a4209e79111635c6355777637147412
Certificate serial:       0D4E2B
Authority key identifier: C8:40:0D:A9:6D:56:A6:3C:A4:A8:3E:6E:65:C9:11:33:FD:2F:77:C6
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/1976970d3a4209e79111635c6355777637147412.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/8b066309-a923-4581-a1b3-d11e46a96866/7b2627680f0cf4129a9b93f0aba5aba38f74305b.roa
Signing time:             Wed 24 Mar 2021 14:46:15 +0000
ROA not before:           Wed 24 Mar 2021 14:46:15 +0000
ROA not after:            Tue 24 Mar 2026 14:46:15 +0000
asID:                     27733
IP address blocks:        200.10.228.0/22 maxlen: 24
                          2001:1320::/32 maxlen: 48

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/8b066309-a923-4581-a1b3-d11e46a96866/1976970d3a4209e79111635c6355777637147412.crl
                          rsync://repository.lacnic.net/rpki/lacnic/8b066309-a923-4581-a1b3-d11e46a96866/1976970d3a4209e79111635c6355777637147412.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/1976970d3a4209e79111635c6355777637147412.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 18 Mar 2023 02:22:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 871979 (0xd4e2b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1976970d3a4209e79111635c6355777637147412
        Validity
            Not Before: Mar 24 14:46:15 2021 GMT
            Not After : Mar 24 14:46:15 2026 GMT
        Subject: CN=7b2627680f0cf4129a9b93f0aba5aba38f74305b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:58:11:8f:a2:5e:ce:49:f6:a4:97:03:12:35:
                    f1:56:25:23:d3:30:9e:72:33:dd:4d:28:83:e5:74:
                    77:63:cf:c3:87:a6:ce:b2:11:00:b5:2d:51:3b:22:
                    d3:0b:11:9b:72:30:68:30:2e:d6:6b:aa:1e:dc:52:
                    4c:a7:57:17:9e:31:2a:8d:7a:96:5a:e9:80:19:fe:
                    95:06:a1:36:f7:cc:7c:1c:a0:29:16:5f:93:ae:01:
                    8c:c8:53:0b:90:7d:f8:c8:a3:e1:db:c3:80:db:58:
                    ba:9a:a2:09:77:1a:18:48:ee:48:ac:39:05:db:90:
                    21:63:33:66:cc:e2:7b:08:6c:ad:ae:22:da:20:30:
                    3d:16:cb:40:2f:f5:3f:2a:87:fc:f7:6e:bf:00:52:
                    50:48:29:e6:ba:73:19:6d:1a:71:59:65:4b:42:ef:
                    f8:c5:8e:cd:4c:1b:2a:da:1f:f0:dd:ba:be:2c:6b:
                    10:6c:6d:9f:f8:8b:f9:82:ae:9c:94:20:e5:ba:90:
                    49:94:2c:ab:79:c6:eb:42:d0:57:0d:7d:bf:ff:53:
                    1b:0b:6a:94:58:e3:97:13:ab:9e:ab:a4:d3:ea:0f:
                    c0:95:58:f3:60:ba:9b:54:e3:73:ba:af:c6:c7:80:
                    7c:b2:09:bc:52:9f:7a:85:10:80:ce:a8:5c:cc:68:
                    78:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                10:12:68:7D:74:66:90:73:29:F3:2E:FB:B4:E2:8D:25:73:3E:6A:54
            X509v3 Authority Key Identifier: 
                keyid:C8:40:0D:A9:6D:56:A6:3C:A4:A8:3E:6E:65:C9:11:33:FD:2F:77:C6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/1976970d3a4209e79111635c6355777637147412.cer

            Subject Information Access: 
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/8b066309-a923-4581-a1b3-d11e46a96866/7b2627680f0cf4129a9b93f0aba5aba38f74305b.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/8b066309-a923-4581-a1b3-d11e46a96866/1976970d3a4209e79111635c6355777637147412.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.10.228.0/22
                IPv6:
                  2001:1320::/32

    Signature Algorithm: sha256WithRSAEncryption
         3d:07:ec:90:70:f1:51:82:1a:f4:d8:63:fb:d5:73:8a:f5:00:
         bc:79:1e:dc:6a:3b:db:4e:8e:63:5c:5c:12:93:cc:2e:88:38:
         53:4e:22:44:e5:fa:7f:85:a1:97:15:b8:68:0b:ff:a6:22:40:
         9f:b4:99:88:a5:b5:91:dc:df:28:33:bd:08:3a:58:d3:d8:3b:
         fe:ec:eb:71:c9:d5:e4:e8:6c:35:4c:4c:d7:0d:18:8e:ad:62:
         92:4d:07:8b:d4:6c:a6:63:bb:94:f5:29:66:fa:76:99:3d:86:
         c8:79:9a:fc:33:8c:da:52:26:87:b0:81:f9:12:6d:31:61:4f:
         a9:62:8e:b2:1b:47:39:7e:a7:c4:6f:a7:8e:16:4a:b2:01:e3:
         82:2b:ba:94:e8:57:1c:94:29:e7:0b:e3:d3:c9:34:4c:f9:87:
         a1:c1:ce:35:3f:04:bf:2b:07:9a:07:e2:63:cf:bd:68:8f:d1:
         b0:b9:cb:52:d2:ec:c6:ac:42:cb:8d:ea:57:eb:2c:77:7d:51:
         82:d1:d2:e8:95:a5:e6:95:3f:83:5a:68:6b:f7:1b:5a:11:48:
         e4:f8:32:6c:1e:98:80:94:78:36:6c:6f:01:4b:aa:54:89:cf:
         8e:c0:75:f4:69:52:71:4a:db:11:12:5d:d3:fc:16:05:ba:82:
         ab:24:51:ca
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgIDDU4rMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDE5
NzY5NzBkM2E0MjA5ZTc5MTExNjM1YzYzNTU3Nzc2MzcxNDc0MTIwHhcNMjEwMzI0
MTQ0NjE1WhcNMjYwMzI0MTQ0NjE1WjAzMTEwLwYDVQQDEyg3YjI2Mjc2ODBmMGNm
NDEyOWE5YjkzZjBhYmE1YWJhMzhmNzQzMDViMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEArlgRj6Jezkn2pJcDEjXxViUj0zCecjPdTSiD5XR3Y8/Dh6bO
shEAtS1ROyLTCxGbcjBoMC7Wa6oe3FJMp1cXnjEqjXqWWumAGf6VBqE298x8HKAp
Fl+TrgGMyFMLkH34yKPh28OA21i6mqIJdxoYSO5IrDkF25AhYzNmzOJ7CGytriLa
IDA9FstAL/U/Kof8926/AFJQSCnmunMZbRpxWWVLQu/4xY7NTBsq2h/w3bq+LGsQ
bG2f+Iv5gq6clCDlupBJlCyrecbrQtBXDX2//1MbC2qUWOOXE6ueq6TT6g/AlVjz
YLqbVONzuq/Gx4B8sgm8Up96hRCAzqhczGh4BQIDAQABo4ICajCCAmYwHQYDVR0O
BBYEFBASaH10ZpBzKfMu+7TijSVzPmpUMB8GA1UdIwQYMBaAFMhADaltVqY8pKg+
bmXJETP9L3fGMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvMTk3Njk3
MGQzYTQyMDllNzkxMTE2MzVjNjM1NTc3NzYzNzE0NzQxMi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvOGIwNjYzMDktYTkyMy00NTgxLWExYjMtZDExZTQ2
YTk2ODY2LzdiMjYyNzY4MGYwY2Y0MTI5YTliOTNmMGFiYTVhYmEzOGY3NDMwNWIu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy84YjA2NjMwOS1hOTIzLTQ1ODEtYTFiMy1kMTFl
NDZhOTY4NjYvMTk3Njk3MGQzYTQyMDllNzkxMTE2MzVjNjM1NTc3NzYzNzE0NzQx
Mi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQf
MB0wDAQCAAEwBgMEAsgK5DANBAIAAjAHAwUAIAETIDANBgkqhkiG9w0BAQsFAAOC
AQEAPQfskHDxUYIa9Nhj+9VzivUAvHke3Go7206OY1xcEpPMLog4U04iROX6f4Wh
lxW4aAv/piJAn7SZiKW1kdzfKDO9CDpY09g7/uzrccnV5OhsNUxM1w0Yjq1ikk0H
i9RspmO7lPUpZvp2mT2GyHma/DOM2lImh7CB+RJtMWFPqWKOshtHOX6nxG+njhZK
sgHjgiu6lOhXHJQp5wvj08k0TPmHocHONT8EvysHmgfiY8+9aI/RsLnLUtLsxqxC
y43qV+ssd31RgtHS6JWl5pU/g1poa/cbWhFI5PgybB6YgJR4NmxvAUuqVInPjsB1
9GlScUrbERJd0/wWBbqCqyRRyg==
-----END CERTIFICATE-----
Generated at Wed Mar 15 11:34:55 2023 by rpki-client on console-ams.rpki-client.org