Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/8bb5ab6a-b91f-439b-bdfb-eb3c43470d36/3c031f8a5846384bb87cd7c702d86f4a6a485aa9.roa
File:                     3c031f8a5846384bb87cd7c702d86f4a6a485aa9.roa (raw, json)
Hash identifier:          glCTuCIyuEXN2mqcBEI5vH/SMYvk9lwqQbrKbON3xno=
Subject key identifier:   C5:A0:80:37:AA:D4:66:96:9F:A6:B0:7E:C0:29:B6:60:8D:04:46:37
Certificate issuer:       /CN=381efa69921156a0e39916e9ee427edc5b434527
Certificate serial:       0D13CC
Authority key identifier: 02:C7:27:8B:3A:9B:83:5F:D1:02:8B:29:03:F9:9D:7C:06:7F:8A:89
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/381efa69921156a0e39916e9ee427edc5b434527.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/8bb5ab6a-b91f-439b-bdfb-eb3c43470d36/3c031f8a5846384bb87cd7c702d86f4a6a485aa9.roa
Signing time:             Wed 24 Mar 2021 14:38:15 +0000
ROA not before:           Wed 24 Mar 2021 14:38:15 +0000
ROA not after:            Tue 24 Mar 2026 14:38:15 +0000
asID:                     207036
IP address blocks:        200.1.154.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/8bb5ab6a-b91f-439b-bdfb-eb3c43470d36/381efa69921156a0e39916e9ee427edc5b434527.crl
                          rsync://repository.lacnic.net/rpki/lacnic/8bb5ab6a-b91f-439b-bdfb-eb3c43470d36/381efa69921156a0e39916e9ee427edc5b434527.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/381efa69921156a0e39916e9ee427edc5b434527.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 03:49:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 857036 (0xd13cc)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=381efa69921156a0e39916e9ee427edc5b434527
        Validity
            Not Before: Mar 24 14:38:15 2021 GMT
            Not After : Mar 24 14:38:15 2026 GMT
        Subject: CN=3c031f8a5846384bb87cd7c702d86f4a6a485aa9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:15:59:d4:77:07:c7:dc:6e:31:8b:b7:eb:1d:
                    f0:5e:a7:32:a6:3a:83:5c:22:71:ba:25:ca:5b:8a:
                    bd:30:ce:77:0e:08:08:7c:b4:74:44:63:04:87:88:
                    74:dd:b2:67:00:aa:65:79:2f:c0:e9:b1:d8:95:6c:
                    8d:68:62:b9:72:11:f2:ff:0b:7a:81:2f:ea:ae:77:
                    66:fd:4f:7b:c9:10:9f:b1:93:5d:a6:3d:97:3b:e0:
                    5d:0c:30:1b:5f:d2:ff:b2:aa:71:b2:27:59:8e:8c:
                    6a:a9:a8:11:ca:23:0a:dd:69:d0:91:5f:32:c1:a3:
                    b3:ee:56:5a:60:60:30:f6:73:51:cd:62:45:7b:85:
                    16:94:b9:47:a5:45:62:aa:45:32:80:f4:06:f4:d3:
                    e5:cc:e7:9d:4a:c4:9e:48:4d:af:cc:6a:2d:b6:3c:
                    e6:7d:a9:b5:3a:b0:97:5d:98:bc:49:22:99:89:05:
                    c6:57:5f:0a:a5:3e:67:76:7e:cf:2b:f4:7b:90:eb:
                    60:89:45:b9:30:77:09:dd:08:b5:f7:83:3e:ac:6d:
                    d3:ea:3c:d3:af:5b:1b:32:d9:29:7b:3a:18:2d:56:
                    01:ef:0c:48:bd:42:3e:ac:9e:7c:c7:3c:75:fa:18:
                    36:cb:ff:42:a3:5c:60:08:c1:ed:21:87:7e:7d:b9:
                    41:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C5:A0:80:37:AA:D4:66:96:9F:A6:B0:7E:C0:29:B6:60:8D:04:46:37
            X509v3 Authority Key Identifier:
                keyid:02:C7:27:8B:3A:9B:83:5F:D1:02:8B:29:03:F9:9D:7C:06:7F:8A:89

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/381efa69921156a0e39916e9ee427edc5b434527.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/8bb5ab6a-b91f-439b-bdfb-eb3c43470d36/3c031f8a5846384bb87cd7c702d86f4a6a485aa9.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/8bb5ab6a-b91f-439b-bdfb-eb3c43470d36/381efa69921156a0e39916e9ee427edc5b434527.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.1.154.0/24

    Signature Algorithm: sha256WithRSAEncryption
         11:02:9c:bc:28:ad:03:57:40:0c:14:aa:32:05:20:c6:62:0c:
         7d:a6:0f:26:88:03:a1:47:4c:2f:98:8e:43:6a:24:d8:3f:76:
         c8:df:8f:9d:93:66:55:a1:17:9c:4c:fe:57:2a:4b:f5:57:bd:
         db:7a:22:d9:c6:3b:0d:c1:ed:d6:8b:f9:c7:fa:16:c7:5f:d4:
         d5:bc:f9:a3:ca:f3:a8:e8:03:97:fd:f6:ef:2f:2a:36:bb:13:
         51:cc:44:2d:cb:74:c3:61:91:60:9e:f0:d8:81:57:73:fd:da:
         8d:35:05:3c:70:b8:3d:7f:ef:d4:aa:78:c3:e2:57:ea:78:3a:
         f1:e9:1a:b5:fb:2c:4a:59:c3:d1:c9:8f:0f:70:50:3f:04:14:
         87:de:92:26:4b:0d:29:11:66:3b:fe:44:d6:24:17:ef:c6:3d:
         50:a8:d8:3f:91:a3:5d:a9:30:3c:27:a4:9d:80:95:1a:e2:ca:
         2b:d7:57:0c:ed:b8:ed:24:93:e2:86:6a:12:8c:b3:8a:bd:2b:
         3c:10:9a:b8:7c:5b:76:c3:cf:ec:d1:b3:93:8a:e6:36:69:0a:
         c2:00:55:1a:41:6d:dd:f9:86:ce:10:5e:70:88:0a:1f:9a:5d:
         91:8c:3e:52:fb:b5:d7:b5:3c:95:f3:e4:2c:19:a1:ff:1e:a6:
         54:8c:54:7b
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDDRPMMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDM4
MWVmYTY5OTIxMTU2YTBlMzk5MTZlOWVlNDI3ZWRjNWI0MzQ1MjcwHhcNMjEwMzI0
MTQzODE1WhcNMjYwMzI0MTQzODE1WjAzMTEwLwYDVQQDEygzYzAzMWY4YTU4NDYz
ODRiYjg3Y2Q3YzcwMmQ4NmY0YTZhNDg1YWE5MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEArBVZ1HcHx9xuMYu36x3wXqcypjqDXCJxuiXKW4q9MM53DggI
fLR0RGMEh4h03bJnAKpleS/A6bHYlWyNaGK5chHy/wt6gS/qrndm/U97yRCfsZNd
pj2XO+BdDDAbX9L/sqpxsidZjoxqqagRyiMK3WnQkV8ywaOz7lZaYGAw9nNRzWJF
e4UWlLlHpUViqkUygPQG9NPlzOedSsSeSE2vzGottjzmfam1OrCXXZi8SSKZiQXG
V18KpT5ndn7PK/R7kOtgiUW5MHcJ3Qi194M+rG3T6jzTr1sbMtkpezoYLVYB7wxI
vUI+rJ58xzx1+hg2y/9Co1xgCMHtIYd+fblBywIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFMWggDeq1GaWn6awfsAptmCNBEY3MB8GA1UdIwQYMBaAFALHJ4s6m4Nf0QKL
KQP5nXwGf4qJMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvMzgxZWZh
Njk5MjExNTZhMGUzOTkxNmU5ZWU0MjdlZGM1YjQzNDUyNy5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvOGJiNWFiNmEtYjkxZi00MzliLWJkZmItZWIzYzQz
NDcwZDM2LzNjMDMxZjhhNTg0NjM4NGJiODdjZDdjNzAyZDg2ZjRhNmE0ODVhYTku
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy84YmI1YWI2YS1iOTFmLTQzOWItYmRmYi1lYjNj
NDM0NzBkMzYvMzgxZWZhNjk5MjExNTZhMGUzOTkxNmU5ZWU0MjdlZGM1YjQzNDUy
Ny5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAMgBmjANBgkqhkiG9w0BAQsFAAOCAQEAEQKcvCitA1dADBSq
MgUgxmIMfaYPJogDoUdML5iOQ2ok2D92yN+PnZNmVaEXnEz+VypL9Ve923oi2cY7
DcHt1ov5x/oWx1/U1bz5o8rzqOgDl/327y8qNrsTUcxELct0w2GRYJ7w2IFXc/3a
jTUFPHC4PX/v1Kp4w+JX6ng68ekatfssSlnD0cmPD3BQPwQUh96SJksNKRFmO/5E
1iQX78Y9UKjYP5GjXakwPCeknYCVGuLKK9dXDO247SST4oZqEoyzir0rPBCauHxb
dsPP7NGzk4rmNmkKwgBVGkFt3fmGzhBecIgKH5pdkYw+Uvu117U8lfPkLBmh/x6m
VIxUew==
-----END CERTIFICATE-----
Generated at Thu Mar 28 08:36:00 2024 by rpki-client on console-fra.rpki-client.org