Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/969d6fac-c54d-416a-810f-e45005a90900/203565780904c639bea4f8ab23810f469fc125f2.roa
File:                     203565780904c639bea4f8ab23810f469fc125f2.roa (raw, json)
Hash identifier:          y+qWzN3TdoqO6lDB7i+SeGnsj0vi01t4fSxXgj2Kq0w=
Subject key identifier:   0D:60:94:FB:C8:52:37:69:49:DB:A5:EF:19:4D:7D:65:DA:C6:AA:E8
Certificate issuer:       /CN=3a9b6bf0ea9f0d47341b54a2214aabbcf74d4251
Certificate serial:       148B
Authority key identifier: 85:2A:9A:BE:63:FA:68:B3:44:E1:CF:0D:23:5B:D5:F3:4D:C4:65:21
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/3a9b6bf0ea9f0d47341b54a2214aabbcf74d4251.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/969d6fac-c54d-416a-810f-e45005a90900/203565780904c639bea4f8ab23810f469fc125f2.roa
Signing time:             Mon 07 Nov 2022 13:08:02 +0000
ROA not before:           Sat 05 Nov 2022 12:57:22 +0000
ROA not after:            Thu 07 Nov 2024 12:57:22 +0000
asID:                     27994
IP address blocks:        200.59.183.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/969d6fac-c54d-416a-810f-e45005a90900/3a9b6bf0ea9f0d47341b54a2214aabbcf74d4251.crl
                          rsync://repository.lacnic.net/rpki/lacnic/969d6fac-c54d-416a-810f-e45005a90900/3a9b6bf0ea9f0d47341b54a2214aabbcf74d4251.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/3a9b6bf0ea9f0d47341b54a2214aabbcf74d4251.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 11:41:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5259 (0x148b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3a9b6bf0ea9f0d47341b54a2214aabbcf74d4251
        Validity
            Not Before: Nov  5 12:57:22 2022 GMT
            Not After : Nov  7 12:57:22 2024 GMT
        Subject: CN=203565780904c639bea4f8ab23810f469fc125f2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:ec:29:2f:df:5b:61:e3:4c:96:c9:cb:78:9c:
                    77:a3:1e:a2:c3:86:1b:dc:d0:ad:47:52:04:00:d8:
                    8d:bd:a3:5c:7d:8b:01:81:3e:e3:d2:3e:69:a2:d4:
                    b0:7e:c9:4e:09:00:cd:5e:a3:7a:9d:21:9b:44:55:
                    bd:21:8c:76:33:ea:43:73:be:05:fe:43:68:d4:88:
                    80:8b:36:97:96:c1:25:7b:55:6a:54:93:40:02:4b:
                    d6:dc:df:8b:10:b0:06:0a:df:fe:ae:d2:4a:f0:fb:
                    db:05:73:e2:6f:7a:b3:29:a9:36:02:47:d0:e3:8c:
                    7b:f9:6f:3f:80:fb:06:63:4e:7a:45:a7:dc:c6:a1:
                    7d:cc:82:36:09:66:57:a9:98:a8:2d:5d:18:05:fb:
                    10:45:42:55:c5:53:d3:b6:f8:84:0c:d4:f6:b9:cd:
                    59:09:15:f3:59:a9:c3:88:4a:45:2a:90:6c:c4:44:
                    d3:ec:89:eb:31:b5:62:1c:d5:24:91:f0:8d:8f:77:
                    ad:9b:ad:5d:8c:8e:02:c7:2b:70:b8:af:ab:1b:84:
                    3a:ac:1b:d2:6c:04:cf:30:6e:b2:83:ac:87:e0:f5:
                    e4:1f:d3:91:2a:54:a4:11:ad:d6:27:3e:88:13:85:
                    2e:dc:9c:23:ff:5e:c4:5b:bc:3e:a8:10:cf:1d:a2:
                    ec:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:60:94:FB:C8:52:37:69:49:DB:A5:EF:19:4D:7D:65:DA:C6:AA:E8
            X509v3 Authority Key Identifier:
                keyid:85:2A:9A:BE:63:FA:68:B3:44:E1:CF:0D:23:5B:D5:F3:4D:C4:65:21

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/3a9b6bf0ea9f0d47341b54a2214aabbcf74d4251.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/969d6fac-c54d-416a-810f-e45005a90900/203565780904c639bea4f8ab23810f469fc125f2.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/969d6fac-c54d-416a-810f-e45005a90900/3a9b6bf0ea9f0d47341b54a2214aabbcf74d4251.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.59.183.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6e:12:7d:1d:c0:6b:54:bf:e8:23:a0:98:6e:9b:dc:99:98:9c:
         7e:24:a1:d7:20:03:a6:8a:d3:83:3f:55:74:89:a7:32:c7:10:
         58:de:d2:2f:9c:e0:59:5c:4c:0f:b3:89:5e:77:79:e0:a3:71:
         f5:cb:8e:87:10:85:d2:b1:76:11:9e:a5:6c:39:dc:f2:c8:8b:
         3b:dd:10:6f:4e:da:c6:e4:a5:d5:ab:7f:82:66:52:ba:e9:6d:
         59:1a:e9:ee:34:65:f9:12:35:51:df:7c:a3:3f:72:3c:4c:60:
         ef:a8:60:3d:65:ae:97:d0:0c:63:be:1f:d0:16:9f:54:e7:b0:
         f4:58:b5:cc:15:1f:15:0e:09:c2:90:92:da:d7:22:fc:4c:a9:
         63:dc:93:f1:de:ed:b0:b8:1c:0a:f6:08:21:23:36:b6:44:83:
         72:af:4d:a7:d2:63:e8:b6:f1:6b:3a:31:e8:4d:e0:a2:38:47:
         ed:f8:3c:ed:8e:47:cf:4e:69:d6:77:bd:91:cf:b9:37:18:36:
         78:3a:20:cf:a7:66:15:b7:9a:56:bc:16:a9:e7:5e:31:81:d7:
         b6:af:70:1b:0e:01:3f:fb:6d:08:9b:2c:8e:99:b8:40:84:d3:
         39:02:9e:09:10:0b:29:dc:d9:64:b9:58:ad:e1:76:44:1b:bc:
         e4:0b:ad:23
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgICFIswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM2E5
YjZiZjBlYTlmMGQ0NzM0MWI1NGEyMjE0YWFiYmNmNzRkNDI1MTAeFw0yMjExMDUx
MjU3MjJaFw0yNDExMDcxMjU3MjJaMDMxMTAvBgNVBAMTKDIwMzU2NTc4MDkwNGM2
MzliZWE0ZjhhYjIzODEwZjQ2OWZjMTI1ZjIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDA7Ckv31th40yWyct4nHejHqLDhhvc0K1HUgQA2I29o1x9iwGB
PuPSPmmi1LB+yU4JAM1eo3qdIZtEVb0hjHYz6kNzvgX+Q2jUiICLNpeWwSV7VWpU
k0ACS9bc34sQsAYK3/6u0krw+9sFc+JverMpqTYCR9DjjHv5bz+A+wZjTnpFp9zG
oX3MgjYJZlepmKgtXRgF+xBFQlXFU9O2+IQM1Pa5zVkJFfNZqcOISkUqkGzERNPs
iesxtWIc1SSR8I2Pd62brV2MjgLHK3C4r6sbhDqsG9JsBM8wbrKDrIfg9eQf05Eq
VKQRrdYnPogThS7cnCP/XsRbvD6oEM8douyTAgMBAAGjggJbMIICVzAdBgNVHQ4E
FgQUDWCU+8hSN2lJ26XvGU19ZdrGqugwHwYDVR0jBBgwFoAUhSqavmP6aLNE4c8N
I1vV803EZSEwDgYDVR0PAQH/BAQDAgeAMIGaBggrBgEFBQcBAQSBjTCBijCBhwYI
KwYBBQUHMAKGe3JzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jwa2kvbGFj
bmljLzQ4ZjA4M2JiLWY2MDMtNDg5My05OTkwLTAyODRjMDRjZWI4NS8zYTliNmJm
MGVhOWYwZDQ3MzQxYjU0YTIyMTRhYWJiY2Y3NGQ0MjUxLmNlcjCBmgYIKwYBBQUH
AQsEgY0wgYowgYcGCCsGAQUFBzALhntyc3luYzovL3JlcG9zaXRvcnkubGFjbmlj
Lm5ldC9ycGtpL2xhY25pYy85NjlkNmZhYy1jNTRkLTQxNmEtODEwZi1lNDUwMDVh
OTA5MDAvMjAzNTY1NzgwOTA0YzYzOWJlYTRmOGFiMjM4MTBmNDY5ZmMxMjVmMi5y
b2EwgY8GA1UdHwSBhzCBhDCBgaB/oH2Ge3JzeW5jOi8vcmVwb3NpdG9yeS5sYWNu
aWMubmV0L3Jwa2kvbGFjbmljLzk2OWQ2ZmFjLWM1NGQtNDE2YS04MTBmLWU0NTAw
NWE5MDkwMC8zYTliNmJmMGVhOWYwZDQ3MzQxYjU0YTIyMTRhYWJiY2Y3NGQ0MjUx
LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAw
DjAMBAIAATAGAwQAyDu3MA0GCSqGSIb3DQEBCwUAA4IBAQBuEn0dwGtUv+gjoJhu
m9yZmJx+JKHXIAOmitODP1V0iacyxxBY3tIvnOBZXEwPs4led3ngo3H1y46HEIXS
sXYRnqVsOdzyyIs73RBvTtrG5KXVq3+CZlK66W1ZGunuNGX5EjVR33yjP3I8TGDv
qGA9Za6X0Axjvh/QFp9U57D0WLXMFR8VDgnCkJLa1yL8TKlj3JPx3u2wuBwK9ggh
Iza2RINyr02n0mPotvFrOjHoTeCiOEft+DztjkfPTmnWd72Rz7k3GDZ4OiDPp2YV
t5pWvBap514xgde2r3AbDgE/+20ImyyOmbhAhNM5Ap4JEAsp3NlkuVit4XZEG7zk
C60j
-----END CERTIFICATE-----
Generated at Thu Mar 28 13:29:22 2024 by rpki-client on console-ams.rpki-client.org