Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/969d6fac-c54d-416a-810f-e45005a90900/f8f2a5e031319015a35ac675db9c39e9b05059d3.roa
File:                     f8f2a5e031319015a35ac675db9c39e9b05059d3.roa (raw, json)
Hash identifier:          gSCBgxVxr/bhbsPouV43dDe4DWqO9JsbxL594vJzBZE=
Subject key identifier:   D1:01:7F:75:10:BA:96:EA:D0:67:2F:15:B8:D0:2F:FC:FA:AB:57:0C
Certificate issuer:       /CN=3a9b6bf0ea9f0d47341b54a2214aabbcf74d4251
Certificate serial:       017C
Authority key identifier: 85:2A:9A:BE:63:FA:68:B3:44:E1:CF:0D:23:5B:D5:F3:4D:C4:65:21
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/3a9b6bf0ea9f0d47341b54a2214aabbcf74d4251.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/969d6fac-c54d-416a-810f-e45005a90900/f8f2a5e031319015a35ac675db9c39e9b05059d3.roa
Signing time:             Mon 07 Nov 2022 13:02:41 +0000
ROA not before:           Sun 06 Nov 2022 12:57:22 +0000
ROA not after:            Thu 07 Nov 2024 12:57:22 +0000
asID:                     27994
IP address blocks:        200.59.176.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/969d6fac-c54d-416a-810f-e45005a90900/3a9b6bf0ea9f0d47341b54a2214aabbcf74d4251.crl
                          rsync://repository.lacnic.net/rpki/lacnic/969d6fac-c54d-416a-810f-e45005a90900/3a9b6bf0ea9f0d47341b54a2214aabbcf74d4251.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/3a9b6bf0ea9f0d47341b54a2214aabbcf74d4251.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 11:41:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 380 (0x17c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3a9b6bf0ea9f0d47341b54a2214aabbcf74d4251
        Validity
            Not Before: Nov  6 12:57:22 2022 GMT
            Not After : Nov  7 12:57:22 2024 GMT
        Subject: CN=f8f2a5e031319015a35ac675db9c39e9b05059d3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:80:d4:5a:83:1d:62:7a:2c:e3:a8:38:13:3d:
                    97:1c:23:7e:77:75:63:27:86:ac:bd:f2:8a:3e:bc:
                    40:29:01:d7:58:f8:62:d1:d0:4a:2d:25:74:94:ed:
                    48:03:ab:1e:0a:e6:bf:ac:c9:84:e0:88:93:ef:76:
                    79:94:37:b9:e3:97:28:5d:cf:df:5f:da:1d:63:8a:
                    0e:05:77:bb:9b:06:2a:ff:03:76:96:10:84:58:e4:
                    8f:54:63:b4:4a:c0:7d:d5:8d:83:5a:eb:92:fd:60:
                    92:3d:52:45:0d:02:f5:07:81:2b:00:1b:ab:2a:0b:
                    23:4a:7d:4a:78:25:8c:d1:4c:da:23:82:be:ed:e6:
                    0f:6a:b4:3b:1b:a0:8f:cd:d1:30:06:c8:a2:f2:1b:
                    3f:a6:1a:30:f1:bb:a6:22:2f:9f:48:68:dd:2d:a2:
                    d7:87:92:22:28:d0:ab:75:93:a6:80:23:ce:00:41:
                    de:4b:3c:b7:c2:a4:b2:ee:97:b8:b5:0b:23:5b:94:
                    c7:2d:fc:c7:b9:c6:cc:91:84:56:8d:f0:c9:a0:89:
                    1a:8a:10:af:5c:92:36:18:22:a0:57:fa:36:55:3d:
                    ff:c3:60:a6:ac:a2:b1:37:08:29:5c:56:cb:8f:55:
                    d1:1a:d0:ac:6c:13:86:dc:74:18:f1:d1:dc:cc:3c:
                    3e:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D1:01:7F:75:10:BA:96:EA:D0:67:2F:15:B8:D0:2F:FC:FA:AB:57:0C
            X509v3 Authority Key Identifier:
                keyid:85:2A:9A:BE:63:FA:68:B3:44:E1:CF:0D:23:5B:D5:F3:4D:C4:65:21

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/3a9b6bf0ea9f0d47341b54a2214aabbcf74d4251.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/969d6fac-c54d-416a-810f-e45005a90900/f8f2a5e031319015a35ac675db9c39e9b05059d3.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/969d6fac-c54d-416a-810f-e45005a90900/3a9b6bf0ea9f0d47341b54a2214aabbcf74d4251.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.59.176.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0d:23:b3:1d:ad:22:85:ee:25:bb:89:92:ca:02:fa:eb:d1:cc:
         d1:40:d0:55:2d:6e:9c:89:2f:92:8a:cd:3f:eb:8c:52:4d:8a:
         4e:6b:71:af:c7:b7:c8:5c:a0:25:96:75:4b:9c:a9:8c:1b:95:
         c7:65:ef:5c:9e:ff:8e:08:27:0a:5b:04:08:49:84:bc:f9:4d:
         7d:7b:b9:0e:2e:75:23:34:28:e3:62:09:83:98:c2:28:f2:85:
         c2:04:c1:c5:d8:8f:73:2e:37:41:c6:5d:15:e2:19:ca:56:e6:
         77:f1:b5:c1:79:57:f1:a5:3d:7a:c5:76:25:36:dc:02:ee:c2:
         0e:5b:89:04:bc:ee:f4:ad:ca:3f:c3:86:f1:10:8a:a8:8f:ea:
         10:fb:30:6f:78:e1:67:48:2a:9e:62:1e:c5:2a:d7:a4:b5:5b:
         d1:cb:a5:d2:20:0b:c4:b8:ac:74:f2:e0:72:17:08:de:2c:4f:
         14:4d:82:b1:c2:9e:40:8a:c9:ce:ee:b7:e8:f9:2c:d0:42:24:
         a7:30:73:c2:6d:96:8d:71:9f:f0:83:84:cd:d9:8c:9b:bd:7a:
         52:61:41:d7:7e:53:91:89:11:2b:1b:23:45:3b:9d:ef:b4:8f:
         71:c3:e1:e8:43:04:db:f2:0e:8c:f8:44:a9:9a:e2:ba:25:e1:
         bb:a4:86:34
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgICAXwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM2E5
YjZiZjBlYTlmMGQ0NzM0MWI1NGEyMjE0YWFiYmNmNzRkNDI1MTAeFw0yMjExMDYx
MjU3MjJaFw0yNDExMDcxMjU3MjJaMDMxMTAvBgNVBAMTKGY4ZjJhNWUwMzEzMTkw
MTVhMzVhYzY3NWRiOWMzOWU5YjA1MDU5ZDMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCugNRagx1ieizjqDgTPZccI353dWMnhqy98oo+vEApAddY+GLR
0EotJXSU7UgDqx4K5r+syYTgiJPvdnmUN7njlyhdz99f2h1jig4Fd7ubBir/A3aW
EIRY5I9UY7RKwH3VjYNa65L9YJI9UkUNAvUHgSsAG6sqCyNKfUp4JYzRTNojgr7t
5g9qtDsboI/N0TAGyKLyGz+mGjDxu6YiL59IaN0toteHkiIo0Kt1k6aAI84AQd5L
PLfCpLLul7i1CyNblMct/Me5xsyRhFaN8MmgiRqKEK9ckjYYIqBX+jZVPf/DYKas
orE3CClcVsuPVdEa0KxsE4bcdBjx0dzMPD73AgMBAAGjggJbMIICVzAdBgNVHQ4E
FgQU0QF/dRC6lurQZy8VuNAv/PqrVwwwHwYDVR0jBBgwFoAUhSqavmP6aLNE4c8N
I1vV803EZSEwDgYDVR0PAQH/BAQDAgeAMIGaBggrBgEFBQcBAQSBjTCBijCBhwYI
KwYBBQUHMAKGe3JzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jwa2kvbGFj
bmljLzQ4ZjA4M2JiLWY2MDMtNDg5My05OTkwLTAyODRjMDRjZWI4NS8zYTliNmJm
MGVhOWYwZDQ3MzQxYjU0YTIyMTRhYWJiY2Y3NGQ0MjUxLmNlcjCBmgYIKwYBBQUH
AQsEgY0wgYowgYcGCCsGAQUFBzALhntyc3luYzovL3JlcG9zaXRvcnkubGFjbmlj
Lm5ldC9ycGtpL2xhY25pYy85NjlkNmZhYy1jNTRkLTQxNmEtODEwZi1lNDUwMDVh
OTA5MDAvZjhmMmE1ZTAzMTMxOTAxNWEzNWFjNjc1ZGI5YzM5ZTliMDUwNTlkMy5y
b2EwgY8GA1UdHwSBhzCBhDCBgaB/oH2Ge3JzeW5jOi8vcmVwb3NpdG9yeS5sYWNu
aWMubmV0L3Jwa2kvbGFjbmljLzk2OWQ2ZmFjLWM1NGQtNDE2YS04MTBmLWU0NTAw
NWE5MDkwMC8zYTliNmJmMGVhOWYwZDQ3MzQxYjU0YTIyMTRhYWJiY2Y3NGQ0MjUx
LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAw
DjAMBAIAATAGAwQAyDuwMA0GCSqGSIb3DQEBCwUAA4IBAQANI7MdrSKF7iW7iZLK
Avrr0czRQNBVLW6ciS+Sis0/64xSTYpOa3Gvx7fIXKAllnVLnKmMG5XHZe9cnv+O
CCcKWwQISYS8+U19e7kOLnUjNCjjYgmDmMIo8oXCBMHF2I9zLjdBxl0V4hnKVuZ3
8bXBeVfxpT16xXYlNtwC7sIOW4kEvO70rco/w4bxEIqoj+oQ+zBveOFnSCqeYh7F
KtektVvRy6XSIAvEuKx08uByFwjeLE8UTYKxwp5AisnO7rfo+SzQQiSnMHPCbZaN
cZ/wg4TN2YybvXpSYUHXflORiRErGyNFO53vtI9xw+HoQwTb8g6M+ESpmuK6JeG7
pIY0
-----END CERTIFICATE-----
Generated at Thu Mar 28 13:29:22 2024 by rpki-client on console-ams.rpki-client.org