Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/977d3d35-bbec-4cad-a0c5-0607a29e1f0f/24ffa454cf2e7d59aa7c75dcd45d9196b9da33bb.roa
File:                     24ffa454cf2e7d59aa7c75dcd45d9196b9da33bb.roa (raw, json)
Hash identifier:          49BiyreG6v3HhUzIhpJsKm4DfGPd5QbP+9Mpbm4y7D0=
Subject key identifier:   89:FD:31:B1:25:AD:06:F3:86:35:FB:97:64:8F:3D:57:48:D6:C8:D1
Certificate issuer:       /CN=5d32623b33e04fadc1af80fccf6d12aabbcfbfa5
Certificate serial:       1B3E0E
Authority key identifier: 7E:3D:3D:84:5A:21:26:7B:9C:7E:F6:54:A8:53:05:ED:86:7E:E9:1B
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/5d32623b33e04fadc1af80fccf6d12aabbcfbfa5.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/977d3d35-bbec-4cad-a0c5-0607a29e1f0f/24ffa454cf2e7d59aa7c75dcd45d9196b9da33bb.roa
Signing time:             Tue 29 Nov 2022 07:30:01 +0000
ROA not before:           Mon 28 Nov 2022 07:30:01 +0000
ROA not after:            Wed 27 Nov 2024 07:30:01 +0000
asID:                     269862
IP address blocks:        201.218.146.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/977d3d35-bbec-4cad-a0c5-0607a29e1f0f/5d32623b33e04fadc1af80fccf6d12aabbcfbfa5.crl
                          rsync://repository.lacnic.net/rpki/lacnic/977d3d35-bbec-4cad-a0c5-0607a29e1f0f/5d32623b33e04fadc1af80fccf6d12aabbcfbfa5.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/5d32623b33e04fadc1af80fccf6d12aabbcfbfa5.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 12:22:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1785358 (0x1b3e0e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5d32623b33e04fadc1af80fccf6d12aabbcfbfa5
        Validity
            Not Before: Nov 28 07:30:01 2022 GMT
            Not After : Nov 27 07:30:01 2024 GMT
        Subject: CN=24ffa454cf2e7d59aa7c75dcd45d9196b9da33bb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:81:71:8a:67:f6:6f:90:22:38:9a:cd:91:75:55:
                    03:75:f3:11:0d:82:34:ff:d3:1b:e7:60:c0:d6:18:
                    0e:49:09:df:3d:1d:8b:8d:b3:23:c7:04:3e:ab:6a:
                    57:73:55:20:29:ee:e6:b2:1a:ab:97:ad:40:6c:36:
                    d8:0e:09:80:cc:a9:f9:7f:21:9c:8d:5a:c7:9b:77:
                    94:6f:8e:7f:46:ba:ff:db:68:b5:b3:5b:57:8c:5f:
                    75:4b:c4:5a:83:d0:c2:b3:80:45:ca:aa:b9:12:ad:
                    dd:9b:f8:dd:43:de:1a:50:3c:b3:b4:e5:3d:12:79:
                    dc:af:5f:41:57:c5:37:a0:94:35:08:cd:ab:a7:79:
                    0b:f4:af:7b:03:c3:84:94:64:dd:8e:42:ed:ae:11:
                    d5:45:56:c2:28:28:15:07:47:8b:5a:95:64:6e:47:
                    2d:66:ed:13:da:14:a1:4a:25:21:f6:cd:b8:c8:11:
                    e2:8f:21:5d:74:73:ca:08:bf:eb:ef:f3:00:e9:3d:
                    5e:5c:63:12:a0:05:e7:cd:32:9a:79:71:53:e4:3f:
                    c7:5a:fb:ed:80:64:17:79:6f:f5:57:f8:c2:2b:c7:
                    b9:51:cb:6c:1c:48:74:e7:51:3d:63:bc:a1:ac:e9:
                    22:46:2e:0d:c9:6c:fc:fb:25:6a:d9:e7:e6:5a:f8:
                    fc:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                89:FD:31:B1:25:AD:06:F3:86:35:FB:97:64:8F:3D:57:48:D6:C8:D1
            X509v3 Authority Key Identifier:
                keyid:7E:3D:3D:84:5A:21:26:7B:9C:7E:F6:54:A8:53:05:ED:86:7E:E9:1B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/5d32623b33e04fadc1af80fccf6d12aabbcfbfa5.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/977d3d35-bbec-4cad-a0c5-0607a29e1f0f/24ffa454cf2e7d59aa7c75dcd45d9196b9da33bb.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/977d3d35-bbec-4cad-a0c5-0607a29e1f0f/5d32623b33e04fadc1af80fccf6d12aabbcfbfa5.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  201.218.146.0/24

    Signature Algorithm: sha256WithRSAEncryption
         40:e5:88:54:8b:3a:56:37:96:f2:e0:06:d4:df:30:76:9d:a5:
         24:97:54:17:32:56:a6:10:94:0b:ff:4b:0f:11:47:3c:65:1d:
         2b:4e:04:4d:20:cc:0e:3f:62:3c:a8:fc:6c:1b:a6:6a:51:a7:
         e8:92:84:8e:7b:74:e2:1b:28:4d:ef:4e:e5:55:ee:70:cb:67:
         e1:5d:44:de:62:17:b4:b4:af:33:97:65:34:94:dd:5a:d5:cf:
         1d:f5:e5:e5:86:87:eb:28:e6:10:61:bb:fe:aa:ed:59:d5:b6:
         ac:0c:2f:9e:75:25:70:e5:43:ea:46:fb:79:52:db:99:ae:be:
         5a:60:e1:12:1b:b9:c5:fe:8d:6a:6c:a8:9c:0c:58:e6:19:de:
         bb:15:d3:a1:a7:16:f1:d9:12:5d:a0:4f:a0:93:a8:73:76:5d:
         e5:76:0b:2e:41:55:96:74:7f:b0:36:77:43:89:7c:b8:11:bc:
         c4:06:1f:f3:22:3f:20:ad:d0:0b:0d:af:85:6b:9c:58:18:67:
         7b:e2:ff:63:9a:64:80:79:36:fb:3c:20:ff:90:65:8e:c0:0a:
         b6:f8:62:73:90:29:d3:da:94:59:63:6d:51:3a:09:f5:90:d9:
         a7:f3:85:b2:50:02:4c:7f:8a:d6:a9:ae:e4:aa:8c:a5:ae:49:
         59:10:18:8d
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDGz4OMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDVk
MzI2MjNiMzNlMDRmYWRjMWFmODBmY2NmNmQxMmFhYmJjZmJmYTUwHhcNMjIxMTI4
MDczMDAxWhcNMjQxMTI3MDczMDAxWjAzMTEwLwYDVQQDEygyNGZmYTQ1NGNmMmU3
ZDU5YWE3Yzc1ZGNkNDVkOTE5NmI5ZGEzM2JiMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAgXGKZ/ZvkCI4ms2RdVUDdfMRDYI0/9Mb52DA1hgOSQnfPR2L
jbMjxwQ+q2pXc1UgKe7mshqrl61AbDbYDgmAzKn5fyGcjVrHm3eUb45/Rrr/22i1
s1tXjF91S8Rag9DCs4BFyqq5Eq3dm/jdQ94aUDyztOU9Enncr19BV8U3oJQ1CM2r
p3kL9K97A8OElGTdjkLtrhHVRVbCKCgVB0eLWpVkbkctZu0T2hShSiUh9s24yBHi
jyFddHPKCL/r7/MA6T1eXGMSoAXnzTKaeXFT5D/HWvvtgGQXeW/1V/jCK8e5Ucts
HEh051E9Y7yhrOkiRi4NyWz8+yVq2efmWvj8yQIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFIn9MbElrQbzhjX7l2SPPVdI1sjRMB8GA1UdIwQYMBaAFH49PYRaISZ7nH72
VKhTBe2GfukbMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvNWQzMjYy
M2IzM2UwNGZhZGMxYWY4MGZjY2Y2ZDEyYWFiYmNmYmZhNS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvOTc3ZDNkMzUtYmJlYy00Y2FkLWEwYzUtMDYwN2Ey
OWUxZjBmLzI0ZmZhNDU0Y2YyZTdkNTlhYTdjNzVkY2Q0NWQ5MTk2YjlkYTMzYmIu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy85NzdkM2QzNS1iYmVjLTRjYWQtYTBjNS0wNjA3
YTI5ZTFmMGYvNWQzMjYyM2IzM2UwNGZhZGMxYWY4MGZjY2Y2ZDEyYWFiYmNmYmZh
NS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAMnakjANBgkqhkiG9w0BAQsFAAOCAQEAQOWIVIs6VjeW8uAG
1N8wdp2lJJdUFzJWphCUC/9LDxFHPGUdK04ETSDMDj9iPKj8bBumalGn6JKEjnt0
4hsoTe9O5VXucMtn4V1E3mIXtLSvM5dlNJTdWtXPHfXl5YaH6yjmEGG7/qrtWdW2
rAwvnnUlcOVD6kb7eVLbma6+WmDhEhu5xf6NamyonAxY5hneuxXToacW8dkSXaBP
oJOoc3Zd5XYLLkFVlnR/sDZ3Q4l8uBG8xAYf8yI/IK3QCw2vhWucWBhne+L/Y5pk
gHk2+zwg/5BljsAKtvhic5Ap09qUWWNtUToJ9ZDZp/OFslACTH+K1qmu5KqMpa5J
WRAYjQ==
-----END CERTIFICATE-----
Generated at Thu Mar 28 19:40:36 2024 by rpki-client on console-fra.rpki-client.org