Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/a0312904-de20-48ca-90aa-6d5046efdf81/461f08ea31c2411e912924c553643fccdd90daae.roa
File:                     461f08ea31c2411e912924c553643fccdd90daae.roa (raw, json)
Hash identifier:          6qN3L3KXWunMJMeruFbitN3T65VbLjedQQuKHkHEMjs=
Subject key identifier:   85:9F:06:2B:80:7E:7F:85:9A:FE:0C:3D:F9:B9:30:58:AD:09:18:B7
Certificate issuer:       /CN=34eab819a0f53f7358f062ae9c8233b8d66c55de
Certificate serial:       0C4156
Authority key identifier: 50:0F:AC:5C:67:2A:FE:D3:2D:91:3C:BC:69:0C:6F:70:52:75:53:2F
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/34eab819a0f53f7358f062ae9c8233b8d66c55de.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/a0312904-de20-48ca-90aa-6d5046efdf81/461f08ea31c2411e912924c553643fccdd90daae.roa
Signing time:             Wed 24 Mar 2021 14:39:06 +0000
ROA not before:           Wed 24 Mar 2021 14:39:06 +0000
ROA not after:            Tue 24 Mar 2026 14:39:06 +0000
asID:                     23031
IP address blocks:        200.6.17.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/a0312904-de20-48ca-90aa-6d5046efdf81/34eab819a0f53f7358f062ae9c8233b8d66c55de.crl
                          rsync://repository.lacnic.net/rpki/lacnic/a0312904-de20-48ca-90aa-6d5046efdf81/34eab819a0f53f7358f062ae9c8233b8d66c55de.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/34eab819a0f53f7358f062ae9c8233b8d66c55de.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 01 Apr 2024 05:58:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 803158 (0xc4156)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=34eab819a0f53f7358f062ae9c8233b8d66c55de
        Validity
            Not Before: Mar 24 14:39:06 2021 GMT
            Not After : Mar 24 14:39:06 2026 GMT
        Subject: CN=461f08ea31c2411e912924c553643fccdd90daae
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:82:cc:8f:b6:0f:2a:7b:55:ce:eb:22:c4:5e:f2:
                    4b:f0:85:7a:66:8d:55:fa:48:f1:80:e7:3c:68:cc:
                    85:5a:87:a9:9d:5a:f2:cc:f6:89:d5:11:ab:5c:b9:
                    63:fb:b2:ca:b0:1b:b0:3d:bd:50:92:80:9b:b3:aa:
                    e3:d1:0c:82:d4:e7:35:13:7f:39:17:fb:12:c1:94:
                    12:75:fd:90:06:58:c0:7f:4e:29:ec:d4:81:dd:71:
                    cb:48:97:84:07:4a:21:10:24:59:16:3c:ec:fc:10:
                    a6:25:e8:92:2d:52:0c:fd:68:2e:da:1c:99:1f:41:
                    00:9d:65:36:e2:04:16:e9:24:5a:21:7b:4a:f1:da:
                    bd:6d:cb:6b:ad:7e:ad:75:c1:94:89:96:8e:aa:6b:
                    7e:7a:40:81:4d:ac:88:d0:18:66:e7:59:fd:73:57:
                    c6:a5:3d:f7:69:a8:68:39:81:d0:0c:f2:b0:59:b3:
                    f8:bc:35:a8:41:4e:0e:b4:68:6b:81:fe:40:d8:75:
                    a0:8d:19:b9:5b:64:77:06:2a:f3:9d:e3:f0:92:e5:
                    56:6d:d4:db:9e:b0:d6:67:b2:85:fe:cd:38:36:ec:
                    20:1d:f7:74:21:6a:a5:46:8a:e4:6a:e1:46:70:a5:
                    9c:da:71:e2:db:7f:3b:09:67:c7:55:7f:e2:f4:24:
                    c5:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                85:9F:06:2B:80:7E:7F:85:9A:FE:0C:3D:F9:B9:30:58:AD:09:18:B7
            X509v3 Authority Key Identifier:
                keyid:50:0F:AC:5C:67:2A:FE:D3:2D:91:3C:BC:69:0C:6F:70:52:75:53:2F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/34eab819a0f53f7358f062ae9c8233b8d66c55de.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/a0312904-de20-48ca-90aa-6d5046efdf81/461f08ea31c2411e912924c553643fccdd90daae.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/a0312904-de20-48ca-90aa-6d5046efdf81/34eab819a0f53f7358f062ae9c8233b8d66c55de.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.6.17.0/24

    Signature Algorithm: sha256WithRSAEncryption
         48:77:44:6a:35:20:25:b7:12:0c:f1:f6:8c:41:8b:83:6c:84:
         5b:ad:d2:89:8d:fc:ee:56:40:32:51:01:d9:75:f2:58:1c:af:
         d4:2a:0c:06:6f:5c:93:1f:a7:4f:1c:ca:10:43:5a:ac:4d:c3:
         dd:44:97:1d:fb:dd:95:41:fb:dc:0d:00:49:49:38:02:58:4d:
         3c:47:77:fc:15:25:58:0d:75:7a:f3:e1:79:f7:ac:51:cf:9f:
         79:9d:a7:c2:05:c0:04:f0:b4:fc:2b:de:80:4c:60:62:be:1a:
         f3:21:68:1d:9a:8f:c9:4f:8f:fb:d7:92:8d:35:36:83:0a:43:
         ed:a5:21:d6:01:77:83:53:8c:29:08:ec:59:7a:80:c1:41:fa:
         fa:83:09:4f:8e:05:db:96:0f:e1:86:83:9e:3c:0a:7d:74:f6:
         81:93:d7:0a:c7:52:d8:3b:3a:6a:b7:38:06:c8:f9:35:8b:4c:
         65:a5:d7:31:d6:02:3b:8a:74:1d:12:b8:94:46:08:92:42:ff:
         6f:41:ae:6e:3b:ce:48:83:7a:04:29:ad:05:02:65:ce:40:e1:
         9e:42:9a:93:30:4b:44:cf:75:24:6c:91:11:39:d5:9e:70:59:
         9f:53:ea:70:ea:68:14:91:38:9b:2f:97:07:20:c8:e7:fb:09:
         1d:d4:0d:88
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDDEFWMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDM0
ZWFiODE5YTBmNTNmNzM1OGYwNjJhZTljODIzM2I4ZDY2YzU1ZGUwHhcNMjEwMzI0
MTQzOTA2WhcNMjYwMzI0MTQzOTA2WjAzMTEwLwYDVQQDEyg0NjFmMDhlYTMxYzI0
MTFlOTEyOTI0YzU1MzY0M2ZjY2RkOTBkYWFlMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAgsyPtg8qe1XO6yLEXvJL8IV6Zo1V+kjxgOc8aMyFWoepnVry
zPaJ1RGrXLlj+7LKsBuwPb1QkoCbs6rj0QyC1Oc1E385F/sSwZQSdf2QBljAf04p
7NSB3XHLSJeEB0ohECRZFjzs/BCmJeiSLVIM/Wgu2hyZH0EAnWU24gQW6SRaIXtK
8dq9bctrrX6tdcGUiZaOqmt+ekCBTayI0Bhm51n9c1fGpT33aahoOYHQDPKwWbP4
vDWoQU4OtGhrgf5A2HWgjRm5W2R3BirznePwkuVWbdTbnrDWZ7KF/s04NuwgHfd0
IWqlRorkauFGcKWc2nHi2387CWfHVX/i9CTFnQIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFIWfBiuAfn+Fmv4MPfm5MFitCRi3MB8GA1UdIwQYMBaAFFAPrFxnKv7TLZE8
vGkMb3BSdVMvMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvMzRlYWI4
MTlhMGY1M2Y3MzU4ZjA2MmFlOWM4MjMzYjhkNjZjNTVkZS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvYTAzMTI5MDQtZGUyMC00OGNhLTkwYWEtNmQ1MDQ2
ZWZkZjgxLzQ2MWYwOGVhMzFjMjQxMWU5MTI5MjRjNTUzNjQzZmNjZGQ5MGRhYWUu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9hMDMxMjkwNC1kZTIwLTQ4Y2EtOTBhYS02ZDUw
NDZlZmRmODEvMzRlYWI4MTlhMGY1M2Y3MzU4ZjA2MmFlOWM4MjMzYjhkNjZjNTVk
ZS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAMgGETANBgkqhkiG9w0BAQsFAAOCAQEASHdEajUgJbcSDPH2
jEGLg2yEW63SiY387lZAMlEB2XXyWByv1CoMBm9ckx+nTxzKEENarE3D3USXHfvd
lUH73A0ASUk4AlhNPEd3/BUlWA11evPhefesUc+feZ2nwgXABPC0/CvegExgYr4a
8yFoHZqPyU+P+9eSjTU2gwpD7aUh1gF3g1OMKQjsWXqAwUH6+oMJT44F25YP4YaD
njwKfXT2gZPXCsdS2Ds6arc4Bsj5NYtMZaXXMdYCO4p0HRK4lEYIkkL/b0GubjvO
SIN6BCmtBQJlzkDhnkKakzBLRM91JGyRETnVnnBZn1PqcOpoFJE4my+XByDI5/sJ
HdQNiA==
-----END CERTIFICATE-----
Generated at Fri Mar 29 08:55:30 2024 by rpki-client on console-fra.rpki-client.org