Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/a126501a-1f2d-4eaf-bb3a-9d7872ad9baa/3193681072937f9499166fb273410548ef883e99.roa
File:                     3193681072937f9499166fb273410548ef883e99.roa (raw, json)
Hash identifier:          Lmq6JlDjjSuyBpjvLb0addmUFAQmAdaCJ8BqFjfvvQ8=
Subject key identifier:   2E:72:1D:28:8A:31:B0:19:9E:3F:D0:5C:A8:75:5C:26:CD:51:D2:6B
Certificate issuer:       /CN=72dcf4f6ae59843fdce24c28f903c9595129b623
Certificate serial:       121935
Authority key identifier: 89:86:D7:8F:18:A2:0B:CB:15:07:EB:D2:31:2C:0D:8E:09:AD:2E:B6
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/72dcf4f6ae59843fdce24c28f903c9595129b623.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/a126501a-1f2d-4eaf-bb3a-9d7872ad9baa/3193681072937f9499166fb273410548ef883e99.roa
Signing time:             Fri 24 Nov 2023 07:30:01 +0000
ROA not before:           Fri 24 Nov 2023 07:30:01 +0000
ROA not after:            Sun 23 Nov 2025 07:30:01 +0000
asID:                     271867
IP address blocks:        200.36.209.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/a126501a-1f2d-4eaf-bb3a-9d7872ad9baa/72dcf4f6ae59843fdce24c28f903c9595129b623.crl
                          rsync://repository.lacnic.net/rpki/lacnic/a126501a-1f2d-4eaf-bb3a-9d7872ad9baa/72dcf4f6ae59843fdce24c28f903c9595129b623.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/72dcf4f6ae59843fdce24c28f903c9595129b623.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 03 Mar 2024 11:46:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1186101 (0x121935)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72dcf4f6ae59843fdce24c28f903c9595129b623
        Validity
            Not Before: Nov 24 07:30:01 2023 GMT
            Not After : Nov 23 07:30:01 2025 GMT
        Subject: CN=3193681072937f9499166fb273410548ef883e99
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:93:b9:ff:55:27:4c:29:2b:5f:16:ee:bc:4c:
                    c2:55:3a:a3:83:b7:17:a8:05:2a:11:af:97:81:56:
                    a8:5e:a2:97:7d:1f:26:ba:87:f5:62:b5:92:a3:fe:
                    84:7c:89:81:30:59:27:ec:29:82:de:23:43:3f:f9:
                    1a:3a:5a:2d:80:81:52:ca:e3:4f:0d:36:23:8c:4e:
                    85:3e:6a:ae:1f:12:b5:23:c7:f9:ae:1a:2a:c8:40:
                    7b:d5:95:9f:cc:39:2c:4d:73:17:70:12:c6:95:3b:
                    15:9f:fe:02:c9:f6:80:4e:45:28:75:8a:f0:99:ae:
                    08:fc:ec:4a:cf:b7:36:bd:ce:82:d0:8d:52:cc:20:
                    fc:31:c6:d7:74:ec:a5:a8:a8:d5:11:56:0d:15:50:
                    22:f9:32:b9:71:b1:1b:29:87:bb:ad:33:a9:c8:f7:
                    f6:34:e5:8b:13:ba:31:fb:ba:a3:83:56:13:0d:d6:
                    f3:87:de:94:82:29:ac:4e:dc:af:09:f2:37:6f:4e:
                    9f:d4:69:be:df:f6:ff:d3:41:d9:41:88:3f:d1:79:
                    d7:c5:7d:d8:1a:31:dc:86:9c:43:ec:75:e5:c6:bf:
                    c6:ef:33:70:79:1f:46:85:55:16:b8:4f:74:41:65:
                    fa:51:c8:c3:db:19:ae:22:ec:45:2d:73:d2:3c:be:
                    e0:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2E:72:1D:28:8A:31:B0:19:9E:3F:D0:5C:A8:75:5C:26:CD:51:D2:6B
            X509v3 Authority Key Identifier:
                keyid:89:86:D7:8F:18:A2:0B:CB:15:07:EB:D2:31:2C:0D:8E:09:AD:2E:B6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/72dcf4f6ae59843fdce24c28f903c9595129b623.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/a126501a-1f2d-4eaf-bb3a-9d7872ad9baa/3193681072937f9499166fb273410548ef883e99.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/a126501a-1f2d-4eaf-bb3a-9d7872ad9baa/72dcf4f6ae59843fdce24c28f903c9595129b623.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.36.209.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4b:90:ed:bf:dd:82:94:bd:af:7b:78:bd:a8:6c:2e:44:b2:32:
         cd:51:b0:3c:6a:c2:ad:d1:f8:40:b5:17:3f:9f:f4:09:7f:43:
         15:63:34:d0:73:2e:3d:46:c9:19:34:22:3b:d8:e4:13:12:f7:
         36:fc:4a:97:a2:d5:1a:7d:72:b5:c5:a8:01:af:6a:c8:62:11:
         d2:43:97:bc:f4:c8:25:23:1b:6f:55:ce:28:44:66:6f:8f:37:
         59:0c:f3:1e:e8:a2:32:a4:99:85:55:27:48:22:ee:54:61:f4:
         ce:ab:4d:95:c6:1d:ee:69:9c:af:39:b8:73:7f:f2:59:e4:b1:
         c5:5a:34:f0:16:39:27:39:7e:60:c6:8a:74:f1:70:57:3b:f1:
         fe:8f:3c:63:8f:c6:e3:d6:39:66:b9:76:34:39:be:aa:ee:d5:
         1e:5c:48:16:6c:d9:59:6e:e7:99:69:cc:57:92:ff:11:3e:6f:
         92:82:46:53:71:12:bf:8a:1e:4b:b7:f5:41:66:46:1f:79:85:
         ba:74:3e:6e:e4:5a:09:ab:82:2e:06:57:8d:fe:2b:5c:1e:76:
         78:5f:8e:15:5d:3e:ef:da:40:87:bd:11:28:70:c9:03:e2:61:
         32:3e:05:c2:64:bf:19:0b:08:43:71:82:80:52:d6:5b:da:1b:
         15:ac:8a:4e
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDEhk1MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDcy
ZGNmNGY2YWU1OTg0M2ZkY2UyNGMyOGY5MDNjOTU5NTEyOWI2MjMwHhcNMjMxMTI0
MDczMDAxWhcNMjUxMTIzMDczMDAxWjAzMTEwLwYDVQQDEygzMTkzNjgxMDcyOTM3
Zjk0OTkxNjZmYjI3MzQxMDU0OGVmODgzZTk5MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAnpO5/1UnTCkrXxbuvEzCVTqjg7cXqAUqEa+XgVaoXqKXfR8m
uof1YrWSo/6EfImBMFkn7CmC3iNDP/kaOlotgIFSyuNPDTYjjE6FPmquHxK1I8f5
rhoqyEB71ZWfzDksTXMXcBLGlTsVn/4CyfaATkUodYrwma4I/OxKz7c2vc6C0I1S
zCD8McbXdOylqKjVEVYNFVAi+TK5cbEbKYe7rTOpyPf2NOWLE7ox+7qjg1YTDdbz
h96UgimsTtyvCfI3b06f1Gm+3/b/00HZQYg/0XnXxX3YGjHchpxD7HXlxr/G7zNw
eR9GhVUWuE90QWX6UcjD2xmuIuxFLXPSPL7gGQIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFC5yHSiKMbAZnj/QXKh1XCbNUdJrMB8GA1UdIwQYMBaAFImG148YogvLFQfr
0jEsDY4JrS62MA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvNzJkY2Y0
ZjZhZTU5ODQzZmRjZTI0YzI4ZjkwM2M5NTk1MTI5YjYyMy5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvYTEyNjUwMWEtMWYyZC00ZWFmLWJiM2EtOWQ3ODcy
YWQ5YmFhLzMxOTM2ODEwNzI5MzdmOTQ5OTE2NmZiMjczNDEwNTQ4ZWY4ODNlOTku
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9hMTI2NTAxYS0xZjJkLTRlYWYtYmIzYS05ZDc4
NzJhZDliYWEvNzJkY2Y0ZjZhZTU5ODQzZmRjZTI0YzI4ZjkwM2M5NTk1MTI5YjYy
My5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAMgk0TANBgkqhkiG9w0BAQsFAAOCAQEAS5Dtv92ClL2ve3i9
qGwuRLIyzVGwPGrCrdH4QLUXP5/0CX9DFWM00HMuPUbJGTQiO9jkExL3NvxKl6LV
Gn1ytcWoAa9qyGIR0kOXvPTIJSMbb1XOKERmb483WQzzHuiiMqSZhVUnSCLuVGH0
zqtNlcYd7mmcrzm4c3/yWeSxxVo08BY5Jzl+YMaKdPFwVzvx/o88Y4/G49Y5Zrl2
NDm+qu7VHlxIFmzZWW7nmWnMV5L/ET5vkoJGU3ESv4oeS7f1QWZGH3mFunQ+buRa
CauCLgZXjf4rXB52eF+OFV0+79pAh70RKHDJA+JhMj4FwmS/GQsIQ3GCgFLWW9ob
FayKTg==
-----END CERTIFICATE-----
Generated at Thu Feb 29 19:48:16 2024 by rpki-client on console-ams.rpki-client.org