Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/a126501a-1f2d-4eaf-bb3a-9d7872ad9baa/4fd4bc82dfda3f39b5346cc315a10a2fae7720b7.roa
File:                     4fd4bc82dfda3f39b5346cc315a10a2fae7720b7.roa (raw, json)
Hash identifier:          okYAFCCrjJ9dZu76fzpwQZ53f42yv0HNKQc6mrq93w4=
Subject key identifier:   03:21:EC:53:47:3D:38:A8:BC:C9:D9:AB:75:FD:CE:4C:08:75:AD:D9
Certificate issuer:       /CN=72dcf4f6ae59843fdce24c28f903c9595129b623
Certificate serial:       1214C0
Authority key identifier: 89:86:D7:8F:18:A2:0B:CB:15:07:EB:D2:31:2C:0D:8E:09:AD:2E:B6
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/72dcf4f6ae59843fdce24c28f903c9595129b623.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/a126501a-1f2d-4eaf-bb3a-9d7872ad9baa/4fd4bc82dfda3f39b5346cc315a10a2fae7720b7.roa
Signing time:             Fri 24 Nov 2023 07:30:00 +0000
ROA not before:           Fri 24 Nov 2023 07:30:00 +0000
ROA not after:            Sun 23 Nov 2025 07:30:00 +0000
asID:                     271867
IP address blocks:        200.36.208.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/a126501a-1f2d-4eaf-bb3a-9d7872ad9baa/72dcf4f6ae59843fdce24c28f903c9595129b623.crl
                          rsync://repository.lacnic.net/rpki/lacnic/a126501a-1f2d-4eaf-bb3a-9d7872ad9baa/72dcf4f6ae59843fdce24c28f903c9595129b623.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/72dcf4f6ae59843fdce24c28f903c9595129b623.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 03 Mar 2024 11:46:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1184960 (0x1214c0)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72dcf4f6ae59843fdce24c28f903c9595129b623
        Validity
            Not Before: Nov 24 07:30:00 2023 GMT
            Not After : Nov 23 07:30:00 2025 GMT
        Subject: CN=4fd4bc82dfda3f39b5346cc315a10a2fae7720b7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:d0:d8:2f:3b:22:b8:8b:b3:7c:78:d6:5a:8a:
                    ec:1f:f7:56:bc:f8:6b:d3:66:40:14:fe:26:d2:16:
                    8f:7b:18:e1:43:d9:a9:16:83:30:7b:46:f9:d2:56:
                    7d:a8:cf:d1:b3:b3:d8:2b:73:1c:3a:3c:97:4c:60:
                    69:c4:53:84:54:dc:83:ed:fc:e7:d7:56:76:01:0c:
                    10:d7:72:06:10:db:5b:22:f4:92:8d:4b:3a:4a:60:
                    1c:91:fd:7c:9e:f4:37:94:6d:aa:9e:8f:ff:be:b8:
                    ba:a8:b7:39:e0:94:d6:52:62:60:34:c6:05:78:22:
                    4b:64:59:23:30:64:e7:21:85:40:11:50:74:6e:bc:
                    3f:51:61:aa:54:70:48:b2:93:89:50:5a:99:50:8e:
                    3b:6d:ae:a1:4d:ec:9e:15:90:20:2b:b0:4f:14:d4:
                    4b:d0:d1:93:13:9b:51:dd:d5:5e:82:62:d6:42:03:
                    23:98:4a:48:fd:5e:e3:4b:45:69:fb:fa:e0:f1:07:
                    f2:8a:d4:87:f4:45:a7:43:47:41:02:11:f9:73:aa:
                    39:ac:b3:68:34:de:32:36:40:58:fe:8f:0f:a7:28:
                    d2:10:e5:a0:e2:bd:b5:4d:1a:31:35:be:e4:b1:a7:
                    90:df:3b:f6:04:83:f3:6d:d5:87:a8:88:25:1f:5b:
                    e9:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                03:21:EC:53:47:3D:38:A8:BC:C9:D9:AB:75:FD:CE:4C:08:75:AD:D9
            X509v3 Authority Key Identifier:
                keyid:89:86:D7:8F:18:A2:0B:CB:15:07:EB:D2:31:2C:0D:8E:09:AD:2E:B6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/72dcf4f6ae59843fdce24c28f903c9595129b623.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/a126501a-1f2d-4eaf-bb3a-9d7872ad9baa/4fd4bc82dfda3f39b5346cc315a10a2fae7720b7.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/a126501a-1f2d-4eaf-bb3a-9d7872ad9baa/72dcf4f6ae59843fdce24c28f903c9595129b623.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.36.208.0/24

    Signature Algorithm: sha256WithRSAEncryption
         76:4b:62:a1:93:3d:0e:e4:1d:99:e7:fe:d8:fb:9d:08:d6:c1:
         10:a3:85:47:1c:51:69:65:ef:e4:26:09:ec:5f:37:1c:34:1b:
         6e:8f:9a:74:88:69:fa:0a:94:19:f3:15:4e:90:04:33:09:b7:
         ef:19:d0:30:a4:78:80:18:46:a5:37:23:b7:e2:3a:f0:82:69:
         49:1c:4d:d3:39:57:99:ec:99:67:d3:ba:a5:96:cb:5d:b0:1b:
         dd:b2:04:7a:16:e4:1b:cd:ea:38:37:fc:35:2b:91:4c:c7:bc:
         d9:a9:50:56:10:01:0d:6e:44:02:83:89:a6:cc:9d:52:1b:a6:
         c2:4e:d8:91:85:a1:37:ab:92:12:18:15:e2:3e:d1:ad:39:92:
         de:23:dd:4e:0e:14:e8:f6:32:a7:d4:43:0c:92:11:07:0a:a0:
         fd:f5:69:ab:2b:56:ee:f9:ec:90:f5:f3:19:83:91:25:82:63:
         86:8a:68:3f:f0:0e:53:7f:99:48:0e:32:78:b5:bd:1b:4d:c6:
         07:db:c9:81:2c:ca:66:b2:60:61:5c:42:f6:ad:84:9c:85:6d:
         9f:30:35:12:d6:93:f1:4d:a0:c1:50:96:5a:6e:ec:b6:25:da:
         41:d6:fd:82:17:72:f9:ea:d0:56:0d:52:12:d7:8b:e9:dd:88:
         d2:e6:ce:38
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDEhTAMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDcy
ZGNmNGY2YWU1OTg0M2ZkY2UyNGMyOGY5MDNjOTU5NTEyOWI2MjMwHhcNMjMxMTI0
MDczMDAwWhcNMjUxMTIzMDczMDAwWjAzMTEwLwYDVQQDEyg0ZmQ0YmM4MmRmZGEz
ZjM5YjUzNDZjYzMxNWExMGEyZmFlNzcyMGI3MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAi9DYLzsiuIuzfHjWWorsH/dWvPhr02ZAFP4m0haPexjhQ9mp
FoMwe0b50lZ9qM/Rs7PYK3McOjyXTGBpxFOEVNyD7fzn11Z2AQwQ13IGENtbIvSS
jUs6SmAckf18nvQ3lG2qno//vri6qLc54JTWUmJgNMYFeCJLZFkjMGTnIYVAEVB0
brw/UWGqVHBIspOJUFqZUI47ba6hTeyeFZAgK7BPFNRL0NGTE5tR3dVegmLWQgMj
mEpI/V7jS0Vp+/rg8QfyitSH9EWnQ0dBAhH5c6o5rLNoNN4yNkBY/o8PpyjSEOWg
4r21TRoxNb7ksaeQ3zv2BIPzbdWHqIglH1vpRQIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFAMh7FNHPTiovMnZq3X9zkwIda3ZMB8GA1UdIwQYMBaAFImG148YogvLFQfr
0jEsDY4JrS62MA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvNzJkY2Y0
ZjZhZTU5ODQzZmRjZTI0YzI4ZjkwM2M5NTk1MTI5YjYyMy5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvYTEyNjUwMWEtMWYyZC00ZWFmLWJiM2EtOWQ3ODcy
YWQ5YmFhLzRmZDRiYzgyZGZkYTNmMzliNTM0NmNjMzE1YTEwYTJmYWU3NzIwYjcu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9hMTI2NTAxYS0xZjJkLTRlYWYtYmIzYS05ZDc4
NzJhZDliYWEvNzJkY2Y0ZjZhZTU5ODQzZmRjZTI0YzI4ZjkwM2M5NTk1MTI5YjYy
My5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAMgk0DANBgkqhkiG9w0BAQsFAAOCAQEAdktioZM9DuQdmef+
2PudCNbBEKOFRxxRaWXv5CYJ7F83HDQbbo+adIhp+gqUGfMVTpAEMwm37xnQMKR4
gBhGpTcjt+I68IJpSRxN0zlXmeyZZ9O6pZbLXbAb3bIEehbkG83qODf8NSuRTMe8
2alQVhABDW5EAoOJpsydUhumwk7YkYWhN6uSEhgV4j7RrTmS3iPdTg4U6PYyp9RD
DJIRBwqg/fVpqytW7vnskPXzGYORJYJjhopoP/AOU3+ZSA4yeLW9G03GB9vJgSzK
ZrJgYVxC9q2EnIVtnzA1EtaT8U2gwVCWWm7stiXaQdb9ghdy+erQVg1SEteL6d2I
0ubOOA==
-----END CERTIFICATE-----
Generated at Thu Feb 29 19:48:16 2024 by rpki-client on console-ams.rpki-client.org