Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/a126501a-1f2d-4eaf-bb3a-9d7872ad9baa/d98e41579b97b08218fd20fe3bed3d4e7abe7dfd.roa
File:                     d98e41579b97b08218fd20fe3bed3d4e7abe7dfd.roa (raw, json)
Hash identifier:          sncpAxgnTueK6C+Vrj8xbjGVEmt259SMGelSiU/nh4o=
Subject key identifier:   8C:BC:CB:6B:7A:63:6F:64:C6:A4:60:84:7C:D3:7A:F5:49:17:74:75
Certificate issuer:       /CN=72dcf4f6ae59843fdce24c28f903c9595129b623
Certificate serial:       121CAC
Authority key identifier: 89:86:D7:8F:18:A2:0B:CB:15:07:EB:D2:31:2C:0D:8E:09:AD:2E:B6
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/72dcf4f6ae59843fdce24c28f903c9595129b623.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/a126501a-1f2d-4eaf-bb3a-9d7872ad9baa/d98e41579b97b08218fd20fe3bed3d4e7abe7dfd.roa
Signing time:             Fri 24 Nov 2023 07:30:02 +0000
ROA not before:           Fri 24 Nov 2023 07:30:02 +0000
ROA not after:            Sun 23 Nov 2025 07:30:02 +0000
asID:                     271867
IP address blocks:        200.36.210.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/a126501a-1f2d-4eaf-bb3a-9d7872ad9baa/72dcf4f6ae59843fdce24c28f903c9595129b623.crl
                          rsync://repository.lacnic.net/rpki/lacnic/a126501a-1f2d-4eaf-bb3a-9d7872ad9baa/72dcf4f6ae59843fdce24c28f903c9595129b623.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/72dcf4f6ae59843fdce24c28f903c9595129b623.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 04 Mar 2024 08:17:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1186988 (0x121cac)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72dcf4f6ae59843fdce24c28f903c9595129b623
        Validity
            Not Before: Nov 24 07:30:02 2023 GMT
            Not After : Nov 23 07:30:02 2025 GMT
        Subject: CN=d98e41579b97b08218fd20fe3bed3d4e7abe7dfd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:66:d1:ee:f6:c0:d9:69:be:21:15:e3:e6:04:
                    08:86:90:02:85:2e:93:f9:7f:06:31:f8:78:0b:5a:
                    ba:fd:eb:85:b3:dc:15:9f:d5:a2:37:ba:87:b4:d6:
                    5f:ee:22:3d:0d:1d:67:49:a5:60:f6:95:63:e2:1b:
                    35:fb:1e:2b:66:ab:4d:b8:c4:8a:85:30:4e:50:99:
                    45:f0:33:7e:b5:e0:64:11:1f:51:ae:52:a8:9a:e4:
                    24:d5:d5:35:38:ef:f7:bb:c3:10:f7:f1:f4:73:ae:
                    e6:9b:76:7e:d1:1e:e2:6b:4b:4d:9b:2e:0e:8d:6d:
                    a7:6b:da:88:8b:32:62:2f:5c:fc:68:00:10:86:4f:
                    74:fb:5f:50:01:e2:b1:9f:47:7b:2f:c9:7c:ca:8a:
                    1b:a6:1a:4a:09:40:05:e0:fe:3c:27:45:9f:c9:39:
                    7c:8a:c2:c2:e9:c6:61:7a:69:56:92:46:f6:d5:6f:
                    f8:51:98:f0:bc:e5:46:74:62:0a:b8:88:ee:fe:4d:
                    80:bb:b7:76:60:ef:a2:3d:ec:f0:8c:db:cf:df:0d:
                    00:7a:93:21:21:dc:32:7f:fe:88:83:4e:5f:bc:b3:
                    03:38:fb:e6:23:4a:8c:b2:e8:f8:d9:ee:d2:62:00:
                    3d:b7:6f:4e:a8:b8:6b:81:b7:22:71:fd:34:77:1e:
                    15:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8C:BC:CB:6B:7A:63:6F:64:C6:A4:60:84:7C:D3:7A:F5:49:17:74:75
            X509v3 Authority Key Identifier:
                keyid:89:86:D7:8F:18:A2:0B:CB:15:07:EB:D2:31:2C:0D:8E:09:AD:2E:B6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/72dcf4f6ae59843fdce24c28f903c9595129b623.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/a126501a-1f2d-4eaf-bb3a-9d7872ad9baa/d98e41579b97b08218fd20fe3bed3d4e7abe7dfd.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/a126501a-1f2d-4eaf-bb3a-9d7872ad9baa/72dcf4f6ae59843fdce24c28f903c9595129b623.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.36.210.0/24

    Signature Algorithm: sha256WithRSAEncryption
         29:57:7e:19:0c:6d:52:65:c6:1d:81:1f:4a:5a:4a:8c:3c:fd:
         34:55:15:0f:85:f7:ab:cb:3c:8c:6f:bf:d2:93:32:c8:2a:41:
         d8:f3:6b:c1:d6:79:5b:3b:6b:39:74:9f:50:85:6b:92:12:4c:
         47:e9:0a:c1:a6:67:c8:90:bf:f1:d2:72:19:90:8c:b1:cb:90:
         a5:d8:0d:9b:0a:bd:8f:87:b6:fd:2a:d4:6f:e7:1e:6e:54:25:
         bf:4a:f4:38:73:5f:d2:c0:51:22:2d:4e:07:71:df:c0:35:1d:
         af:82:30:54:e9:d5:e7:fd:0a:0c:28:de:64:e6:78:37:3a:45:
         12:80:88:ce:3a:19:5e:42:4a:46:53:44:7a:d1:dc:f2:da:c8:
         6e:91:99:7e:bc:87:65:d3:a2:9f:d8:2e:30:13:e8:65:07:18:
         f1:70:87:ab:80:c0:5d:a9:55:10:b4:10:5d:33:a6:9e:1b:1a:
         42:eb:67:68:38:8e:31:cd:14:17:99:78:62:b5:02:6e:d0:35:
         08:cf:0d:fc:fa:e5:11:03:c4:d3:ac:c1:c3:5d:a8:e5:17:0f:
         b2:45:dd:d1:84:7a:98:be:7d:13:a8:6d:f2:93:4b:93:5d:cd:
         7c:3f:90:6f:5e:db:d3:2b:92:d3:89:66:1d:af:71:47:ec:ab:
         35:72:6f:39
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDEhysMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDcy
ZGNmNGY2YWU1OTg0M2ZkY2UyNGMyOGY5MDNjOTU5NTEyOWI2MjMwHhcNMjMxMTI0
MDczMDAyWhcNMjUxMTIzMDczMDAyWjAzMTEwLwYDVQQDEyhkOThlNDE1NzliOTdi
MDgyMThmZDIwZmUzYmVkM2Q0ZTdhYmU3ZGZkMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAi2bR7vbA2Wm+IRXj5gQIhpAChS6T+X8GMfh4C1q6/euFs9wV
n9WiN7qHtNZf7iI9DR1nSaVg9pVj4hs1+x4rZqtNuMSKhTBOUJlF8DN+teBkER9R
rlKomuQk1dU1OO/3u8MQ9/H0c67mm3Z+0R7ia0tNmy4OjW2na9qIizJiL1z8aAAQ
hk90+19QAeKxn0d7L8l8yoobphpKCUAF4P48J0WfyTl8isLC6cZhemlWkkb21W/4
UZjwvOVGdGIKuIju/k2Au7d2YO+iPezwjNvP3w0AepMhIdwyf/6Ig05fvLMDOPvm
I0qMsuj42e7SYgA9t29OqLhrgbcicf00dx4VYQIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFIy8y2t6Y29kxqRghHzTevVJF3R1MB8GA1UdIwQYMBaAFImG148YogvLFQfr
0jEsDY4JrS62MA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvNzJkY2Y0
ZjZhZTU5ODQzZmRjZTI0YzI4ZjkwM2M5NTk1MTI5YjYyMy5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvYTEyNjUwMWEtMWYyZC00ZWFmLWJiM2EtOWQ3ODcy
YWQ5YmFhL2Q5OGU0MTU3OWI5N2IwODIxOGZkMjBmZTNiZWQzZDRlN2FiZTdkZmQu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9hMTI2NTAxYS0xZjJkLTRlYWYtYmIzYS05ZDc4
NzJhZDliYWEvNzJkY2Y0ZjZhZTU5ODQzZmRjZTI0YzI4ZjkwM2M5NTk1MTI5YjYy
My5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAMgk0jANBgkqhkiG9w0BAQsFAAOCAQEAKVd+GQxtUmXGHYEf
SlpKjDz9NFUVD4X3q8s8jG+/0pMyyCpB2PNrwdZ5WztrOXSfUIVrkhJMR+kKwaZn
yJC/8dJyGZCMscuQpdgNmwq9j4e2/SrUb+ceblQlv0r0OHNf0sBRIi1OB3HfwDUd
r4IwVOnV5/0KDCjeZOZ4NzpFEoCIzjoZXkJKRlNEetHc8trIbpGZfryHZdOin9gu
MBPoZQcY8XCHq4DAXalVELQQXTOmnhsaQutnaDiOMc0UF5l4YrUCbtA1CM8N/Prl
EQPE06zBw12o5RcPskXd0YR6mL59E6ht8pNLk13NfD+Qb17b0yuS04lmHa9xR+yr
NXJvOQ==
-----END CERTIFICATE-----
Generated at Fri Mar 1 16:46:13 2024 by rpki-client on console-ams.rpki-client.org