Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/a8501278-77ef-48dc-a207-e655d406a0a2/070f4360edea5ae6378efa5a46f29998955d8f6b.roa
File:                     070f4360edea5ae6378efa5a46f29998955d8f6b.roa (raw, json)
Hash identifier:          tnCiQY2R0TmqOj+9/iA77B24AQRGrAwxVSoXxT4j1gk=
Subject key identifier:   D1:2D:C2:44:1A:AE:AC:D8:B1:91:96:37:BB:BE:C1:D3:D5:A9:33:4F
Certificate issuer:       /CN=55cee09ac499332945551b37537a6b6c4d728403
Certificate serial:       0C8059
Authority key identifier: 42:0F:0F:5B:BF:B7:D3:4D:44:D5:34:47:3B:37:D9:CC:80:B0:D4:ED
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/55cee09ac499332945551b37537a6b6c4d728403.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/a8501278-77ef-48dc-a207-e655d406a0a2/070f4360edea5ae6378efa5a46f29998955d8f6b.roa
Signing time:             Wed 24 Mar 2021 14:31:26 +0000
ROA not before:           Wed 24 Mar 2021 14:31:26 +0000
ROA not after:            Tue 24 Mar 2026 14:31:26 +0000
asID:                     27926
IP address blocks:        200.107.224.0/21 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/a8501278-77ef-48dc-a207-e655d406a0a2/55cee09ac499332945551b37537a6b6c4d728403.crl
                          rsync://repository.lacnic.net/rpki/lacnic/a8501278-77ef-48dc-a207-e655d406a0a2/55cee09ac499332945551b37537a6b6c4d728403.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/55cee09ac499332945551b37537a6b6c4d728403.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 03:49:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 819289 (0xc8059)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=55cee09ac499332945551b37537a6b6c4d728403
        Validity
            Not Before: Mar 24 14:31:26 2021 GMT
            Not After : Mar 24 14:31:26 2026 GMT
        Subject: CN=070f4360edea5ae6378efa5a46f29998955d8f6b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:64:7a:87:29:2c:18:fa:e9:e7:17:f5:c0:ce:
                    a4:1d:9a:aa:5b:60:99:e2:8c:8b:50:b1:7a:47:4d:
                    bc:51:5c:63:c2:0d:73:e4:aa:e3:a3:ad:11:9b:09:
                    01:e2:72:76:19:70:c9:76:04:ef:59:43:74:5d:d7:
                    f9:28:b8:e6:a7:f3:da:9b:a2:22:ee:21:08:d9:22:
                    e2:11:c3:c7:39:6b:2e:54:e6:78:44:46:43:6b:7f:
                    58:28:aa:fd:ea:90:e4:ef:84:7c:ca:7e:c2:05:d0:
                    85:e9:b4:c3:b6:dd:ce:d1:80:4a:a5:81:ea:21:ae:
                    0f:2c:99:fb:e8:53:b9:db:50:3a:b0:16:de:07:17:
                    40:eb:67:4a:01:0b:41:77:4f:40:54:7b:5c:7f:1c:
                    4f:76:87:e2:4f:2d:dd:50:9b:50:27:7f:c8:da:b3:
                    00:40:70:21:eb:71:10:bd:ed:0c:d6:d5:d7:f6:58:
                    31:72:e7:9c:03:07:a7:69:3f:3e:a3:7b:fd:82:bb:
                    06:8c:02:bf:51:36:5f:ce:b2:c9:80:2e:45:3f:26:
                    ef:1a:be:7a:13:2c:c5:b1:e9:fc:08:9b:8c:e2:eb:
                    df:8a:bc:ba:f2:9a:6b:84:c5:c1:4d:d8:bb:e2:ab:
                    9a:d3:78:6b:92:0b:97:8e:7f:c8:d2:fb:75:99:f9:
                    6d:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D1:2D:C2:44:1A:AE:AC:D8:B1:91:96:37:BB:BE:C1:D3:D5:A9:33:4F
            X509v3 Authority Key Identifier:
                keyid:42:0F:0F:5B:BF:B7:D3:4D:44:D5:34:47:3B:37:D9:CC:80:B0:D4:ED

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/55cee09ac499332945551b37537a6b6c4d728403.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/a8501278-77ef-48dc-a207-e655d406a0a2/070f4360edea5ae6378efa5a46f29998955d8f6b.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/a8501278-77ef-48dc-a207-e655d406a0a2/55cee09ac499332945551b37537a6b6c4d728403.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.107.224.0/21

    Signature Algorithm: sha256WithRSAEncryption
         28:98:50:81:f9:1c:92:96:f4:b5:e8:87:0c:68:be:af:0a:88:
         88:aa:fc:dd:1f:5b:31:9b:8c:cb:cb:a9:b3:de:c2:57:34:2b:
         d7:13:1b:e5:27:9e:58:e3:59:8d:47:3f:bb:20:46:94:bd:93:
         74:18:39:3a:aa:97:fa:df:e1:92:9d:5f:5f:14:0d:69:9d:c0:
         f4:97:7d:b4:25:1d:2c:c3:dc:7d:2f:6f:33:d1:95:d3:43:62:
         97:3f:43:cb:22:38:41:a9:92:28:37:a5:ed:12:c2:7b:4b:c6:
         b9:44:95:c7:c1:5a:eb:6d:2c:f6:9e:e0:da:59:70:24:ac:4e:
         cf:d4:08:d3:5a:f9:f3:a2:cb:fd:33:b2:b6:90:68:0d:0c:70:
         ca:ab:d2:fc:2e:da:c8:ac:a7:61:45:ee:20:36:8a:a5:33:46:
         a1:20:e1:76:64:a1:02:d7:ca:69:67:78:b0:50:a6:67:c8:a6:
         85:0b:48:26:08:bc:f1:a6:71:98:75:6f:33:a4:21:19:11:cc:
         d1:0c:29:21:63:4e:d3:54:9d:24:67:62:cb:cc:ab:03:96:03:
         1b:b0:f9:3f:61:b6:e1:37:82:cf:c5:ea:59:38:15:62:f0:29:
         43:91:6b:5f:ee:e7:fe:e3:4b:98:12:99:f3:9f:c4:09:71:3c:
         a1:98:f9:35
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDDIBZMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDU1
Y2VlMDlhYzQ5OTMzMjk0NTU1MWIzNzUzN2E2YjZjNGQ3Mjg0MDMwHhcNMjEwMzI0
MTQzMTI2WhcNMjYwMzI0MTQzMTI2WjAzMTEwLwYDVQQDEygwNzBmNDM2MGVkZWE1
YWU2Mzc4ZWZhNWE0NmYyOTk5ODk1NWQ4ZjZiMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAi2R6hyksGPrp5xf1wM6kHZqqW2CZ4oyLULF6R028UVxjwg1z
5Krjo60RmwkB4nJ2GXDJdgTvWUN0Xdf5KLjmp/Pam6Ii7iEI2SLiEcPHOWsuVOZ4
REZDa39YKKr96pDk74R8yn7CBdCF6bTDtt3O0YBKpYHqIa4PLJn76FO521A6sBbe
BxdA62dKAQtBd09AVHtcfxxPdofiTy3dUJtQJ3/I2rMAQHAh63EQve0M1tXX9lgx
cuecAwenaT8+o3v9grsGjAK/UTZfzrLJgC5FPybvGr56EyzFsen8CJuM4uvfiry6
8pprhMXBTdi74qua03hrkguXjn/I0vt1mfltJQIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFNEtwkQarqzYsZGWN7u+wdPVqTNPMB8GA1UdIwQYMBaAFEIPD1u/t9NNRNU0
Rzs32cyAsNTtMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvNTVjZWUw
OWFjNDk5MzMyOTQ1NTUxYjM3NTM3YTZiNmM0ZDcyODQwMy5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvYTg1MDEyNzgtNzdlZi00OGRjLWEyMDctZTY1NWQ0
MDZhMGEyLzA3MGY0MzYwZWRlYTVhZTYzNzhlZmE1YTQ2ZjI5OTk4OTU1ZDhmNmIu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9hODUwMTI3OC03N2VmLTQ4ZGMtYTIwNy1lNjU1
ZDQwNmEwYTIvNTVjZWUwOWFjNDk5MzMyOTQ1NTUxYjM3NTM3YTZiNmM0ZDcyODQw
My5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEA8hr4DANBgkqhkiG9w0BAQsFAAOCAQEAKJhQgfkckpb0teiH
DGi+rwqIiKr83R9bMZuMy8ups97CVzQr1xMb5SeeWONZjUc/uyBGlL2TdBg5OqqX
+t/hkp1fXxQNaZ3A9Jd9tCUdLMPcfS9vM9GV00Nilz9DyyI4QamSKDel7RLCe0vG
uUSVx8Fa620s9p7g2llwJKxOz9QI01r586LL/TOytpBoDQxwyqvS/C7ayKynYUXu
IDaKpTNGoSDhdmShAtfKaWd4sFCmZ8imhQtIJgi88aZxmHVvM6QhGRHM0QwpIWNO
01SdJGdiy8yrA5YDG7D5P2G24TeCz8XqWTgVYvApQ5FrX+7n/uNLmBKZ85/ECXE8
oZj5NQ==
-----END CERTIFICATE-----
Generated at Thu Mar 28 11:17:57 2024 by rpki-client on console-fra.rpki-client.org