Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/a8501278-77ef-48dc-a207-e655d406a0a2/6494bbe5d05c2416815f706b82ddac068e309ef1.roa
File:                     6494bbe5d05c2416815f706b82ddac068e309ef1.roa (raw, json)
Hash identifier:          7Ha9sDtTTOhhWORwr5DiyCooXoDpG7J0qge6JhC+TRE=
Subject key identifier:   BB:45:93:9E:BD:CB:F7:44:E8:6A:71:2A:90:E4:2F:C3:9D:24:E7:16
Certificate issuer:       /CN=55cee09ac499332945551b37537a6b6c4d728403
Certificate serial:       0C8124
Authority key identifier: 42:0F:0F:5B:BF:B7:D3:4D:44:D5:34:47:3B:37:D9:CC:80:B0:D4:ED
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/55cee09ac499332945551b37537a6b6c4d728403.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/a8501278-77ef-48dc-a207-e655d406a0a2/6494bbe5d05c2416815f706b82ddac068e309ef1.roa
Signing time:             Wed 24 Mar 2021 14:31:26 +0000
ROA not before:           Wed 24 Mar 2021 14:31:26 +0000
ROA not after:            Tue 24 Mar 2026 14:31:26 +0000
asID:                     27926
IP address blocks:        200.107.224.0/21 maxlen: 24
                          2803:15a0::/32 maxlen: 32

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/a8501278-77ef-48dc-a207-e655d406a0a2/55cee09ac499332945551b37537a6b6c4d728403.crl
                          rsync://repository.lacnic.net/rpki/lacnic/a8501278-77ef-48dc-a207-e655d406a0a2/55cee09ac499332945551b37537a6b6c4d728403.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/55cee09ac499332945551b37537a6b6c4d728403.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 18 Mar 2023 02:22:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 819492 (0xc8124)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=55cee09ac499332945551b37537a6b6c4d728403
        Validity
            Not Before: Mar 24 14:31:26 2021 GMT
            Not After : Mar 24 14:31:26 2026 GMT
        Subject: CN=6494bbe5d05c2416815f706b82ddac068e309ef1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:7b:4b:72:12:3a:25:e6:f8:25:ab:d3:eb:b5:
                    fd:dc:ef:23:97:a9:c5:19:ff:43:02:13:6e:89:5b:
                    a0:5f:88:78:e2:4e:38:2d:7b:d2:10:c9:e9:17:44:
                    8a:68:53:0a:38:05:cb:ec:10:03:6c:2f:63:0d:3d:
                    30:5b:77:8d:8a:d3:35:16:e5:2e:45:8a:cb:4d:f9:
                    6a:12:20:4b:88:10:84:13:79:e8:93:70:ac:8a:30:
                    db:70:68:ab:91:61:9d:aa:5d:82:07:0d:a1:73:31:
                    76:fb:7e:e5:0e:65:90:0a:36:f2:35:81:db:52:ef:
                    ff:11:d9:e5:de:e5:b8:a3:ef:63:0e:61:54:59:79:
                    d7:50:20:dc:9c:a4:4b:dc:83:3d:b2:47:28:1c:56:
                    bd:1a:8c:4c:0c:67:32:ae:eb:5f:64:a2:1a:3a:cb:
                    4a:3f:13:de:9f:6d:dd:c6:70:50:88:75:b1:db:e9:
                    4d:d4:58:6b:3f:29:15:42:5c:df:7a:6f:78:2a:1c:
                    ee:68:34:cb:6e:97:00:89:68:f2:a4:b5:fa:36:02:
                    68:76:e7:76:15:10:90:bc:a7:d4:61:74:39:1e:5b:
                    7c:37:e1:5c:4b:3c:4d:6b:d0:50:ff:01:ac:d1:50:
                    8f:91:89:8f:9d:d8:21:0e:cc:47:3e:79:38:15:9b:
                    d3:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                BB:45:93:9E:BD:CB:F7:44:E8:6A:71:2A:90:E4:2F:C3:9D:24:E7:16
            X509v3 Authority Key Identifier: 
                keyid:42:0F:0F:5B:BF:B7:D3:4D:44:D5:34:47:3B:37:D9:CC:80:B0:D4:ED

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/55cee09ac499332945551b37537a6b6c4d728403.cer

            Subject Information Access: 
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/a8501278-77ef-48dc-a207-e655d406a0a2/6494bbe5d05c2416815f706b82ddac068e309ef1.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/a8501278-77ef-48dc-a207-e655d406a0a2/55cee09ac499332945551b37537a6b6c4d728403.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.107.224.0/21
                IPv6:
                  2803:15a0::/32

    Signature Algorithm: sha256WithRSAEncryption
         16:15:25:c5:f1:f2:53:99:fd:79:b6:60:63:b7:b8:0c:bf:f3:
         a6:63:26:64:94:1b:d5:fb:10:41:02:4d:93:f2:70:e3:19:7e:
         18:0f:01:41:7f:84:93:64:3b:d2:b0:6d:90:03:c3:50:d0:7a:
         58:df:72:0e:10:07:e6:98:4e:a3:85:80:b6:f5:72:55:66:f7:
         8e:70:cd:2f:24:d2:42:ec:03:ec:63:f2:b7:cb:85:de:09:2f:
         58:a3:84:18:6e:aa:84:ba:65:7e:04:4a:a6:02:aa:5f:7f:0d:
         b7:c3:67:82:c7:8b:9d:bf:58:c4:71:26:af:45:9a:1e:63:a2:
         e7:14:8a:b6:98:80:67:26:72:93:32:dd:7f:15:dd:f8:18:13:
         67:56:b4:57:2a:22:fd:ee:1f:f2:df:bf:ec:20:6b:0a:8f:44:
         07:9d:22:37:eb:e3:87:6c:3d:ad:ef:12:25:3f:96:13:73:a7:
         cf:4f:fe:47:9f:69:5e:e4:88:5c:4c:b7:5e:c2:94:21:87:df:
         4e:70:8e:b8:22:a1:57:1d:f3:d7:f0:9a:18:d1:0a:86:44:dc:
         29:49:7a:c6:32:a1:8b:e9:62:82:05:78:10:81:52:31:5c:74:
         7a:5e:c2:c6:c5:8a:87:9a:68:4c:17:1f:67:e6:4b:ce:a2:7e:
         49:10:11:2f
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgIDDIEkMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDU1
Y2VlMDlhYzQ5OTMzMjk0NTU1MWIzNzUzN2E2YjZjNGQ3Mjg0MDMwHhcNMjEwMzI0
MTQzMTI2WhcNMjYwMzI0MTQzMTI2WjAzMTEwLwYDVQQDEyg2NDk0YmJlNWQwNWMy
NDE2ODE1ZjcwNmI4MmRkYWMwNjhlMzA5ZWYxMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAqHtLchI6Jeb4JavT67X93O8jl6nFGf9DAhNuiVugX4h44k44
LXvSEMnpF0SKaFMKOAXL7BADbC9jDT0wW3eNitM1FuUuRYrLTflqEiBLiBCEE3no
k3CsijDbcGirkWGdql2CBw2hczF2+37lDmWQCjbyNYHbUu//Ednl3uW4o+9jDmFU
WXnXUCDcnKRL3IM9skcoHFa9GoxMDGcyrutfZKIaOstKPxPen23dxnBQiHWx2+lN
1FhrPykVQlzfem94KhzuaDTLbpcAiWjypLX6NgJodud2FRCQvKfUYXQ5Hlt8N+Fc
SzxNa9BQ/wGs0VCPkYmPndghDsxHPnk4FZvTpQIDAQABo4ICajCCAmYwHQYDVR0O
BBYEFLtFk569y/dE6GpxKpDkL8OdJOcWMB8GA1UdIwQYMBaAFEIPD1u/t9NNRNU0
Rzs32cyAsNTtMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvNTVjZWUw
OWFjNDk5MzMyOTQ1NTUxYjM3NTM3YTZiNmM0ZDcyODQwMy5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvYTg1MDEyNzgtNzdlZi00OGRjLWEyMDctZTY1NWQ0
MDZhMGEyLzY0OTRiYmU1ZDA1YzI0MTY4MTVmNzA2YjgyZGRhYzA2OGUzMDllZjEu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9hODUwMTI3OC03N2VmLTQ4ZGMtYTIwNy1lNjU1
ZDQwNmEwYTIvNTVjZWUwOWFjNDk5MzMyOTQ1NTUxYjM3NTM3YTZiNmM0ZDcyODQw
My5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQf
MB0wDAQCAAEwBgMEA8hr4DANBAIAAjAHAwUAKAMVoDANBgkqhkiG9w0BAQsFAAOC
AQEAFhUlxfHyU5n9ebZgY7e4DL/zpmMmZJQb1fsQQQJNk/Jw4xl+GA8BQX+Ek2Q7
0rBtkAPDUNB6WN9yDhAH5phOo4WAtvVyVWb3jnDNLyTSQuwD7GPyt8uF3gkvWKOE
GG6qhLplfgRKpgKqX38Nt8NngseLnb9YxHEmr0WaHmOi5xSKtpiAZyZykzLdfxXd
+BgTZ1a0Vyoi/e4f8t+/7CBrCo9EB50iN+vjh2w9re8SJT+WE3Onz0/+R59pXuSI
XEy3XsKUIYffTnCOuCKhVx3z1/CaGNEKhkTcKUl6xjKhi+liggV4EIFSMVx0el7C
xsWKh5poTBcfZ+ZLzqJ+SRARLw==
-----END CERTIFICATE-----
Generated at Wed Mar 15 11:35:04 2023 by rpki-client on console-ams.rpki-client.org