Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/ae709f3d-b4b4-47b8-89d9-57c4454f02ab/2a34d8c84a0bba368d1b250af1b64b9d96f75827.roa
File:                     2a34d8c84a0bba368d1b250af1b64b9d96f75827.roa (raw, json)
Hash identifier:          EpbY1Uj834nXJMaNeTKUSBzs4EdrmSBifhDa6YK5yqg=
Subject key identifier:   07:35:F9:A6:F7:14:ED:DA:19:AE:42:8D:35:B7:E4:6C:87:B1:CD:ED
Certificate issuer:       /CN=933af235d3ec03eec46207e7f02d5cecdabbf546
Certificate serial:       023F
Authority key identifier: B5:0E:2F:0B:7F:F1:C8:9E:08:55:D6:C8:42:B8:F8:BF:C2:33:FE:1E
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/933af235d3ec03eec46207e7f02d5cecdabbf546.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/ae709f3d-b4b4-47b8-89d9-57c4454f02ab/2a34d8c84a0bba368d1b250af1b64b9d96f75827.roa
Signing time:             Wed 01 Sep 2021 13:23:53 +0000
ROA not before:           Wed 01 Sep 2021 03:00:00 +0000
ROA not after:            Thu 01 Sep 2033 03:00:00 +0000
asID:                     52296
IP address blocks:        200.13.44.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/ae709f3d-b4b4-47b8-89d9-57c4454f02ab/933af235d3ec03eec46207e7f02d5cecdabbf546.crl
                          rsync://repository.lacnic.net/rpki/lacnic/ae709f3d-b4b4-47b8-89d9-57c4454f02ab/933af235d3ec03eec46207e7f02d5cecdabbf546.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/933af235d3ec03eec46207e7f02d5cecdabbf546.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 30 Mar 2024 16:20:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 575 (0x23f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=933af235d3ec03eec46207e7f02d5cecdabbf546
        Validity
            Not Before: Sep  1 03:00:00 2021 GMT
            Not After : Sep  1 03:00:00 2033 GMT
        Subject: CN=2a34d8c84a0bba368d1b250af1b64b9d96f75827
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:63:d6:de:6a:87:c5:0e:bd:b3:a8:3b:db:cb:
                    f2:ea:87:64:3e:2b:49:96:9e:ed:e4:07:c3:59:eb:
                    66:f8:aa:fb:ea:7c:1b:17:97:1b:42:e9:b2:dc:af:
                    c4:04:81:97:53:b7:52:b4:58:b8:89:65:77:6d:77:
                    3f:36:47:50:08:d8:b8:80:c3:fc:f1:c2:0e:2b:eb:
                    c2:f6:d8:6c:05:11:40:30:d2:99:78:04:52:e2:d7:
                    fb:26:9a:db:63:72:8b:9c:03:a6:4f:15:e4:d5:26:
                    ed:b7:ab:4e:07:dd:6d:70:47:ed:99:8f:64:14:53:
                    51:1a:5c:c3:42:72:55:14:ef:3c:40:d3:28:9f:96:
                    b8:15:bc:7c:00:f7:eb:74:c4:3c:5d:10:90:74:0b:
                    69:21:5a:8a:7a:58:19:b5:e8:6f:c6:e7:15:0c:ca:
                    47:32:02:51:9e:9e:8e:48:da:a5:c3:d5:ad:73:5a:
                    26:30:1a:c2:fc:22:61:68:9a:90:6e:8c:a0:2a:a3:
                    ed:da:df:9b:16:19:75:44:31:b2:33:07:86:0a:cd:
                    0f:fd:09:1a:71:dc:1e:70:ba:e6:19:2f:3e:35:63:
                    97:13:a6:43:2d:eb:71:e9:d0:f3:7d:e4:34:c4:01:
                    95:7a:16:ab:c6:0e:6b:d3:e4:88:67:5c:3a:45:b9:
                    60:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                07:35:F9:A6:F7:14:ED:DA:19:AE:42:8D:35:B7:E4:6C:87:B1:CD:ED
            X509v3 Authority Key Identifier:
                keyid:B5:0E:2F:0B:7F:F1:C8:9E:08:55:D6:C8:42:B8:F8:BF:C2:33:FE:1E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/933af235d3ec03eec46207e7f02d5cecdabbf546.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/ae709f3d-b4b4-47b8-89d9-57c4454f02ab/2a34d8c84a0bba368d1b250af1b64b9d96f75827.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/ae709f3d-b4b4-47b8-89d9-57c4454f02ab/933af235d3ec03eec46207e7f02d5cecdabbf546.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.13.44.0/22

    Signature Algorithm: sha256WithRSAEncryption
         19:48:1c:af:3b:b5:1c:6d:35:e9:15:82:62:fc:d1:b8:fa:24:
         c3:91:32:2f:14:80:cc:ea:17:fb:c6:48:43:85:30:6c:54:1a:
         fe:c8:49:7c:91:d1:b4:a7:e0:31:6e:5c:94:44:79:06:dd:f4:
         3a:17:ca:19:a4:7d:0c:60:dd:7e:a2:c6:f6:b2:ea:b7:f6:fc:
         92:02:24:1b:55:5c:4d:a4:9a:68:ff:1d:ce:1f:ca:a9:cc:9a:
         13:2d:98:31:60:1f:36:15:d3:a9:e4:4f:6b:83:09:33:0a:7b:
         9d:53:c4:0d:62:81:22:53:1e:27:a6:33:99:9a:86:d8:0d:d9:
         d0:4a:0e:03:87:41:f8:18:d8:52:da:b2:6d:c7:7e:c4:ec:18:
         6b:f1:b5:3b:46:26:27:23:76:e5:7d:aa:25:d5:3b:45:c1:ac:
         57:22:dd:73:73:d5:71:19:ec:d8:c5:c2:9f:99:d4:b2:ef:c6:
         eb:05:29:ad:3e:39:59:f9:61:64:fe:93:86:22:9e:31:65:a9:
         72:23:e2:75:67:6c:0f:fb:f3:d1:c1:29:0a:a3:be:3f:48:c7:
         93:13:28:d8:4a:64:d7:d9:35:84:9d:6e:ed:6c:7c:32:76:f0:
         ef:3b:f6:c9:44:56:77:04:0a:f4:5b:90:0b:6e:37:f5:ee:73:
         a6:a8:8c:12
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgICAj8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTMz
YWYyMzVkM2VjMDNlZWM0NjIwN2U3ZjAyZDVjZWNkYWJiZjU0NjAeFw0yMTA5MDEw
MzAwMDBaFw0zMzA5MDEwMzAwMDBaMDMxMTAvBgNVBAMTKDJhMzRkOGM4NGEwYmJh
MzY4ZDFiMjUwYWYxYjY0YjlkOTZmNzU4MjcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCmY9beaofFDr2zqDvby/Lqh2Q+K0mWnu3kB8NZ62b4qvvqfBsX
lxtC6bLcr8QEgZdTt1K0WLiJZXdtdz82R1AI2LiAw/zxwg4r68L22GwFEUAw0pl4
BFLi1/smmttjcoucA6ZPFeTVJu23q04H3W1wR+2Zj2QUU1EaXMNCclUU7zxA0yif
lrgVvHwA9+t0xDxdEJB0C2khWop6WBm16G/G5xUMykcyAlGeno5I2qXD1a1zWiYw
GsL8ImFompBujKAqo+3a35sWGXVEMbIzB4YKzQ/9CRpx3B5wuuYZLz41Y5cTpkMt
63Hp0PN95DTEAZV6FqvGDmvT5IhnXDpFuWDpAgMBAAGjggJbMIICVzAdBgNVHQ4E
FgQUBzX5pvcU7doZrkKNNbfkbIexze0wHwYDVR0jBBgwFoAUtQ4vC3/xyJ4IVdbI
Qrj4v8Iz/h4wDgYDVR0PAQH/BAQDAgeAMIGaBggrBgEFBQcBAQSBjTCBijCBhwYI
KwYBBQUHMAKGe3JzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jwa2kvbGFj
bmljLzQ4ZjA4M2JiLWY2MDMtNDg5My05OTkwLTAyODRjMDRjZWI4NS85MzNhZjIz
NWQzZWMwM2VlYzQ2MjA3ZTdmMDJkNWNlY2RhYmJmNTQ2LmNlcjCBmgYIKwYBBQUH
AQsEgY0wgYowgYcGCCsGAQUFBzALhntyc3luYzovL3JlcG9zaXRvcnkubGFjbmlj
Lm5ldC9ycGtpL2xhY25pYy9hZTcwOWYzZC1iNGI0LTQ3YjgtODlkOS01N2M0NDU0
ZjAyYWIvMmEzNGQ4Yzg0YTBiYmEzNjhkMWIyNTBhZjFiNjRiOWQ5NmY3NTgyNy5y
b2EwgY8GA1UdHwSBhzCBhDCBgaB/oH2Ge3JzeW5jOi8vcmVwb3NpdG9yeS5sYWNu
aWMubmV0L3Jwa2kvbGFjbmljL2FlNzA5ZjNkLWI0YjQtNDdiOC04OWQ5LTU3YzQ0
NTRmMDJhYi85MzNhZjIzNWQzZWMwM2VlYzQ2MjA3ZTdmMDJkNWNlY2RhYmJmNTQ2
LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAw
DjAMBAIAATAGAwQCyA0sMA0GCSqGSIb3DQEBCwUAA4IBAQAZSByvO7UcbTXpFYJi
/NG4+iTDkTIvFIDM6hf7xkhDhTBsVBr+yEl8kdG0p+AxblyURHkG3fQ6F8oZpH0M
YN1+osb2suq39vySAiQbVVxNpJpo/x3OH8qpzJoTLZgxYB82FdOp5E9rgwkzCnud
U8QNYoEiUx4npjOZmobYDdnQSg4Dh0H4GNhS2rJtx37E7Bhr8bU7RiYnI3blfaol
1TtFwaxXIt1zc9VxGezYxcKfmdSy78brBSmtPjlZ+WFk/pOGIp4xZalyI+J1Z2wP
+/PRwSkKo74/SMeTEyjYSmTX2TWEnW7tbHwydvDvO/bJRFZ3BAr0W5ALbjf17nOm
qIwS
-----END CERTIFICATE-----
Generated at Thu Mar 28 00:12:03 2024 by rpki-client on console-fra.rpki-client.org