Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/b006c5f3-a0c4-4b89-91f7-ea646bad577f/c0881651a9ef07cbffd3d0fd544770f674e28187.roa
File:                     c0881651a9ef07cbffd3d0fd544770f674e28187.roa (raw, json)
Hash identifier:          pzrx2fzm+lc3y/KIZfWYKNDOdLXU5JJ/fig8upv2EhA=
Subject key identifier:   6C:A2:3B:DD:47:60:C9:FD:92:F7:A7:60:D2:6A:2A:0B:63:9A:8E:BD
Certificate issuer:       /CN=3a61a7a9840080a44173f942095ac78ead239107
Certificate serial:       147481
Authority key identifier: 33:72:18:D6:D3:FD:14:5E:F1:AF:03:0A:D8:7B:62:9B:2B:B2:02:7C
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/3a61a7a9840080a44173f942095ac78ead239107.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/b006c5f3-a0c4-4b89-91f7-ea646bad577f/c0881651a9ef07cbffd3d0fd544770f674e28187.roa
Signing time:             Fri 11 Aug 2023 03:22:16 +0000
ROA not before:           Thu 10 Aug 2023 03:22:16 +0000
ROA not after:            Mon 11 Aug 2025 03:22:16 +0000
asID:                     64120
IP address blocks:        200.49.240.0/22 maxlen: 29
                          2803:8a10::/32 maxlen: 48

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/b006c5f3-a0c4-4b89-91f7-ea646bad577f/3a61a7a9840080a44173f942095ac78ead239107.crl
                          rsync://repository.lacnic.net/rpki/lacnic/b006c5f3-a0c4-4b89-91f7-ea646bad577f/3a61a7a9840080a44173f942095ac78ead239107.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/3a61a7a9840080a44173f942095ac78ead239107.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 03 Mar 2024 21:34:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1340545 (0x147481)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3a61a7a9840080a44173f942095ac78ead239107
        Validity
            Not Before: Aug 10 03:22:16 2023 GMT
            Not After : Aug 11 03:22:16 2025 GMT
        Subject: CN=c0881651a9ef07cbffd3d0fd544770f674e28187
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:80:2c:2b:b4:b7:60:5c:31:4a:9d:2b:c5:92:a9:
                    b1:c8:a8:2e:d3:d0:44:38:04:f2:62:b1:62:fc:cf:
                    69:7d:28:a3:90:d6:40:98:41:17:1e:9c:68:fd:9a:
                    e9:9c:7e:c9:56:59:eb:a1:5f:17:f2:38:03:53:44:
                    eb:4b:6a:ed:8a:9a:1a:cd:66:2b:10:f6:5f:de:29:
                    29:79:f6:73:bc:b1:7e:83:f1:b7:d2:8c:e8:40:6a:
                    c7:21:61:fa:a7:35:7f:de:83:ae:1a:ea:60:51:91:
                    3e:cf:d3:1d:f0:09:3c:44:e8:d0:95:fe:66:8a:a2:
                    8e:be:99:b9:6d:47:81:e6:9e:e7:c5:8d:07:e4:78:
                    40:68:06:c1:f9:c1:ed:7e:f5:e9:d0:06:45:78:f0:
                    34:e7:2a:57:47:e8:61:76:b3:72:89:c8:01:c1:26:
                    99:dc:69:3d:1c:37:30:41:46:6c:52:cf:3a:02:bb:
                    86:61:8d:a8:7c:6f:46:44:d9:c2:b2:8d:93:90:da:
                    9a:c7:a8:51:8a:55:d6:3b:f3:d0:e7:bb:de:51:28:
                    01:c6:8f:b3:58:fd:b9:2c:a5:c7:0c:d8:4f:c9:47:
                    c0:c4:33:22:30:1c:ce:fd:b2:50:dd:5e:6f:d2:f0:
                    d3:5b:1f:d7:4a:b4:51:86:94:6f:80:8c:51:ed:dd:
                    84:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6C:A2:3B:DD:47:60:C9:FD:92:F7:A7:60:D2:6A:2A:0B:63:9A:8E:BD
            X509v3 Authority Key Identifier:
                keyid:33:72:18:D6:D3:FD:14:5E:F1:AF:03:0A:D8:7B:62:9B:2B:B2:02:7C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/3a61a7a9840080a44173f942095ac78ead239107.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/b006c5f3-a0c4-4b89-91f7-ea646bad577f/c0881651a9ef07cbffd3d0fd544770f674e28187.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/b006c5f3-a0c4-4b89-91f7-ea646bad577f/3a61a7a9840080a44173f942095ac78ead239107.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.49.240.0/22
                IPv6:
                  2803:8a10::/32

    Signature Algorithm: sha256WithRSAEncryption
         32:93:15:00:39:f2:3e:77:f1:f2:32:27:da:21:a4:83:69:10:
         19:ae:ae:4e:f1:4d:7f:95:5e:89:3e:23:a5:f6:dc:8f:d9:53:
         ff:9c:9d:f3:60:91:21:99:e9:e3:83:a5:63:b2:05:f5:e0:b1:
         33:82:b3:7b:bc:44:4c:1e:b9:21:78:23:84:ea:27:3a:52:df:
         42:40:63:3b:01:0f:cb:43:a6:ef:4b:54:e3:e7:be:1b:17:08:
         6c:ea:a9:fa:14:3e:a6:43:de:3e:35:b5:a0:8f:9d:e5:c3:04:
         3c:f1:d8:b2:69:59:5a:63:4c:d3:be:8c:b5:0d:af:02:66:2e:
         7e:91:55:fb:e8:86:15:77:e6:00:2d:01:5b:47:44:44:53:69:
         c2:a7:30:c8:7c:f3:8d:59:64:6a:d8:b7:29:71:00:48:38:6c:
         9a:fc:d6:86:28:37:25:29:bd:5f:b8:f0:45:2b:dc:56:ba:c6:
         84:5e:2f:54:97:ba:57:a0:ed:4b:dc:fd:9d:c0:8f:1f:2b:64:
         ed:a4:ea:a5:a6:40:29:c4:d1:5e:89:80:8f:81:7d:40:0a:84:
         77:d6:35:66:29:89:6a:69:d8:02:7b:42:c3:3c:3d:a1:65:ca:
         86:81:98:6d:b3:5f:40:9a:2a:b3:92:99:9d:bd:56:29:17:82:
         6c:37:7f:35
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgIDFHSBMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDNh
NjFhN2E5ODQwMDgwYTQ0MTczZjk0MjA5NWFjNzhlYWQyMzkxMDcwHhcNMjMwODEw
MDMyMjE2WhcNMjUwODExMDMyMjE2WjAzMTEwLwYDVQQDEyhjMDg4MTY1MWE5ZWYw
N2NiZmZkM2QwZmQ1NDQ3NzBmNjc0ZTI4MTg3MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAgCwrtLdgXDFKnSvFkqmxyKgu09BEOATyYrFi/M9pfSijkNZA
mEEXHpxo/ZrpnH7JVlnroV8X8jgDU0TrS2rtipoazWYrEPZf3ikpefZzvLF+g/G3
0ozoQGrHIWH6pzV/3oOuGupgUZE+z9Md8Ak8ROjQlf5miqKOvpm5bUeB5p7nxY0H
5HhAaAbB+cHtfvXp0AZFePA05ypXR+hhdrNyicgBwSaZ3Gk9HDcwQUZsUs86AruG
YY2ofG9GRNnCso2TkNqax6hRilXWO/PQ57veUSgBxo+zWP25LKXHDNhPyUfAxDMi
MBzO/bJQ3V5v0vDTWx/XSrRRhpRvgIxR7d2EywIDAQABo4ICajCCAmYwHQYDVR0O
BBYEFGyiO91HYMn9kvenYNJqKgtjmo69MB8GA1UdIwQYMBaAFDNyGNbT/RRe8a8D
Cth7YpsrsgJ8MA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvM2E2MWE3
YTk4NDAwODBhNDQxNzNmOTQyMDk1YWM3OGVhZDIzOTEwNy5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvYjAwNmM1ZjMtYTBjNC00Yjg5LTkxZjctZWE2NDZi
YWQ1NzdmL2MwODgxNjUxYTllZjA3Y2JmZmQzZDBmZDU0NDc3MGY2NzRlMjgxODcu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9iMDA2YzVmMy1hMGM0LTRiODktOTFmNy1lYTY0
NmJhZDU3N2YvM2E2MWE3YTk4NDAwODBhNDQxNzNmOTQyMDk1YWM3OGVhZDIzOTEw
Ny5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQf
MB0wDAQCAAEwBgMEAsgx8DANBAIAAjAHAwUAKAOKEDANBgkqhkiG9w0BAQsFAAOC
AQEAMpMVADnyPnfx8jIn2iGkg2kQGa6uTvFNf5VeiT4jpfbcj9lT/5yd82CRIZnp
44OlY7IF9eCxM4Kze7xETB65IXgjhOonOlLfQkBjOwEPy0Om70tU4+e+GxcIbOqp
+hQ+pkPePjW1oI+d5cMEPPHYsmlZWmNM076MtQ2vAmYufpFV++iGFXfmAC0BW0dE
RFNpwqcwyHzzjVlkati3KXEASDhsmvzWhig3JSm9X7jwRSvcVrrGhF4vVJe6V6Dt
S9z9ncCPHytk7aTqpaZAKcTRXomAj4F9QAqEd9Y1ZimJamnYAntCwzw9oWXKhoGY
bbNfQJoqs5KZnb1WKReCbDd/NQ==
-----END CERTIFICATE-----
Generated at Fri Mar 1 00:30:52 2024 by rpki-client on console-fra.rpki-client.org