Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/b172d44f-869f-48e6-bf88-6338470dc22e/661ea0f8439553e0e0be2d3cafc3915b2196e624.roa
File:                     661ea0f8439553e0e0be2d3cafc3915b2196e624.roa (raw, json)
Hash identifier:          ylhchJEuqgGfWEpvgEbyDKV94YylRTu6DLHYrU9L82I=
Subject key identifier:   50:74:61:E8:6E:15:97:A2:DE:42:6C:02:E4:F4:3A:CA:47:14:1A:70
Certificate issuer:       /CN=44c0c42f2a746ed7ed4e4598104fe194814c0771
Certificate serial:       0C1721
Authority key identifier: 3A:79:35:E7:19:90:82:85:A6:E3:77:90:02:EB:0D:E1:81:C4:DC:80
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/44c0c42f2a746ed7ed4e4598104fe194814c0771.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/b172d44f-869f-48e6-bf88-6338470dc22e/661ea0f8439553e0e0be2d3cafc3915b2196e624.roa
Signing time:             Tue 15 Aug 2023 21:11:56 +0000
ROA not before:           Mon 14 Aug 2023 21:11:56 +0000
ROA not after:            Fri 15 Aug 2025 21:11:56 +0000
asID:                     270027
IP address blocks:        200.233.40.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/b172d44f-869f-48e6-bf88-6338470dc22e/44c0c42f2a746ed7ed4e4598104fe194814c0771.crl
                          rsync://repository.lacnic.net/rpki/lacnic/b172d44f-869f-48e6-bf88-6338470dc22e/44c0c42f2a746ed7ed4e4598104fe194814c0771.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/44c0c42f2a746ed7ed4e4598104fe194814c0771.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 26 Feb 2024 16:36:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 792353 (0xc1721)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=44c0c42f2a746ed7ed4e4598104fe194814c0771
        Validity
            Not Before: Aug 14 21:11:56 2023 GMT
            Not After : Aug 15 21:11:56 2025 GMT
        Subject: CN=661ea0f8439553e0e0be2d3cafc3915b2196e624
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:96:39:88:fa:7a:fb:9b:96:d2:65:6e:78:a8:
                    98:e5:b2:60:ef:a2:7d:96:4a:79:53:5a:98:f8:e8:
                    27:0b:82:8a:08:54:b7:f9:ca:9e:4f:fe:1e:86:bb:
                    ad:04:33:ba:67:6b:89:96:18:9a:3f:45:85:c9:19:
                    2f:9b:fa:ed:8d:86:45:95:95:fc:f6:a5:1b:97:f7:
                    c2:b2:cb:b6:c0:a7:c0:c2:c8:93:a7:e5:85:43:3f:
                    f2:27:42:b2:9e:bf:1d:3d:ae:fc:de:0a:17:c2:3d:
                    34:d6:76:79:68:4c:1c:ce:3d:32:9b:25:04:8a:d3:
                    7d:42:06:74:b8:01:8b:bd:d1:31:f9:7d:80:19:d1:
                    13:45:e3:d8:a5:6c:2e:f9:08:82:de:1f:6e:6d:96:
                    08:24:36:0e:a2:f6:4f:a7:a1:cc:72:04:67:6e:0d:
                    0c:3f:4d:11:6c:7e:73:63:88:d8:59:45:75:ca:ff:
                    f5:5c:f5:3d:66:d1:5f:52:c9:8e:2d:39:8e:b0:00:
                    26:aa:8a:b4:ea:42:f0:20:90:b6:d7:58:02:19:f4:
                    2e:70:c6:33:ad:ba:39:f7:b1:26:bb:e2:34:75:9e:
                    2d:5a:98:29:d0:32:b0:95:2c:78:62:e1:b3:1a:65:
                    5b:50:c2:72:d6:ff:58:20:3e:f5:95:54:7e:f0:66:
                    fb:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                50:74:61:E8:6E:15:97:A2:DE:42:6C:02:E4:F4:3A:CA:47:14:1A:70
            X509v3 Authority Key Identifier:
                keyid:3A:79:35:E7:19:90:82:85:A6:E3:77:90:02:EB:0D:E1:81:C4:DC:80

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/44c0c42f2a746ed7ed4e4598104fe194814c0771.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/b172d44f-869f-48e6-bf88-6338470dc22e/661ea0f8439553e0e0be2d3cafc3915b2196e624.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/b172d44f-869f-48e6-bf88-6338470dc22e/44c0c42f2a746ed7ed4e4598104fe194814c0771.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.233.40.0/22

    Signature Algorithm: sha256WithRSAEncryption
         5a:23:eb:6e:7c:3a:b8:27:8c:25:85:6b:01:d1:d8:8f:41:41:
         9f:51:d4:03:9a:73:fe:b4:02:d0:e5:15:db:3e:1a:9d:ef:01:
         b2:f8:2f:62:ab:fb:8c:df:22:ba:e9:30:62:5c:0a:03:db:bd:
         6a:db:5a:78:05:c8:bc:d3:8a:df:92:75:5f:19:02:9a:51:13:
         53:a2:3c:ff:eb:ba:10:0d:23:68:66:9b:7b:a2:ce:dc:65:87:
         3d:85:b2:1e:42:f2:25:1c:06:b0:f9:5c:6d:54:35:4e:1d:64:
         23:07:79:53:38:7a:5b:b3:4c:02:90:42:72:32:93:64:b9:61:
         b7:f9:cb:fc:73:07:42:59:e9:5f:4d:58:12:71:de:c5:db:5b:
         7f:d4:05:dd:ec:92:d7:ae:b3:4e:cd:7c:d2:a1:5d:70:f9:24:
         d4:37:96:b1:68:76:37:44:4b:7e:ac:a8:a4:54:2e:4a:87:f2:
         54:3e:8c:d5:76:ac:11:47:71:d6:8a:77:16:74:6b:cb:40:a8:
         28:79:88:db:1e:fc:28:b9:4c:3b:fa:21:a7:db:08:ee:a2:44:
         fe:8c:1f:84:3b:45:4d:6f:08:55:e3:39:4f:e2:78:d5:f6:fa:
         e9:a2:58:42:73:73:c8:f1:8e:9d:ae:e8:b0:80:29:98:6b:c1:
         9e:7e:78:04
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDDBchMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDQ0
YzBjNDJmMmE3NDZlZDdlZDRlNDU5ODEwNGZlMTk0ODE0YzA3NzEwHhcNMjMwODE0
MjExMTU2WhcNMjUwODE1MjExMTU2WjAzMTEwLwYDVQQDEyg2NjFlYTBmODQzOTU1
M2UwZTBiZTJkM2NhZmMzOTE1YjIxOTZlNjI0MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAuZY5iPp6+5uW0mVueKiY5bJg76J9lkp5U1qY+OgnC4KKCFS3
+cqeT/4ehrutBDO6Z2uJlhiaP0WFyRkvm/rtjYZFlZX89qUbl/fCssu2wKfAwsiT
p+WFQz/yJ0Kynr8dPa783goXwj001nZ5aEwczj0ymyUEitN9QgZ0uAGLvdEx+X2A
GdETRePYpWwu+QiC3h9ubZYIJDYOovZPp6HMcgRnbg0MP00RbH5zY4jYWUV1yv/1
XPU9ZtFfUsmOLTmOsAAmqoq06kLwIJC211gCGfQucMYzrbo597Emu+I0dZ4tWpgp
0DKwlSx4YuGzGmVbUMJy1v9YID71lVR+8Gb77QIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFFB0YehuFZei3kJsAuT0OspHFBpwMB8GA1UdIwQYMBaAFDp5NecZkIKFpuN3
kALrDeGBxNyAMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvNDRjMGM0
MmYyYTc0NmVkN2VkNGU0NTk4MTA0ZmUxOTQ4MTRjMDc3MS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvYjE3MmQ0NGYtODY5Zi00OGU2LWJmODgtNjMzODQ3
MGRjMjJlLzY2MWVhMGY4NDM5NTUzZTBlMGJlMmQzY2FmYzM5MTViMjE5NmU2MjQu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9iMTcyZDQ0Zi04NjlmLTQ4ZTYtYmY4OC02MzM4
NDcwZGMyMmUvNDRjMGM0MmYyYTc0NmVkN2VkNGU0NTk4MTA0ZmUxOTQ4MTRjMDc3
MS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAsjpKDANBgkqhkiG9w0BAQsFAAOCAQEAWiPrbnw6uCeMJYVr
AdHYj0FBn1HUA5pz/rQC0OUV2z4ane8BsvgvYqv7jN8iuukwYlwKA9u9attaeAXI
vNOK35J1XxkCmlETU6I8/+u6EA0jaGabe6LO3GWHPYWyHkLyJRwGsPlcbVQ1Th1k
Iwd5Uzh6W7NMApBCcjKTZLlht/nL/HMHQlnpX01YEnHexdtbf9QF3eyS166zTs18
0qFdcPkk1DeWsWh2N0RLfqyopFQuSofyVD6M1XasEUdx1op3FnRry0CoKHmI2x78
KLlMO/ohp9sI7qJE/owfhDtFTW8IVeM5T+J41fb66aJYQnNzyPGOna7osIApmGvB
nn54BA==
-----END CERTIFICATE-----
Generated at Sat Feb 24 01:42:10 2024 by rpki-client on console-fra.rpki-client.org