Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/ced8f61f-e9d4-44c4-9fa0-ac4118ea9cf3/714f530e921abc8260ea3665b154e2c5d3b31ee0.roa
File:                     714f530e921abc8260ea3665b154e2c5d3b31ee0.roa (raw, json)
Hash identifier:          uxctb81WK91+gIHXH3aTSa0VlerGmrynGpwcHktRH0Y=
Subject key identifier:   27:5B:4A:AF:60:F0:EA:33:9E:37:BD:FD:C7:48:23:C3:0C:C0:D1:7A
Certificate issuer:       /CN=61835addae4b3a602d2cd00d8c007833d3381087
Certificate serial:       0D6D22
Authority key identifier: D7:75:8D:59:4C:9E:CC:70:46:F4:58:CF:FA:66:A1:20:02:B6:A0:5E
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/61835addae4b3a602d2cd00d8c007833d3381087.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/ced8f61f-e9d4-44c4-9fa0-ac4118ea9cf3/714f530e921abc8260ea3665b154e2c5d3b31ee0.roa
Signing time:             Wed 24 Mar 2021 14:41:11 +0000
ROA not before:           Wed 24 Mar 2021 14:41:11 +0000
ROA not after:            Tue 24 Mar 2026 14:41:11 +0000
asID:                     262157
IP address blocks:        200.14.83.0/24 maxlen: 24
                          2801:0:420::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/ced8f61f-e9d4-44c4-9fa0-ac4118ea9cf3/61835addae4b3a602d2cd00d8c007833d3381087.crl
                          rsync://repository.lacnic.net/rpki/lacnic/ced8f61f-e9d4-44c4-9fa0-ac4118ea9cf3/61835addae4b3a602d2cd00d8c007833d3381087.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/61835addae4b3a602d2cd00d8c007833d3381087.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Wed 06 Mar 2024 06:24:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 879906 (0xd6d22)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=61835addae4b3a602d2cd00d8c007833d3381087
        Validity
            Not Before: Mar 24 14:41:11 2021 GMT
            Not After : Mar 24 14:41:11 2026 GMT
        Subject: CN=714f530e921abc8260ea3665b154e2c5d3b31ee0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:24:4b:e1:34:75:fc:35:f7:f1:92:b0:72:18:
                    c0:25:2e:1e:ad:0e:d6:23:83:19:4d:76:4d:d9:e4:
                    d1:40:d8:58:b5:ab:90:7f:96:33:3b:24:57:fc:73:
                    b8:71:7e:7e:33:f2:8a:ca:c4:70:4c:f7:78:54:c1:
                    7d:06:0e:4e:ca:1e:7e:2f:df:3b:7d:dc:10:fa:e9:
                    aa:9b:de:2a:80:f3:b1:d8:4b:08:ed:9f:c0:97:45:
                    f6:98:95:a4:ee:64:f8:6f:8d:7d:b5:e0:23:17:92:
                    6d:08:5d:9c:7b:9e:69:56:51:07:38:93:25:a4:b8:
                    9a:6c:05:6b:5b:db:5d:9e:aa:5e:2e:bc:30:91:82:
                    4d:6f:04:63:19:54:c6:af:df:df:08:c3:01:66:b5:
                    d0:e5:8c:32:43:4b:d0:c6:e3:60:8a:f3:f3:a0:20:
                    d7:11:29:ad:8c:36:ba:0d:67:03:b4:80:82:0e:41:
                    4f:9f:db:1b:fb:fb:0c:b4:ba:e1:52:1e:7d:90:19:
                    eb:42:2b:02:ec:a9:f4:b3:c8:e3:55:63:ae:83:c1:
                    23:d6:8e:ef:30:02:f8:34:8b:bb:c6:5c:a7:f2:1a:
                    99:71:b0:dc:e4:ed:d0:73:3a:9e:8c:32:4e:21:b2:
                    f8:5d:af:2f:02:c0:d2:8a:f9:9b:b4:39:9e:c6:98:
                    0a:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                27:5B:4A:AF:60:F0:EA:33:9E:37:BD:FD:C7:48:23:C3:0C:C0:D1:7A
            X509v3 Authority Key Identifier:
                keyid:D7:75:8D:59:4C:9E:CC:70:46:F4:58:CF:FA:66:A1:20:02:B6:A0:5E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/61835addae4b3a602d2cd00d8c007833d3381087.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/ced8f61f-e9d4-44c4-9fa0-ac4118ea9cf3/714f530e921abc8260ea3665b154e2c5d3b31ee0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/ced8f61f-e9d4-44c4-9fa0-ac4118ea9cf3/61835addae4b3a602d2cd00d8c007833d3381087.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.14.83.0/24
                IPv6:
                  2801:0:420::/48

    Signature Algorithm: sha256WithRSAEncryption
         28:7a:25:b4:ec:f7:56:a0:88:bc:63:97:4a:c0:f5:8b:2c:96:
         60:60:70:be:ee:e5:64:bf:04:37:8d:de:3e:1e:3a:a1:ee:5d:
         25:41:88:e7:ff:f5:3a:cc:db:63:45:60:29:41:d6:35:50:70:
         52:5d:b2:c8:f8:1a:3a:78:ae:a6:94:19:f9:c2:77:f5:93:c7:
         1c:ae:de:e1:eb:39:1d:f1:bb:75:96:b4:bd:3a:31:a8:22:65:
         c0:86:2b:73:77:e2:b9:ae:c2:cc:8f:e5:80:36:ca:a7:53:18:
         ef:c5:d0:bc:37:25:4d:b6:9b:68:de:cc:ee:e0:8e:2f:0f:eb:
         eb:1b:8d:16:4b:4c:9d:d1:46:72:e2:32:66:31:dd:1d:2a:17:
         4e:96:02:50:8f:b3:43:c5:3e:21:0f:69:95:3e:30:26:0b:0a:
         97:8c:fa:cd:0e:6e:9f:9c:36:2e:2b:d2:21:b7:68:db:19:69:
         c9:7c:0d:c2:44:ae:43:6c:37:38:1c:15:cd:30:cc:af:0c:75:
         02:66:30:df:57:31:97:83:f6:71:b1:a7:93:ab:a7:9d:fa:ba:
         21:13:fb:2b:1e:88:55:38:dc:f9:71:c1:20:92:85:d8:01:1a:
         61:e0:aa:a1:87:48:11:01:0b:79:5c:1e:aa:b9:ed:7c:10:3a:
         18:98:e4:ed
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgIDDW0iMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDYx
ODM1YWRkYWU0YjNhNjAyZDJjZDAwZDhjMDA3ODMzZDMzODEwODcwHhcNMjEwMzI0
MTQ0MTExWhcNMjYwMzI0MTQ0MTExWjAzMTEwLwYDVQQDEyg3MTRmNTMwZTkyMWFi
YzgyNjBlYTM2NjViMTU0ZTJjNWQzYjMxZWUwMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA1SRL4TR1/DX38ZKwchjAJS4erQ7WI4MZTXZN2eTRQNhYtauQ
f5YzOyRX/HO4cX5+M/KKysRwTPd4VMF9Bg5Oyh5+L987fdwQ+umqm94qgPOx2EsI
7Z/Al0X2mJWk7mT4b419teAjF5JtCF2ce55pVlEHOJMlpLiabAVrW9tdnqpeLrww
kYJNbwRjGVTGr9/fCMMBZrXQ5YwyQ0vQxuNgivPzoCDXESmtjDa6DWcDtICCDkFP
n9sb+/sMtLrhUh59kBnrQisC7Kn0s8jjVWOug8Ej1o7vMAL4NIu7xlyn8hqZcbDc
5O3QczqejDJOIbL4Xa8vAsDSivmbtDmexpgK8QIDAQABo4ICbDCCAmgwHQYDVR0O
BBYEFCdbSq9g8Ooznje9/cdII8MMwNF6MB8GA1UdIwQYMBaAFNd1jVlMnsxwRvRY
z/pmoSACtqBeMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvNjE4MzVh
ZGRhZTRiM2E2MDJkMmNkMDBkOGMwMDc4MzNkMzM4MTA4Ny5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvY2VkOGY2MWYtZTlkNC00NGM0LTlmYTAtYWM0MTE4
ZWE5Y2YzLzcxNGY1MzBlOTIxYWJjODI2MGVhMzY2NWIxNTRlMmM1ZDNiMzFlZTAu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9jZWQ4ZjYxZi1lOWQ0LTQ0YzQtOWZhMC1hYzQx
MThlYTljZjMvNjE4MzVhZGRhZTRiM2E2MDJkMmNkMDBkOGMwMDc4MzNkMzM4MTA4
Ny5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAwBggrBgEFBQcBBwEB/wQh
MB8wDAQCAAEwBgMEAMgOUzAPBAIAAjAJAwcAKAEAAAQgMA0GCSqGSIb3DQEBCwUA
A4IBAQAoeiW07PdWoIi8Y5dKwPWLLJZgYHC+7uVkvwQ3jd4+Hjqh7l0lQYjn//U6
zNtjRWApQdY1UHBSXbLI+Bo6eK6mlBn5wnf1k8ccrt7h6zkd8bt1lrS9OjGoImXA
hitzd+K5rsLMj+WANsqnUxjvxdC8NyVNtpto3szu4I4vD+vrG40WS0yd0UZy4jJm
Md0dKhdOlgJQj7NDxT4hD2mVPjAmCwqXjPrNDm6fnDYuK9Iht2jbGWnJfA3CRK5D
bDc4HBXNMMyvDHUCZjDfVzGXg/ZxsaeTq6ed+rohE/srHohVONz5ccEgkoXYARph
4Kqhh0gRAQt5XB6que18EDoYmOTt
-----END CERTIFICATE-----
Generated at Sun Mar 3 09:56:57 2024 by rpki-client on console-ams.rpki-client.org