Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/d6483cfb-7ab1-4508-bf6f-8953957d8887/ce1490a67575761f352af2558b14fe59a68b910d.roa
File:                     ce1490a67575761f352af2558b14fe59a68b910d.roa (raw, json)
Hash identifier:          +mxbp1t8rTuxV+4vygydbrP6X0K+GOVgESm/jO8jD7g=
Subject key identifier:   CC:00:AC:40:17:39:28:7E:25:28:BA:EC:5D:25:D4:82:CF:7A:5D:0A
Certificate issuer:       /CN=d096404f63772aa8165da1f7e01c34c4e378a916
Certificate serial:       0D40F8
Authority key identifier: AE:84:A6:DF:5E:30:C0:53:10:DA:CC:67:B6:EF:FE:41:4E:74:D2:95
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/d096404f63772aa8165da1f7e01c34c4e378a916.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/d6483cfb-7ab1-4508-bf6f-8953957d8887/ce1490a67575761f352af2558b14fe59a68b910d.roa
Signing time:             Wed 24 Mar 2021 14:38:03 +0000
ROA not before:           Wed 24 Mar 2021 14:38:03 +0000
ROA not after:            Tue 24 Mar 2026 14:38:03 +0000
asID:                     11960
IP address blocks:        200.13.144.0/21 maxlen: 21
                          2001:1358::/32 maxlen: 32

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/d6483cfb-7ab1-4508-bf6f-8953957d8887/d096404f63772aa8165da1f7e01c34c4e378a916.crl
                          rsync://repository.lacnic.net/rpki/lacnic/d6483cfb-7ab1-4508-bf6f-8953957d8887/d096404f63772aa8165da1f7e01c34c4e378a916.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/d096404f63772aa8165da1f7e01c34c4e378a916.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 01 Apr 2024 05:58:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 868600 (0xd40f8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d096404f63772aa8165da1f7e01c34c4e378a916
        Validity
            Not Before: Mar 24 14:38:03 2021 GMT
            Not After : Mar 24 14:38:03 2026 GMT
        Subject: CN=ce1490a67575761f352af2558b14fe59a68b910d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:e5:ef:e6:1b:b6:a1:9e:2f:92:a9:09:82:1a:
                    ac:31:2b:fd:89:fe:a2:16:05:24:cd:96:17:dd:76:
                    06:a9:95:cf:7a:f9:ed:3b:9b:c4:23:ff:6d:b0:d9:
                    6d:8d:b1:9f:44:89:d3:72:f7:69:5b:22:09:52:12:
                    fd:be:01:70:10:bd:05:04:89:25:93:02:39:ce:f5:
                    10:be:f3:dc:77:b7:3e:73:34:d5:9f:57:13:73:83:
                    5f:d1:ff:49:ab:69:a9:0b:b0:7a:71:57:82:51:29:
                    d5:25:80:6d:81:20:25:3a:7c:9e:9c:89:c0:23:e3:
                    58:c8:30:1b:41:13:a6:6b:36:e4:0c:6c:f1:ad:f0:
                    41:f1:fd:86:e4:2d:4b:cd:22:82:03:4e:78:c8:d5:
                    e3:31:45:ed:da:a5:b6:55:31:72:c4:2e:92:0a:ab:
                    19:5c:da:62:9f:46:a8:14:65:d3:d6:bb:14:07:e1:
                    d8:ac:81:88:cb:ce:78:1a:9a:f5:a7:7c:7d:02:92:
                    fd:ad:b6:db:ac:7a:57:8b:90:96:e0:25:85:b7:4f:
                    8e:c4:ac:a0:c7:53:a0:c0:0f:6a:a1:44:61:cc:cb:
                    11:16:dc:27:58:08:cd:3c:f4:14:4a:d2:30:3b:d7:
                    85:c2:8b:f7:4a:5d:44:eb:88:57:bd:6d:5f:1f:ff:
                    a1:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CC:00:AC:40:17:39:28:7E:25:28:BA:EC:5D:25:D4:82:CF:7A:5D:0A
            X509v3 Authority Key Identifier:
                keyid:AE:84:A6:DF:5E:30:C0:53:10:DA:CC:67:B6:EF:FE:41:4E:74:D2:95

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/d096404f63772aa8165da1f7e01c34c4e378a916.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/d6483cfb-7ab1-4508-bf6f-8953957d8887/ce1490a67575761f352af2558b14fe59a68b910d.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/d6483cfb-7ab1-4508-bf6f-8953957d8887/d096404f63772aa8165da1f7e01c34c4e378a916.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.13.144.0/21
                IPv6:
                  2001:1358::/32

    Signature Algorithm: sha256WithRSAEncryption
         43:40:32:4a:af:4a:2c:ad:15:95:2e:15:bb:1d:d9:31:fd:97:
         ed:cd:dd:69:5c:72:b3:fe:63:b6:f9:c4:14:a6:ff:b5:62:14:
         cb:c5:32:ad:b4:49:74:0c:57:9b:14:6c:16:12:e0:fd:69:34:
         bd:33:ae:e8:ab:01:d6:60:9c:0d:be:03:88:f2:38:35:3a:9d:
         23:72:c7:b1:07:51:88:a1:b1:0d:23:9d:99:94:24:2f:3e:1d:
         47:57:aa:ec:8a:1e:d4:93:b6:2e:c5:c2:17:10:71:8d:83:5e:
         3b:be:ee:f1:46:4f:8b:fa:ff:9d:7e:13:00:10:59:ec:49:ae:
         d3:9f:18:81:cb:c7:28:ec:de:b3:fd:91:c4:fd:2c:c8:5e:7d:
         39:b5:b6:83:f0:5a:36:43:46:25:97:ff:17:43:49:2d:20:f8:
         82:67:97:5f:a0:83:b9:6e:79:70:f0:dd:7b:b6:43:6a:24:7a:
         34:40:05:a5:44:63:62:da:ab:71:e1:da:6c:bc:fa:c1:f5:40:
         37:1b:34:5a:ed:08:6f:cf:49:86:8c:cb:65:f7:0c:a5:5e:7d:
         65:c2:9d:dc:cd:c6:12:7f:cd:53:a8:34:10:72:dc:57:54:17:
         b2:a7:f0:70:5f:68:fb:e6:47:5d:8e:72:36:4e:0f:c9:f6:38:
         85:70:87:dc
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgIDDUD4MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGQw
OTY0MDRmNjM3NzJhYTgxNjVkYTFmN2UwMWMzNGM0ZTM3OGE5MTYwHhcNMjEwMzI0
MTQzODAzWhcNMjYwMzI0MTQzODAzWjAzMTEwLwYDVQQDEyhjZTE0OTBhNjc1NzU3
NjFmMzUyYWYyNTU4YjE0ZmU1OWE2OGI5MTBkMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEApOXv5hu2oZ4vkqkJghqsMSv9if6iFgUkzZYX3XYGqZXPevnt
O5vEI/9tsNltjbGfRInTcvdpWyIJUhL9vgFwEL0FBIklkwI5zvUQvvPcd7c+czTV
n1cTc4Nf0f9Jq2mpC7B6cVeCUSnVJYBtgSAlOnyenInAI+NYyDAbQROmazbkDGzx
rfBB8f2G5C1LzSKCA054yNXjMUXt2qW2VTFyxC6SCqsZXNpin0aoFGXT1rsUB+HY
rIGIy854Gpr1p3x9ApL9rbbbrHpXi5CW4CWFt0+OxKygx1OgwA9qoURhzMsRFtwn
WAjNPPQUStIwO9eFwov3Sl1E64hXvW1fH/+hWwIDAQABo4ICajCCAmYwHQYDVR0O
BBYEFMwArEAXOSh+JSi67F0l1ILPel0KMB8GA1UdIwQYMBaAFK6Ept9eMMBTENrM
Z7bv/kFOdNKVMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvZDA5NjQw
NGY2Mzc3MmFhODE2NWRhMWY3ZTAxYzM0YzRlMzc4YTkxNi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvZDY0ODNjZmItN2FiMS00NTA4LWJmNmYtODk1Mzk1
N2Q4ODg3L2NlMTQ5MGE2NzU3NTc2MWYzNTJhZjI1NThiMTRmZTU5YTY4YjkxMGQu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9kNjQ4M2NmYi03YWIxLTQ1MDgtYmY2Zi04OTUz
OTU3ZDg4ODcvZDA5NjQwNGY2Mzc3MmFhODE2NWRhMWY3ZTAxYzM0YzRlMzc4YTkx
Ni5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQf
MB0wDAQCAAEwBgMEA8gNkDANBAIAAjAHAwUAIAETWDANBgkqhkiG9w0BAQsFAAOC
AQEAQ0AySq9KLK0VlS4Vux3ZMf2X7c3daVxys/5jtvnEFKb/tWIUy8UyrbRJdAxX
mxRsFhLg/Wk0vTOu6KsB1mCcDb4DiPI4NTqdI3LHsQdRiKGxDSOdmZQkLz4dR1eq
7Ioe1JO2LsXCFxBxjYNeO77u8UZPi/r/nX4TABBZ7Emu058YgcvHKOzes/2RxP0s
yF59ObW2g/BaNkNGJZf/F0NJLSD4gmeXX6CDuW55cPDde7ZDaiR6NEAFpURjYtqr
ceHabLz6wfVANxs0Wu0Ib89JhozLZfcMpV59ZcKd3M3GEn/NU6g0EHLcV1QXsqfw
cF9o++ZHXY5yNk4PyfY4hXCH3A==
-----END CERTIFICATE-----
Generated at Fri Mar 29 08:11:26 2024 by rpki-client on console-fra.rpki-client.org