Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/dece9058-5ead-4bdf-b331-d5294fc1121c/b1b69e26e8b1e2e1d8d4e1ab1491908e1e7ec697.roa
File:                     b1b69e26e8b1e2e1d8d4e1ab1491908e1e7ec697.roa (raw, json)
Hash identifier:          CQGUEiUoTkjMrNP7G2gXJDdqW7+xXdkMl5C2nqsh1+M=
Subject key identifier:   31:C9:A8:A0:F6:74:E1:CA:37:A9:E0:EE:78:C2:32:B0:0A:32:55:6B
Certificate issuer:       /CN=b31497db947942b9b98537746e80526f715ef6e4
Certificate serial:       0D2202
Authority key identifier: 66:2B:1F:3E:4C:E8:EA:1F:7D:D8:7A:04:AD:31:EA:9C:23:87:4E:31
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/b31497db947942b9b98537746e80526f715ef6e4.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/dece9058-5ead-4bdf-b331-d5294fc1121c/b1b69e26e8b1e2e1d8d4e1ab1491908e1e7ec697.roa
Signing time:             Wed 24 Mar 2021 14:47:28 +0000
ROA not before:           Wed 24 Mar 2021 14:47:28 +0000
ROA not after:            Tue 24 Mar 2026 14:47:28 +0000
asID:                     21980
IP address blocks:        200.74.192.0/19 maxlen: 24
                          200.74.224.0/20 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/dece9058-5ead-4bdf-b331-d5294fc1121c/b31497db947942b9b98537746e80526f715ef6e4.crl
                          rsync://repository.lacnic.net/rpki/lacnic/dece9058-5ead-4bdf-b331-d5294fc1121c/b31497db947942b9b98537746e80526f715ef6e4.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/b31497db947942b9b98537746e80526f715ef6e4.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 24 Feb 2024 07:38:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 860674 (0xd2202)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b31497db947942b9b98537746e80526f715ef6e4
        Validity
            Not Before: Mar 24 14:47:28 2021 GMT
            Not After : Mar 24 14:47:28 2026 GMT
        Subject: CN=b1b69e26e8b1e2e1d8d4e1ab1491908e1e7ec697
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:c1:d6:86:14:48:91:bc:54:09:c3:49:a0:b4:
                    cd:9b:61:43:d1:c9:63:87:89:bc:4d:66:db:80:8f:
                    ca:02:01:5d:3a:45:a6:56:57:8c:4d:5b:09:9f:6a:
                    c7:ec:af:0b:87:7b:08:62:fa:e3:5c:c8:75:34:da:
                    c8:35:8a:d3:75:96:e4:77:d7:6e:eb:a3:bb:24:58:
                    e3:3c:12:0e:87:22:d8:54:d7:d2:fd:91:e6:2b:de:
                    86:49:22:23:2b:4c:d4:41:61:f2:44:9d:89:13:31:
                    41:8d:52:76:e5:7a:08:f9:e8:8c:c2:6f:56:d1:aa:
                    2a:45:3c:b6:3c:13:ac:8a:03:e4:fd:80:45:d0:50:
                    2e:0a:13:a2:39:f9:ba:a4:21:d1:6e:f5:e7:13:68:
                    75:ce:f3:47:35:d9:e5:ea:bf:f5:1b:8c:63:39:d7:
                    67:58:80:7c:17:0b:25:74:61:73:0d:85:16:a7:75:
                    f0:c1:61:c5:1d:e7:59:4a:d4:87:9a:56:32:92:c4:
                    10:19:8c:88:b6:a9:25:37:1f:06:d3:bd:a7:6e:a0:
                    7d:21:a4:b0:ae:d2:e8:c8:6c:b2:21:ed:d6:f0:bb:
                    1e:64:5b:e8:2b:89:c3:75:29:fd:02:a3:11:86:3b:
                    1b:ad:6b:f1:46:9f:5b:b0:38:0e:0b:9c:98:ce:44:
                    f4:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                31:C9:A8:A0:F6:74:E1:CA:37:A9:E0:EE:78:C2:32:B0:0A:32:55:6B
            X509v3 Authority Key Identifier:
                keyid:66:2B:1F:3E:4C:E8:EA:1F:7D:D8:7A:04:AD:31:EA:9C:23:87:4E:31

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/b31497db947942b9b98537746e80526f715ef6e4.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/dece9058-5ead-4bdf-b331-d5294fc1121c/b1b69e26e8b1e2e1d8d4e1ab1491908e1e7ec697.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/dece9058-5ead-4bdf-b331-d5294fc1121c/b31497db947942b9b98537746e80526f715ef6e4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.74.192.0-200.74.239.255

    Signature Algorithm: sha256WithRSAEncryption
         26:bf:47:de:3b:fb:e6:93:72:cd:6f:db:40:2d:53:b7:54:81:
         7d:cf:ee:a0:75:bf:3a:f0:aa:85:50:31:b0:cd:ab:88:f3:8d:
         b2:1c:39:cb:fe:36:aa:94:19:cd:d4:c4:20:3e:ad:27:52:20:
         b0:2b:e7:7a:84:7b:51:bd:fe:4f:b6:ea:50:06:07:e8:c3:9f:
         7f:83:15:7d:21:61:a4:27:6a:cd:92:43:68:15:89:37:2a:31:
         50:21:a1:78:49:54:f6:15:b3:3f:89:9e:f6:48:2f:c3:4e:96:
         e6:9a:f6:56:b9:d1:9f:c6:9b:24:ce:d6:54:9a:d1:11:ca:d3:
         c2:ea:45:b9:f5:96:d6:a8:40:b3:66:ea:c2:0a:e8:57:0b:6e:
         ba:2f:30:6b:36:93:97:f4:ad:3c:26:dd:a4:18:77:91:a6:51:
         d4:45:4c:22:1c:57:0c:9b:8f:8f:a1:b9:eb:7e:87:48:f4:56:
         83:25:d8:93:c3:05:3a:a3:a0:4b:f6:b9:04:07:e7:6b:9b:c1:
         c0:37:9f:af:f4:a5:6c:85:10:1e:20:a2:c0:9d:f7:c5:85:f8:
         1c:cd:a6:c0:13:a9:c5:38:75:e1:03:22:94:6d:59:c8:1d:70:
         fc:11:a9:18:50:07:59:84:3f:75:33:e5:70:7a:12:8a:f3:74:
         6c:64:8a:e5
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgIDDSICMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGIz
MTQ5N2RiOTQ3OTQyYjliOTg1Mzc3NDZlODA1MjZmNzE1ZWY2ZTQwHhcNMjEwMzI0
MTQ0NzI4WhcNMjYwMzI0MTQ0NzI4WjAzMTEwLwYDVQQDEyhiMWI2OWUyNmU4YjFl
MmUxZDhkNGUxYWIxNDkxOTA4ZTFlN2VjNjk3MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAqsHWhhRIkbxUCcNJoLTNm2FD0cljh4m8TWbbgI/KAgFdOkWm
VleMTVsJn2rH7K8Lh3sIYvrjXMh1NNrINYrTdZbkd9du66O7JFjjPBIOhyLYVNfS
/ZHmK96GSSIjK0zUQWHyRJ2JEzFBjVJ25XoI+eiMwm9W0aoqRTy2PBOsigPk/YBF
0FAuChOiOfm6pCHRbvXnE2h1zvNHNdnl6r/1G4xjOddnWIB8FwsldGFzDYUWp3Xw
wWHFHedZStSHmlYyksQQGYyItqklNx8G072nbqB9IaSwrtLoyGyyIe3W8LseZFvo
K4nDdSn9AqMRhjsbrWvxRp9bsDgOC5yYzkT05wIDAQABo4ICYzCCAl8wHQYDVR0O
BBYEFDHJqKD2dOHKN6ng7njCMrAKMlVrMB8GA1UdIwQYMBaAFGYrHz5M6Ooffdh6
BK0x6pwjh04xMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYjMxNDk3
ZGI5NDc5NDJiOWI5ODUzNzc0NmU4MDUyNmY3MTVlZjZlNC5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvZGVjZTkwNTgtNWVhZC00YmRmLWIzMzEtZDUyOTRm
YzExMjFjL2IxYjY5ZTI2ZThiMWUyZTFkOGQ0ZTFhYjE0OTE5MDhlMWU3ZWM2OTcu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9kZWNlOTA1OC01ZWFkLTRiZGYtYjMzMS1kNTI5
NGZjMTEyMWMvYjMxNDk3ZGI5NDc5NDJiOWI5ODUzNzc0NmU4MDUyNmY3MTVlZjZl
NC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAnBggrBgEFBQcBBwEB/wQY
MBYwFAQCAAEwDjAMAwQGyErAAwQEyErgMA0GCSqGSIb3DQEBCwUAA4IBAQAmv0fe
O/vmk3LNb9tALVO3VIF9z+6gdb868KqFUDGwzauI842yHDnL/jaqlBnN1MQgPq0n
UiCwK+d6hHtRvf5PtupQBgfow59/gxV9IWGkJ2rNkkNoFYk3KjFQIaF4SVT2FbM/
iZ72SC/DTpbmmvZWudGfxpskztZUmtERytPC6kW59ZbWqECzZurCCuhXC266LzBr
NpOX9K08Jt2kGHeRplHURUwiHFcMm4+PobnrfodI9FaDJdiTwwU6o6BL9rkEB+dr
m8HAN5+v9KVshRAeIKLAnffFhfgczabAE6nFOHXhAyKUbVnIHXD8EakYUAdZhD91
M+VwehKK83RsZIrl
-----END CERTIFICATE-----
Generated at Wed Feb 21 16:52:01 2024 by rpki-client on console-ams.rpki-client.org