Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/df7d160e-dfe0-41d6-b4a4-f59a6a19a8ac/a6a17ab4b97a369fb2c32c0c4e4b9883d40708ff.roa
File:                     a6a17ab4b97a369fb2c32c0c4e4b9883d40708ff.roa (raw, json)
Hash identifier:          zS0UqjYy6rGHSO6FMNM6fDAzeflpwGOsCLNUG5Ep8rA=
Subject key identifier:   2A:A6:6F:AB:33:1C:DF:F8:1C:35:82:9B:91:B3:EF:39:F6:B5:E4:84
Certificate issuer:       /CN=9035a8fa5af8ead4985158f93c6409d244feec86
Certificate serial:       ABE7
Authority key identifier: AF:9D:B4:96:0F:ED:26:30:FF:63:24:D3:CC:FD:C9:9A:3E:92:37:9A
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/9035a8fa5af8ead4985158f93c6409d244feec86.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/df7d160e-dfe0-41d6-b4a4-f59a6a19a8ac/a6a17ab4b97a369fb2c32c0c4e4b9883d40708ff.roa
Signing time:             Thu 10 Aug 2023 16:17:44 +0000
ROA not before:           Wed 09 Aug 2023 16:17:43 +0000
ROA not after:            Sun 10 Aug 2025 16:17:43 +0000
asID:                     271959
IP address blocks:        204.126.128.0/24 maxlen: 24
                          204.126.129.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/df7d160e-dfe0-41d6-b4a4-f59a6a19a8ac/9035a8fa5af8ead4985158f93c6409d244feec86.crl
                          rsync://repository.lacnic.net/rpki/lacnic/df7d160e-dfe0-41d6-b4a4-f59a6a19a8ac/9035a8fa5af8ead4985158f93c6409d244feec86.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/9035a8fa5af8ead4985158f93c6409d244feec86.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Fri 01 Mar 2024 15:12:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 44007 (0xabe7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9035a8fa5af8ead4985158f93c6409d244feec86
        Validity
            Not Before: Aug  9 16:17:43 2023 GMT
            Not After : Aug 10 16:17:43 2025 GMT
        Subject: CN=a6a17ab4b97a369fb2c32c0c4e4b9883d40708ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:23:a7:df:cb:fc:36:3c:6b:76:a3:31:8c:e0:
                    e3:43:d2:de:53:89:93:6a:37:65:a2:bc:94:0e:2f:
                    1a:a4:ff:a8:ad:37:b7:bd:df:a6:d1:59:74:55:c7:
                    64:64:33:02:86:7d:1f:94:2e:16:86:6d:29:cc:c6:
                    bc:84:02:73:74:d0:28:16:a9:8c:62:43:53:35:24:
                    e9:1d:fc:75:30:ca:2b:8b:97:4e:e7:76:8a:e5:6d:
                    49:fc:8d:0f:fe:0a:f2:8d:ba:ef:0b:e2:f1:aa:8f:
                    40:65:91:a3:a2:8d:6e:12:7c:64:d9:f4:c6:05:13:
                    f2:d2:6a:8b:4c:58:89:74:f6:1b:8f:51:21:dc:eb:
                    05:6a:67:72:24:3b:c0:e5:7d:e3:18:74:94:23:76:
                    ee:ca:06:7e:cd:b0:f7:ea:af:45:d9:d3:9e:84:d7:
                    07:97:11:d5:67:88:ca:7a:69:14:b9:41:31:20:16:
                    80:00:7f:6f:da:be:e7:6e:19:1b:52:88:28:7d:e2:
                    bb:f9:18:36:b8:c2:82:37:45:0b:60:96:8e:b2:db:
                    2f:e4:79:7c:67:12:96:95:b3:8f:c7:1f:91:eb:34:
                    de:b9:20:fa:28:f6:07:a3:84:e9:54:cd:65:87:ed:
                    cc:bf:a0:12:a1:16:7b:d8:d3:39:08:23:e8:e1:d9:
                    68:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:A6:6F:AB:33:1C:DF:F8:1C:35:82:9B:91:B3:EF:39:F6:B5:E4:84
            X509v3 Authority Key Identifier:
                keyid:AF:9D:B4:96:0F:ED:26:30:FF:63:24:D3:CC:FD:C9:9A:3E:92:37:9A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/9035a8fa5af8ead4985158f93c6409d244feec86.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/df7d160e-dfe0-41d6-b4a4-f59a6a19a8ac/a6a17ab4b97a369fb2c32c0c4e4b9883d40708ff.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/df7d160e-dfe0-41d6-b4a4-f59a6a19a8ac/9035a8fa5af8ead4985158f93c6409d244feec86.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  204.126.128.0/23

    Signature Algorithm: sha256WithRSAEncryption
         3b:af:4d:5c:e9:9b:18:40:c8:66:06:22:db:fa:b5:f4:eb:31:
         29:11:3c:1b:f9:66:64:4f:63:f4:83:7c:b0:46:83:43:90:f7:
         d6:1d:04:2a:5b:c2:4c:1d:9c:26:7b:dc:c9:c1:70:b9:ee:cc:
         03:48:8f:c2:80:73:a5:aa:87:62:5a:0a:ae:a5:e9:e2:63:c0:
         8c:d5:b3:39:f4:21:d9:4d:31:63:1e:79:6a:34:54:e5:04:7f:
         7c:27:2d:df:bc:39:23:82:b3:0f:3f:3e:64:3e:f4:66:ae:69:
         05:2f:ce:a4:6d:80:bf:43:2c:6f:58:90:00:f0:be:28:26:76:
         43:97:99:6d:e5:16:78:2f:db:80:cd:03:9d:11:6a:c6:20:72:
         7b:fd:34:ef:7d:60:61:9e:c6:e4:25:a2:52:30:9c:4b:ae:c7:
         93:31:ca:eb:7e:11:f6:2b:71:a7:77:ba:12:0d:db:6d:ee:bc:
         84:4c:2f:b0:b1:43:73:47:6d:de:a1:88:17:c5:a6:97:04:52:
         0a:32:dd:46:8f:41:30:33:3b:3b:bc:49:00:18:ff:27:01:5f:
         a2:0b:a1:e3:f9:06:27:98:16:e1:1d:93:6c:82:f9:ef:11:46:
         59:0f:4d:b1:4f:fb:91:0b:22:3e:ae:ea:8d:9f:f9:e6:a2:c3:
         61:35:fc:12
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDAKvnMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDkw
MzVhOGZhNWFmOGVhZDQ5ODUxNThmOTNjNjQwOWQyNDRmZWVjODYwHhcNMjMwODA5
MTYxNzQzWhcNMjUwODEwMTYxNzQzWjAzMTEwLwYDVQQDEyhhNmExN2FiNGI5N2Ez
NjlmYjJjMzJjMGM0ZTRiOTg4M2Q0MDcwOGZmMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAmCOn38v8NjxrdqMxjODjQ9LeU4mTajdloryUDi8apP+orTe3
vd+m0Vl0VcdkZDMChn0flC4Whm0pzMa8hAJzdNAoFqmMYkNTNSTpHfx1MMori5dO
53aK5W1J/I0P/gryjbrvC+Lxqo9AZZGjoo1uEnxk2fTGBRPy0mqLTFiJdPYbj1Eh
3OsFamdyJDvA5X3jGHSUI3buygZ+zbD36q9F2dOehNcHlxHVZ4jKemkUuUExIBaA
AH9v2r7nbhkbUogofeK7+Rg2uMKCN0ULYJaOstsv5Hl8ZxKWlbOPxx+R6zTeuSD6
KPYHo4TpVM1lh+3Mv6ASoRZ72NM5CCPo4dloIwIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFCqmb6szHN/4HDWCm5Gz7zn2teSEMB8GA1UdIwQYMBaAFK+dtJYP7SYw/2Mk
08z9yZo+kjeaMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvOTAzNWE4
ZmE1YWY4ZWFkNDk4NTE1OGY5M2M2NDA5ZDI0NGZlZWM4Ni5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvZGY3ZDE2MGUtZGZlMC00MWQ2LWI0YTQtZjU5YTZh
MTlhOGFjL2E2YTE3YWI0Yjk3YTM2OWZiMmMzMmMwYzRlNGI5ODgzZDQwNzA4ZmYu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9kZjdkMTYwZS1kZmUwLTQxZDYtYjRhNC1mNTlh
NmExOWE4YWMvOTAzNWE4ZmE1YWY4ZWFkNDk4NTE1OGY5M2M2NDA5ZDI0NGZlZWM4
Ni5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAcx+gDANBgkqhkiG9w0BAQsFAAOCAQEAO69NXOmbGEDIZgYi
2/q19OsxKRE8G/lmZE9j9IN8sEaDQ5D31h0EKlvCTB2cJnvcycFwue7MA0iPwoBz
paqHYloKrqXp4mPAjNWzOfQh2U0xYx55ajRU5QR/fCct37w5I4KzDz8+ZD70Zq5p
BS/OpG2Av0Msb1iQAPC+KCZ2Q5eZbeUWeC/bgM0DnRFqxiBye/00731gYZ7G5CWi
UjCcS67HkzHK634R9itxp3e6Eg3bbe68hEwvsLFDc0dt3qGIF8WmlwRSCjLdRo9B
MDM7O7xJABj/JwFfoguh4/kGJ5gW4R2TbIL57xFGWQ9NsU/7kQsiPq7qjZ/55qLD
YTX8Eg==
-----END CERTIFICATE-----
Generated at Tue Feb 27 20:07:40 2024 by rpki-client on console-ams.rpki-client.org