Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/e22c3773-9773-4eb6-983f-4bc0ea8c932b/60ca4f3608319889d67d61a63add3df17a9b419c.roa
File:                     60ca4f3608319889d67d61a63add3df17a9b419c.roa (raw, json)
Hash identifier:          g492oAGEMDSRh5dWfuiUy78QLnLyB/j63mY96xOuMQE=
Subject key identifier:   39:75:DA:86:85:E9:2D:0E:82:59:F9:AC:50:A2:2B:66:61:AD:30:18
Certificate issuer:       /CN=77235f66b6c5d5c31869066c4d405d67062012cf
Certificate serial:       17B23D
Authority key identifier: 0A:4A:B9:05:85:69:40:10:64:D0:F6:94:9F:37:33:29:72:06:DD:32
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/77235f66b6c5d5c31869066c4d405d67062012cf.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/e22c3773-9773-4eb6-983f-4bc0ea8c932b/60ca4f3608319889d67d61a63add3df17a9b419c.roa
Signing time:             Fri 13 May 2022 15:17:45 +0000
ROA not before:           Fri 13 May 2022 03:00:00 +0000
ROA not after:            Sat 13 May 2028 03:00:00 +0000
asID:                     14618
IP address blocks:        200.12.196.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/e22c3773-9773-4eb6-983f-4bc0ea8c932b/77235f66b6c5d5c31869066c4d405d67062012cf.crl
                          rsync://repository.lacnic.net/rpki/lacnic/e22c3773-9773-4eb6-983f-4bc0ea8c932b/77235f66b6c5d5c31869066c4d405d67062012cf.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/77235f66b6c5d5c31869066c4d405d67062012cf.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 12:22:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1552957 (0x17b23d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=77235f66b6c5d5c31869066c4d405d67062012cf
        Validity
            Not Before: May 13 03:00:00 2022 GMT
            Not After : May 13 03:00:00 2028 GMT
        Subject: CN=60ca4f3608319889d67d61a63add3df17a9b419c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:7e:35:a5:df:1c:bd:bc:8c:6f:fc:ec:4a:f3:
                    9b:aa:d4:66:a4:27:6f:2e:23:1d:df:86:f9:73:84:
                    7b:54:6a:f1:da:08:7c:37:d2:02:52:7a:e5:e5:9d:
                    92:0a:4a:f3:51:d9:ae:0b:ae:b8:79:95:0a:bc:76:
                    2f:32:70:7a:0e:27:ba:7a:66:1b:4b:2d:36:46:9d:
                    97:10:80:45:3f:0f:4b:ea:75:a9:e5:8b:f4:5d:19:
                    7b:e1:93:06:e2:15:15:96:57:1d:89:fc:24:6e:e4:
                    79:84:66:c6:75:6e:3e:fc:78:a0:24:95:a3:17:a3:
                    45:81:e6:b0:91:52:f9:60:35:6d:4e:bb:a0:09:df:
                    ec:d1:13:fa:bd:05:78:07:26:53:1e:7c:b4:3e:e0:
                    79:af:8f:cf:cd:3b:9f:f8:1c:9a:b0:6c:23:03:f8:
                    13:a9:d7:be:a3:9a:ba:ce:f9:36:ad:46:de:06:82:
                    7a:69:ba:e0:b2:ed:a1:15:56:1a:7e:5d:d0:d7:56:
                    f2:55:ef:c8:5c:ae:3b:6b:19:eb:0e:2d:bd:42:cf:
                    1e:43:07:a6:44:65:87:b4:3b:e5:29:12:c8:90:1f:
                    c2:a5:d6:e1:e6:29:bf:0f:ea:13:1c:e4:11:4d:ca:
                    98:c1:24:24:28:d9:89:54:35:ed:c8:7d:54:af:94:
                    46:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                39:75:DA:86:85:E9:2D:0E:82:59:F9:AC:50:A2:2B:66:61:AD:30:18
            X509v3 Authority Key Identifier:
                keyid:0A:4A:B9:05:85:69:40:10:64:D0:F6:94:9F:37:33:29:72:06:DD:32

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/77235f66b6c5d5c31869066c4d405d67062012cf.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/e22c3773-9773-4eb6-983f-4bc0ea8c932b/60ca4f3608319889d67d61a63add3df17a9b419c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/e22c3773-9773-4eb6-983f-4bc0ea8c932b/77235f66b6c5d5c31869066c4d405d67062012cf.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.12.196.0/24

    Signature Algorithm: sha256WithRSAEncryption
         84:98:ce:38:e6:f7:65:68:37:5e:38:20:fa:d9:e0:71:12:cd:
         09:7b:25:f2:f8:4e:ec:e5:27:cc:1b:6b:de:29:32:c9:ae:23:
         2a:4f:d0:dc:48:5c:b8:7b:4b:22:ce:96:5c:92:ff:e9:01:1f:
         1f:5c:06:74:4d:fa:da:3a:72:f3:aa:37:49:77:40:46:b9:f0:
         ad:51:d2:03:0c:05:f5:92:98:cf:68:83:5c:32:e6:cb:dd:80:
         88:29:bc:e0:6b:94:9e:34:d6:23:bb:f7:2b:6d:1f:59:8e:cc:
         76:3e:e0:80:2a:d1:35:f8:0f:63:9a:e9:0f:5f:b8:b6:60:33:
         4d:05:75:67:c9:d4:b3:84:b0:fa:31:06:42:d7:13:52:9e:4a:
         63:00:1e:75:7c:83:d2:4b:45:05:32:48:2f:d2:46:76:9e:3a:
         2f:82:ca:0e:7a:da:3a:8a:81:f3:ac:21:89:1c:c1:bb:1c:84:
         d1:41:52:f2:c6:fa:07:35:a1:2e:df:d0:7d:8f:75:ca:56:91:
         7c:13:23:9b:d9:2c:8d:1f:37:f4:fa:2c:26:f5:2f:fb:1b:ca:
         3c:b0:4c:8f:48:62:93:61:55:34:ab:9b:14:6b:aa:47:d4:25:
         68:dd:ba:f2:0b:9b:9f:aa:c6:93:dd:a1:2a:e7:14:22:75:c6:
         b8:5a:e2:0f
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDF7I9MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDc3
MjM1ZjY2YjZjNWQ1YzMxODY5MDY2YzRkNDA1ZDY3MDYyMDEyY2YwHhcNMjIwNTEz
MDMwMDAwWhcNMjgwNTEzMDMwMDAwWjAzMTEwLwYDVQQDEyg2MGNhNGYzNjA4MzE5
ODg5ZDY3ZDYxYTYzYWRkM2RmMTdhOWI0MTljMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAq341pd8cvbyMb/zsSvObqtRmpCdvLiMd34b5c4R7VGrx2gh8
N9ICUnrl5Z2SCkrzUdmuC664eZUKvHYvMnB6Die6emYbSy02Rp2XEIBFPw9L6nWp
5Yv0XRl74ZMG4hUVllcdifwkbuR5hGbGdW4+/HigJJWjF6NFgeawkVL5YDVtTrug
Cd/s0RP6vQV4ByZTHny0PuB5r4/PzTuf+ByasGwjA/gTqde+o5q6zvk2rUbeBoJ6
abrgsu2hFVYafl3Q11byVe/IXK47axnrDi29Qs8eQwemRGWHtDvlKRLIkB/Cpdbh
5im/D+oTHOQRTcqYwSQkKNmJVDXtyH1Ur5RGWQIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFDl12oaF6S0Ogln5rFCiK2ZhrTAYMB8GA1UdIwQYMBaAFApKuQWFaUAQZND2
lJ83MylyBt0yMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvNzcyMzVm
NjZiNmM1ZDVjMzE4NjkwNjZjNGQ0MDVkNjcwNjIwMTJjZi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvZTIyYzM3NzMtOTc3My00ZWI2LTk4M2YtNGJjMGVh
OGM5MzJiLzYwY2E0ZjM2MDgzMTk4ODlkNjdkNjFhNjNhZGQzZGYxN2E5YjQxOWMu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9lMjJjMzc3My05NzczLTRlYjYtOTgzZi00YmMw
ZWE4YzkzMmIvNzcyMzVmNjZiNmM1ZDVjMzE4NjkwNjZjNGQ0MDVkNjcwNjIwMTJj
Zi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAMgMxDANBgkqhkiG9w0BAQsFAAOCAQEAhJjOOOb3ZWg3Xjgg
+tngcRLNCXsl8vhO7OUnzBtr3ikyya4jKk/Q3EhcuHtLIs6WXJL/6QEfH1wGdE36
2jpy86o3SXdARrnwrVHSAwwF9ZKYz2iDXDLmy92AiCm84GuUnjTWI7v3K20fWY7M
dj7ggCrRNfgPY5rpD1+4tmAzTQV1Z8nUs4Sw+jEGQtcTUp5KYwAedXyD0ktFBTJI
L9JGdp46L4LKDnraOoqB86whiRzBuxyE0UFS8sb6BzWhLt/QfY91ylaRfBMjm9ks
jR839PosJvUv+xvKPLBMj0hik2FVNKubFGuqR9QlaN268gubn6rGk92hKucUInXG
uFriDw==
-----END CERTIFICATE-----
Generated at Thu Mar 28 14:02:59 2024 by rpki-client on console-fra.rpki-client.org