Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/e22c3773-9773-4eb6-983f-4bc0ea8c932b/dbb00e88992512b96a16288e43d871365ddc8851.roa
File:                     dbb00e88992512b96a16288e43d871365ddc8851.roa (raw, json)
Hash identifier:          o873ysHKkLAmUEujJDyyTdm5Vf0/BMvK64RGDJAvxDE=
Subject key identifier:   24:13:1D:04:A0:60:F7:F3:F3:C3:79:AB:48:6C:61:49:A8:8E:33:2D
Certificate issuer:       /CN=77235f66b6c5d5c31869066c4d405d67062012cf
Certificate serial:       0D4557
Authority key identifier: 0A:4A:B9:05:85:69:40:10:64:D0:F6:94:9F:37:33:29:72:06:DD:32
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/77235f66b6c5d5c31869066c4d405d67062012cf.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/e22c3773-9773-4eb6-983f-4bc0ea8c932b/dbb00e88992512b96a16288e43d871365ddc8851.roa
Signing time:             Wed 24 Mar 2021 14:40:20 +0000
ROA not before:           Wed 24 Mar 2021 14:40:20 +0000
ROA not after:            Tue 24 Mar 2026 14:40:20 +0000
asID:                     52274
IP address blocks:        200.12.196.0/24 maxlen: 24
                          200.12.197.0/24 maxlen: 24
                          200.12.198.0/24 maxlen: 24
                          200.12.199.0/24 maxlen: 24
                          2801:0:60::/48 maxlen: 48
                          2801:0:61::/48 maxlen: 48
                          2801:0:62::/48 maxlen: 48
                          2801:0:63::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/e22c3773-9773-4eb6-983f-4bc0ea8c932b/77235f66b6c5d5c31869066c4d405d67062012cf.crl
                          rsync://repository.lacnic.net/rpki/lacnic/e22c3773-9773-4eb6-983f-4bc0ea8c932b/77235f66b6c5d5c31869066c4d405d67062012cf.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/77235f66b6c5d5c31869066c4d405d67062012cf.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 12:22:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 869719 (0xd4557)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=77235f66b6c5d5c31869066c4d405d67062012cf
        Validity
            Not Before: Mar 24 14:40:20 2021 GMT
            Not After : Mar 24 14:40:20 2026 GMT
        Subject: CN=dbb00e88992512b96a16288e43d871365ddc8851
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:95:11:c4:14:f2:77:4a:c7:b3:ef:c0:b5:b6:
                    f1:e1:56:36:ff:9a:35:13:e4:88:19:9a:7c:9b:66:
                    c7:75:6d:dc:35:a4:03:d8:57:f9:ea:23:1f:d5:30:
                    01:c3:1e:40:f5:e2:bc:4d:83:73:02:20:7b:04:e1:
                    87:18:de:c1:bb:98:56:1b:55:32:dd:bc:94:59:f1:
                    0b:9a:78:d2:68:e9:89:c4:12:92:cd:0b:21:a6:f7:
                    0c:8e:75:30:35:e2:7a:6d:88:42:01:03:07:4b:18:
                    bd:d0:ce:34:15:84:04:94:b1:2e:e0:7d:0f:af:e9:
                    3c:d3:c0:87:31:b0:2b:67:8a:d5:a9:a7:f1:43:15:
                    09:f9:92:fd:c1:34:4d:7a:6c:a1:a6:59:15:54:db:
                    0c:92:a3:c8:cf:e7:df:5c:94:31:74:24:53:f7:97:
                    a1:82:ca:62:16:cc:46:20:34:cd:1f:6f:2a:da:2e:
                    ab:54:b2:d7:39:e4:af:80:e9:63:84:e1:e6:ac:68:
                    81:02:98:d2:31:5a:45:ec:10:e6:c9:5c:76:e6:36:
                    95:2f:9b:c4:99:78:52:06:68:8d:e8:cf:45:de:54:
                    54:d2:03:96:98:5e:63:4b:e5:43:d0:a7:74:d0:77:
                    45:05:ac:c6:88:41:58:e6:81:e7:74:0a:a2:b2:28:
                    41:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                24:13:1D:04:A0:60:F7:F3:F3:C3:79:AB:48:6C:61:49:A8:8E:33:2D
            X509v3 Authority Key Identifier:
                keyid:0A:4A:B9:05:85:69:40:10:64:D0:F6:94:9F:37:33:29:72:06:DD:32

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/77235f66b6c5d5c31869066c4d405d67062012cf.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/e22c3773-9773-4eb6-983f-4bc0ea8c932b/dbb00e88992512b96a16288e43d871365ddc8851.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/e22c3773-9773-4eb6-983f-4bc0ea8c932b/77235f66b6c5d5c31869066c4d405d67062012cf.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.12.196.0/22
                IPv6:
                  2801:0:60::/46

    Signature Algorithm: sha256WithRSAEncryption
         89:8d:d5:aa:05:eb:93:91:23:c5:aa:1d:f7:9d:f6:9d:d2:a1:
         15:bc:85:9e:4d:03:5d:6b:12:b3:77:1a:e3:9e:65:e9:09:43:
         a1:78:83:91:b9:4b:78:1d:df:9a:5c:ca:d1:0b:00:22:0d:7c:
         33:65:ab:ab:35:6c:c9:97:d8:0f:96:4d:77:85:4f:1f:7c:b7:
         91:42:3b:bc:b4:97:14:c2:a1:9f:7b:f0:54:9e:2c:3c:c8:bc:
         67:53:95:6a:63:87:cc:4f:d5:94:76:4e:ef:a9:52:e2:23:fb:
         65:d3:2a:85:3f:78:7a:f3:8c:11:98:9a:d1:91:a1:b4:bf:9a:
         bc:91:c0:de:e9:6d:c4:c8:8f:38:0b:b8:d1:d6:e4:b6:bf:e9:
         a1:2c:86:cf:fa:d1:ac:f4:40:0f:7b:89:a3:ed:f4:d7:59:1a:
         1b:3a:78:58:dd:82:50:47:ad:5c:53:d3:b2:1f:db:e0:5b:84:
         61:e7:74:92:f9:d4:8c:82:31:1e:41:38:4d:62:96:75:ce:e3:
         3f:8a:5e:34:2a:b4:07:2a:8f:2b:ee:b1:a3:77:60:46:16:ff:
         48:b7:4c:b7:80:65:d6:fb:be:fa:c2:15:e8:01:0c:9b:c5:1b:
         75:22:d4:3d:b2:90:e5:db:2c:0c:72:8a:e6:22:11:bf:11:58:
         0d:32:20:c6
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgIDDUVXMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDc3
MjM1ZjY2YjZjNWQ1YzMxODY5MDY2YzRkNDA1ZDY3MDYyMDEyY2YwHhcNMjEwMzI0
MTQ0MDIwWhcNMjYwMzI0MTQ0MDIwWjAzMTEwLwYDVQQDEyhkYmIwMGU4ODk5MjUx
MmI5NmExNjI4OGU0M2Q4NzEzNjVkZGM4ODUxMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAtJURxBTyd0rHs+/Atbbx4VY2/5o1E+SIGZp8m2bHdW3cNaQD
2Ff56iMf1TABwx5A9eK8TYNzAiB7BOGHGN7Bu5hWG1Uy3byUWfELmnjSaOmJxBKS
zQshpvcMjnUwNeJ6bYhCAQMHSxi90M40FYQElLEu4H0Pr+k808CHMbArZ4rVqafx
QxUJ+ZL9wTRNemyhplkVVNsMkqPIz+ffXJQxdCRT95ehgspiFsxGIDTNH28q2i6r
VLLXOeSvgOljhOHmrGiBApjSMVpF7BDmyVx25jaVL5vEmXhSBmiN6M9F3lRU0gOW
mF5jS+VD0Kd00HdFBazGiEFY5oHndAqisihB2QIDAQABo4ICbDCCAmgwHQYDVR0O
BBYEFCQTHQSgYPfz88N5q0hsYUmojjMtMB8GA1UdIwQYMBaAFApKuQWFaUAQZND2
lJ83MylyBt0yMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvNzcyMzVm
NjZiNmM1ZDVjMzE4NjkwNjZjNGQ0MDVkNjcwNjIwMTJjZi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvZTIyYzM3NzMtOTc3My00ZWI2LTk4M2YtNGJjMGVh
OGM5MzJiL2RiYjAwZTg4OTkyNTEyYjk2YTE2Mjg4ZTQzZDg3MTM2NWRkYzg4NTEu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9lMjJjMzc3My05NzczLTRlYjYtOTgzZi00YmMw
ZWE4YzkzMmIvNzcyMzVmNjZiNmM1ZDVjMzE4NjkwNjZjNGQ0MDVkNjcwNjIwMTJj
Zi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAwBggrBgEFBQcBBwEB/wQh
MB8wDAQCAAEwBgMEAsgMxDAPBAIAAjAJAwcCKAEAAABgMA0GCSqGSIb3DQEBCwUA
A4IBAQCJjdWqBeuTkSPFqh33nfad0qEVvIWeTQNdaxKzdxrjnmXpCUOheIORuUt4
Hd+aXMrRCwAiDXwzZaurNWzJl9gPlk13hU8ffLeRQju8tJcUwqGfe/BUniw8yLxn
U5VqY4fMT9WUdk7vqVLiI/tl0yqFP3h684wRmJrRkaG0v5q8kcDe6W3EyI84C7jR
1uS2v+mhLIbP+tGs9EAPe4mj7fTXWRobOnhY3YJQR61cU9OyH9vgW4Rh53SS+dSM
gjEeQThNYpZ1zuM/il40KrQHKo8r7rGjd2BGFv9It0y3gGXW+776whXoAQybxRt1
ItQ9spDl2ywMcormIhG/EVgNMiDG
-----END CERTIFICATE-----
Generated at Thu Mar 28 13:29:33 2024 by rpki-client on console-ams.rpki-client.org