Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/e292cf36-d052-443b-ac4b-7b4ba73bc218/3064486fc108f2ba3c7f93184afc2a70e425399f.roa
File:                     3064486fc108f2ba3c7f93184afc2a70e425399f.roa (raw, json)
Hash identifier:          DE/yYraUAVz278tb7J8bNDbI8aWmh/BPYKblqgbZ++8=
Subject key identifier:   35:40:5C:37:76:C8:EA:10:15:03:4D:57:EA:20:0A:D6:EA:6F:F8:04
Certificate issuer:       /CN=8174f9e0234527f23fb0bcfd7cea896897ec3191
Certificate serial:       0DD4D1
Authority key identifier: FD:9C:B9:83:74:37:2D:36:5A:88:25:24:4D:C8:2A:CE:E1:EE:26:0A
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/8174f9e0234527f23fb0bcfd7cea896897ec3191.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/e292cf36-d052-443b-ac4b-7b4ba73bc218/3064486fc108f2ba3c7f93184afc2a70e425399f.roa
Signing time:             Fri 18 Aug 2023 15:13:53 +0000
ROA not before:           Thu 17 Aug 2023 15:13:53 +0000
ROA not after:            Mon 18 Aug 2025 15:13:53 +0000
asID:                     265844
IP address blocks:        200.47.47.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/e292cf36-d052-443b-ac4b-7b4ba73bc218/8174f9e0234527f23fb0bcfd7cea896897ec3191.crl
                          rsync://repository.lacnic.net/rpki/lacnic/e292cf36-d052-443b-ac4b-7b4ba73bc218/8174f9e0234527f23fb0bcfd7cea896897ec3191.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/8174f9e0234527f23fb0bcfd7cea896897ec3191.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Tue 27 Feb 2024 21:42:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 906449 (0xdd4d1)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8174f9e0234527f23fb0bcfd7cea896897ec3191
        Validity
            Not Before: Aug 17 15:13:53 2023 GMT
            Not After : Aug 18 15:13:53 2025 GMT
        Subject: CN=3064486fc108f2ba3c7f93184afc2a70e425399f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:6c:af:8b:7a:d9:a8:ae:21:53:ea:dd:9c:51:
                    5e:79:6f:6e:84:7a:dc:e7:ec:cd:11:52:5b:8d:35:
                    cd:22:bb:e5:8c:fc:dc:f7:91:48:a2:73:99:cb:f9:
                    6d:44:87:22:da:f9:c0:5f:e0:84:7c:19:e1:99:b3:
                    53:e6:eb:21:01:d8:13:dd:24:58:01:a0:f5:fa:8c:
                    f2:be:f7:5e:71:93:bb:61:b8:92:c1:e8:61:d9:24:
                    1f:98:57:40:f4:da:24:3f:5a:f4:f8:e6:ba:e0:35:
                    f8:17:ae:b3:12:ca:3e:d8:b3:db:ba:dd:2e:98:b9:
                    bf:5c:d2:dd:f7:15:bb:44:7d:44:0e:50:24:1d:3b:
                    dc:12:b6:29:c3:22:77:48:a9:57:da:9a:df:dc:02:
                    ee:5f:49:47:18:a7:6a:90:c6:fe:5e:bd:d4:36:d2:
                    f9:3d:3a:c6:ec:5f:29:75:35:d7:4c:e1:b7:55:be:
                    97:ad:4a:6b:e0:ff:6b:96:7f:36:93:9e:55:cb:1e:
                    2f:82:17:e3:ae:27:d3:94:52:96:0c:5e:08:cc:aa:
                    f7:33:d4:bd:d8:c3:90:8f:5a:9e:e7:df:0a:3e:8b:
                    b2:0e:f0:e6:6f:f7:8c:1c:00:60:0e:be:85:57:43:
                    99:f6:02:40:52:fe:9d:c6:51:e5:e2:ab:a9:fe:bb:
                    e1:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                35:40:5C:37:76:C8:EA:10:15:03:4D:57:EA:20:0A:D6:EA:6F:F8:04
            X509v3 Authority Key Identifier:
                keyid:FD:9C:B9:83:74:37:2D:36:5A:88:25:24:4D:C8:2A:CE:E1:EE:26:0A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/8174f9e0234527f23fb0bcfd7cea896897ec3191.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/e292cf36-d052-443b-ac4b-7b4ba73bc218/3064486fc108f2ba3c7f93184afc2a70e425399f.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/e292cf36-d052-443b-ac4b-7b4ba73bc218/8174f9e0234527f23fb0bcfd7cea896897ec3191.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.47.47.0/24

    Signature Algorithm: sha256WithRSAEncryption
         45:bf:5b:4a:86:62:f9:33:67:9e:ce:5c:05:15:aa:83:5e:0b:
         49:a9:f9:90:bb:d8:1c:15:6d:56:b5:fd:46:6b:4e:d0:78:87:
         ed:d2:3b:91:0f:a6:c3:dc:0f:63:2f:37:f9:ed:65:7e:f3:df:
         6e:f2:26:03:f2:f0:c1:06:d3:00:6c:6d:c7:bd:93:67:df:50:
         74:33:77:27:64:c9:e1:06:e1:87:17:ea:1e:08:33:18:33:70:
         f4:cb:53:46:d3:86:7d:6c:49:5b:81:17:aa:c6:1c:9e:3e:73:
         0e:f2:f9:e9:2a:69:af:93:f5:a2:20:25:99:68:eb:f3:d7:db:
         8e:89:5e:ef:99:7d:f0:03:8f:39:ae:81:d5:c1:df:18:8b:36:
         04:45:d3:9f:5b:43:27:9f:8c:1e:f4:66:04:27:1e:a0:05:93:
         f5:f0:33:f2:20:06:41:79:2f:7f:27:39:e7:5a:d9:4e:c1:7f:
         fe:73:81:fc:55:02:77:1d:f0:78:86:e4:33:bb:99:f1:46:72:
         fe:6d:03:b1:0e:59:04:81:ea:6c:60:5a:5d:bd:84:f2:20:cd:
         52:12:92:37:69:70:36:11:21:a2:83:74:19:5d:1d:71:1c:aa:
         53:a6:fe:59:e5:40:01:2d:d0:c3:40:25:39:c6:5f:b0:e7:b2:
         88:d3:f1:39
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDDdTRMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDgx
NzRmOWUwMjM0NTI3ZjIzZmIwYmNmZDdjZWE4OTY4OTdlYzMxOTEwHhcNMjMwODE3
MTUxMzUzWhcNMjUwODE4MTUxMzUzWjAzMTEwLwYDVQQDEygzMDY0NDg2ZmMxMDhm
MmJhM2M3ZjkzMTg0YWZjMmE3MGU0MjUzOTlmMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAjGyvi3rZqK4hU+rdnFFeeW9uhHrc5+zNEVJbjTXNIrvljPzc
95FIonOZy/ltRIci2vnAX+CEfBnhmbNT5ushAdgT3SRYAaD1+ozyvvdecZO7YbiS
wehh2SQfmFdA9NokP1r0+Oa64DX4F66zEso+2LPbut0umLm/XNLd9xW7RH1EDlAk
HTvcErYpwyJ3SKlX2prf3ALuX0lHGKdqkMb+Xr3UNtL5PTrG7F8pdTXXTOG3Vb6X
rUpr4P9rln82k55Vyx4vghfjrifTlFKWDF4IzKr3M9S92MOQj1qe598KPouyDvDm
b/eMHABgDr6FV0OZ9gJAUv6dxlHl4qup/rvhJQIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFDVAXDd2yOoQFQNNV+ogCtbqb/gEMB8GA1UdIwQYMBaAFP2cuYN0Ny02Wogl
JE3IKs7h7iYKMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvODE3NGY5
ZTAyMzQ1MjdmMjNmYjBiY2ZkN2NlYTg5Njg5N2VjMzE5MS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvZTI5MmNmMzYtZDA1Mi00NDNiLWFjNGItN2I0YmE3
M2JjMjE4LzMwNjQ0ODZmYzEwOGYyYmEzYzdmOTMxODRhZmMyYTcwZTQyNTM5OWYu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9lMjkyY2YzNi1kMDUyLTQ0M2ItYWM0Yi03YjRi
YTczYmMyMTgvODE3NGY5ZTAyMzQ1MjdmMjNmYjBiY2ZkN2NlYTg5Njg5N2VjMzE5
MS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAMgvLzANBgkqhkiG9w0BAQsFAAOCAQEARb9bSoZi+TNnns5c
BRWqg14LSan5kLvYHBVtVrX9RmtO0HiH7dI7kQ+mw9wPYy83+e1lfvPfbvImA/Lw
wQbTAGxtx72TZ99QdDN3J2TJ4QbhhxfqHggzGDNw9MtTRtOGfWxJW4EXqsYcnj5z
DvL56Sppr5P1oiAlmWjr89fbjole75l98AOPOa6B1cHfGIs2BEXTn1tDJ5+MHvRm
BCceoAWT9fAz8iAGQXkvfyc551rZTsF//nOB/FUCdx3weIbkM7uZ8UZy/m0DsQ5Z
BIHqbGBaXb2E8iDNUhKSN2lwNhEhooN0GV0dcRyqU6b+WeVAAS3Qw0AlOcZfsOey
iNPxOQ==
-----END CERTIFICATE-----
Generated at Sun Feb 25 02:19:07 2024 by rpki-client on console-fra.rpki-client.org