Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/e3cc602c-3003-4d9c-b2a9-57d6dbe15a76/dd93e2e622998fcac472e597dcc95e1531460dac.roa
File:                     dd93e2e622998fcac472e597dcc95e1531460dac.roa (raw, json)
Hash identifier:          7muDO0XDxb7M9SJxTvk71FyRi2YlfGcevOsF+63tB4c=
Subject key identifier:   D8:D9:EE:F7:83:C3:87:58:61:82:25:1B:84:4A:CA:5B:40:20:61:4A
Certificate issuer:       /CN=5d8acf86c4ef1439f1fcdd22154481d770578f01
Certificate serial:       0D5CD8
Authority key identifier: 5B:14:12:EF:1D:15:77:FE:F4:9D:AB:8F:5A:81:C9:B2:01:96:A9:BC
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/5d8acf86c4ef1439f1fcdd22154481d770578f01.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/e3cc602c-3003-4d9c-b2a9-57d6dbe15a76/dd93e2e622998fcac472e597dcc95e1531460dac.roa
Signing time:             Wed 24 Mar 2021 14:38:05 +0000
ROA not before:           Wed 24 Mar 2021 14:38:05 +0000
ROA not after:            Tue 24 Mar 2026 14:38:05 +0000
asID:                     27725
IP address blocks:        200.14.54.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/e3cc602c-3003-4d9c-b2a9-57d6dbe15a76/5d8acf86c4ef1439f1fcdd22154481d770578f01.crl
                          rsync://repository.lacnic.net/rpki/lacnic/e3cc602c-3003-4d9c-b2a9-57d6dbe15a76/5d8acf86c4ef1439f1fcdd22154481d770578f01.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/5d8acf86c4ef1439f1fcdd22154481d770578f01.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 01 Apr 2024 05:58:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 875736 (0xd5cd8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5d8acf86c4ef1439f1fcdd22154481d770578f01
        Validity
            Not Before: Mar 24 14:38:05 2021 GMT
            Not After : Mar 24 14:38:05 2026 GMT
        Subject: CN=dd93e2e622998fcac472e597dcc95e1531460dac
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:44:1c:16:97:6c:84:ed:94:84:97:7a:9c:60:
                    5b:15:f1:0b:21:92:e7:2f:90:45:88:e7:19:40:05:
                    4a:86:8b:c1:c9:21:ce:f5:20:ab:c7:1a:63:62:b5:
                    0c:74:d0:62:f9:22:e0:78:e0:3d:f8:56:8d:86:a6:
                    a5:e5:02:65:19:ba:40:68:d2:bd:99:98:a1:d0:58:
                    54:5c:83:9b:6f:9c:33:6e:ce:86:5a:9a:76:14:00:
                    80:56:35:cb:e6:58:8d:87:78:af:f0:12:d0:81:15:
                    46:72:ed:de:7c:7a:01:50:79:91:49:ce:61:9e:71:
                    90:2d:27:7f:75:e8:ce:78:c3:02:b6:b7:ef:30:f3:
                    71:15:ef:b9:f6:0c:c7:89:86:62:e3:e8:c7:a1:a6:
                    44:dc:c1:42:b7:dc:45:d4:29:b9:95:ed:f6:96:63:
                    e5:be:00:4e:70:2c:39:5b:19:38:69:6d:c6:33:fe:
                    93:59:05:27:b0:8b:01:68:e3:ee:38:73:ac:26:09:
                    04:60:9c:19:a8:b8:05:23:52:2f:fb:f0:6b:99:43:
                    2a:ff:52:7a:b4:91:aa:5f:ef:3f:36:2a:01:2a:97:
                    c8:0f:ac:7a:c4:ff:f2:fe:2d:24:9a:85:ab:be:e8:
                    57:b1:eb:a4:09:aa:87:90:3f:82:76:58:19:a8:27:
                    40:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D8:D9:EE:F7:83:C3:87:58:61:82:25:1B:84:4A:CA:5B:40:20:61:4A
            X509v3 Authority Key Identifier:
                keyid:5B:14:12:EF:1D:15:77:FE:F4:9D:AB:8F:5A:81:C9:B2:01:96:A9:BC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/5d8acf86c4ef1439f1fcdd22154481d770578f01.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/e3cc602c-3003-4d9c-b2a9-57d6dbe15a76/dd93e2e622998fcac472e597dcc95e1531460dac.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/e3cc602c-3003-4d9c-b2a9-57d6dbe15a76/5d8acf86c4ef1439f1fcdd22154481d770578f01.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.14.54.0/24

    Signature Algorithm: sha256WithRSAEncryption
         71:09:8b:6f:b1:31:c5:bc:09:06:dc:36:32:17:95:2d:fa:54:
         d9:bf:56:e0:78:aa:e9:ac:af:a9:c2:2e:f9:ad:b6:6b:cd:a8:
         d6:2b:21:7b:b6:61:c0:8a:b4:25:7f:2d:a8:f1:cd:e8:ae:8e:
         d5:1c:d5:8f:a3:8d:6e:2d:e4:1f:64:b5:52:a9:83:ba:a9:8c:
         5f:16:66:4b:b8:ee:0d:10:b2:e7:b3:63:4c:ff:58:5a:6e:87:
         bd:7d:c3:1a:29:b7:83:3b:22:49:97:f6:7d:2a:2d:0d:77:16:
         4f:d4:d7:8e:eb:f3:de:8f:ca:19:c2:a8:5c:38:f6:bb:cb:dd:
         0f:9f:bf:51:dc:6e:41:3f:70:b8:eb:fe:ec:f5:3b:48:99:48:
         a6:1f:1c:87:18:f0:6a:32:cf:ec:bf:fd:11:d4:93:b7:db:04:
         16:cc:8b:d7:12:36:88:1d:d1:9b:b8:f7:40:4e:08:88:b5:75:
         cc:40:eb:f5:86:31:07:58:33:2b:a0:c3:ed:6e:ff:52:f3:80:
         a3:08:20:9a:cd:fd:6b:cb:00:68:30:97:ac:c2:bc:f7:8c:2b:
         0e:23:db:31:c2:05:0b:d0:26:de:2f:08:54:ee:fb:de:30:6c:
         a2:f9:90:13:82:98:af:46:2e:10:13:e5:9f:eb:f7:27:33:83:
         98:24:b1:cf
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDDVzYMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDVk
OGFjZjg2YzRlZjE0MzlmMWZjZGQyMjE1NDQ4MWQ3NzA1NzhmMDEwHhcNMjEwMzI0
MTQzODA1WhcNMjYwMzI0MTQzODA1WjAzMTEwLwYDVQQDEyhkZDkzZTJlNjIyOTk4
ZmNhYzQ3MmU1OTdkY2M5NWUxNTMxNDYwZGFjMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAoEQcFpdshO2UhJd6nGBbFfELIZLnL5BFiOcZQAVKhovBySHO
9SCrxxpjYrUMdNBi+SLgeOA9+FaNhqal5QJlGbpAaNK9mZih0FhUXIObb5wzbs6G
Wpp2FACAVjXL5liNh3iv8BLQgRVGcu3efHoBUHmRSc5hnnGQLSd/dejOeMMCtrfv
MPNxFe+59gzHiYZi4+jHoaZE3MFCt9xF1Cm5le32lmPlvgBOcCw5Wxk4aW3GM/6T
WQUnsIsBaOPuOHOsJgkEYJwZqLgFI1Iv+/BrmUMq/1J6tJGqX+8/NioBKpfID6x6
xP/y/i0kmoWrvuhXseukCaqHkD+CdlgZqCdAawIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFNjZ7veDw4dYYYIlG4RKyltAIGFKMB8GA1UdIwQYMBaAFFsUEu8dFXf+9J2r
j1qBybIBlqm8MA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvNWQ4YWNm
ODZjNGVmMTQzOWYxZmNkZDIyMTU0NDgxZDc3MDU3OGYwMS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvZTNjYzYwMmMtMzAwMy00ZDljLWIyYTktNTdkNmRi
ZTE1YTc2L2RkOTNlMmU2MjI5OThmY2FjNDcyZTU5N2RjYzk1ZTE1MzE0NjBkYWMu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9lM2NjNjAyYy0zMDAzLTRkOWMtYjJhOS01N2Q2
ZGJlMTVhNzYvNWQ4YWNmODZjNGVmMTQzOWYxZmNkZDIyMTU0NDgxZDc3MDU3OGYw
MS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAMgONjANBgkqhkiG9w0BAQsFAAOCAQEAcQmLb7ExxbwJBtw2
MheVLfpU2b9W4Hiq6ayvqcIu+a22a82o1ishe7ZhwIq0JX8tqPHN6K6O1RzVj6ON
bi3kH2S1UqmDuqmMXxZmS7juDRCy57NjTP9YWm6HvX3DGim3gzsiSZf2fSotDXcW
T9TXjuvz3o/KGcKoXDj2u8vdD5+/UdxuQT9wuOv+7PU7SJlIph8chxjwajLP7L/9
EdSTt9sEFsyL1xI2iB3Rm7j3QE4IiLV1zEDr9YYxB1gzK6DD7W7/UvOAowggms39
a8sAaDCXrMK894wrDiPbMcIFC9Am3i8IVO773jBsovmQE4KYr0YuEBPln+v3JzOD
mCSxzw==
-----END CERTIFICATE-----
Generated at Fri Mar 29 11:05:22 2024 by rpki-client on console-ams.rpki-client.org