Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/e70ffa56-ac19-410a-a9e0-0efc375f40f5/832587fca79c9322e147e314a5beac0af6dd21b9.roa
File:                     832587fca79c9322e147e314a5beac0af6dd21b9.roa (raw, json)
Hash identifier:          9RC7I3o2/f8HSb2FKhWuapJ67K/CBKw2kxT7/uICSOM=
Subject key identifier:   1E:E0:9A:57:60:90:FE:84:8A:2E:24:0F:1A:AD:7A:4E:99:79:26:DB
Certificate issuer:       /CN=964a21ff7c1fd56e60119cb717b0e0a16f85e7d4
Certificate serial:       063D11
Authority key identifier: 62:1E:53:9D:6D:E0:5F:59:D3:77:CD:57:97:ED:EB:3F:02:D0:8A:EF
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/964a21ff7c1fd56e60119cb717b0e0a16f85e7d4.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/e70ffa56-ac19-410a-a9e0-0efc375f40f5/832587fca79c9322e147e314a5beac0af6dd21b9.roa
Signing time:             Wed 24 Mar 2021 14:46:03 +0000
ROA not before:           Wed 24 Mar 2021 14:46:03 +0000
ROA not after:            Tue 24 Mar 2026 14:46:03 +0000
asID:                     28032
IP address blocks:        200.233.44.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/e70ffa56-ac19-410a-a9e0-0efc375f40f5/964a21ff7c1fd56e60119cb717b0e0a16f85e7d4.crl
                          rsync://repository.lacnic.net/rpki/lacnic/e70ffa56-ac19-410a-a9e0-0efc375f40f5/964a21ff7c1fd56e60119cb717b0e0a16f85e7d4.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/964a21ff7c1fd56e60119cb717b0e0a16f85e7d4.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 03:49:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 408849 (0x63d11)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=964a21ff7c1fd56e60119cb717b0e0a16f85e7d4
        Validity
            Not Before: Mar 24 14:46:03 2021 GMT
            Not After : Mar 24 14:46:03 2026 GMT
        Subject: CN=832587fca79c9322e147e314a5beac0af6dd21b9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:bb:36:49:ca:bf:10:27:8d:56:81:95:14:3d:
                    72:39:b6:83:1f:0c:0f:ce:05:b7:c5:3f:7b:72:04:
                    57:6e:3d:d8:9f:9c:cc:e2:43:b9:67:30:87:94:03:
                    d2:10:c2:b8:b8:f9:a8:79:af:d1:0e:5c:3a:65:10:
                    16:79:a9:12:bd:85:f2:49:ae:a0:6b:01:cd:c5:55:
                    10:ac:1f:7e:6d:9a:b3:21:c9:07:f8:16:6e:9e:b2:
                    33:af:c1:96:3c:3e:46:df:cf:e7:a1:a7:62:39:92:
                    ae:f6:4b:96:0c:f7:b3:34:84:79:ff:d3:f9:dd:68:
                    29:a6:f3:2b:e6:4f:e1:5d:08:a1:5c:1e:85:87:95:
                    6f:3c:ef:61:5e:aa:d4:3e:5f:2a:3b:df:a1:6b:ef:
                    58:70:50:98:01:ca:24:6a:cb:81:b7:37:01:fd:a8:
                    1b:2f:d3:5a:7d:27:0c:44:96:43:d2:b3:f0:ee:c1:
                    cd:36:28:63:8a:49:f9:b1:5c:2c:fe:62:0d:4a:59:
                    f5:44:21:3b:b1:e3:cc:d0:7a:2b:91:e8:3d:ec:e7:
                    a3:80:8c:ae:ad:f5:f6:6d:41:8e:2b:d9:6f:6f:dd:
                    8f:1d:ef:75:55:f2:82:4b:05:32:fa:a9:f7:34:a5:
                    f3:eb:e7:38:f4:89:af:d2:5d:9b:22:35:94:bb:cc:
                    cc:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1E:E0:9A:57:60:90:FE:84:8A:2E:24:0F:1A:AD:7A:4E:99:79:26:DB
            X509v3 Authority Key Identifier:
                keyid:62:1E:53:9D:6D:E0:5F:59:D3:77:CD:57:97:ED:EB:3F:02:D0:8A:EF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/964a21ff7c1fd56e60119cb717b0e0a16f85e7d4.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/e70ffa56-ac19-410a-a9e0-0efc375f40f5/832587fca79c9322e147e314a5beac0af6dd21b9.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/e70ffa56-ac19-410a-a9e0-0efc375f40f5/964a21ff7c1fd56e60119cb717b0e0a16f85e7d4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.233.44.0/22

    Signature Algorithm: sha256WithRSAEncryption
         3c:08:7e:71:5f:a2:38:5d:63:fa:2c:40:14:d6:42:5c:09:45:
         f2:66:be:1f:38:af:c7:62:7a:07:09:db:e9:81:7c:ee:26:e0:
         7b:a4:dd:03:cd:b1:81:27:39:fe:d3:20:3e:e5:87:86:8e:b4:
         7b:87:83:25:86:01:f5:19:39:42:56:ff:fd:61:ea:fd:1b:65:
         c8:0e:af:62:c2:ef:8d:30:df:ee:8d:f7:0d:f6:92:80:c2:ca:
         34:60:5c:35:1e:af:71:0e:57:39:b2:02:65:de:35:59:41:b2:
         db:92:9f:12:53:6c:81:6e:0d:dc:22:11:70:dc:59:1d:fc:a3:
         5a:b5:3a:9e:f7:bc:eb:f2:12:54:7c:ce:e7:d3:12:14:50:3e:
         3d:42:c8:49:86:64:4d:78:a0:2e:da:41:b4:be:0e:91:a4:e6:
         b5:32:00:9b:1a:11:d0:a3:87:e2:b0:77:fa:b4:a5:af:dd:eb:
         43:8c:e5:26:a9:5e:27:61:52:a5:75:90:4f:19:cd:dc:a6:e0:
         ba:d8:05:3a:18:3c:fd:31:3e:81:50:17:61:3b:28:d7:f6:e9:
         2f:13:f0:f0:48:62:ca:ad:be:b3:7d:53:d2:29:5c:e5:d3:6f:
         64:c9:4b:16:8b:d5:11:b1:15:8d:50:c5:ed:3e:20:d4:55:7d:
         4c:9d:91:a2
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDBj0RMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDk2
NGEyMWZmN2MxZmQ1NmU2MDExOWNiNzE3YjBlMGExNmY4NWU3ZDQwHhcNMjEwMzI0
MTQ0NjAzWhcNMjYwMzI0MTQ0NjAzWjAzMTEwLwYDVQQDEyg4MzI1ODdmY2E3OWM5
MzIyZTE0N2UzMTRhNWJlYWMwYWY2ZGQyMWI5MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAx7s2Scq/ECeNVoGVFD1yObaDHwwPzgW3xT97cgRXbj3Yn5zM
4kO5ZzCHlAPSEMK4uPmoea/RDlw6ZRAWeakSvYXySa6gawHNxVUQrB9+bZqzIckH
+BZunrIzr8GWPD5G38/noadiOZKu9kuWDPezNIR5/9P53WgppvMr5k/hXQihXB6F
h5VvPO9hXqrUPl8qO9+ha+9YcFCYAcokasuBtzcB/agbL9NafScMRJZD0rPw7sHN
Nihjikn5sVws/mINSln1RCE7sePM0Horkeg97OejgIyurfX2bUGOK9lvb92PHe91
VfKCSwUy+qn3NKXz6+c49Imv0l2bIjWUu8zMUwIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFB7gmldgkP6Eii4kDxqtek6ZeSbbMB8GA1UdIwQYMBaAFGIeU51t4F9Z03fN
V5ft6z8C0IrvMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvOTY0YTIx
ZmY3YzFmZDU2ZTYwMTE5Y2I3MTdiMGUwYTE2Zjg1ZTdkNC5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvZTcwZmZhNTYtYWMxOS00MTBhLWE5ZTAtMGVmYzM3
NWY0MGY1LzgzMjU4N2ZjYTc5YzkzMjJlMTQ3ZTMxNGE1YmVhYzBhZjZkZDIxYjku
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9lNzBmZmE1Ni1hYzE5LTQxMGEtYTllMC0wZWZj
Mzc1ZjQwZjUvOTY0YTIxZmY3YzFmZDU2ZTYwMTE5Y2I3MTdiMGUwYTE2Zjg1ZTdk
NC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAsjpLDANBgkqhkiG9w0BAQsFAAOCAQEAPAh+cV+iOF1j+ixA
FNZCXAlF8ma+Hzivx2J6Bwnb6YF87ibge6TdA82xgSc5/tMgPuWHho60e4eDJYYB
9Rk5Qlb//WHq/RtlyA6vYsLvjTDf7o33DfaSgMLKNGBcNR6vcQ5XObICZd41WUGy
25KfElNsgW4N3CIRcNxZHfyjWrU6nve86/ISVHzO59MSFFA+PULISYZkTXigLtpB
tL4OkaTmtTIAmxoR0KOH4rB3+rSlr93rQ4zlJqleJ2FSpXWQTxnN3KbgutgFOhg8
/TE+gVAXYTso1/bpLxPw8Ehiyq2+s31T0ilc5dNvZMlLFovVEbEVjVDF7T4g1FV9
TJ2Rog==
-----END CERTIFICATE-----
Generated at Thu Mar 28 08:36:09 2024 by rpki-client on console-fra.rpki-client.org