Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/fe0a37a0-166a-4a06-a48b-44df7521fa4e/d7ae4c5b40200fb2659355a9f2b13fe20ddc8f03.roa
File:                     d7ae4c5b40200fb2659355a9f2b13fe20ddc8f03.roa (raw, json)
Hash identifier:          LukO3kRRlCnIY6WchPkDAzkppeoDdKy2753xBKkhRME=
Subject key identifier:   B8:27:65:8E:5E:EC:E9:8F:87:B7:AD:BC:7C:67:1E:5F:2B:41:72:6A
Certificate issuer:       /CN=23091c63c58ba27ebd4d56345b541e6a9f5d1923
Certificate serial:       0D8BB7
Authority key identifier: FC:C5:DE:7D:91:EE:FC:28:49:91:6D:DA:53:BB:B7:7D:16:F9:53:2B
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/23091c63c58ba27ebd4d56345b541e6a9f5d1923.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/fe0a37a0-166a-4a06-a48b-44df7521fa4e/d7ae4c5b40200fb2659355a9f2b13fe20ddc8f03.roa
Signing time:             Wed 24 Mar 2021 14:28:33 +0000
ROA not before:           Wed 24 Mar 2021 14:28:32 +0000
ROA not after:            Tue 24 Mar 2026 14:28:32 +0000
asID:                     28017
IP address blocks:        200.0.21.0/24 maxlen: 25

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/fe0a37a0-166a-4a06-a48b-44df7521fa4e/23091c63c58ba27ebd4d56345b541e6a9f5d1923.crl
                          rsync://repository.lacnic.net/rpki/lacnic/fe0a37a0-166a-4a06-a48b-44df7521fa4e/23091c63c58ba27ebd4d56345b541e6a9f5d1923.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/23091c63c58ba27ebd4d56345b541e6a9f5d1923.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 19:38:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 887735 (0xd8bb7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=23091c63c58ba27ebd4d56345b541e6a9f5d1923
        Validity
            Not Before: Mar 24 14:28:32 2021 GMT
            Not After : Mar 24 14:28:32 2026 GMT
        Subject: CN=d7ae4c5b40200fb2659355a9f2b13fe20ddc8f03
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:51:b4:2b:cb:e6:45:a9:7a:90:38:81:e4:96:
                    f8:05:06:eb:5b:73:14:14:0f:0c:08:82:71:03:39:
                    66:a4:40:38:76:a3:8a:23:0d:8e:d5:20:e4:5e:eb:
                    50:b3:63:6e:50:7b:5c:f1:8d:a6:8f:ff:7d:bf:fa:
                    ae:16:90:75:5b:a3:04:96:7b:a8:3c:bc:c1:75:04:
                    30:fa:ca:ff:05:ea:1d:eb:c2:52:67:9b:ec:f3:c2:
                    be:59:03:f5:4f:2a:13:20:9a:d1:63:86:fa:72:05:
                    2b:8b:8f:da:04:19:77:eb:09:77:21:e1:43:54:43:
                    f1:c2:87:6c:1a:5b:51:16:7e:06:da:e1:9d:76:43:
                    d6:3b:20:fa:e7:e9:cc:a7:a9:f0:92:97:af:39:cb:
                    a6:35:89:0b:b9:82:c1:b2:1f:f2:10:46:b7:e7:b0:
                    b6:84:ec:13:00:a1:fc:49:ca:72:60:67:ef:f6:61:
                    85:ac:8f:b9:50:d2:55:d5:28:96:aa:ef:69:98:28:
                    55:f4:01:30:62:4f:74:89:c4:53:01:d7:1c:bc:61:
                    3f:ae:3b:bc:03:36:b6:f0:7d:a9:f9:91:36:4c:54:
                    a5:a4:57:37:eb:04:4a:3a:76:78:5c:cd:c9:10:d0:
                    6b:5c:cd:37:8f:53:44:b1:7c:ec:e3:62:b1:e9:f2:
                    35:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B8:27:65:8E:5E:EC:E9:8F:87:B7:AD:BC:7C:67:1E:5F:2B:41:72:6A
            X509v3 Authority Key Identifier:
                keyid:FC:C5:DE:7D:91:EE:FC:28:49:91:6D:DA:53:BB:B7:7D:16:F9:53:2B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/23091c63c58ba27ebd4d56345b541e6a9f5d1923.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/fe0a37a0-166a-4a06-a48b-44df7521fa4e/d7ae4c5b40200fb2659355a9f2b13fe20ddc8f03.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/fe0a37a0-166a-4a06-a48b-44df7521fa4e/23091c63c58ba27ebd4d56345b541e6a9f5d1923.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.0.21.0/24

    Signature Algorithm: sha256WithRSAEncryption
         24:ec:3d:f4:96:61:f2:bd:08:5c:76:58:bb:23:fa:3f:4c:08:
         80:73:a8:0b:de:62:d1:dd:38:89:9e:00:3f:e9:7d:aa:be:fc:
         43:eb:34:91:46:b1:f8:1b:65:d6:de:d4:5c:5b:60:c4:d0:f8:
         b5:f6:d6:92:f2:81:dd:b6:1c:54:11:81:d5:f0:0f:6c:9d:a2:
         0f:22:51:3f:2f:33:6a:84:90:97:2b:6c:d8:67:69:21:cb:b5:
         37:b6:ad:37:5a:d6:4d:00:62:e0:9f:62:e2:19:b2:6b:6f:e5:
         0a:17:8c:92:32:ca:33:47:cd:dd:1e:c8:ed:b8:7d:6e:38:3e:
         c6:c3:79:26:22:7b:55:9c:88:a9:81:7b:97:f0:05:e0:44:1a:
         13:89:9a:b4:70:2f:42:64:18:3a:3a:b6:d8:bb:b1:c7:5f:34:
         64:bc:83:a6:36:9d:0e:3d:35:59:27:66:60:01:e5:ed:fe:f4:
         a7:4a:de:f1:e4:b5:f9:43:d5:99:d8:32:66:e4:08:c0:62:d0:
         de:a0:99:b3:1f:bf:6d:d6:59:34:e5:d8:90:7b:24:0e:ad:13:
         50:be:dd:f9:f9:0c:30:e7:6a:ba:d0:a2:35:0b:8c:ae:0e:41:
         15:69:86:35:9d:e2:d6:3a:7f:f1:a6:0d:76:08:16:27:23:8d:
         ee:59:31:b4
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDDYu3MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDIz
MDkxYzYzYzU4YmEyN2ViZDRkNTYzNDViNTQxZTZhOWY1ZDE5MjMwHhcNMjEwMzI0
MTQyODMyWhcNMjYwMzI0MTQyODMyWjAzMTEwLwYDVQQDEyhkN2FlNGM1YjQwMjAw
ZmIyNjU5MzU1YTlmMmIxM2ZlMjBkZGM4ZjAzMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAi1G0K8vmRal6kDiB5Jb4BQbrW3MUFA8MCIJxAzlmpEA4dqOK
Iw2O1SDkXutQs2NuUHtc8Y2mj/99v/quFpB1W6MElnuoPLzBdQQw+sr/Beod68JS
Z5vs88K+WQP1TyoTIJrRY4b6cgUri4/aBBl36wl3IeFDVEPxwodsGltRFn4G2uGd
dkPWOyD65+nMp6nwkpevOcumNYkLuYLBsh/yEEa357C2hOwTAKH8ScpyYGfv9mGF
rI+5UNJV1SiWqu9pmChV9AEwYk90icRTAdccvGE/rju8Aza28H2p+ZE2TFSlpFc3
6wRKOnZ4XM3JENBrXM03j1NEsXzs42Kx6fI1NQIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFLgnZY5e7OmPh7etvHxnHl8rQXJqMB8GA1UdIwQYMBaAFPzF3n2R7vwoSZFt
2lO7t30W+VMrMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvMjMwOTFj
NjNjNThiYTI3ZWJkNGQ1NjM0NWI1NDFlNmE5ZjVkMTkyMy5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvZmUwYTM3YTAtMTY2YS00YTA2LWE0OGItNDRkZjc1
MjFmYTRlL2Q3YWU0YzViNDAyMDBmYjI2NTkzNTVhOWYyYjEzZmUyMGRkYzhmMDMu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9mZTBhMzdhMC0xNjZhLTRhMDYtYTQ4Yi00NGRm
NzUyMWZhNGUvMjMwOTFjNjNjNThiYTI3ZWJkNGQ1NjM0NWI1NDFlNmE5ZjVkMTky
My5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAMgAFTANBgkqhkiG9w0BAQsFAAOCAQEAJOw99JZh8r0IXHZY
uyP6P0wIgHOoC95i0d04iZ4AP+l9qr78Q+s0kUax+Btl1t7UXFtgxND4tfbWkvKB
3bYcVBGB1fAPbJ2iDyJRPy8zaoSQlyts2GdpIcu1N7atN1rWTQBi4J9i4hmya2/l
CheMkjLKM0fN3R7I7bh9bjg+xsN5JiJ7VZyIqYF7l/AF4EQaE4matHAvQmQYOjq2
2Luxx180ZLyDpjadDj01WSdmYAHl7f70p0re8eS1+UPVmdgyZuQIwGLQ3qCZsx+/
bdZZNOXYkHskDq0TUL7d+fkMMOdqutCiNQuMrg5BFWmGNZ3i1jp/8aYNdggWJyON
7lkxtA==
-----END CERTIFICATE-----
Generated at Fri Mar 29 02:14:31 2024 by rpki-client on console-ams.rpki-client.org