Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/fe99f78b-0340-4445-8425-dad4b56d10ce/16f075d3db9bf54595a2e44e2809c51b3d753540.roa
File:                     16f075d3db9bf54595a2e44e2809c51b3d753540.roa (raw, json)
Hash identifier:          CAfxM2hDE114kG3To9CB3hIbIzDCWPRi/tsj/0xZLSs=
Subject key identifier:   5C:25:5F:C6:A8:B7:E1:18:DA:A2:A0:CB:97:10:88:3D:E7:47:DF:7B
Certificate issuer:       /CN=bf24fd91440eab63914b29a50bfb1040fa9f2fdf
Certificate serial:       0CA464
Authority key identifier: C1:F2:F0:8B:2A:39:0B:01:A7:40:BB:A1:D2:58:99:BA:67:D8:AA:41
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/bf24fd91440eab63914b29a50bfb1040fa9f2fdf.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/fe99f78b-0340-4445-8425-dad4b56d10ce/16f075d3db9bf54595a2e44e2809c51b3d753540.roa
Signing time:             Wed 24 Mar 2021 14:39:24 +0000
ROA not before:           Wed 24 Mar 2021 14:39:24 +0000
ROA not after:            Tue 24 Mar 2026 14:39:24 +0000
asID:                     27947
IP address blocks:        200.6.13.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/fe99f78b-0340-4445-8425-dad4b56d10ce/bf24fd91440eab63914b29a50bfb1040fa9f2fdf.crl
                          rsync://repository.lacnic.net/rpki/lacnic/fe99f78b-0340-4445-8425-dad4b56d10ce/bf24fd91440eab63914b29a50bfb1040fa9f2fdf.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/bf24fd91440eab63914b29a50bfb1040fa9f2fdf.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 01 Apr 2024 05:58:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 828516 (0xca464)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bf24fd91440eab63914b29a50bfb1040fa9f2fdf
        Validity
            Not Before: Mar 24 14:39:24 2021 GMT
            Not After : Mar 24 14:39:24 2026 GMT
        Subject: CN=16f075d3db9bf54595a2e44e2809c51b3d753540
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:df:37:90:5a:aa:ae:68:5a:83:c8:2c:02:cf:
                    d8:be:8a:72:50:f7:ba:3a:9d:4d:1f:c0:ae:e4:d8:
                    92:36:f8:b7:6b:87:47:6b:1b:57:b1:67:22:ab:ef:
                    c3:10:69:ad:99:0a:ac:16:74:fd:3c:89:0f:c5:d1:
                    1b:d3:cf:9b:a6:0a:41:36:b4:1c:3c:43:df:e8:20:
                    61:3e:b1:f5:20:1e:10:dc:f5:2b:2b:35:73:ba:7c:
                    ca:90:36:c2:3b:c4:35:67:ae:1f:87:85:70:07:56:
                    49:66:35:b1:0b:2b:1a:a0:62:c5:31:66:8d:02:9f:
                    77:e5:3d:b1:fe:4b:c7:f4:04:96:3a:f5:ba:79:70:
                    19:96:c9:9d:f8:78:1d:58:97:27:25:54:b2:89:64:
                    c9:57:3b:fc:fe:f3:bf:9a:c8:8c:c0:a4:15:42:95:
                    be:66:0f:ab:7d:4a:d6:54:e5:f1:c8:c8:2d:e5:5f:
                    9d:65:f5:48:7d:5d:04:c2:4c:29:af:58:f1:97:14:
                    cf:16:e5:81:fc:ff:af:91:cd:03:5e:d9:65:69:5d:
                    a6:ba:5b:98:51:eb:92:51:a9:cb:14:a3:1e:57:c8:
                    87:68:8c:35:cd:ca:5d:d6:38:79:aa:a3:49:d9:69:
                    ea:6f:98:3b:dc:92:18:4e:23:85:f5:0c:6d:e1:c9:
                    68:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5C:25:5F:C6:A8:B7:E1:18:DA:A2:A0:CB:97:10:88:3D:E7:47:DF:7B
            X509v3 Authority Key Identifier:
                keyid:C1:F2:F0:8B:2A:39:0B:01:A7:40:BB:A1:D2:58:99:BA:67:D8:AA:41

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/bf24fd91440eab63914b29a50bfb1040fa9f2fdf.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/fe99f78b-0340-4445-8425-dad4b56d10ce/16f075d3db9bf54595a2e44e2809c51b3d753540.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/fe99f78b-0340-4445-8425-dad4b56d10ce/bf24fd91440eab63914b29a50bfb1040fa9f2fdf.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.6.13.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6b:a1:86:73:98:48:d1:01:b7:e8:ee:a9:60:d8:b6:54:2f:77:
         2b:4c:a8:d8:fd:de:ab:ca:1c:96:e3:02:5b:47:5e:ca:99:9d:
         38:ce:37:8a:52:ac:73:86:1c:77:1e:3f:d9:cd:a1:8a:50:68:
         b0:15:25:8a:cb:8a:6d:7a:7c:14:24:df:9f:e9:e1:1a:c3:b0:
         90:8c:7f:f7:2e:17:f1:55:c4:2b:f7:62:e3:3b:03:14:b4:c9:
         8b:28:c2:a7:c6:24:dc:d7:2f:2f:26:ad:fd:59:7b:4b:b7:ed:
         22:dd:8d:09:af:6b:e0:a5:e5:c2:7c:45:54:e0:3c:c3:f6:c4:
         29:75:23:9d:bd:81:55:c7:c1:95:75:22:4b:1c:ac:04:42:53:
         0a:e7:35:22:0a:66:85:bc:1d:bb:78:fe:eb:4a:13:fe:b7:d6:
         0c:09:e5:f0:af:75:b8:32:1d:33:c8:02:48:3b:8a:21:c5:df:
         a1:5f:4e:7f:08:20:65:fa:d7:9a:3d:d0:36:5e:03:9d:f0:b0:
         6a:a1:82:70:75:86:c0:dd:a9:81:6e:0e:1d:1f:52:f7:a6:03:
         5c:91:39:5d:c8:12:ae:0d:e8:76:7e:6c:d4:64:e8:cf:0a:87:
         46:32:16:21:e8:1d:3d:2b:3f:4a:36:55:ae:27:e3:be:ee:52:
         b5:25:99:47
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDDKRkMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGJm
MjRmZDkxNDQwZWFiNjM5MTRiMjlhNTBiZmIxMDQwZmE5ZjJmZGYwHhcNMjEwMzI0
MTQzOTI0WhcNMjYwMzI0MTQzOTI0WjAzMTEwLwYDVQQDEygxNmYwNzVkM2RiOWJm
NTQ1OTVhMmU0NGUyODA5YzUxYjNkNzUzNTQwMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAyt83kFqqrmhag8gsAs/YvopyUPe6Op1NH8Cu5NiSNvi3a4dH
axtXsWciq+/DEGmtmQqsFnT9PIkPxdEb08+bpgpBNrQcPEPf6CBhPrH1IB4Q3PUr
KzVzunzKkDbCO8Q1Z64fh4VwB1ZJZjWxCysaoGLFMWaNAp935T2x/kvH9ASWOvW6
eXAZlsmd+HgdWJcnJVSyiWTJVzv8/vO/msiMwKQVQpW+Zg+rfUrWVOXxyMgt5V+d
ZfVIfV0Ewkwpr1jxlxTPFuWB/P+vkc0DXtllaV2muluYUeuSUanLFKMeV8iHaIw1
zcpd1jh5qqNJ2Wnqb5g73JIYTiOF9Qxt4cloxwIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFFwlX8aot+EY2qKgy5cQiD3nR997MB8GA1UdIwQYMBaAFMHy8IsqOQsBp0C7
odJYmbpn2KpBMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYmYyNGZk
OTE0NDBlYWI2MzkxNGIyOWE1MGJmYjEwNDBmYTlmMmZkZi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvZmU5OWY3OGItMDM0MC00NDQ1LTg0MjUtZGFkNGI1
NmQxMGNlLzE2ZjA3NWQzZGI5YmY1NDU5NWEyZTQ0ZTI4MDljNTFiM2Q3NTM1NDAu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9mZTk5Zjc4Yi0wMzQwLTQ0NDUtODQyNS1kYWQ0
YjU2ZDEwY2UvYmYyNGZkOTE0NDBlYWI2MzkxNGIyOWE1MGJmYjEwNDBmYTlmMmZk
Zi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAMgGDTANBgkqhkiG9w0BAQsFAAOCAQEAa6GGc5hI0QG36O6p
YNi2VC93K0yo2P3eq8ocluMCW0deypmdOM43ilKsc4Ycdx4/2c2hilBosBUlisuK
bXp8FCTfn+nhGsOwkIx/9y4X8VXEK/di4zsDFLTJiyjCp8Yk3NcvLyat/Vl7S7ft
It2NCa9r4KXlwnxFVOA8w/bEKXUjnb2BVcfBlXUiSxysBEJTCuc1Igpmhbwdu3j+
60oT/rfWDAnl8K91uDIdM8gCSDuKIcXfoV9OfwggZfrXmj3QNl4DnfCwaqGCcHWG
wN2pgW4OHR9S96YDXJE5XcgSrg3odn5s1GTozwqHRjIWIegdPSs/SjZVrifjvu5S
tSWZRw==
-----END CERTIFICATE-----
Generated at Fri Mar 29 08:11:28 2024 by rpki-client on console-fra.rpki-client.org