Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/007f345f-fb6a-4df2-be72-2a0784ddc7a8/cec77fe16b4a7d780fee7f45be5662e4e93ab2aa.roa
File:                     cec77fe16b4a7d780fee7f45be5662e4e93ab2aa.roa (raw, json)
Hash identifier:          XiRUrOxtZ/Op9p6tszHl+BmdEgMr5VYuz1y/MIyozCo=
Subject key identifier:   47:50:10:87:4D:E7:B1:74:96:B9:FD:14:46:88:6F:D9:79:7D:27:4C
Certificate issuer:       /CN=8aceb7be6d2cec689a97f4991d039ae4c1b1574e
Certificate serial:       3578
Authority key identifier: F6:5A:88:B6:9C:9C:A1:05:9E:F6:C6:9C:40:2D:3D:45:3D:B6:68:DE
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/8aceb7be6d2cec689a97f4991d039ae4c1b1574e.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/007f345f-fb6a-4df2-be72-2a0784ddc7a8/cec77fe16b4a7d780fee7f45be5662e4e93ab2aa.roa
Signing time:             Mon 11 Sep 2023 21:07:45 +0000
ROA not before:           Sun 10 Sep 2023 21:07:45 +0000
ROA not after:            Thu 11 Sep 2025 21:07:45 +0000
asID:                     64151
IP address blocks:        2803:8f90::/32 maxlen: 32

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/007f345f-fb6a-4df2-be72-2a0784ddc7a8/8aceb7be6d2cec689a97f4991d039ae4c1b1574e.crl
                          rsync://repository.lacnic.net/rpki/lacnic/007f345f-fb6a-4df2-be72-2a0784ddc7a8/8aceb7be6d2cec689a97f4991d039ae4c1b1574e.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/8aceb7be6d2cec689a97f4991d039ae4c1b1574e.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 26 Feb 2024 11:55:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 13688 (0x3578)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8aceb7be6d2cec689a97f4991d039ae4c1b1574e
        Validity
            Not Before: Sep 10 21:07:45 2023 GMT
            Not After : Sep 11 21:07:45 2025 GMT
        Subject: CN=cec77fe16b4a7d780fee7f45be5662e4e93ab2aa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:7b:13:af:be:61:51:24:46:68:b0:45:9f:fc:
                    94:55:85:96:54:d8:2c:be:04:f9:e8:94:28:39:17:
                    74:e5:69:9d:8a:fe:23:dd:e0:58:e6:2e:ec:b4:2d:
                    f4:79:4b:06:1c:5b:c3:fb:13:88:9b:ac:22:bb:63:
                    bf:43:bb:aa:32:88:20:00:94:34:92:fd:60:fc:5e:
                    fd:94:65:f4:e9:3c:cb:39:8c:27:80:97:ed:63:ce:
                    bb:8b:8c:f4:34:99:dc:71:71:fb:37:1d:89:ce:d3:
                    85:d9:b7:c2:e6:48:0f:27:bb:22:24:30:ec:f6:b6:
                    e2:a0:73:4c:8a:07:95:01:32:0e:d8:8e:89:f5:4f:
                    33:aa:83:42:30:cf:35:a3:b8:05:71:03:5c:ef:44:
                    14:d2:2d:30:bc:c3:e3:34:14:4b:94:f5:1c:5b:51:
                    d8:ee:90:cc:c4:5b:d0:52:49:ff:ea:c8:c3:47:d0:
                    5b:6d:eb:17:ce:10:a9:92:36:c2:ad:cb:f7:c9:a1:
                    b8:83:39:c2:9c:bd:fb:06:29:cc:59:4d:8b:48:0a:
                    f4:e3:7a:84:76:d3:0e:8f:09:54:3c:91:81:fe:59:
                    18:48:db:a4:e3:71:5f:16:15:a1:e4:45:c9:b8:6c:
                    32:4e:c4:fb:e6:09:b4:ca:7d:8b:7b:f7:29:aa:91:
                    95:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                47:50:10:87:4D:E7:B1:74:96:B9:FD:14:46:88:6F:D9:79:7D:27:4C
            X509v3 Authority Key Identifier:
                keyid:F6:5A:88:B6:9C:9C:A1:05:9E:F6:C6:9C:40:2D:3D:45:3D:B6:68:DE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/8aceb7be6d2cec689a97f4991d039ae4c1b1574e.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/007f345f-fb6a-4df2-be72-2a0784ddc7a8/cec77fe16b4a7d780fee7f45be5662e4e93ab2aa.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/007f345f-fb6a-4df2-be72-2a0784ddc7a8/8aceb7be6d2cec689a97f4991d039ae4c1b1574e.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2803:8f90::/32

    Signature Algorithm: sha256WithRSAEncryption
         79:2a:c7:3d:0e:7a:b9:ac:67:fd:99:2b:f4:9d:1c:5d:0a:5b:
         dd:9c:be:26:8f:db:42:d2:25:a4:64:10:15:a9:28:91:60:dc:
         ec:b5:7a:44:8a:0d:64:ba:5e:38:c5:fc:ef:6f:f4:eb:d6:97:
         b5:df:ad:a4:c4:35:48:64:f6:88:4b:d4:1b:25:ba:03:67:64:
         c9:a2:0f:73:6e:5f:1d:7d:cd:bc:e0:25:fd:84:2c:7c:0f:a3:
         f0:3e:ce:37:7f:2c:1c:c8:a1:4a:6e:20:02:ac:70:f2:ce:18:
         0c:79:fe:2c:1e:fb:bd:89:e0:d6:c3:fb:31:fb:06:b6:6b:db:
         72:07:40:c3:ce:94:18:ca:91:1b:a5:2a:75:ae:9f:08:77:a8:
         c2:ec:77:36:93:70:37:30:a3:bd:75:be:ea:69:c6:86:1b:d2:
         a9:58:c0:f1:fc:8c:72:b9:49:47:b1:72:e9:df:b2:ba:eb:bf:
         c6:a0:98:9f:8e:7d:e9:19:55:97:38:e3:7e:6b:11:48:21:55:
         57:a9:cc:27:28:c8:96:11:d0:f4:92:76:29:e8:9f:40:a4:e5:
         e4:a9:29:1b:09:9d:64:31:e5:57:b1:45:ed:93:11:0d:b9:c8:
         bf:e8:2f:71:bd:6b:dd:d6:9f:bc:d8:81:fb:07:55:69:c1:92:
         c8:2c:16:fb
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgICNXgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOGFj
ZWI3YmU2ZDJjZWM2ODlhOTdmNDk5MWQwMzlhZTRjMWIxNTc0ZTAeFw0yMzA5MTAy
MTA3NDVaFw0yNTA5MTEyMTA3NDVaMDMxMTAvBgNVBAMTKGNlYzc3ZmUxNmI0YTdk
NzgwZmVlN2Y0NWJlNTY2MmU0ZTkzYWIyYWEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCLexOvvmFRJEZosEWf/JRVhZZU2Cy+BPnolCg5F3TlaZ2K/iPd
4FjmLuy0LfR5SwYcW8P7E4ibrCK7Y79Du6oyiCAAlDSS/WD8Xv2UZfTpPMs5jCeA
l+1jzruLjPQ0mdxxcfs3HYnO04XZt8LmSA8nuyIkMOz2tuKgc0yKB5UBMg7Yjon1
TzOqg0IwzzWjuAVxA1zvRBTSLTC8w+M0FEuU9RxbUdjukMzEW9BSSf/qyMNH0Ftt
6xfOEKmSNsKty/fJobiDOcKcvfsGKcxZTYtICvTjeoR20w6PCVQ8kYH+WRhI26Tj
cV8WFaHkRcm4bDJOxPvmCbTKfYt79ymqkZUtAgMBAAGjggJcMIICWDAdBgNVHQ4E
FgQUR1AQh03nsXSWuf0URohv2Xl9J0wwHwYDVR0jBBgwFoAU9lqItpycoQWe9sac
QC09RT22aN4wDgYDVR0PAQH/BAQDAgeAMIGaBggrBgEFBQcBAQSBjTCBijCBhwYI
KwYBBQUHMAKGe3JzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jwa2kvbGFj
bmljLzQ4ZjA4M2JiLWY2MDMtNDg5My05OTkwLTAyODRjMDRjZWI4NS84YWNlYjdi
ZTZkMmNlYzY4OWE5N2Y0OTkxZDAzOWFlNGMxYjE1NzRlLmNlcjCBmgYIKwYBBQUH
AQsEgY0wgYowgYcGCCsGAQUFBzALhntyc3luYzovL3JlcG9zaXRvcnkubGFjbmlj
Lm5ldC9ycGtpL2xhY25pYy8wMDdmMzQ1Zi1mYjZhLTRkZjItYmU3Mi0yYTA3ODRk
ZGM3YTgvY2VjNzdmZTE2YjRhN2Q3ODBmZWU3ZjQ1YmU1NjYyZTRlOTNhYjJhYS5y
b2EwgY8GA1UdHwSBhzCBhDCBgaB/oH2Ge3JzeW5jOi8vcmVwb3NpdG9yeS5sYWNu
aWMubmV0L3Jwa2kvbGFjbmljLzAwN2YzNDVmLWZiNmEtNGRmMi1iZTcyLTJhMDc4
NGRkYzdhOC84YWNlYjdiZTZkMmNlYzY4OWE5N2Y0OTkxZDAzOWFlNGMxYjE1NzRl
LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEw
DzANBAIAAjAHAwUAKAOPkDANBgkqhkiG9w0BAQsFAAOCAQEAeSrHPQ56uaxn/Zkr
9J0cXQpb3Zy+Jo/bQtIlpGQQFakokWDc7LV6RIoNZLpeOMX872/069aXtd+tpMQ1
SGT2iEvUGyW6A2dkyaIPc25fHX3NvOAl/YQsfA+j8D7ON38sHMihSm4gAqxw8s4Y
DHn+LB77vYng1sP7MfsGtmvbcgdAw86UGMqRG6Uqda6fCHeowux3NpNwNzCjvXW+
6mnGhhvSqVjA8fyMcrlJR7Fy6d+yuuu/xqCYn4596RlVlzjjfmsRSCFVV6nMJyjI
lhHQ9JJ2KeifQKTl5KkpGwmdZDHlV7FF7ZMRDbnIv+gvcb1r3dafvNiB+wdVacGS
yCwW+w==
-----END CERTIFICATE-----
Generated at Fri Feb 23 14:18:57 2024 by rpki-client on console-fra.rpki-client.org