Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/04ca72fc-ea8e-49a9-9810-55d503bd2745/1b32525d979c54a0400c68fc57129c01af3a3b96.roa
File:                     1b32525d979c54a0400c68fc57129c01af3a3b96.roa (raw, json)
Hash identifier:          elApUs5lBBoFA3ttScHDCeSeIzErn9ggSLgqnfPlQ2s=
Subject key identifier:   D7:9A:F7:51:E7:01:04:34:56:E0:CB:3E:A0:A1:7E:3B:BE:01:9B:58
Certificate issuer:       /CN=a1bc91135890217599e9c0faacd246b22c9c75ed
Certificate serial:       0AEC
Authority key identifier: BD:6B:3F:5D:57:E9:72:8A:58:EC:31:E5:FD:8F:27:CB:FA:FB:EE:EE
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/a1bc91135890217599e9c0faacd246b22c9c75ed.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/04ca72fc-ea8e-49a9-9810-55d503bd2745/1b32525d979c54a0400c68fc57129c01af3a3b96.roa
Signing time:             Fri 03 Jun 2022 00:17:03 +0000
ROA not before:           Thu 02 Jun 2022 03:00:00 +0000
ROA not after:            Sun 02 Jun 2024 03:00:00 +0000
asID:                     262589
IP address blocks:        2801:1d:1800::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/04ca72fc-ea8e-49a9-9810-55d503bd2745/a1bc91135890217599e9c0faacd246b22c9c75ed.crl
                          rsync://repository.lacnic.net/rpki/lacnic/04ca72fc-ea8e-49a9-9810-55d503bd2745/a1bc91135890217599e9c0faacd246b22c9c75ed.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/a1bc91135890217599e9c0faacd246b22c9c75ed.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 12:22:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2796 (0xaec)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a1bc91135890217599e9c0faacd246b22c9c75ed
        Validity
            Not Before: Jun  2 03:00:00 2022 GMT
            Not After : Jun  2 03:00:00 2024 GMT
        Subject: CN=1b32525d979c54a0400c68fc57129c01af3a3b96
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:e1:c7:50:1c:3f:76:61:97:59:64:f6:73:2d:
                    5a:57:45:de:18:1d:8e:9a:96:78:66:56:ec:71:8b:
                    3f:af:87:47:44:04:2c:3f:d6:21:79:89:81:b8:fd:
                    7d:7b:8c:b7:8c:fd:3a:10:5b:23:bd:67:fc:41:38:
                    e7:4f:a0:9d:50:20:80:ba:87:6b:2b:56:ed:84:11:
                    67:5f:94:65:b9:d0:fa:74:2b:38:f2:f8:c9:f9:56:
                    63:32:1e:f2:27:ac:fb:02:f7:ba:ae:80:29:d1:ab:
                    6b:79:29:8d:2a:ce:cf:52:33:a9:e5:40:7a:a5:d6:
                    2b:a2:9d:ac:3f:4a:10:97:1a:da:73:59:60:ae:7a:
                    8e:4b:70:8c:cb:79:24:79:e8:36:9a:d8:0e:f6:9c:
                    ee:ea:0a:61:3d:d4:ea:0c:40:ab:96:86:9f:18:08:
                    a2:f9:19:ca:6a:14:4e:a0:06:4e:6d:d9:36:ea:cd:
                    eb:54:9b:06:60:66:c4:c7:d1:3d:35:33:ca:63:37:
                    71:90:7f:03:9c:6f:89:87:83:08:e0:39:a6:60:7e:
                    c5:ff:35:c8:da:c1:62:5d:26:fb:67:4f:70:76:50:
                    7e:20:26:91:45:a3:23:f5:d2:e7:5f:93:ec:86:37:
                    f6:84:1f:fc:ac:cf:20:33:6e:56:5e:4d:c9:1e:17:
                    44:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D7:9A:F7:51:E7:01:04:34:56:E0:CB:3E:A0:A1:7E:3B:BE:01:9B:58
            X509v3 Authority Key Identifier:
                keyid:BD:6B:3F:5D:57:E9:72:8A:58:EC:31:E5:FD:8F:27:CB:FA:FB:EE:EE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/a1bc91135890217599e9c0faacd246b22c9c75ed.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/04ca72fc-ea8e-49a9-9810-55d503bd2745/1b32525d979c54a0400c68fc57129c01af3a3b96.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/04ca72fc-ea8e-49a9-9810-55d503bd2745/a1bc91135890217599e9c0faacd246b22c9c75ed.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2801:1d:1800::/48

    Signature Algorithm: sha256WithRSAEncryption
         35:23:ba:db:ac:8d:b3:73:69:58:c7:63:5d:77:51:3e:c9:da:
         41:8c:94:6c:f0:c5:4c:7b:70:5f:6a:81:eb:95:2d:9b:88:b1:
         c8:14:81:f9:a7:14:25:11:1a:7f:fe:e9:33:83:b8:1e:dd:c6:
         61:07:24:80:d3:6a:8f:e3:70:9b:01:09:cb:14:7a:73:ee:10:
         6a:63:e4:f2:16:80:c0:fe:88:46:fb:ad:d0:b0:39:31:ec:37:
         7e:12:ea:6a:66:36:4f:53:9c:a4:1a:47:4f:db:8e:0c:60:8c:
         e2:e2:8a:dd:f9:1f:9e:75:a3:62:a4:8f:a3:03:1b:39:7c:9e:
         77:51:e5:d4:b3:2f:f3:f8:84:b8:9d:ab:01:fc:88:b5:a5:c8:
         19:48:14:c5:b6:96:9c:7e:ae:c9:cd:50:97:a2:b8:76:a4:cd:
         2c:39:e1:43:4f:85:e2:a8:78:4d:7d:16:f0:78:a2:c7:19:7e:
         9d:69:b4:d1:ed:c3:00:17:c2:de:8b:9f:48:d2:9d:a8:cf:bc:
         2a:5a:e1:e1:dd:b3:89:95:14:7b:d1:23:83:fd:f9:67:23:ef:
         84:e4:6b:93:a8:f7:7b:fb:13:54:20:02:0f:78:ec:a1:62:cd:
         76:60:a2:25:e5:c5:9b:ba:51:19:39:3f:a9:b7:a3:3d:31:36:
         be:09:91:b5
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgICCuwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoYTFi
YzkxMTM1ODkwMjE3NTk5ZTljMGZhYWNkMjQ2YjIyYzljNzVlZDAeFw0yMjA2MDIw
MzAwMDBaFw0yNDA2MDIwMzAwMDBaMDMxMTAvBgNVBAMTKDFiMzI1MjVkOTc5YzU0
YTA0MDBjNjhmYzU3MTI5YzAxYWYzYTNiOTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCq4cdQHD92YZdZZPZzLVpXRd4YHY6alnhmVuxxiz+vh0dEBCw/
1iF5iYG4/X17jLeM/ToQWyO9Z/xBOOdPoJ1QIIC6h2srVu2EEWdflGW50Pp0Kzjy
+Mn5VmMyHvInrPsC97qugCnRq2t5KY0qzs9SM6nlQHql1iuinaw/ShCXGtpzWWCu
eo5LcIzLeSR56Daa2A72nO7qCmE91OoMQKuWhp8YCKL5GcpqFE6gBk5t2TbqzetU
mwZgZsTH0T01M8pjN3GQfwOcb4mHgwjgOaZgfsX/NcjawWJdJvtnT3B2UH4gJpFF
oyP10udfk+yGN/aEH/yszyAzblZeTckeF0Q/AgMBAAGjggJeMIICWjAdBgNVHQ4E
FgQU15r3UecBBDRW4Ms+oKF+O74Bm1gwHwYDVR0jBBgwFoAUvWs/XVfpcopY7DHl
/Y8ny/r77u4wDgYDVR0PAQH/BAQDAgeAMIGaBggrBgEFBQcBAQSBjTCBijCBhwYI
KwYBBQUHMAKGe3JzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jwa2kvbGFj
bmljLzQ4ZjA4M2JiLWY2MDMtNDg5My05OTkwLTAyODRjMDRjZWI4NS9hMWJjOTEx
MzU4OTAyMTc1OTllOWMwZmFhY2QyNDZiMjJjOWM3NWVkLmNlcjCBmgYIKwYBBQUH
AQsEgY0wgYowgYcGCCsGAQUFBzALhntyc3luYzovL3JlcG9zaXRvcnkubGFjbmlj
Lm5ldC9ycGtpL2xhY25pYy8wNGNhNzJmYy1lYThlLTQ5YTktOTgxMC01NWQ1MDNi
ZDI3NDUvMWIzMjUyNWQ5NzljNTRhMDQwMGM2OGZjNTcxMjljMDFhZjNhM2I5Ni5y
b2EwgY8GA1UdHwSBhzCBhDCBgaB/oH2Ge3JzeW5jOi8vcmVwb3NpdG9yeS5sYWNu
aWMubmV0L3Jwa2kvbGFjbmljLzA0Y2E3MmZjLWVhOGUtNDlhOS05ODEwLTU1ZDUw
M2JkMjc0NS9hMWJjOTExMzU4OTAyMTc1OTllOWMwZmFhY2QyNDZiMjJjOWM3NWVk
LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMw
ETAPBAIAAjAJAwcAKAEAHRgAMA0GCSqGSIb3DQEBCwUAA4IBAQA1I7rbrI2zc2lY
x2Ndd1E+ydpBjJRs8MVMe3BfaoHrlS2biLHIFIH5pxQlERp//ukzg7ge3cZhBySA
02qP43CbAQnLFHpz7hBqY+TyFoDA/ohG+63QsDkx7Dd+EupqZjZPU5ykGkdP244M
YIzi4ord+R+edaNipI+jAxs5fJ53UeXUsy/z+IS4nasB/Ii1pcgZSBTFtpacfq7J
zVCXorh2pM0sOeFDT4XiqHhNfRbweKLHGX6dabTR7cMAF8Lei59I0p2oz7wqWuHh
3bOJlRR70SOD/flnI++E5GuTqPd7+xNUIAIPeOyhYs12YKIl5cWbulEZOT+pt6M9
MTa+CZG1
-----END CERTIFICATE-----
Generated at Thu Mar 28 19:38:53 2024 by rpki-client on console-fra.rpki-client.org