Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/073051d8-4722-4a94-b410-dc5463ba2066/b06f979b13596fa4fbaf32e956501336b0327bfa.roa
File:                     b06f979b13596fa4fbaf32e956501336b0327bfa.roa (raw, json)
Hash identifier:          PHXJDkrP1Kjec3Mc1ryso6P1a9yXDzUQdqM8yYE9J2k=
Subject key identifier:   81:A0:01:FA:FB:40:CB:D7:41:E2:89:26:2B:73:A7:42:7E:B8:F6:FA
Certificate issuer:       /CN=37aeb2b588e56dbbe777b31b70a41206fd3b01c3
Certificate serial:       03B719
Authority key identifier: A3:91:D5:ED:9D:1D:F1:4B:E4:3F:85:54:BB:CE:72:B5:26:89:FC:D2
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/37aeb2b588e56dbbe777b31b70a41206fd3b01c3.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/073051d8-4722-4a94-b410-dc5463ba2066/b06f979b13596fa4fbaf32e956501336b0327bfa.roa
Signing time:             Tue 09 May 2023 22:17:00 +0000
ROA not before:           Mon 08 May 2023 22:17:00 +0000
ROA not after:            Fri 09 May 2025 22:17:00 +0000
asID:                     14080
IP address blocks:        2801:119::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/073051d8-4722-4a94-b410-dc5463ba2066/37aeb2b588e56dbbe777b31b70a41206fd3b01c3.crl
                          rsync://repository.lacnic.net/rpki/lacnic/073051d8-4722-4a94-b410-dc5463ba2066/37aeb2b588e56dbbe777b31b70a41206fd3b01c3.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/37aeb2b588e56dbbe777b31b70a41206fd3b01c3.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 19:38:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 243481 (0x3b719)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=37aeb2b588e56dbbe777b31b70a41206fd3b01c3
        Validity
            Not Before: May  8 22:17:00 2023 GMT
            Not After : May  9 22:17:00 2025 GMT
        Subject: CN=b06f979b13596fa4fbaf32e956501336b0327bfa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:fd:10:c9:c9:2d:dc:54:86:33:47:d1:f8:4a:
                    77:72:69:ba:6c:3a:ce:4a:a5:5e:47:a3:82:3a:eb:
                    60:a2:f7:9d:93:07:ff:5e:c4:c1:27:87:b5:bf:77:
                    4f:63:52:33:fa:49:03:89:9d:33:bf:f9:30:f6:9a:
                    b6:12:a7:f2:60:48:ae:bc:da:6d:d2:42:cd:b0:ca:
                    62:4c:18:08:de:df:d0:4e:30:69:1c:57:21:de:a1:
                    23:9e:72:31:90:6d:95:b2:b7:f1:d1:07:9b:3b:79:
                    e6:8a:95:85:75:0f:27:51:69:34:57:c5:7e:1a:ab:
                    e9:62:08:14:7c:62:77:2c:ae:15:71:15:85:fe:c8:
                    21:dc:5b:f8:bf:e7:77:54:8a:73:70:15:87:b8:9a:
                    f7:2a:f4:55:ba:ca:93:47:a9:18:93:c3:79:5d:e6:
                    ab:b2:82:b9:0e:25:c3:04:e3:1a:e1:ab:c6:1c:df:
                    9e:b6:b0:d9:9c:20:ef:5e:1c:a0:8c:3b:b3:2d:b2:
                    53:5f:27:37:ed:62:b7:29:9b:3f:73:a8:80:fa:49:
                    94:19:8f:e6:e6:16:64:f8:55:f7:64:f0:31:e8:07:
                    f6:6f:6d:54:48:f5:39:fd:7c:78:76:d4:4a:73:01:
                    2d:18:31:ec:a8:ce:55:e0:ef:8c:d3:43:1f:ec:16:
                    97:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                81:A0:01:FA:FB:40:CB:D7:41:E2:89:26:2B:73:A7:42:7E:B8:F6:FA
            X509v3 Authority Key Identifier:
                keyid:A3:91:D5:ED:9D:1D:F1:4B:E4:3F:85:54:BB:CE:72:B5:26:89:FC:D2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/37aeb2b588e56dbbe777b31b70a41206fd3b01c3.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/073051d8-4722-4a94-b410-dc5463ba2066/b06f979b13596fa4fbaf32e956501336b0327bfa.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/073051d8-4722-4a94-b410-dc5463ba2066/37aeb2b588e56dbbe777b31b70a41206fd3b01c3.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2801:119::/48

    Signature Algorithm: sha256WithRSAEncryption
         88:bd:6a:15:69:de:97:35:ca:af:ab:a6:f3:7f:20:15:5d:eb:
         fe:b1:81:9a:90:44:09:79:f4:40:dc:7e:52:32:37:61:e3:0c:
         c2:83:cf:ac:28:a3:08:1a:f5:44:17:47:de:a8:ee:06:6a:c7:
         97:ae:1e:54:b6:6b:41:ea:c5:18:fd:d2:69:c2:e3:9f:6e:d2:
         f0:3d:fb:9c:9e:ff:26:52:18:7e:9e:cc:e5:e6:f2:e0:3d:16:
         03:a7:3c:12:49:31:fa:eb:be:d7:f3:6d:2e:ff:c3:42:ec:37:
         8d:2e:9a:84:ad:c7:f0:d9:b3:63:04:7a:75:b7:e2:ba:5a:be:
         75:b7:b2:42:13:95:5c:4c:1b:04:be:f5:f6:54:d1:e4:e4:cf:
         ca:f2:ef:3b:6a:0b:bf:c0:45:70:84:2a:64:30:a6:dc:21:b4:
         9a:db:5d:a6:01:f1:57:82:94:0c:0f:5f:ee:c7:91:7c:36:e7:
         90:18:cf:24:e9:1f:04:9f:5f:ae:46:e4:54:48:5d:b1:20:ee:
         3c:52:d5:cd:8a:db:e0:76:fb:b7:40:9e:de:74:a4:3a:60:60:
         21:e1:8a:df:32:61:0b:e7:b2:9a:1f:15:74:35:c6:88:07:9a:
         7a:fe:8f:cb:21:ad:26:3b:c5:f6:32:ad:da:ee:8a:a6:01:b8:
         05:a6:08:32
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgIDA7cZMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDM3
YWViMmI1ODhlNTZkYmJlNzc3YjMxYjcwYTQxMjA2ZmQzYjAxYzMwHhcNMjMwNTA4
MjIxNzAwWhcNMjUwNTA5MjIxNzAwWjAzMTEwLwYDVQQDEyhiMDZmOTc5YjEzNTk2
ZmE0ZmJhZjMyZTk1NjUwMTMzNmIwMzI3YmZhMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA3/0Qyckt3FSGM0fR+Ep3cmm6bDrOSqVeR6OCOutgovedkwf/
XsTBJ4e1v3dPY1Iz+kkDiZ0zv/kw9pq2EqfyYEiuvNpt0kLNsMpiTBgI3t/QTjBp
HFch3qEjnnIxkG2Vsrfx0QebO3nmipWFdQ8nUWk0V8V+GqvpYggUfGJ3LK4VcRWF
/sgh3Fv4v+d3VIpzcBWHuJr3KvRVusqTR6kYk8N5XearsoK5DiXDBOMa4avGHN+e
trDZnCDvXhygjDuzLbJTXyc37WK3KZs/c6iA+kmUGY/m5hZk+FX3ZPAx6Af2b21U
SPU5/Xx4dtRKcwEtGDHsqM5V4O+M00Mf7BaXmwIDAQABo4ICXjCCAlowHQYDVR0O
BBYEFIGgAfr7QMvXQeKJJitzp0J+uPb6MB8GA1UdIwQYMBaAFKOR1e2dHfFL5D+F
VLvOcrUmifzSMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvMzdhZWIy
YjU4OGU1NmRiYmU3NzdiMzFiNzBhNDEyMDZmZDNiMDFjMy5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMDczMDUxZDgtNDcyMi00YTk0LWI0MTAtZGM1NDYz
YmEyMDY2L2IwNmY5NzliMTM1OTZmYTRmYmFmMzJlOTU2NTAxMzM2YjAzMjdiZmEu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8wNzMwNTFkOC00NzIyLTRhOTQtYjQxMC1kYzU0
NjNiYTIwNjYvMzdhZWIyYjU4OGU1NmRiYmU3NzdiMzFiNzBhNDEyMDZmZDNiMDFj
My5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQT
MBEwDwQCAAIwCQMHACgBARkAADANBgkqhkiG9w0BAQsFAAOCAQEAiL1qFWnelzXK
r6um838gFV3r/rGBmpBECXn0QNx+UjI3YeMMwoPPrCijCBr1RBdH3qjuBmrHl64e
VLZrQerFGP3SacLjn27S8D37nJ7/JlIYfp7M5eby4D0WA6c8Ekkx+uu+1/NtLv/D
Quw3jS6ahK3H8NmzYwR6dbfiulq+dbeyQhOVXEwbBL719lTR5OTPyvLvO2oLv8BF
cIQqZDCm3CG0mttdpgHxV4KUDA9f7seRfDbnkBjPJOkfBJ9frkbkVEhdsSDuPFLV
zYrb4Hb7t0Ce3nSkOmBgIeGK3zJhC+eymh8VdDXGiAeaev6PyyGtJjvF9jKt2u6K
pgG4BaYIMg==
-----END CERTIFICATE-----
Generated at Thu Mar 28 23:57:44 2024 by rpki-client on console-fra.rpki-client.org