Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/0e54a05e-e8de-45ad-a23f-9a593a838eaf/640e840a24b9bd86de1dd0ee74bc66c12f8aec0f.roa
File:                     640e840a24b9bd86de1dd0ee74bc66c12f8aec0f.roa (raw, json)
Hash identifier:          GiY9+8zMA4ZZc+pb6UaU2ffv6gAw79FVx3K9gYLnlt8=
Subject key identifier:   8D:2F:1D:C4:EC:26:69:08:63:2F:9E:9D:E6:2A:03:AC:7F:B9:CB:07
Certificate issuer:       /CN=7047f702e4b88509342b465e0313aa10a406121c
Certificate serial:       1B10E3
Authority key identifier: FA:A0:86:28:B6:67:0A:83:D6:15:73:60:F2:2A:C8:8B:01:A6:51:09
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/7047f702e4b88509342b465e0313aa10a406121c.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/0e54a05e-e8de-45ad-a23f-9a593a838eaf/640e840a24b9bd86de1dd0ee74bc66c12f8aec0f.roa
Signing time:             Fri 20 Oct 2023 03:50:32 +0000
ROA not before:           Fri 20 Oct 2023 03:50:32 +0000
ROA not after:            Mon 20 Oct 2025 03:50:32 +0000
asID:                     28477
IP address blocks:        2801:c4:12::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/0e54a05e-e8de-45ad-a23f-9a593a838eaf/7047f702e4b88509342b465e0313aa10a406121c.crl
                          rsync://repository.lacnic.net/rpki/lacnic/0e54a05e-e8de-45ad-a23f-9a593a838eaf/7047f702e4b88509342b465e0313aa10a406121c.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/7047f702e4b88509342b465e0313aa10a406121c.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Tue 27 Feb 2024 21:42:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1773795 (0x1b10e3)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7047f702e4b88509342b465e0313aa10a406121c
        Validity
            Not Before: Oct 20 03:50:32 2023 GMT
            Not After : Oct 20 03:50:32 2025 GMT
        Subject: CN=640e840a24b9bd86de1dd0ee74bc66c12f8aec0f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:ed:4c:76:3b:e3:57:d8:13:90:55:f4:d5:0a:
                    5a:3e:ba:00:77:32:79:b7:82:11:75:32:6c:8b:db:
                    75:84:32:8c:d1:76:e5:52:e0:50:d5:26:4b:53:e7:
                    e4:b7:61:74:cc:7d:ae:22:fd:be:33:60:64:0f:61:
                    7b:07:78:a8:4f:08:17:ed:fe:98:e8:f7:d0:b4:20:
                    de:11:d7:cb:8c:97:7b:9f:2a:c8:ae:2b:f3:b7:73:
                    1b:df:ac:14:a2:59:76:9d:fa:7b:6a:a0:3d:cb:ab:
                    4f:e6:7b:28:ec:32:db:06:53:9c:9e:41:10:66:7c:
                    50:9c:44:fb:20:19:62:a9:00:92:d4:ad:e7:b9:df:
                    e0:92:70:a2:84:d9:f1:64:e7:9d:7b:ed:d9:b7:93:
                    39:9b:cc:fa:59:96:fe:3c:d0:a3:15:31:dd:96:f9:
                    69:9b:73:74:95:20:98:1a:f5:ff:b4:4b:f1:20:11:
                    9b:ce:1f:5f:a7:12:a5:6d:f9:c2:58:fe:dd:85:25:
                    b8:71:4c:6c:69:ee:2a:cf:4e:7d:95:ba:9a:b6:ca:
                    58:b1:53:01:94:39:18:85:04:4d:e2:2f:ad:13:aa:
                    ce:39:b8:12:e6:3b:17:fc:5b:8a:82:96:50:ab:03:
                    ce:39:ff:51:8b:ed:c5:e4:18:5e:17:55:a9:11:19:
                    e8:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8D:2F:1D:C4:EC:26:69:08:63:2F:9E:9D:E6:2A:03:AC:7F:B9:CB:07
            X509v3 Authority Key Identifier:
                keyid:FA:A0:86:28:B6:67:0A:83:D6:15:73:60:F2:2A:C8:8B:01:A6:51:09

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/7047f702e4b88509342b465e0313aa10a406121c.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/0e54a05e-e8de-45ad-a23f-9a593a838eaf/640e840a24b9bd86de1dd0ee74bc66c12f8aec0f.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/0e54a05e-e8de-45ad-a23f-9a593a838eaf/7047f702e4b88509342b465e0313aa10a406121c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2801:c4:12::/48

    Signature Algorithm: sha256WithRSAEncryption
         14:54:08:3e:bb:40:3c:ca:bc:20:ac:e4:e9:73:7d:cb:4b:fc:
         39:5e:13:a9:6a:b8:3f:a6:0f:c0:8f:ab:6e:d2:b7:3b:b7:87:
         b7:9e:3a:76:9f:99:58:69:b6:69:d5:2d:81:f4:7e:96:38:f7:
         49:b3:6b:e5:6c:a4:6a:ff:82:da:be:c2:f9:42:e9:08:cc:56:
         ee:22:e4:28:4e:4b:e0:a0:c0:27:3b:5a:d7:dc:a4:61:79:45:
         4a:e1:21:0d:09:aa:23:86:95:f0:76:df:1c:5d:8b:5d:e1:48:
         82:1f:6b:56:12:23:a6:5a:03:8f:2b:28:7c:bd:05:fd:03:4a:
         75:74:b6:4c:b0:73:12:3a:5d:f6:95:db:a6:16:54:46:ee:79:
         2d:f7:f1:1f:89:1b:ea:cd:86:e4:eb:c6:67:cf:33:06:a5:2a:
         45:4c:51:67:ec:a4:ae:f5:4d:28:fd:26:cb:e4:95:b5:d3:8b:
         11:b5:8d:b8:66:8e:dc:bf:44:5d:9f:e2:e0:d0:dc:1a:76:0d:
         18:33:62:b1:e4:44:a8:73:eb:10:3f:44:99:69:5f:00:c9:91:
         57:0a:65:37:ac:59:28:41:cf:3f:6d:1d:e0:2d:46:9c:de:25:
         ff:de:2b:f6:0c:37:ed:cf:d5:9b:45:0c:b7:48:49:16:fa:46:
         fa:14:1f:cb
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgIDGxDjMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDcw
NDdmNzAyZTRiODg1MDkzNDJiNDY1ZTAzMTNhYTEwYTQwNjEyMWMwHhcNMjMxMDIw
MDM1MDMyWhcNMjUxMDIwMDM1MDMyWjAzMTEwLwYDVQQDEyg2NDBlODQwYTI0Yjli
ZDg2ZGUxZGQwZWU3NGJjNjZjMTJmOGFlYzBmMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAke1MdjvjV9gTkFX01QpaProAdzJ5t4IRdTJsi9t1hDKM0Xbl
UuBQ1SZLU+fkt2F0zH2uIv2+M2BkD2F7B3ioTwgX7f6Y6PfQtCDeEdfLjJd7nyrI
rivzt3Mb36wUoll2nfp7aqA9y6tP5nso7DLbBlOcnkEQZnxQnET7IBliqQCS1K3n
ud/gknCihNnxZOede+3Zt5M5m8z6WZb+PNCjFTHdlvlpm3N0lSCYGvX/tEvxIBGb
zh9fpxKlbfnCWP7dhSW4cUxsae4qz059lbqatspYsVMBlDkYhQRN4i+tE6rOObgS
5jsX/FuKgpZQqwPOOf9Ri+3F5BheF1WpERnorQIDAQABo4ICXjCCAlowHQYDVR0O
BBYEFI0vHcTsJmkIYy+eneYqA6x/ucsHMB8GA1UdIwQYMBaAFPqghii2ZwqD1hVz
YPIqyIsBplEJMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvNzA0N2Y3
MDJlNGI4ODUwOTM0MmI0NjVlMDMxM2FhMTBhNDA2MTIxYy5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMGU1NGEwNWUtZThkZS00NWFkLWEyM2YtOWE1OTNh
ODM4ZWFmLzY0MGU4NDBhMjRiOWJkODZkZTFkZDBlZTc0YmM2NmMxMmY4YWVjMGYu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8wZTU0YTA1ZS1lOGRlLTQ1YWQtYTIzZi05YTU5
M2E4MzhlYWYvNzA0N2Y3MDJlNGI4ODUwOTM0MmI0NjVlMDMxM2FhMTBhNDA2MTIx
Yy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQT
MBEwDwQCAAIwCQMHACgBAMQAEjANBgkqhkiG9w0BAQsFAAOCAQEAFFQIPrtAPMq8
IKzk6XN9y0v8OV4TqWq4P6YPwI+rbtK3O7eHt546dp+ZWGm2adUtgfR+ljj3SbNr
5Wykav+C2r7C+ULpCMxW7iLkKE5L4KDAJzta19ykYXlFSuEhDQmqI4aV8HbfHF2L
XeFIgh9rVhIjploDjysofL0F/QNKdXS2TLBzEjpd9pXbphZURu55LffxH4kb6s2G
5OvGZ88zBqUqRUxRZ+ykrvVNKP0my+SVtdOLEbWNuGaO3L9EXZ/i4NDcGnYNGDNi
seREqHPrED9EmWlfAMmRVwplN6xZKEHPP20d4C1GnN4l/94r9gw37c/Vm0UMt0hJ
FvpG+hQfyw==
-----END CERTIFICATE-----
Generated at Sat Feb 24 23:12:53 2024 by rpki-client on console-fra.rpki-client.org