Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/11ddb3b0-0b82-4ed4-88f5-07bb3f2a3944/f3973ac85ca6a432bbba98e49614b790dcaf5260.roa
File:                     f3973ac85ca6a432bbba98e49614b790dcaf5260.roa (raw, json)
Hash identifier:          0uE4CO/bUM4KDJjm+Rga+RLGuaNALxOR3kSNsYCIF8Y=
Subject key identifier:   E8:34:61:08:B7:09:92:8D:C8:A2:A4:AA:3D:6A:AB:B8:8D:8C:74:36
Certificate issuer:       /CN=fd7bd77ee19828cd9c595859fa4fe00dab7bda5c
Certificate serial:       0D9301
Authority key identifier: 93:DF:28:A8:67:B6:88:C8:57:5D:C9:B6:AF:17:93:F0:DA:E6:DD:7F
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/fd7bd77ee19828cd9c595859fa4fe00dab7bda5c.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/11ddb3b0-0b82-4ed4-88f5-07bb3f2a3944/f3973ac85ca6a432bbba98e49614b790dcaf5260.roa
Signing time:             Wed 24 Mar 2021 14:34:29 +0000
ROA not before:           Wed 24 Mar 2021 14:34:29 +0000
ROA not after:            Tue 24 Mar 2026 14:34:29 +0000
asID:                     52411
IP address blocks:        2801:0:400::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/11ddb3b0-0b82-4ed4-88f5-07bb3f2a3944/fd7bd77ee19828cd9c595859fa4fe00dab7bda5c.crl
                          rsync://repository.lacnic.net/rpki/lacnic/11ddb3b0-0b82-4ed4-88f5-07bb3f2a3944/fd7bd77ee19828cd9c595859fa4fe00dab7bda5c.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/fd7bd77ee19828cd9c595859fa4fe00dab7bda5c.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 19:15:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 889601 (0xd9301)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fd7bd77ee19828cd9c595859fa4fe00dab7bda5c
        Validity
            Not Before: Mar 24 14:34:29 2021 GMT
            Not After : Mar 24 14:34:29 2026 GMT
        Subject: CN=f3973ac85ca6a432bbba98e49614b790dcaf5260
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:42:7d:77:bc:d5:98:57:0d:b0:8a:60:de:e4:
                    4c:a0:39:9f:07:e7:14:44:c0:a4:05:01:9d:08:be:
                    97:dd:d8:84:f6:31:35:ef:22:60:7a:a3:a8:41:5d:
                    d6:c8:19:d9:c1:79:e9:65:51:17:36:a2:8f:8e:08:
                    76:f5:f7:a4:12:2b:4f:c4:d8:db:73:b5:33:b0:34:
                    32:95:dd:29:19:eb:a2:d2:2b:27:15:4d:7c:8e:71:
                    fc:ed:22:c3:16:cd:31:66:9b:ec:85:88:8a:3d:22:
                    f9:c6:85:e1:11:03:5d:bc:07:cf:c6:9a:f0:7c:ef:
                    16:c4:57:50:f6:51:94:d3:23:ae:73:0e:ed:f8:77:
                    bb:5a:54:a7:6b:83:18:9a:89:cc:4c:c8:53:c3:ef:
                    f3:52:09:68:d8:69:c8:bf:c5:10:10:bc:65:a3:3e:
                    99:1f:19:34:02:d7:c6:1a:d5:06:8d:52:14:41:ba:
                    a9:33:eb:b9:18:f0:d7:75:15:69:e6:78:2d:bc:03:
                    ac:56:59:7e:2a:07:57:80:93:3d:46:d2:2b:24:bd:
                    a8:82:90:24:0c:eb:8d:07:d2:d5:8e:0b:7c:e9:93:
                    f6:8c:80:cf:b5:4b:db:a1:45:aa:7a:63:f5:c9:7e:
                    cb:20:40:5e:db:5e:d1:8c:ee:da:b3:f0:28:bd:d5:
                    af:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E8:34:61:08:B7:09:92:8D:C8:A2:A4:AA:3D:6A:AB:B8:8D:8C:74:36
            X509v3 Authority Key Identifier:
                keyid:93:DF:28:A8:67:B6:88:C8:57:5D:C9:B6:AF:17:93:F0:DA:E6:DD:7F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/fd7bd77ee19828cd9c595859fa4fe00dab7bda5c.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/11ddb3b0-0b82-4ed4-88f5-07bb3f2a3944/f3973ac85ca6a432bbba98e49614b790dcaf5260.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/11ddb3b0-0b82-4ed4-88f5-07bb3f2a3944/fd7bd77ee19828cd9c595859fa4fe00dab7bda5c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2801:0:400::/48

    Signature Algorithm: sha256WithRSAEncryption
         7e:4e:de:83:59:c5:08:76:1e:d6:67:58:5c:40:e9:e5:c1:02:
         e9:02:d0:10:26:ce:a1:02:81:ce:e1:7e:ea:ad:8e:fe:59:c2:
         91:94:45:45:1d:a5:95:b4:13:e0:9d:8a:b5:ed:7c:b5:da:7b:
         26:f6:37:76:cc:e5:19:86:95:55:05:f7:d6:81:2a:66:5c:d2:
         00:1e:a3:cb:75:81:aa:4c:b9:3e:65:22:72:83:ad:8b:3c:a7:
         dd:2a:5c:86:db:17:45:9f:67:a1:51:fb:2a:5d:e9:90:89:ad:
         9b:2f:03:7f:b7:19:83:e2:ba:e3:3f:cb:bf:fe:bf:a2:13:65:
         2f:81:ad:28:42:f6:55:57:62:42:fb:be:9e:fe:d2:ab:60:99:
         96:32:c8:64:1a:30:a1:1f:ee:73:c1:f0:5f:e5:20:b4:8c:90:
         36:2d:b4:9a:cb:63:30:15:15:92:2a:a2:f7:91:03:91:99:a0:
         4b:d1:be:83:b5:c2:c8:e9:5e:e1:fc:06:a5:d4:f1:c7:3a:36:
         96:31:da:fb:5b:b5:18:01:b3:23:62:ca:cc:88:1f:d1:3f:1e:
         a9:05:b2:77:a9:fa:46:ad:fc:99:ec:13:ce:fc:a7:99:c6:06:
         d5:da:98:ac:35:1b:53:a3:65:e5:45:2a:88:6c:64:0e:73:5a:
         9b:da:3a:0e
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgIDDZMBMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGZk
N2JkNzdlZTE5ODI4Y2Q5YzU5NTg1OWZhNGZlMDBkYWI3YmRhNWMwHhcNMjEwMzI0
MTQzNDI5WhcNMjYwMzI0MTQzNDI5WjAzMTEwLwYDVQQDEyhmMzk3M2FjODVjYTZh
NDMyYmJiYTk4ZTQ5NjE0Yjc5MGRjYWY1MjYwMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAkUJ9d7zVmFcNsIpg3uRMoDmfB+cURMCkBQGdCL6X3diE9jE1
7yJgeqOoQV3WyBnZwXnpZVEXNqKPjgh29fekEitPxNjbc7UzsDQyld0pGeui0isn
FU18jnH87SLDFs0xZpvshYiKPSL5xoXhEQNdvAfPxprwfO8WxFdQ9lGU0yOucw7t
+He7WlSna4MYmonMTMhTw+/zUglo2GnIv8UQELxloz6ZHxk0AtfGGtUGjVIUQbqp
M+u5GPDXdRVp5ngtvAOsVll+KgdXgJM9RtIrJL2ogpAkDOuNB9LVjgt86ZP2jIDP
tUvboUWqemP1yX7LIEBe217RjO7as/AovdWvEwIDAQABo4ICXjCCAlowHQYDVR0O
BBYEFOg0YQi3CZKNyKKkqj1qq7iNjHQ2MB8GA1UdIwQYMBaAFJPfKKhntojIV13J
tq8Xk/Da5t1/MA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvZmQ3YmQ3
N2VlMTk4MjhjZDljNTk1ODU5ZmE0ZmUwMGRhYjdiZGE1Yy5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMTFkZGIzYjAtMGI4Mi00ZWQ0LTg4ZjUtMDdiYjNm
MmEzOTQ0L2YzOTczYWM4NWNhNmE0MzJiYmJhOThlNDk2MTRiNzkwZGNhZjUyNjAu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8xMWRkYjNiMC0wYjgyLTRlZDQtODhmNS0wN2Ji
M2YyYTM5NDQvZmQ3YmQ3N2VlMTk4MjhjZDljNTk1ODU5ZmE0ZmUwMGRhYjdiZGE1
Yy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQT
MBEwDwQCAAIwCQMHACgBAAAEADANBgkqhkiG9w0BAQsFAAOCAQEAfk7eg1nFCHYe
1mdYXEDp5cEC6QLQECbOoQKBzuF+6q2O/lnCkZRFRR2llbQT4J2Kte18tdp7JvY3
dszlGYaVVQX31oEqZlzSAB6jy3WBqky5PmUicoOtizyn3SpchtsXRZ9noVH7Kl3p
kImtmy8Df7cZg+K64z/Lv/6/ohNlL4GtKEL2VVdiQvu+nv7Sq2CZljLIZBowoR/u
c8HwX+UgtIyQNi20mstjMBUVkiqi95EDkZmgS9G+g7XCyOle4fwGpdTxxzo2ljHa
+1u1GAGzI2LKzIgf0T8eqQWyd6n6Rq38mewTzvynmcYG1dqYrDUbU6Nl5UUqiGxk
DnNam9o6Dg==
-----END CERTIFICATE-----
Generated at Thu Mar 28 21:28:38 2024 by rpki-client on console-ams.rpki-client.org