Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/25cf3ba5-0abd-4389-a796-c4a374933ac5/f5b9b79bd28fa3326e787c86b28b6497ee7149a4.roa
File:                     f5b9b79bd28fa3326e787c86b28b6497ee7149a4.roa (raw, json)
Hash identifier:          6Ijo/1dwPpEglUyaoobACDFq3joG5fkyYHQrAzmMGFA=
Subject key identifier:   AB:A7:4C:81:E6:8D:F8:F4:A1:0C:58:40:44:F7:50:61:73:75:D5:89
Certificate issuer:       /CN=f857a3da5081b9530c1290241ecfae5fb8eb0e2b
Certificate serial:       0CA20B
Authority key identifier: E6:E8:91:D7:EC:02:7D:22:5D:97:AF:0D:5F:22:2C:F1:88:D7:04:C0
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/f857a3da5081b9530c1290241ecfae5fb8eb0e2b.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/25cf3ba5-0abd-4389-a796-c4a374933ac5/f5b9b79bd28fa3326e787c86b28b6497ee7149a4.roa
Signing time:             Wed 24 Mar 2021 14:33:22 +0000
ROA not before:           Wed 24 Mar 2021 14:33:22 +0000
ROA not after:            Tue 24 Mar 2026 14:33:22 +0000
asID:                     262213
IP address blocks:        2803:7ca0::/32 maxlen: 35

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/25cf3ba5-0abd-4389-a796-c4a374933ac5/f857a3da5081b9530c1290241ecfae5fb8eb0e2b.crl
                          rsync://repository.lacnic.net/rpki/lacnic/25cf3ba5-0abd-4389-a796-c4a374933ac5/f857a3da5081b9530c1290241ecfae5fb8eb0e2b.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/f857a3da5081b9530c1290241ecfae5fb8eb0e2b.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 26 Feb 2024 16:36:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 827915 (0xca20b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f857a3da5081b9530c1290241ecfae5fb8eb0e2b
        Validity
            Not Before: Mar 24 14:33:22 2021 GMT
            Not After : Mar 24 14:33:22 2026 GMT
        Subject: CN=f5b9b79bd28fa3326e787c86b28b6497ee7149a4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:b7:0d:b0:32:31:e3:39:97:f0:e2:b2:79:77:
                    f2:b9:2d:f1:0d:a1:70:e7:c6:8a:2c:a9:7b:04:f9:
                    79:1d:22:4c:c5:31:52:17:8a:05:e7:40:3f:aa:5d:
                    55:4c:11:e2:90:07:ff:9b:92:e4:11:b7:ea:6a:53:
                    99:19:f9:67:3f:cb:8e:3a:72:13:2b:0b:79:32:41:
                    0b:2e:ca:d2:06:ce:18:f3:7c:c2:ec:ff:ad:a8:73:
                    32:1f:5b:a6:a7:08:c8:0e:8c:aa:33:36:22:85:64:
                    06:46:c6:1d:ff:1e:29:ee:be:9a:ac:c2:40:a1:c9:
                    98:80:13:61:47:f5:50:5e:22:56:98:78:2f:68:1c:
                    ee:2f:56:96:4e:9e:c3:71:2a:ea:e6:df:d4:0d:36:
                    ea:71:cc:12:f7:ec:c8:4a:c0:04:54:09:7c:61:4d:
                    7b:73:02:65:b2:d5:87:4d:5c:7f:ca:c8:54:09:5c:
                    64:b0:e4:cd:0c:4c:25:a1:e2:c8:35:84:d2:cf:17:
                    83:cd:a2:9e:78:48:ed:e7:09:76:c7:7e:49:d3:c3:
                    f3:64:26:61:05:13:06:51:8e:3b:09:1c:2f:a7:59:
                    e2:26:c2:45:33:52:a2:ce:0c:99:ac:8f:36:33:e6:
                    73:96:0d:62:98:b6:64:50:09:cf:62:57:0b:cb:66:
                    a5:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AB:A7:4C:81:E6:8D:F8:F4:A1:0C:58:40:44:F7:50:61:73:75:D5:89
            X509v3 Authority Key Identifier:
                keyid:E6:E8:91:D7:EC:02:7D:22:5D:97:AF:0D:5F:22:2C:F1:88:D7:04:C0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/f857a3da5081b9530c1290241ecfae5fb8eb0e2b.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/25cf3ba5-0abd-4389-a796-c4a374933ac5/f5b9b79bd28fa3326e787c86b28b6497ee7149a4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/25cf3ba5-0abd-4389-a796-c4a374933ac5/f857a3da5081b9530c1290241ecfae5fb8eb0e2b.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2803:7ca0::/32

    Signature Algorithm: sha256WithRSAEncryption
         20:f1:43:8c:d8:2d:70:1d:25:47:da:fd:77:90:de:33:9f:5b:
         74:ec:8c:fc:aa:04:d2:f2:39:71:00:4f:c8:a0:03:44:cd:c9:
         c4:1f:b0:2b:58:c1:cf:18:52:30:a3:0e:7c:fd:2a:d5:66:76:
         91:15:19:45:a5:35:f2:62:90:31:7e:e8:2d:ef:cf:3e:3f:8f:
         24:87:65:fb:a5:28:8c:33:6a:8a:e1:0b:18:ec:3b:16:83:5c:
         a3:ad:8d:8d:b7:1f:c7:62:54:64:ca:a4:15:fb:c6:e3:30:2e:
         39:32:5c:a2:dc:4c:63:f3:c4:06:0a:20:e9:3f:a5:dc:e8:36:
         62:5b:a0:a0:37:a0:68:be:3a:70:e6:08:1e:34:7c:83:74:a1:
         d0:68:84:13:39:ea:0b:cc:bc:0a:cd:5d:ce:06:20:ca:ff:72:
         89:5a:0a:cd:27:7e:3a:ce:06:b8:40:78:a6:62:d0:ec:c3:c7:
         d8:47:eb:b7:b1:c1:59:a6:d4:11:82:b7:98:43:af:6b:cf:a1:
         ed:5b:8f:40:d7:46:fa:bb:ea:bb:53:d2:c7:85:22:8c:32:85:
         85:95:bd:56:aa:74:91:6f:eb:25:34:ed:5f:9c:27:a8:cd:f7:
         13:82:4b:de:45:60:96:45:aa:36:d5:f7:0a:da:1c:66:07:8c:
         c7:c1:c4:a4
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgIDDKILMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGY4
NTdhM2RhNTA4MWI5NTMwYzEyOTAyNDFlY2ZhZTVmYjhlYjBlMmIwHhcNMjEwMzI0
MTQzMzIyWhcNMjYwMzI0MTQzMzIyWjAzMTEwLwYDVQQDEyhmNWI5Yjc5YmQyOGZh
MzMyNmU3ODdjODZiMjhiNjQ5N2VlNzE0OWE0MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAtbcNsDIx4zmX8OKyeXfyuS3xDaFw58aKLKl7BPl5HSJMxTFS
F4oF50A/ql1VTBHikAf/m5LkEbfqalOZGflnP8uOOnITKwt5MkELLsrSBs4Y83zC
7P+tqHMyH1umpwjIDoyqMzYihWQGRsYd/x4p7r6arMJAocmYgBNhR/VQXiJWmHgv
aBzuL1aWTp7DcSrq5t/UDTbqccwS9+zISsAEVAl8YU17cwJlstWHTVx/yshUCVxk
sOTNDEwloeLINYTSzxeDzaKeeEjt5wl2x35J08PzZCZhBRMGUY47CRwvp1niJsJF
M1KizgyZrI82M+Zzlg1imLZkUAnPYlcLy2alowIDAQABo4ICXDCCAlgwHQYDVR0O
BBYEFKunTIHmjfj0oQxYQET3UGFzddWJMB8GA1UdIwQYMBaAFObokdfsAn0iXZev
DV8iLPGI1wTAMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvZjg1N2Ez
ZGE1MDgxYjk1MzBjMTI5MDI0MWVjZmFlNWZiOGViMGUyYi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMjVjZjNiYTUtMGFiZC00Mzg5LWE3OTYtYzRhMzc0
OTMzYWM1L2Y1YjliNzliZDI4ZmEzMzI2ZTc4N2M4NmIyOGI2NDk3ZWU3MTQ5YTQu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8yNWNmM2JhNS0wYWJkLTQzODktYTc5Ni1jNGEz
NzQ5MzNhYzUvZjg1N2EzZGE1MDgxYjk1MzBjMTI5MDI0MWVjZmFlNWZiOGViMGUy
Yi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQR
MA8wDQQCAAIwBwMFACgDfKAwDQYJKoZIhvcNAQELBQADggEBACDxQ4zYLXAdJUfa
/XeQ3jOfW3TsjPyqBNLyOXEAT8igA0TNycQfsCtYwc8YUjCjDnz9KtVmdpEVGUWl
NfJikDF+6C3vzz4/jySHZfulKIwzaorhCxjsOxaDXKOtjY23H8diVGTKpBX7xuMw
LjkyXKLcTGPzxAYKIOk/pdzoNmJboKA3oGi+OnDmCB40fIN0odBohBM56gvMvArN
Xc4GIMr/colaCs0nfjrOBrhAeKZi0OzDx9hH67exwVmm1BGCt5hDr2vPoe1bj0DX
Rvq76rtT0seFIowyhYWVvVaqdJFv6yU07V+cJ6jN9xOCS95FYJZFqjbV9wraHGYH
jMfBxKQ=
-----END CERTIFICATE-----
Generated at Fri Feb 23 20:08:10 2024 by rpki-client on console-ams.rpki-client.org