Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/280e091a-a757-48a5-84fc-8dcf46af0919/071090683047f4decc3dee0fd345405d06220f08.roa
File:                     071090683047f4decc3dee0fd345405d06220f08.roa (raw, json)
Hash identifier:          JaKteHhVdaWDx/qughknyuzI6+SqxuJe4olXUN1wiSE=
Subject key identifier:   60:C0:49:F7:29:8B:0D:9B:2A:7C:C6:B0:2C:67:5F:16:A0:02:9F:72
Certificate issuer:       /CN=d170fa20ab91b4ab052483fd1d1a50af0baea258
Certificate serial:       1E51
Authority key identifier: 03:A2:F3:95:BA:18:1F:A0:62:B4:C8:94:F9:BC:7C:6D:37:C5:C9:2F
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/d170fa20ab91b4ab052483fd1d1a50af0baea258.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/280e091a-a757-48a5-84fc-8dcf46af0919/071090683047f4decc3dee0fd345405d06220f08.roa
Signing time:             Wed 05 Oct 2022 19:13:26 +0000
ROA not before:           Wed 05 Oct 2022 19:11:50 +0000
ROA not after:            Sat 05 Oct 2024 20:11:50 +0000
asID:                     272881
IP address blocks:        2803:1a90::/32 maxlen: 64

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/280e091a-a757-48a5-84fc-8dcf46af0919/d170fa20ab91b4ab052483fd1d1a50af0baea258.crl
                          rsync://repository.lacnic.net/rpki/lacnic/280e091a-a757-48a5-84fc-8dcf46af0919/d170fa20ab91b4ab052483fd1d1a50af0baea258.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/d170fa20ab91b4ab052483fd1d1a50af0baea258.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 18:59:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 7761 (0x1e51)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d170fa20ab91b4ab052483fd1d1a50af0baea258
        Validity
            Not Before: Oct  5 19:11:50 2022 GMT
            Not After : Oct  5 20:11:50 2024 GMT
        Subject: CN=071090683047f4decc3dee0fd345405d06220f08
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f7:4d:38:2a:81:66:df:93:21:80:00:61:0e:3f:
                    8d:09:33:06:35:39:4f:57:45:ae:41:e6:42:ad:87:
                    8e:53:56:cc:2c:1f:f2:92:c3:ff:1d:2b:2f:64:7a:
                    61:f7:29:0e:f6:a5:2c:1e:12:fd:1d:23:72:b6:bc:
                    e0:f6:94:b4:c3:fd:72:08:7f:35:06:54:8a:3a:b4:
                    ed:48:aa:af:25:3f:d8:79:a2:fd:22:d5:8f:49:ab:
                    47:5b:8a:b4:c9:1e:bf:56:48:ed:7a:09:3c:de:4f:
                    b9:f2:e6:f1:ca:8d:90:52:43:28:18:b7:54:34:b0:
                    43:ce:50:60:20:81:8a:c3:88:ac:79:4c:2c:01:bc:
                    6c:6d:8e:55:fc:d7:79:c7:6b:d9:d1:12:e2:cb:45:
                    fa:5a:ca:fe:46:57:87:7e:40:41:97:c7:b0:5f:4a:
                    74:bf:6f:a0:2d:ee:82:c7:3f:77:8d:a9:6f:f0:87:
                    55:f5:4b:b6:2f:32:fe:6c:1c:a2:77:57:f2:05:8a:
                    89:81:e8:a4:bb:4b:53:82:e5:d5:62:7c:a6:e0:1c:
                    bc:35:dd:44:f6:c4:65:e0:bd:f8:86:f9:16:dd:17:
                    e0:e0:c8:93:1b:29:e6:44:f1:6b:d1:1f:4a:3d:65:
                    18:03:78:b7:15:54:54:2d:09:d5:7e:e4:fa:0a:67:
                    96:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                60:C0:49:F7:29:8B:0D:9B:2A:7C:C6:B0:2C:67:5F:16:A0:02:9F:72
            X509v3 Authority Key Identifier:
                keyid:03:A2:F3:95:BA:18:1F:A0:62:B4:C8:94:F9:BC:7C:6D:37:C5:C9:2F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/d170fa20ab91b4ab052483fd1d1a50af0baea258.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/280e091a-a757-48a5-84fc-8dcf46af0919/071090683047f4decc3dee0fd345405d06220f08.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/280e091a-a757-48a5-84fc-8dcf46af0919/d170fa20ab91b4ab052483fd1d1a50af0baea258.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2803:1a90::/32

    Signature Algorithm: sha256WithRSAEncryption
         60:76:fb:3b:7a:d8:d4:74:44:67:6f:b9:73:d3:44:25:fd:79:
         af:26:d1:62:7b:a2:ae:f8:73:c6:bf:57:c5:28:de:65:c5:6d:
         74:65:cb:b3:71:ce:99:80:97:e7:12:b7:f9:64:9c:c8:60:9a:
         b4:28:c1:ae:4b:6a:47:84:b5:0c:b2:03:36:26:bb:ad:28:a2:
         52:ab:18:7d:84:f6:be:d8:86:03:c1:33:45:5e:b1:14:78:03:
         51:e2:91:7d:c6:88:c0:af:d2:ff:83:47:6d:d9:51:80:24:7d:
         b6:ea:c8:02:73:d1:29:16:8b:5f:6b:62:1c:d9:f4:7a:a6:47:
         39:23:5d:e2:15:46:f5:ab:55:2a:b3:f8:b6:31:52:92:60:27:
         92:c8:f2:ff:c3:14:89:9e:8b:3f:10:51:0c:f9:56:0f:ae:f7:
         b4:2f:08:f7:d6:1d:d1:e9:c6:ce:94:da:ef:7c:d6:5d:36:00:
         b4:95:fe:91:71:66:c2:ec:79:c2:18:5e:59:48:e1:52:88:44:
         1f:7b:55:ce:ef:82:cd:8c:56:c2:0b:ef:20:e2:88:1d:e7:de:
         12:22:1e:ed:da:4e:fd:cd:3d:81:74:f4:ca:ef:50:ae:05:69:
         37:d4:b8:c3:6c:ea:82:5a:03:6d:dd:7d:f7:53:08:11:03:3d:
         7b:ae:dc:17
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgICHlEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoZDE3
MGZhMjBhYjkxYjRhYjA1MjQ4M2ZkMWQxYTUwYWYwYmFlYTI1ODAeFw0yMjEwMDUx
OTExNTBaFw0yNDEwMDUyMDExNTBaMDMxMTAvBgNVBAMTKDA3MTA5MDY4MzA0N2Y0
ZGVjYzNkZWUwZmQzNDU0MDVkMDYyMjBmMDgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQD3TTgqgWbfkyGAAGEOP40JMwY1OU9XRa5B5kKth45TVswsH/KS
w/8dKy9kemH3KQ72pSweEv0dI3K2vOD2lLTD/XIIfzUGVIo6tO1Iqq8lP9h5ov0i
1Y9Jq0dbirTJHr9WSO16CTzeT7ny5vHKjZBSQygYt1Q0sEPOUGAggYrDiKx5TCwB
vGxtjlX813nHa9nREuLLRfpayv5GV4d+QEGXx7BfSnS/b6At7oLHP3eNqW/wh1X1
S7YvMv5sHKJ3V/IFiomB6KS7S1OC5dVifKbgHLw13UT2xGXgvfiG+RbdF+DgyJMb
KeZE8WvRH0o9ZRgDeLcVVFQtCdV+5PoKZ5YXAgMBAAGjggJcMIICWDAdBgNVHQ4E
FgQUYMBJ9ymLDZsqfMawLGdfFqACn3IwHwYDVR0jBBgwFoAUA6LzlboYH6BitMiU
+bx8bTfFyS8wDgYDVR0PAQH/BAQDAgeAMIGaBggrBgEFBQcBAQSBjTCBijCBhwYI
KwYBBQUHMAKGe3JzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jwa2kvbGFj
bmljLzQ4ZjA4M2JiLWY2MDMtNDg5My05OTkwLTAyODRjMDRjZWI4NS9kMTcwZmEy
MGFiOTFiNGFiMDUyNDgzZmQxZDFhNTBhZjBiYWVhMjU4LmNlcjCBmgYIKwYBBQUH
AQsEgY0wgYowgYcGCCsGAQUFBzALhntyc3luYzovL3JlcG9zaXRvcnkubGFjbmlj
Lm5ldC9ycGtpL2xhY25pYy8yODBlMDkxYS1hNzU3LTQ4YTUtODRmYy04ZGNmNDZh
ZjA5MTkvMDcxMDkwNjgzMDQ3ZjRkZWNjM2RlZTBmZDM0NTQwNWQwNjIyMGYwOC5y
b2EwgY8GA1UdHwSBhzCBhDCBgaB/oH2Ge3JzeW5jOi8vcmVwb3NpdG9yeS5sYWNu
aWMubmV0L3Jwa2kvbGFjbmljLzI4MGUwOTFhLWE3NTctNDhhNS04NGZjLThkY2Y0
NmFmMDkxOS9kMTcwZmEyMGFiOTFiNGFiMDUyNDgzZmQxZDFhNTBhZjBiYWVhMjU4
LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEw
DzANBAIAAjAHAwUAKAMakDANBgkqhkiG9w0BAQsFAAOCAQEAYHb7O3rY1HREZ2+5
c9NEJf15rybRYnuirvhzxr9XxSjeZcVtdGXLs3HOmYCX5xK3+WScyGCatCjBrktq
R4S1DLIDNia7rSiiUqsYfYT2vtiGA8EzRV6xFHgDUeKRfcaIwK/S/4NHbdlRgCR9
turIAnPRKRaLX2tiHNn0eqZHOSNd4hVG9atVKrP4tjFSkmAnksjy/8MUiZ6LPxBR
DPlWD673tC8I99Yd0enGzpTa73zWXTYAtJX+kXFmwux5whheWUjhUohEH3tVzu+C
zYxWwgvvIOKIHefeEiIe7dpO/c09gXT0yu9QrgVpN9S4w2zqgloDbd1991MIEQM9
e67cFw==
-----END CERTIFICATE-----
Generated at Thu Mar 28 21:28:44 2024 by rpki-client on console-ams.rpki-client.org