Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/3141cedd-f816-435d-bc09-161f3961401c/d1452baaa99405a94bd98cb5c0d042ccc32db596.roa
File:                     d1452baaa99405a94bd98cb5c0d042ccc32db596.roa (raw, json)
Hash identifier:          8gy+7ETURaG9uXqOMgTs33Iq0rzRwiJsFem2XQffh9c=
Subject key identifier:   4B:63:9B:74:8C:AB:D6:DB:E1:71:BD:5E:7F:82:90:4E:B2:C3:DA:E9
Certificate issuer:       /CN=3d2bb3c8581116125c6e09f758e3d59db1bcc4e4
Certificate serial:       22B855
Authority key identifier: 54:F7:3B:80:35:06:A2:C8:9A:B6:74:58:BA:A3:18:35:37:CE:1F:7E
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/3d2bb3c8581116125c6e09f758e3d59db1bcc4e4.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/3141cedd-f816-435d-bc09-161f3961401c/d1452baaa99405a94bd98cb5c0d042ccc32db596.roa
Signing time:             Wed 06 Sep 2023 16:18:08 +0000
ROA not before:           Tue 05 Sep 2023 16:18:08 +0000
ROA not after:            Sat 06 Sep 2025 16:18:08 +0000
asID:                     273027
IP address blocks:        2801:1ba:e0::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/3141cedd-f816-435d-bc09-161f3961401c/3d2bb3c8581116125c6e09f758e3d59db1bcc4e4.crl
                          rsync://repository.lacnic.net/rpki/lacnic/3141cedd-f816-435d-bc09-161f3961401c/3d2bb3c8581116125c6e09f758e3d59db1bcc4e4.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/3d2bb3c8581116125c6e09f758e3d59db1bcc4e4.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 03 Mar 2024 00:36:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2275413 (0x22b855)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3d2bb3c8581116125c6e09f758e3d59db1bcc4e4
        Validity
            Not Before: Sep  5 16:18:08 2023 GMT
            Not After : Sep  6 16:18:08 2025 GMT
        Subject: CN=d1452baaa99405a94bd98cb5c0d042ccc32db596
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:79:c9:e5:30:26:70:7e:15:53:dc:45:02:86:
                    43:2e:f2:5b:18:88:c4:d1:ab:8a:6c:e1:7d:31:35:
                    19:5a:cd:a7:44:e2:ca:2c:e5:f1:ae:45:12:97:93:
                    d9:c4:08:fb:ca:81:ba:f0:ea:6d:74:c5:89:02:87:
                    bb:30:a3:b0:cd:58:ce:ac:25:5d:0c:d6:2c:8a:c9:
                    bc:6a:48:3f:f8:a5:da:92:d3:50:7a:75:35:a4:1a:
                    e4:df:fe:ec:08:63:25:40:c7:11:ec:8f:43:32:a3:
                    e3:04:fd:5d:f3:0e:95:33:9d:35:65:37:bf:2b:80:
                    bf:98:8c:52:0b:1b:16:2e:c1:c5:a0:65:17:49:7a:
                    b4:99:53:6d:1e:74:44:75:b9:b4:72:e1:37:29:5a:
                    ab:c8:17:98:46:59:ff:c3:cb:98:1f:9b:3c:3b:e2:
                    23:e3:2b:69:52:1e:90:75:40:90:09:ab:83:4c:85:
                    c4:c8:9e:7e:63:bb:18:65:03:2c:17:61:f7:26:32:
                    ba:9e:5c:1d:56:88:da:42:08:e6:5f:da:76:49:e0:
                    2d:e3:ad:d4:da:4c:8a:ac:87:9b:26:01:5f:be:89:
                    85:92:49:b9:95:18:4a:8f:7e:9c:43:4a:c0:5d:d0:
                    39:5a:72:d4:37:a0:d5:66:c2:8b:91:07:34:32:49:
                    b1:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4B:63:9B:74:8C:AB:D6:DB:E1:71:BD:5E:7F:82:90:4E:B2:C3:DA:E9
            X509v3 Authority Key Identifier:
                keyid:54:F7:3B:80:35:06:A2:C8:9A:B6:74:58:BA:A3:18:35:37:CE:1F:7E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/3d2bb3c8581116125c6e09f758e3d59db1bcc4e4.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/3141cedd-f816-435d-bc09-161f3961401c/d1452baaa99405a94bd98cb5c0d042ccc32db596.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/3141cedd-f816-435d-bc09-161f3961401c/3d2bb3c8581116125c6e09f758e3d59db1bcc4e4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2801:1ba:e0::/48

    Signature Algorithm: sha256WithRSAEncryption
         12:f5:0e:48:01:da:d7:15:03:60:3b:b4:28:6f:30:fb:09:af:
         6f:7e:1b:3f:ec:84:a2:3b:3f:e7:75:a7:e1:74:98:6f:98:29:
         f7:d2:c6:8d:f5:de:ac:79:f5:9a:45:f3:d2:2e:6a:45:de:97:
         01:ce:df:a7:d5:21:49:29:70:36:81:6f:cf:0d:71:6e:4d:22:
         32:87:4a:b1:63:24:23:4e:e8:94:f2:e5:c3:9c:2e:4e:4c:96:
         15:2a:7a:a8:31:3f:e8:7c:72:e2:02:60:0b:d5:70:2c:ee:7e:
         24:e1:d8:e1:8c:db:73:34:7f:76:8a:5b:ea:b8:f9:36:40:97:
         b4:e0:66:b7:a0:e0:d7:0d:4f:17:ff:3a:bf:1a:e4:c6:65:17:
         80:9f:28:06:f5:ce:87:82:1c:4e:5e:e2:da:08:c6:07:86:fb:
         72:17:de:f1:18:08:e6:24:d6:9c:cc:d9:58:08:91:c5:4d:9b:
         92:e2:e8:1c:ac:15:46:63:8f:ab:ed:87:8c:28:1c:99:16:3b:
         33:8b:1b:f4:2e:72:9a:a1:f7:15:1b:8b:b1:3a:49:e5:93:ab:
         1f:8b:a0:ae:2c:ac:e4:bb:08:13:8f:f1:02:ce:cd:c1:e9:25:
         e2:b9:de:bf:f9:77:47:26:5f:cb:38:ed:7d:70:fe:1f:6e:94:
         a0:e4:5f:cb
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgIDIrhVMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDNk
MmJiM2M4NTgxMTE2MTI1YzZlMDlmNzU4ZTNkNTlkYjFiY2M0ZTQwHhcNMjMwOTA1
MTYxODA4WhcNMjUwOTA2MTYxODA4WjAzMTEwLwYDVQQDEyhkMTQ1MmJhYWE5OTQw
NWE5NGJkOThjYjVjMGQwNDJjY2MzMmRiNTk2MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAoXnJ5TAmcH4VU9xFAoZDLvJbGIjE0auKbOF9MTUZWs2nROLK
LOXxrkUSl5PZxAj7yoG68OptdMWJAoe7MKOwzVjOrCVdDNYsism8akg/+KXaktNQ
enU1pBrk3/7sCGMlQMcR7I9DMqPjBP1d8w6VM501ZTe/K4C/mIxSCxsWLsHFoGUX
SXq0mVNtHnREdbm0cuE3KVqryBeYRln/w8uYH5s8O+Ij4ytpUh6QdUCQCauDTIXE
yJ5+Y7sYZQMsF2H3JjK6nlwdVojaQgjmX9p2SeAt463U2kyKrIebJgFfvomFkkm5
lRhKj36cQ0rAXdA5WnLUN6DVZsKLkQc0MkmxMwIDAQABo4ICXjCCAlowHQYDVR0O
BBYEFEtjm3SMq9bb4XG9Xn+CkE6yw9rpMB8GA1UdIwQYMBaAFFT3O4A1BqLImrZ0
WLqjGDU3zh9+MA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvM2QyYmIz
Yzg1ODExMTYxMjVjNmUwOWY3NThlM2Q1OWRiMWJjYzRlNC5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvMzE0MWNlZGQtZjgxNi00MzVkLWJjMDktMTYxZjM5
NjE0MDFjL2QxNDUyYmFhYTk5NDA1YTk0YmQ5OGNiNWMwZDA0MmNjYzMyZGI1OTYu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8zMTQxY2VkZC1mODE2LTQzNWQtYmMwOS0xNjFm
Mzk2MTQwMWMvM2QyYmIzYzg1ODExMTYxMjVjNmUwOWY3NThlM2Q1OWRiMWJjYzRl
NC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQT
MBEwDwQCAAIwCQMHACgBAboA4DANBgkqhkiG9w0BAQsFAAOCAQEAEvUOSAHa1xUD
YDu0KG8w+wmvb34bP+yEojs/53Wn4XSYb5gp99LGjfXerHn1mkXz0i5qRd6XAc7f
p9UhSSlwNoFvzw1xbk0iModKsWMkI07olPLlw5wuTkyWFSp6qDE/6Hxy4gJgC9Vw
LO5+JOHY4YzbczR/dopb6rj5NkCXtOBmt6Dg1w1PF/86vxrkxmUXgJ8oBvXOh4Ic
Tl7i2gjGB4b7chfe8RgI5iTWnMzZWAiRxU2bkuLoHKwVRmOPq+2HjCgcmRY7M4sb
9C5ymqH3FRuLsTpJ5ZOrH4ugriys5LsIE4/xAs7Nwekl4rnev/l3RyZfyzjtfXD+
H26UoORfyw==
-----END CERTIFICATE-----
Generated at Thu Feb 29 02:43:32 2024 by rpki-client on console-ams.rpki-client.org