Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/3f8c3b2f-b0fc-4a20-a9a5-5236fda16ee3/205b3bd89d1832753f0cb0e9bd96dfe611762c08.roa
File:                     205b3bd89d1832753f0cb0e9bd96dfe611762c08.roa (raw, json)
Hash identifier:          amD0T9mA7ypn08/s76KEzyn3Pz6WQhOgf3898Fs6om0=
Subject key identifier:   FA:99:2C:65:9E:D7:CD:49:D5:17:BF:76:C0:92:73:87:E6:44:86:DF
Certificate issuer:       /CN=e9249d6078896379eaa31ec8630fd15d97793e5d
Certificate serial:       16A86A
Authority key identifier: 37:8A:05:D0:C7:20:08:96:73:1A:23:6E:D0:92:16:78:45:AC:CD:0F
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/e9249d6078896379eaa31ec8630fd15d97793e5d.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/3f8c3b2f-b0fc-4a20-a9a5-5236fda16ee3/205b3bd89d1832753f0cb0e9bd96dfe611762c08.roa
Signing time:             Fri 03 Jun 2022 00:15:08 +0000
ROA not before:           Wed 24 Mar 2021 03:00:00 +0000
ROA not after:            Tue 24 Mar 2026 03:00:00 +0000
asID:                     267928
IP address blocks:        2801:1d:800::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/3f8c3b2f-b0fc-4a20-a9a5-5236fda16ee3/e9249d6078896379eaa31ec8630fd15d97793e5d.crl
                          rsync://repository.lacnic.net/rpki/lacnic/3f8c3b2f-b0fc-4a20-a9a5-5236fda16ee3/e9249d6078896379eaa31ec8630fd15d97793e5d.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/e9249d6078896379eaa31ec8630fd15d97793e5d.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 03:49:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1484906 (0x16a86a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e9249d6078896379eaa31ec8630fd15d97793e5d
        Validity
            Not Before: Mar 24 03:00:00 2021 GMT
            Not After : Mar 24 03:00:00 2026 GMT
        Subject: CN=205b3bd89d1832753f0cb0e9bd96dfe611762c08
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:cd:5c:96:e2:87:36:49:9a:06:fc:95:5e:9c:
                    58:9b:ef:e3:e6:22:99:19:2a:f7:93:1b:04:3f:a1:
                    05:62:d5:46:20:7f:25:45:c0:84:0c:ee:4c:d7:39:
                    cd:e1:fc:6d:9b:25:69:22:34:d8:8d:21:8f:a7:67:
                    b7:16:8c:66:0a:d8:94:89:c4:5a:69:a8:54:c5:f1:
                    09:96:59:78:29:0e:2d:c2:d3:e7:fc:e7:60:04:90:
                    5c:db:46:1f:d8:02:57:2c:b2:64:d2:24:83:87:33:
                    d9:29:a2:05:ab:96:7e:95:13:4d:11:4f:56:2a:53:
                    87:89:75:27:b6:9f:c5:ec:06:a4:96:2a:d8:1b:6e:
                    a9:91:b1:8e:d0:93:cc:d0:b5:4b:98:d0:6d:a3:b9:
                    20:d6:99:1a:d6:2d:c3:76:29:63:c2:20:cc:24:05:
                    16:52:a0:55:84:dd:36:2f:2e:0f:57:59:0a:92:d7:
                    ef:6d:81:9f:85:e0:19:ba:ff:f4:b8:75:3d:06:46:
                    a2:5a:b3:87:fc:92:8a:e9:9f:e1:82:be:88:4d:31:
                    b3:ec:7c:1b:2f:7f:9e:23:90:f2:7b:1a:e8:3b:c5:
                    7f:e2:c8:56:bc:92:6a:8e:87:92:5a:59:2d:02:26:
                    5b:32:83:26:2e:80:c0:c5:67:af:9b:56:b1:00:e6:
                    7a:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FA:99:2C:65:9E:D7:CD:49:D5:17:BF:76:C0:92:73:87:E6:44:86:DF
            X509v3 Authority Key Identifier:
                keyid:37:8A:05:D0:C7:20:08:96:73:1A:23:6E:D0:92:16:78:45:AC:CD:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/e9249d6078896379eaa31ec8630fd15d97793e5d.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/3f8c3b2f-b0fc-4a20-a9a5-5236fda16ee3/205b3bd89d1832753f0cb0e9bd96dfe611762c08.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/3f8c3b2f-b0fc-4a20-a9a5-5236fda16ee3/e9249d6078896379eaa31ec8630fd15d97793e5d.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2801:1d:800::/48

    Signature Algorithm: sha256WithRSAEncryption
         99:3f:14:a5:47:f3:1d:96:78:dd:20:98:72:a2:76:dd:ee:ea:
         82:f3:04:6b:9d:4c:0d:04:0f:a3:37:dd:7c:15:10:b7:21:3c:
         cf:4c:84:41:0e:66:94:c1:db:e8:6e:43:bf:5f:1a:2a:82:ee:
         1f:95:cb:bd:c2:37:7a:b2:b5:a1:db:89:1b:20:be:2b:04:e3:
         b3:f3:5c:d3:15:e0:54:70:4f:b0:52:2c:de:ae:79:cd:5a:be:
         32:97:54:37:d4:7c:2d:42:b6:71:92:f5:96:ef:d9:80:4d:83:
         1a:4c:3b:9d:e0:34:0d:47:ab:f6:00:43:d9:1b:19:a8:aa:f6:
         b3:e2:cd:95:c2:fa:5c:a7:66:b3:0b:55:eb:8d:f8:e8:c1:dc:
         e1:dc:90:13:d3:76:5a:ba:82:bb:45:5b:cb:6f:39:eb:95:c0:
         c2:55:57:1f:52:03:df:9e:ba:29:3d:62:83:60:8a:50:b6:a9:
         57:ef:b2:74:6c:b2:56:e7:b4:63:63:cd:55:1b:a8:24:7e:14:
         0d:2a:34:03:d3:2f:2e:01:73:08:10:60:d8:b0:ff:21:ee:89:
         4d:90:8a:69:28:12:ac:35:c3:25:ca:bb:57:d7:9f:a4:92:70:
         fd:5f:2a:7c:e8:84:13:82:00:5d:25:f1:9a:c1:96:0a:23:8b:
         e1:82:69:7f
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgIDFqhqMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGU5
MjQ5ZDYwNzg4OTYzNzllYWEzMWVjODYzMGZkMTVkOTc3OTNlNWQwHhcNMjEwMzI0
MDMwMDAwWhcNMjYwMzI0MDMwMDAwWjAzMTEwLwYDVQQDEygyMDViM2JkODlkMTgz
Mjc1M2YwY2IwZTliZDk2ZGZlNjExNzYyYzA4MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAmc1cluKHNkmaBvyVXpxYm+/j5iKZGSr3kxsEP6EFYtVGIH8l
RcCEDO5M1znN4fxtmyVpIjTYjSGPp2e3FoxmCtiUicRaaahUxfEJlll4KQ4twtPn
/OdgBJBc20Yf2AJXLLJk0iSDhzPZKaIFq5Z+lRNNEU9WKlOHiXUntp/F7AaklirY
G26pkbGO0JPM0LVLmNBto7kg1pka1i3DdiljwiDMJAUWUqBVhN02Ly4PV1kKktfv
bYGfheAZuv/0uHU9BkaiWrOH/JKK6Z/hgr6ITTGz7HwbL3+eI5DyexroO8V/4shW
vJJqjoeSWlktAiZbMoMmLoDAxWevm1axAOZ6rwIDAQABo4ICXjCCAlowHQYDVR0O
BBYEFPqZLGWe181J1Re/dsCSc4fmRIbfMB8GA1UdIwQYMBaAFDeKBdDHIAiWcxoj
btCSFnhFrM0PMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvZTkyNDlk
NjA3ODg5NjM3OWVhYTMxZWM4NjMwZmQxNWQ5Nzc5M2U1ZC5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvM2Y4YzNiMmYtYjBmYy00YTIwLWE5YTUtNTIzNmZk
YTE2ZWUzLzIwNWIzYmQ4OWQxODMyNzUzZjBjYjBlOWJkOTZkZmU2MTE3NjJjMDgu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy8zZjhjM2IyZi1iMGZjLTRhMjAtYTlhNS01MjM2
ZmRhMTZlZTMvZTkyNDlkNjA3ODg5NjM3OWVhYTMxZWM4NjMwZmQxNWQ5Nzc5M2U1
ZC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQT
MBEwDwQCAAIwCQMHACgBAB0IADANBgkqhkiG9w0BAQsFAAOCAQEAmT8UpUfzHZZ4
3SCYcqJ23e7qgvMEa51MDQQPozfdfBUQtyE8z0yEQQ5mlMHb6G5Dv18aKoLuH5XL
vcI3erK1oduJGyC+KwTjs/Nc0xXgVHBPsFIs3q55zVq+MpdUN9R8LUK2cZL1lu/Z
gE2DGkw7neA0DUer9gBD2RsZqKr2s+LNlcL6XKdmswtV64346MHc4dyQE9N2WrqC
u0Vby28565XAwlVXH1ID3566KT1ig2CKULapV++ydGyyVue0Y2PNVRuoJH4UDSo0
A9MvLgFzCBBg2LD/Ie6JTZCKaSgSrDXDJcq7V9efpJJw/V8qfOiEE4IAXSXxmsGW
CiOL4YJpfw==
-----END CERTIFICATE-----
Generated at Thu Mar 28 08:10:58 2024 by rpki-client on console-ams.rpki-client.org