Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/49c18d82-9a62-46a6-8470-be909cac4304/35a964acba109a06345af4b6bf28310226c36fc2.roa
File:                     35a964acba109a06345af4b6bf28310226c36fc2.roa (raw, json)
Hash identifier:          ox0CudEXG8yVB6QJd5YUGM/AvebzH9wEWYUQOWIsd9c=
Subject key identifier:   8B:24:9A:F6:43:47:AE:77:02:DB:EB:99:0E:65:77:9E:1B:B4:26:9E
Certificate issuer:       /CN=dffb95a77b596556dc922d7d59d7e123c2fec9b7
Certificate serial:       1B71B9
Authority key identifier: D4:7C:4D:55:EF:31:B5:B6:73:BE:CF:CE:F3:1F:AF:BE:A3:18:37:F0
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/dffb95a77b596556dc922d7d59d7e123c2fec9b7.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/49c18d82-9a62-46a6-8470-be909cac4304/35a964acba109a06345af4b6bf28310226c36fc2.roa
Signing time:             Wed 04 Oct 2023 01:42:14 +0000
ROA not before:           Tue 03 Oct 2023 01:42:14 +0000
ROA not after:            Sat 04 Oct 2025 02:42:14 +0000
asID:                     270158
IP address blocks:        2806:3c7::/32 maxlen: 48

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/49c18d82-9a62-46a6-8470-be909cac4304/dffb95a77b596556dc922d7d59d7e123c2fec9b7.crl
                          rsync://repository.lacnic.net/rpki/lacnic/49c18d82-9a62-46a6-8470-be909cac4304/dffb95a77b596556dc922d7d59d7e123c2fec9b7.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/dffb95a77b596556dc922d7d59d7e123c2fec9b7.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Tue 27 Feb 2024 21:42:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1798585 (0x1b71b9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dffb95a77b596556dc922d7d59d7e123c2fec9b7
        Validity
            Not Before: Oct  3 01:42:14 2023 GMT
            Not After : Oct  4 02:42:14 2025 GMT
        Subject: CN=35a964acba109a06345af4b6bf28310226c36fc2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:d1:c3:0f:d4:19:32:c7:c9:fb:6f:9d:24:49:
                    a5:f8:18:b0:ea:82:58:9c:8d:a2:2a:5e:18:a9:45:
                    21:d4:e8:57:e4:2a:65:7d:01:09:8b:f6:fc:32:c5:
                    06:09:42:2f:23:19:59:7c:05:81:ca:24:33:d0:e3:
                    10:24:a8:52:5b:68:b4:07:1b:d2:93:17:0e:b3:03:
                    4f:58:39:d7:ee:d6:aa:d9:33:38:ee:33:a4:24:86:
                    6c:36:e8:fa:1a:ee:f5:03:65:a4:cf:9a:0d:52:77:
                    cd:61:9e:57:26:4c:77:63:a8:df:d9:c7:44:f1:d2:
                    ab:ae:18:be:5f:58:4e:64:47:e5:e2:c1:8c:6c:b7:
                    5b:28:79:6b:66:9f:47:80:7e:da:94:ea:c7:cc:55:
                    0a:ae:d8:b3:68:82:5f:1b:71:77:1f:ea:69:44:13:
                    e7:7c:85:cd:80:f9:53:e1:40:9e:30:ad:84:71:8b:
                    59:a8:15:c0:eb:64:9b:9b:63:da:eb:3f:38:94:5d:
                    5b:4d:87:3b:df:d3:63:a3:09:3b:56:66:1e:7d:66:
                    6c:11:5f:fc:a9:d3:96:b4:f3:de:b8:e2:57:41:c5:
                    e0:25:17:6c:e6:51:74:02:ae:84:e0:1c:ef:27:63:
                    4e:1b:1a:82:6a:f4:a9:57:c6:a8:0a:83:b0:ce:1c:
                    12:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8B:24:9A:F6:43:47:AE:77:02:DB:EB:99:0E:65:77:9E:1B:B4:26:9E
            X509v3 Authority Key Identifier:
                keyid:D4:7C:4D:55:EF:31:B5:B6:73:BE:CF:CE:F3:1F:AF:BE:A3:18:37:F0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/dffb95a77b596556dc922d7d59d7e123c2fec9b7.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/49c18d82-9a62-46a6-8470-be909cac4304/35a964acba109a06345af4b6bf28310226c36fc2.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/49c18d82-9a62-46a6-8470-be909cac4304/dffb95a77b596556dc922d7d59d7e123c2fec9b7.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2806:3c7::/32

    Signature Algorithm: sha256WithRSAEncryption
         23:51:53:cd:de:ed:de:4b:1e:c8:5d:e0:2a:ce:ac:5d:94:f7:
         e4:e2:64:08:b7:a7:b4:df:a1:77:32:55:3f:b5:c7:07:c1:d1:
         ce:c9:5d:72:ac:8d:6a:f9:90:39:7a:31:53:2b:ad:ad:5f:5a:
         91:50:d0:d9:a1:80:a8:7c:db:a6:65:8d:af:22:93:bd:77:6a:
         c7:68:7e:18:44:6b:d3:af:5f:aa:5c:27:4f:5e:ba:97:b4:5b:
         27:ae:c4:d2:dc:8d:0f:b2:8a:71:a0:11:38:63:84:34:d0:86:
         f9:a6:c8:c0:67:4d:7b:54:12:7e:50:e7:1b:64:4c:3c:cc:9d:
         90:13:49:e1:15:57:7d:3e:e2:72:d1:5d:b0:38:27:72:4d:e7:
         46:76:5a:50:84:06:cf:07:7e:53:8c:0e:19:aa:0f:dc:64:f2:
         09:85:3b:04:de:2d:36:14:cd:f5:73:a1:12:ae:76:50:4e:f2:
         57:f2:7f:6c:c0:19:2b:77:06:ad:34:e7:be:64:01:72:de:73:
         1a:45:f0:2b:b8:05:ac:b9:8c:39:07:a1:42:34:c9:11:56:4d:
         01:35:1b:0b:d4:23:49:c9:1a:97:ed:bc:7e:a7:57:37:68:da:
         66:72:18:fd:1d:57:67:40:bd:01:b1:4c:c1:c8:e0:4c:b8:87:
         9e:51:2b:79
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgIDG3G5MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGRm
ZmI5NWE3N2I1OTY1NTZkYzkyMmQ3ZDU5ZDdlMTIzYzJmZWM5YjcwHhcNMjMxMDAz
MDE0MjE0WhcNMjUxMDA0MDI0MjE0WjAzMTEwLwYDVQQDEygzNWE5NjRhY2JhMTA5
YTA2MzQ1YWY0YjZiZjI4MzEwMjI2YzM2ZmMyMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA09HDD9QZMsfJ+2+dJEml+Biw6oJYnI2iKl4YqUUh1OhX5Cpl
fQEJi/b8MsUGCUIvIxlZfAWByiQz0OMQJKhSW2i0BxvSkxcOswNPWDnX7taq2TM4
7jOkJIZsNuj6Gu71A2Wkz5oNUnfNYZ5XJkx3Y6jf2cdE8dKrrhi+X1hOZEfl4sGM
bLdbKHlrZp9HgH7alOrHzFUKrtizaIJfG3F3H+ppRBPnfIXNgPlT4UCeMK2EcYtZ
qBXA62Sbm2Pa6z84lF1bTYc739Njowk7VmYefWZsEV/8qdOWtPPeuOJXQcXgJRds
5lF0Aq6E4BzvJ2NOGxqCavSpV8aoCoOwzhwSEQIDAQABo4ICXDCCAlgwHQYDVR0O
BBYEFIskmvZDR653AtvrmQ5ld54btCaeMB8GA1UdIwQYMBaAFNR8TVXvMbW2c77P
zvMfr76jGDfwMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvZGZmYjk1
YTc3YjU5NjU1NmRjOTIyZDdkNTlkN2UxMjNjMmZlYzliNy5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNDljMThkODItOWE2Mi00NmE2LTg0NzAtYmU5MDlj
YWM0MzA0LzM1YTk2NGFjYmExMDlhMDYzNDVhZjRiNmJmMjgzMTAyMjZjMzZmYzIu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy80OWMxOGQ4Mi05YTYyLTQ2YTYtODQ3MC1iZTkw
OWNhYzQzMDQvZGZmYjk1YTc3YjU5NjU1NmRjOTIyZDdkNTlkN2UxMjNjMmZlYzli
Ny5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQR
MA8wDQQCAAIwBwMFACgGA8cwDQYJKoZIhvcNAQELBQADggEBACNRU83e7d5LHshd
4CrOrF2U9+TiZAi3p7TfoXcyVT+1xwfB0c7JXXKsjWr5kDl6MVMrra1fWpFQ0Nmh
gKh826Zlja8ik713asdofhhEa9OvX6pcJ09eupe0WyeuxNLcjQ+yinGgEThjhDTQ
hvmmyMBnTXtUEn5Q5xtkTDzMnZATSeEVV30+4nLRXbA4J3JN50Z2WlCEBs8HflOM
DhmqD9xk8gmFOwTeLTYUzfVzoRKudlBO8lfyf2zAGSt3Bq00575kAXLecxpF8Cu4
Bay5jDkHoUI0yRFWTQE1GwvUI0nJGpftvH6nVzdo2mZyGP0dV2dAvQGxTMHI4Ey4
h55RK3k=
-----END CERTIFICATE-----
Generated at Sun Feb 25 02:38:37 2024 by rpki-client on console-ams.rpki-client.org