Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/4b971b10-c757-4e35-a5ec-468aed2fef72/c3d704b034bd53806bb8c88b1426caa337f28d8e.roa
File:                     c3d704b034bd53806bb8c88b1426caa337f28d8e.roa (raw, json)
Hash identifier:          HUxTF2XZPxXkKD1WcqgT/uYHMTfapNEE3wPUOzWGE4s=
Subject key identifier:   8A:81:15:5A:D1:3F:D7:93:94:3A:AB:D1:8D:A4:34:3B:84:66:65:B0
Certificate issuer:       /CN=6afeb237421bf785392eae0300cf585fb828024b
Certificate serial:       0291AA
Authority key identifier: 1B:5E:4F:6D:13:E7:91:2B:B2:A7:A7:98:1F:BE:C8:42:2B:6C:C7:4A
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/6afeb237421bf785392eae0300cf585fb828024b.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/4b971b10-c757-4e35-a5ec-468aed2fef72/c3d704b034bd53806bb8c88b1426caa337f28d8e.roa
Signing time:             Sat 27 May 2023 13:48:26 +0000
ROA not before:           Fri 26 May 2023 13:48:26 +0000
ROA not after:            Tue 27 May 2025 13:48:26 +0000
asID:                     272951
IP address blocks:        2803:6990::/32 maxlen: 32

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/4b971b10-c757-4e35-a5ec-468aed2fef72/6afeb237421bf785392eae0300cf585fb828024b.crl
                          rsync://repository.lacnic.net/rpki/lacnic/4b971b10-c757-4e35-a5ec-468aed2fef72/6afeb237421bf785392eae0300cf585fb828024b.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/6afeb237421bf785392eae0300cf585fb828024b.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 25 Feb 2024 20:21:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 168362 (0x291aa)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6afeb237421bf785392eae0300cf585fb828024b
        Validity
            Not Before: May 26 13:48:26 2023 GMT
            Not After : May 27 13:48:26 2025 GMT
        Subject: CN=c3d704b034bd53806bb8c88b1426caa337f28d8e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:1c:53:46:47:57:d9:b7:b8:c7:25:a9:53:3e:
                    b1:8c:9a:43:7a:f2:46:42:00:b7:d1:98:32:a3:c1:
                    78:73:2f:ad:2d:5b:1d:3e:5a:62:7d:98:8c:46:c9:
                    93:e6:1d:bd:12:87:e2:21:b0:3d:7e:55:74:ee:24:
                    4d:df:fc:6d:57:e0:03:65:89:04:15:67:6b:a9:b3:
                    32:04:f0:65:02:11:67:d1:9b:06:3f:21:54:a7:66:
                    ce:64:74:e7:57:e4:ee:49:04:82:5c:2a:92:e3:d0:
                    76:3b:96:22:56:51:84:da:ca:73:66:41:cb:8d:c4:
                    08:a3:1d:4d:bc:65:a5:89:37:1f:6b:70:18:3c:f5:
                    61:bc:f0:f0:72:ff:95:34:f0:e3:2b:04:d1:45:ce:
                    06:e6:79:d1:b5:49:cf:6e:41:f4:33:e2:b4:4e:a4:
                    5c:87:15:51:24:69:22:d5:ec:3b:8c:8a:ac:7e:7f:
                    99:43:a7:ad:0a:8f:65:81:49:e4:4b:30:ac:75:e8:
                    54:75:85:a0:12:68:a9:d2:0b:ee:ea:e9:48:1e:ea:
                    72:e3:3f:2d:19:be:44:a7:04:c5:20:da:70:51:52:
                    b0:56:00:24:8a:cf:d2:89:ba:ba:b2:e6:c4:e5:d0:
                    ab:e6:76:f8:5a:38:40:d2:f9:23:c5:d7:9b:83:f8:
                    50:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8A:81:15:5A:D1:3F:D7:93:94:3A:AB:D1:8D:A4:34:3B:84:66:65:B0
            X509v3 Authority Key Identifier:
                keyid:1B:5E:4F:6D:13:E7:91:2B:B2:A7:A7:98:1F:BE:C8:42:2B:6C:C7:4A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/6afeb237421bf785392eae0300cf585fb828024b.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/4b971b10-c757-4e35-a5ec-468aed2fef72/c3d704b034bd53806bb8c88b1426caa337f28d8e.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/4b971b10-c757-4e35-a5ec-468aed2fef72/6afeb237421bf785392eae0300cf585fb828024b.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2803:6990::/32

    Signature Algorithm: sha256WithRSAEncryption
         68:9e:d5:c7:02:18:c4:e5:fa:bf:a0:08:95:0e:92:ba:de:a4:
         7e:dd:a7:7b:d1:d2:7e:63:ec:71:00:9a:05:26:0a:1f:2c:06:
         4a:df:09:eb:21:81:dc:28:a2:2f:13:7a:46:98:b9:80:e5:a2:
         51:9e:be:17:00:5d:f8:3a:4c:41:6b:21:46:6e:a1:c6:c3:f0:
         f2:88:ef:da:b5:a6:ce:dd:0a:fb:95:b1:e1:13:c7:ad:49:9e:
         49:47:6f:e1:b1:3f:99:cc:ac:f2:71:7d:3b:63:1a:57:f0:0b:
         e6:f9:f8:93:9b:87:db:12:15:5a:eb:13:d3:42:85:0c:61:c7:
         ff:01:d0:5e:00:29:71:a0:5d:fc:6b:62:d3:4d:a1:b2:36:1d:
         94:8e:1c:08:74:6c:dc:73:18:53:87:40:af:cb:d3:de:15:dc:
         ea:e1:8c:ad:55:59:50:bf:da:de:b8:c0:5a:ee:d3:7b:55:d0:
         f5:d5:c8:36:6c:b2:7b:2e:c2:38:d2:8a:a3:5a:51:2e:cc:fb:
         bf:4d:af:9e:18:bf:f8:48:3c:40:29:49:0a:0b:09:42:e0:74:
         0f:fb:ce:bf:e9:53:42:ae:97:eb:9f:77:1c:e3:9d:55:d5:b1:
         b7:e8:f4:0e:24:ba:9e:4f:9b:ce:8d:a9:9a:e4:7e:eb:72:b1:
         6d:83:c7:02
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgIDApGqMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDZh
ZmViMjM3NDIxYmY3ODUzOTJlYWUwMzAwY2Y1ODVmYjgyODAyNGIwHhcNMjMwNTI2
MTM0ODI2WhcNMjUwNTI3MTM0ODI2WjAzMTEwLwYDVQQDEyhjM2Q3MDRiMDM0YmQ1
MzgwNmJiOGM4OGIxNDI2Y2FhMzM3ZjI4ZDhlMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAohxTRkdX2be4xyWpUz6xjJpDevJGQgC30Zgyo8F4cy+tLVsd
PlpifZiMRsmT5h29EofiIbA9flV07iRN3/xtV+ADZYkEFWdrqbMyBPBlAhFn0ZsG
PyFUp2bOZHTnV+TuSQSCXCqS49B2O5YiVlGE2spzZkHLjcQIox1NvGWliTcfa3AY
PPVhvPDwcv+VNPDjKwTRRc4G5nnRtUnPbkH0M+K0TqRchxVRJGki1ew7jIqsfn+Z
Q6etCo9lgUnkSzCsdehUdYWgEmip0gvu6ulIHupy4z8tGb5EpwTFINpwUVKwVgAk
is/Sibq6subE5dCr5nb4WjhA0vkjxdebg/hQwQIDAQABo4ICXDCCAlgwHQYDVR0O
BBYEFIqBFVrRP9eTlDqr0Y2kNDuEZmWwMB8GA1UdIwQYMBaAFBteT20T55Ersqen
mB++yEIrbMdKMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvNmFmZWIy
Mzc0MjFiZjc4NTM5MmVhZTAzMDBjZjU4NWZiODI4MDI0Yi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNGI5NzFiMTAtYzc1Ny00ZTM1LWE1ZWMtNDY4YWVk
MmZlZjcyL2MzZDcwNGIwMzRiZDUzODA2YmI4Yzg4YjE0MjZjYWEzMzdmMjhkOGUu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy80Yjk3MWIxMC1jNzU3LTRlMzUtYTVlYy00Njhh
ZWQyZmVmNzIvNmFmZWIyMzc0MjFiZjc4NTM5MmVhZTAzMDBjZjU4NWZiODI4MDI0
Yi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQR
MA8wDQQCAAIwBwMFACgDaZAwDQYJKoZIhvcNAQELBQADggEBAGie1ccCGMTl+r+g
CJUOkrrepH7dp3vR0n5j7HEAmgUmCh8sBkrfCeshgdwooi8TekaYuYDlolGevhcA
Xfg6TEFrIUZuocbD8PKI79q1ps7dCvuVseETx61JnklHb+GxP5nMrPJxfTtjGlfw
C+b5+JObh9sSFVrrE9NChQxhx/8B0F4AKXGgXfxrYtNNobI2HZSOHAh0bNxzGFOH
QK/L094V3OrhjK1VWVC/2t64wFru03tV0PXVyDZssnsuwjjSiqNaUS7M+79Nr54Y
v/hIPEApSQoLCULgdA/7zr/pU0Kul+ufdxzjnVXVsbfo9A4kup5Pm86NqZrkfuty
sW2DxwI=
-----END CERTIFICATE-----
Generated at Fri Feb 23 02:37:05 2024 by rpki-client on console-ams.rpki-client.org