Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/514e1b74-b78e-4425-be27-a3cc2e13660b/859d13020d5244d5845c43cc4bd0a20ab909720d.roa
File:                     859d13020d5244d5845c43cc4bd0a20ab909720d.roa (raw, json)
Hash identifier:          DvkpugeMhEfWoqFmBYyCdqEstrtPvHzay2hWmW7qiEI=
Subject key identifier:   49:AA:1F:40:ED:35:BE:A9:9E:97:AA:3F:06:BD:FC:88:F8:79:AF:6F
Certificate issuer:       /CN=2a2f398f08732dba8b24bf45f6d48d5cac0c8f99
Certificate serial:       0CB4DF
Authority key identifier: A9:12:A8:EF:9D:3C:43:D0:99:9E:23:97:75:38:E5:8E:F9:61:BC:8D
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/2a2f398f08732dba8b24bf45f6d48d5cac0c8f99.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/514e1b74-b78e-4425-be27-a3cc2e13660b/859d13020d5244d5845c43cc4bd0a20ab909720d.roa
Signing time:             Mon 31 Jul 2023 16:46:46 +0000
ROA not before:           Sun 30 Jul 2023 16:46:46 +0000
ROA not after:            Thu 31 Jul 2025 16:46:46 +0000
asID:                     272081
IP address blocks:        2803:1b10::/32 maxlen: 32

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/514e1b74-b78e-4425-be27-a3cc2e13660b/2a2f398f08732dba8b24bf45f6d48d5cac0c8f99.crl
                          rsync://repository.lacnic.net/rpki/lacnic/514e1b74-b78e-4425-be27-a3cc2e13660b/2a2f398f08732dba8b24bf45f6d48d5cac0c8f99.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/2a2f398f08732dba8b24bf45f6d48d5cac0c8f99.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 26 Feb 2024 16:36:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 832735 (0xcb4df)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a2f398f08732dba8b24bf45f6d48d5cac0c8f99
        Validity
            Not Before: Jul 30 16:46:46 2023 GMT
            Not After : Jul 31 16:46:46 2025 GMT
        Subject: CN=859d13020d5244d5845c43cc4bd0a20ab909720d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:05:9c:b7:aa:10:17:d4:ea:d1:85:8b:42:19:
                    47:32:f3:c2:89:c9:e2:d6:a2:75:bb:63:96:11:ce:
                    15:c9:c4:c8:dc:e4:c2:78:3b:8a:1a:15:06:dc:de:
                    9f:11:ab:13:57:11:b0:c2:66:08:94:50:ac:47:4a:
                    28:c0:85:a5:d2:9d:7f:04:ca:c9:0a:51:05:68:02:
                    c3:f4:75:46:1c:fc:86:74:27:bd:c8:f0:20:0e:03:
                    28:00:db:5f:04:c9:f4:fb:48:21:6f:84:c1:ac:60:
                    6a:67:b8:05:be:4c:ca:b7:16:a5:b9:75:f8:b5:68:
                    69:3c:c8:59:23:c4:c4:6a:50:fa:cb:0f:ab:30:1a:
                    ac:64:54:1b:d6:35:4c:df:f9:33:77:84:e8:0c:b2:
                    29:ad:dd:39:ed:41:17:20:56:c3:4e:d6:75:11:ba:
                    9e:b2:f6:3f:41:fb:f6:b0:fa:6b:a2:24:6b:6c:3e:
                    5f:a4:a4:b1:4b:8f:f1:b6:0e:fb:1e:8f:5d:16:e9:
                    aa:15:82:e0:cc:9b:35:e7:95:c0:b6:a6:14:ea:6e:
                    5c:67:68:69:63:dc:29:d5:2d:6b:83:9c:08:8d:d9:
                    a5:29:22:1d:ed:2b:10:db:88:cd:7f:de:f5:eb:1b:
                    f4:69:08:d1:75:a6:82:57:37:bd:6f:3d:f7:0e:67:
                    61:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                49:AA:1F:40:ED:35:BE:A9:9E:97:AA:3F:06:BD:FC:88:F8:79:AF:6F
            X509v3 Authority Key Identifier:
                keyid:A9:12:A8:EF:9D:3C:43:D0:99:9E:23:97:75:38:E5:8E:F9:61:BC:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/2a2f398f08732dba8b24bf45f6d48d5cac0c8f99.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/514e1b74-b78e-4425-be27-a3cc2e13660b/859d13020d5244d5845c43cc4bd0a20ab909720d.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/514e1b74-b78e-4425-be27-a3cc2e13660b/2a2f398f08732dba8b24bf45f6d48d5cac0c8f99.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2803:1b10::/32

    Signature Algorithm: sha256WithRSAEncryption
         49:f3:57:d9:d2:1c:6c:df:f9:bc:05:90:e3:45:69:81:18:0f:
         7a:f1:8a:c2:54:4b:44:41:8a:d7:34:7f:d8:68:a5:a5:f9:84:
         8a:30:40:1a:ac:c9:af:e0:36:a7:fb:82:a4:4c:17:c3:00:29:
         c3:e8:15:85:c7:2f:e1:7f:1f:b0:c4:2d:c5:6f:fd:26:97:ef:
         f1:7d:cc:9d:83:bf:1e:6a:39:f9:d6:f9:e0:76:7a:df:af:35:
         14:f8:36:70:04:cd:3b:be:e0:96:9f:81:c9:ba:82:1a:8c:32:
         f6:08:28:fe:91:58:24:49:8e:4c:a3:13:23:33:c8:0e:ca:29:
         89:f2:dc:5e:6a:bd:70:b4:1f:9e:b2:b3:02:4f:54:48:60:ca:
         cb:64:a5:b1:46:66:dd:ac:18:0c:6c:05:5d:91:5f:d6:95:68:
         b3:c8:f3:72:8c:c1:d4:0b:44:86:9e:57:51:e4:c9:e5:65:e1:
         de:61:97:2a:d1:a9:03:36:eb:fd:e2:b5:d7:24:bf:e3:e2:a8:
         b3:da:61:ba:80:c4:e3:d7:28:f4:21:7c:14:79:79:62:87:12:
         24:93:81:45:8a:8c:be:1c:5d:2e:01:c6:7c:36:75:13:c2:77:
         8e:34:cc:88:b0:96:6f:bb:45:44:42:ba:72:e7:e0:76:39:dd:
         2e:96:a4:2b
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgIDDLTfMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDJh
MmYzOThmMDg3MzJkYmE4YjI0YmY0NWY2ZDQ4ZDVjYWMwYzhmOTkwHhcNMjMwNzMw
MTY0NjQ2WhcNMjUwNzMxMTY0NjQ2WjAzMTEwLwYDVQQDEyg4NTlkMTMwMjBkNTI0
NGQ1ODQ1YzQzY2M0YmQwYTIwYWI5MDk3MjBkMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAqgWct6oQF9Tq0YWLQhlHMvPCicni1qJ1u2OWEc4VycTI3OTC
eDuKGhUG3N6fEasTVxGwwmYIlFCsR0oowIWl0p1/BMrJClEFaALD9HVGHPyGdCe9
yPAgDgMoANtfBMn0+0ghb4TBrGBqZ7gFvkzKtxaluXX4tWhpPMhZI8TEalD6yw+r
MBqsZFQb1jVM3/kzd4ToDLIprd057UEXIFbDTtZ1EbqesvY/Qfv2sPproiRrbD5f
pKSxS4/xtg77Ho9dFumqFYLgzJs155XAtqYU6m5cZ2hpY9wp1S1rg5wIjdmlKSId
7SsQ24jNf9716xv0aQjRdaaCVze9bz33DmdhvwIDAQABo4ICXDCCAlgwHQYDVR0O
BBYEFEmqH0DtNb6pnpeqPwa9/Ij4ea9vMB8GA1UdIwQYMBaAFKkSqO+dPEPQmZ4j
l3U45Y75YbyNMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvMmEyZjM5
OGYwODczMmRiYThiMjRiZjQ1ZjZkNDhkNWNhYzBjOGY5OS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNTE0ZTFiNzQtYjc4ZS00NDI1LWJlMjctYTNjYzJl
MTM2NjBiLzg1OWQxMzAyMGQ1MjQ0ZDU4NDVjNDNjYzRiZDBhMjBhYjkwOTcyMGQu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy81MTRlMWI3NC1iNzhlLTQ0MjUtYmUyNy1hM2Nj
MmUxMzY2MGIvMmEyZjM5OGYwODczMmRiYThiMjRiZjQ1ZjZkNDhkNWNhYzBjOGY5
OS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQR
MA8wDQQCAAIwBwMFACgDGxAwDQYJKoZIhvcNAQELBQADggEBAEnzV9nSHGzf+bwF
kONFaYEYD3rxisJUS0RBitc0f9hopaX5hIowQBqsya/gNqf7gqRMF8MAKcPoFYXH
L+F/H7DELcVv/SaX7/F9zJ2Dvx5qOfnW+eB2et+vNRT4NnAEzTu+4Jafgcm6ghqM
MvYIKP6RWCRJjkyjEyMzyA7KKYny3F5qvXC0H56yswJPVEhgystkpbFGZt2sGAxs
BV2RX9aVaLPI83KMwdQLRIaeV1HkyeVl4d5hlyrRqQM26/3itdckv+PiqLPaYbqA
xOPXKPQhfBR5eWKHEiSTgUWKjL4cXS4Bxnw2dRPCd440zIiwlm+7RURCunLn4HY5
3S6WpCs=
-----END CERTIFICATE-----
Generated at Fri Feb 23 17:04:58 2024 by rpki-client on console-fra.rpki-client.org