Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/ab5965a278fa60c91759911c35e7670db0fa372d.roa
File:                     ab5965a278fa60c91759911c35e7670db0fa372d.roa (raw, json)
Hash identifier:          c0zhYd/HL4hHkJkTIthaAS2C1ngzlA42xW2oniGZoP8=
Subject key identifier:   E9:42:84:87:47:D9:63:43:2B:03:4E:E7:9B:AB:B9:BE:1A:26:6A:BD
Certificate issuer:       /CN=bfbb4d3a6dd5e649a6554c4817ce0ed277429136
Certificate serial:       11A942
Authority key identifier: 76:7F:42:4D:48:34:06:C4:20:E5:DF:19:BE:BE:99:3F:72:5A:F7:B6
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/ab5965a278fa60c91759911c35e7670db0fa372d.roa
Signing time:             Mon 27 Nov 2023 20:01:33 +0000
ROA not before:           Mon 27 Nov 2023 20:01:33 +0000
ROA not after:            Thu 27 Nov 2025 20:01:33 +0000
asID:                     22927
IP address blocks:        2802:8000::/25 maxlen: 48

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.crl
                          rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Thu 18 Apr 2024 06:11:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1157442 (0x11a942)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bfbb4d3a6dd5e649a6554c4817ce0ed277429136
        Validity
            Not Before: Nov 27 20:01:33 2023 GMT
            Not After : Nov 27 20:01:33 2025 GMT
        Subject: CN=ab5965a278fa60c91759911c35e7670db0fa372d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:c2:74:60:24:26:24:6a:f1:79:7c:c4:a4:6e:
                    07:6d:d5:cb:d1:f3:a7:b0:c2:67:0a:6f:70:d6:46:
                    e6:89:01:3f:4d:c2:14:4f:70:7b:21:70:ad:1b:84:
                    c3:ac:73:12:1d:03:45:10:ab:d4:39:50:07:8b:7a:
                    e5:2b:34:8f:b4:5d:03:74:e5:ba:a6:dd:b0:20:04:
                    08:13:2c:d5:37:29:9e:92:2d:a0:1f:70:25:80:f3:
                    06:a2:09:e5:c0:72:e9:67:ea:09:c9:89:3a:c6:5f:
                    dc:07:4b:0c:c2:f5:bd:3f:93:57:9f:8f:47:87:c3:
                    cb:9a:af:0d:b0:9b:a2:ec:25:a2:3c:46:08:52:54:
                    d5:7a:8b:9b:e0:c0:96:8e:9f:7b:6e:8e:4e:43:e8:
                    04:18:ff:f9:55:ea:2f:ee:86:d7:0e:85:fd:a8:8e:
                    63:ec:c1:89:d4:fe:c7:ac:ca:7f:dc:fd:64:81:7c:
                    5c:9c:e7:a9:24:60:e8:90:74:56:0f:be:a1:1d:53:
                    b4:c4:22:26:36:26:41:3a:9f:94:d2:67:30:90:34:
                    0a:60:30:69:48:ab:25:26:b2:78:6c:48:31:6b:ab:
                    70:41:de:28:d3:d3:81:f2:4b:8a:f6:1f:fb:4d:a1:
                    12:37:b8:4c:70:b2:78:3a:cc:38:7d:6b:81:e4:38:
                    4f:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E9:42:84:87:47:D9:63:43:2B:03:4E:E7:9B:AB:B9:BE:1A:26:6A:BD
            X509v3 Authority Key Identifier:
                keyid:76:7F:42:4D:48:34:06:C4:20:E5:DF:19:BE:BE:99:3F:72:5A:F7:B6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/ab5965a278fa60c91759911c35e7670db0fa372d.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2802:8000::/25

    Signature Algorithm: sha256WithRSAEncryption
         3b:e7:fb:4d:5a:83:08:94:41:e5:4c:85:91:53:48:0f:3e:f5:
         14:7b:cc:ab:f3:5e:36:3f:ae:1c:d7:d0:67:3c:5c:f5:f6:33:
         41:bc:fa:fc:df:ff:38:83:8a:d3:be:40:b2:43:4d:b3:da:bd:
         ed:c9:da:c6:2a:c4:79:f3:e3:36:10:53:80:47:f6:ec:31:94:
         f4:e4:5a:96:1f:b8:db:d0:6b:87:3b:1c:99:65:65:9a:ca:71:
         41:8b:c7:91:a4:61:bf:56:fd:a4:65:dd:c5:1a:f5:ec:66:d1:
         2e:0f:31:68:bc:ec:3c:ba:9a:33:9d:d6:8f:d3:38:49:e9:d9:
         9c:8f:49:6e:03:30:d9:3d:d5:d6:6b:99:1a:5c:f7:6a:aa:96:
         0e:37:d8:43:d3:27:56:9a:e2:82:00:48:af:2e:c2:93:78:86:
         18:6c:cc:e3:51:28:45:92:17:fe:ca:aa:f8:c1:66:08:8b:37:
         3c:22:00:1e:7d:78:c4:2d:37:94:59:34:ae:3a:33:02:ee:d7:
         24:46:cb:60:8e:bd:82:0e:76:78:55:cf:bc:0b:8a:47:71:af:
         b1:2d:4c:3c:46:c1:ed:5c:e5:4d:48:b0:ad:26:77:e9:76:6d:
         42:a9:45:47:fa:38:a4:c1:65:70:eb:28:1c:d0:50:ac:06:d6:
         ca:41:95:3d
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgIDEalCMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGJm
YmI0ZDNhNmRkNWU2NDlhNjU1NGM0ODE3Y2UwZWQyNzc0MjkxMzYwHhcNMjMxMTI3
MjAwMTMzWhcNMjUxMTI3MjAwMTMzWjAzMTEwLwYDVQQDEyhhYjU5NjVhMjc4ZmE2
MGM5MTc1OTkxMWMzNWU3NjcwZGIwZmEzNzJkMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAicJ0YCQmJGrxeXzEpG4HbdXL0fOnsMJnCm9w1kbmiQE/TcIU
T3B7IXCtG4TDrHMSHQNFEKvUOVAHi3rlKzSPtF0DdOW6pt2wIAQIEyzVNymeki2g
H3AlgPMGognlwHLpZ+oJyYk6xl/cB0sMwvW9P5NXn49Hh8PLmq8NsJui7CWiPEYI
UlTVeoub4MCWjp97bo5OQ+gEGP/5Veov7obXDoX9qI5j7MGJ1P7HrMp/3P1kgXxc
nOepJGDokHRWD76hHVO0xCImNiZBOp+U0mcwkDQKYDBpSKslJrJ4bEgxa6twQd4o
09OB8kuK9h/7TaESN7hMcLJ4Osw4fWuB5DhP7QIDAQABo4ICXDCCAlgwHQYDVR0O
BBYEFOlChIdH2WNDKwNO55urub4aJmq9MB8GA1UdIwQYMBaAFHZ/Qk1INAbEIOXf
Gb6+mT9yWve2MA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYmZiYjRk
M2E2ZGQ1ZTY0OWE2NTU0YzQ4MTdjZTBlZDI3NzQyOTEzNi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNTM3NWJjZmMtOGI4Ni00NTJlLTg1MGQtODNjZmUz
YjUwZjA2L2FiNTk2NWEyNzhmYTYwYzkxNzU5OTExYzM1ZTc2NzBkYjBmYTM3MmQu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy81Mzc1YmNmYy04Yjg2LTQ1MmUtODUwZC04M2Nm
ZTNiNTBmMDYvYmZiYjRkM2E2ZGQ1ZTY0OWE2NTU0YzQ4MTdjZTBlZDI3NzQyOTEz
Ni5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQR
MA8wDQQCAAIwBwMFBygCgAAwDQYJKoZIhvcNAQELBQADggEBADvn+01agwiUQeVM
hZFTSA8+9RR7zKvzXjY/rhzX0Gc8XPX2M0G8+vzf/ziDitO+QLJDTbPave3J2sYq
xHnz4zYQU4BH9uwxlPTkWpYfuNvQa4c7HJllZZrKcUGLx5GkYb9W/aRl3cUa9exm
0S4PMWi87Dy6mjOd1o/TOEnp2ZyPSW4DMNk91dZrmRpc92qqlg432EPTJ1aa4oIA
SK8uwpN4hhhszONRKEWSF/7KqvjBZgiLNzwiAB59eMQtN5RZNK46MwLu1yRGy2CO
vYIOdnhVz7wLikdxr7EtTDxGwe1c5U1IsK0md+l2bUKpRUf6OKTBZXDrKBzQUKwG
1spBlT0=
-----END CERTIFICATE-----
Generated at Mon Apr 15 10:07:20 2024 by rpki-client on console-fra.rpki-client.org