Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/b7e7deda95520eeaeefd22d5d21164d2695532a8.roa
File:                     b7e7deda95520eeaeefd22d5d21164d2695532a8.roa (raw, json)
Hash identifier:          8YcRA5y4VpVIBmNf2JRcAiuyMAEddYf1g3ekKZPkwXE=
Subject key identifier:   16:C8:89:A1:80:9A:12:01:07:AE:D5:AB:1B:75:1D:14:3E:0E:2C:98
Certificate issuer:       /CN=bfbb4d3a6dd5e649a6554c4817ce0ed277429136
Certificate serial:       144911
Authority key identifier: 76:7F:42:4D:48:34:06:C4:20:E5:DF:19:BE:BE:99:3F:72:5A:F7:B6
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/b7e7deda95520eeaeefd22d5d21164d2695532a8.roa
Signing time:             Thu 01 Feb 2024 00:04:07 +0000
ROA not before:           Thu 01 Feb 2024 00:04:07 +0000
ROA not after:            Sun 01 Feb 2026 00:04:07 +0000
asID:                     10834
IP address blocks:        2800:381::/32 maxlen: 48

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.crl
                          rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Thu 18 Apr 2024 06:11:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1329425 (0x144911)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bfbb4d3a6dd5e649a6554c4817ce0ed277429136
        Validity
            Not Before: Feb  1 00:04:07 2024 GMT
            Not After : Feb  1 00:04:07 2026 GMT
        Subject: CN=b7e7deda95520eeaeefd22d5d21164d2695532a8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:c6:f4:ee:07:9a:be:52:b1:54:72:26:1f:7d:
                    6c:2e:49:85:9a:87:da:ad:3d:03:88:96:72:d5:a5:
                    5e:67:4a:55:95:4c:cb:c7:3f:4c:e9:76:8f:19:5c:
                    65:b5:16:40:08:7b:fd:1b:84:2e:bb:e3:69:92:3e:
                    33:f9:29:49:6c:11:fc:35:ec:04:ed:be:0b:5c:b3:
                    72:95:e5:e0:25:20:c8:ab:26:ad:15:59:42:25:2d:
                    18:43:9a:f1:00:ab:0f:1f:59:81:f0:03:a4:49:ca:
                    35:ec:e1:24:8e:a8:39:eb:b8:99:58:ef:81:ec:83:
                    46:41:18:24:7d:bb:d6:e2:44:12:e1:82:c8:d7:2e:
                    ef:7c:e7:b4:83:1d:18:00:cb:d6:53:ca:19:01:d3:
                    f1:5e:32:81:f0:1d:a9:df:5b:9a:d6:3a:6e:c3:e5:
                    ff:6f:25:ee:c8:78:3c:c6:18:c8:95:c6:83:a8:80:
                    be:28:42:06:40:29:a4:c4:c3:b3:6d:be:a7:3a:e8:
                    1d:e5:a6:34:5b:43:ce:75:d4:08:ca:d5:fb:36:03:
                    65:71:8c:21:66:d2:11:1f:8e:2c:7e:aa:b0:13:4f:
                    47:91:40:21:32:eb:16:cb:8f:98:52:3b:d4:38:3b:
                    ee:19:4e:de:67:15:c0:a9:15:66:4f:e6:46:07:cb:
                    46:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                16:C8:89:A1:80:9A:12:01:07:AE:D5:AB:1B:75:1D:14:3E:0E:2C:98
            X509v3 Authority Key Identifier:
                keyid:76:7F:42:4D:48:34:06:C4:20:E5:DF:19:BE:BE:99:3F:72:5A:F7:B6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/b7e7deda95520eeaeefd22d5d21164d2695532a8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/5375bcfc-8b86-452e-850d-83cfe3b50f06/bfbb4d3a6dd5e649a6554c4817ce0ed277429136.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2800:381::/32

    Signature Algorithm: sha256WithRSAEncryption
         6f:62:05:83:28:98:13:c2:67:4a:f2:d7:27:86:dc:52:a1:87:
         49:29:f1:f6:f8:72:d7:b1:3e:06:30:52:67:5e:60:0c:53:65:
         5c:1c:f4:fa:9f:40:42:02:22:0e:c3:9c:ab:e0:38:c2:c7:95:
         fe:a9:9e:ce:a9:ee:7d:37:9c:62:52:1b:58:dd:32:85:a5:1d:
         92:b2:d9:a2:df:f8:4c:73:df:fa:92:10:f8:12:96:d2:6d:0a:
         24:74:ba:0c:20:d2:02:55:bf:2a:ac:e5:17:e0:83:47:5d:04:
         2e:7b:a9:2a:26:59:45:e2:bf:51:d1:db:5a:6d:fb:f4:1a:d0:
         f7:92:f0:5a:7d:db:3a:d5:2d:8d:fd:66:5f:5d:0f:f4:78:26:
         50:d1:f1:34:76:49:13:10:d7:a8:4d:8e:7b:a8:03:a0:79:3c:
         4f:40:8a:c4:47:ae:f3:a8:4e:cb:9d:db:66:28:44:a0:66:2b:
         6c:6b:65:07:1b:85:27:86:cb:79:c2:e6:77:2c:be:f9:25:a0:
         6a:1f:30:4a:de:a4:f3:61:07:63:60:0c:64:f5:e1:95:5e:fd:
         b2:27:ef:c4:e4:a7:5e:91:88:2e:92:a8:6b:8d:89:60:96:ab:
         9b:0f:37:1d:1c:20:52:b4:8f:8e:3a:aa:8e:8a:e1:51:4a:4f:
         0d:27:d3:53
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgIDFEkRMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGJm
YmI0ZDNhNmRkNWU2NDlhNjU1NGM0ODE3Y2UwZWQyNzc0MjkxMzYwHhcNMjQwMjAx
MDAwNDA3WhcNMjYwMjAxMDAwNDA3WjAzMTEwLwYDVQQDEyhiN2U3ZGVkYTk1NTIw
ZWVhZWVmZDIyZDVkMjExNjRkMjY5NTUzMmE4MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAiMb07geavlKxVHImH31sLkmFmofarT0DiJZy1aVeZ0pVlUzL
xz9M6XaPGVxltRZACHv9G4Quu+Npkj4z+SlJbBH8NewE7b4LXLNyleXgJSDIqyat
FVlCJS0YQ5rxAKsPH1mB8AOkSco17OEkjqg567iZWO+B7INGQRgkfbvW4kQS4YLI
1y7vfOe0gx0YAMvWU8oZAdPxXjKB8B2p31ua1jpuw+X/byXuyHg8xhjIlcaDqIC+
KEIGQCmkxMOzbb6nOugd5aY0W0POddQIytX7NgNlcYwhZtIRH44sfqqwE09HkUAh
MusWy4+YUjvUODvuGU7eZxXAqRVmT+ZGB8tGYwIDAQABo4ICXDCCAlgwHQYDVR0O
BBYEFBbIiaGAmhIBB67Vqxt1HRQ+DiyYMB8GA1UdIwQYMBaAFHZ/Qk1INAbEIOXf
Gb6+mT9yWve2MA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYmZiYjRk
M2E2ZGQ1ZTY0OWE2NTU0YzQ4MTdjZTBlZDI3NzQyOTEzNi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNTM3NWJjZmMtOGI4Ni00NTJlLTg1MGQtODNjZmUz
YjUwZjA2L2I3ZTdkZWRhOTU1MjBlZWFlZWZkMjJkNWQyMTE2NGQyNjk1NTMyYTgu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy81Mzc1YmNmYy04Yjg2LTQ1MmUtODUwZC04M2Nm
ZTNiNTBmMDYvYmZiYjRkM2E2ZGQ1ZTY0OWE2NTU0YzQ4MTdjZTBlZDI3NzQyOTEz
Ni5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQR
MA8wDQQCAAIwBwMFACgAA4EwDQYJKoZIhvcNAQELBQADggEBAG9iBYMomBPCZ0ry
1yeG3FKhh0kp8fb4ctexPgYwUmdeYAxTZVwc9PqfQEICIg7DnKvgOMLHlf6pns6p
7n03nGJSG1jdMoWlHZKy2aLf+Exz3/qSEPgSltJtCiR0ugwg0gJVvyqs5Rfgg0dd
BC57qSomWUXiv1HR21pt+/Qa0PeS8Fp92zrVLY39Zl9dD/R4JlDR8TR2SRMQ16hN
jnuoA6B5PE9AisRHrvOoTsud22YoRKBmK2xrZQcbhSeGy3nC5ncsvvkloGofMEre
pPNhB2NgDGT14ZVe/bIn78Tkp16RiC6SqGuNiWCWq5sPNx0cIFK0j446qo6K4VFK
Tw0n01M=
-----END CERTIFICATE-----
Generated at Mon Apr 15 09:53:54 2024 by rpki-client on console-ams.rpki-client.org