Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/543e38d7-bd22-4290-ab4b-de3782447a1c/7c0095a1240e4da6567049d7b9dc17235e162e27.roa
File:                     7c0095a1240e4da6567049d7b9dc17235e162e27.roa (raw, json)
Hash identifier:          dUdy6TrVWrVOs99OAwWOq0hc+ES2JrPSrL45mrPAAeQ=
Subject key identifier:   51:AD:95:C1:63:B5:2D:8B:BC:2C:ED:77:33:7D:B9:0B:82:5C:A6:90
Certificate issuer:       /CN=df6777c83b4a4a37f042b28ecdd7c8deadefd729
Certificate serial:       039936
Authority key identifier: D1:46:18:6D:FD:86:FF:1E:39:B4:EA:7B:D0:8E:B1:C6:14:A3:D4:C9
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/df6777c83b4a4a37f042b28ecdd7c8deadefd729.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/543e38d7-bd22-4290-ab4b-de3782447a1c/7c0095a1240e4da6567049d7b9dc17235e162e27.roa
Signing time:             Wed 24 Mar 2021 14:36:11 +0000
ROA not before:           Wed 24 Mar 2021 14:36:11 +0000
ROA not after:            Tue 24 Mar 2026 14:36:11 +0000
asID:                     27817
IP address blocks:        2001:13f8::/32 maxlen: 48

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/543e38d7-bd22-4290-ab4b-de3782447a1c/df6777c83b4a4a37f042b28ecdd7c8deadefd729.crl
                          rsync://repository.lacnic.net/rpki/lacnic/543e38d7-bd22-4290-ab4b-de3782447a1c/df6777c83b4a4a37f042b28ecdd7c8deadefd729.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/df6777c83b4a4a37f042b28ecdd7c8deadefd729.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 03:49:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 235830 (0x39936)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6777c83b4a4a37f042b28ecdd7c8deadefd729
        Validity
            Not Before: Mar 24 14:36:11 2021 GMT
            Not After : Mar 24 14:36:11 2026 GMT
        Subject: CN=7c0095a1240e4da6567049d7b9dc17235e162e27
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:6b:fd:bd:4c:c3:65:1c:90:40:1d:dc:08:df:
                    51:a6:74:d4:0f:ee:7e:c7:10:4d:a4:0d:4a:3d:fc:
                    8c:22:77:c0:63:89:8a:41:61:f8:e8:a8:3c:f7:42:
                    09:52:c2:44:12:37:c1:1f:e9:23:f4:0c:8f:e1:fa:
                    c3:4b:48:9c:f9:86:eb:f5:ce:7c:96:3b:37:40:12:
                    1b:52:fd:fd:cd:30:84:65:62:55:85:b0:cd:ac:a5:
                    33:25:35:c0:81:71:be:37:10:86:a6:3c:76:02:23:
                    e2:dd:8a:23:a0:e3:52:d1:cc:a3:40:ce:9e:a8:ce:
                    26:8d:8a:6f:a3:c2:6c:88:2a:f5:8b:6c:51:3f:ce:
                    9b:d9:7a:2f:ed:4a:ae:c6:9d:15:6e:dc:6c:41:42:
                    c8:bf:56:f6:3d:13:3e:60:ad:28:17:cc:10:9c:15:
                    f3:73:84:4c:6b:c4:e8:eb:5d:4b:b2:f7:bd:b3:04:
                    3a:c2:b2:b9:0f:3b:90:44:92:bb:ec:38:36:cc:56:
                    67:1c:b9:bd:3c:21:dd:5c:f6:f4:3a:82:2e:cd:38:
                    b4:ce:74:ea:b6:e2:c0:57:05:7c:de:01:64:ef:c3:
                    0b:da:9c:e4:0d:7d:4b:51:2e:a0:71:e8:8c:fe:e0:
                    8b:eb:02:1d:dc:5b:94:1b:3f:b2:9a:80:f3:05:cb:
                    33:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                51:AD:95:C1:63:B5:2D:8B:BC:2C:ED:77:33:7D:B9:0B:82:5C:A6:90
            X509v3 Authority Key Identifier:
                keyid:D1:46:18:6D:FD:86:FF:1E:39:B4:EA:7B:D0:8E:B1:C6:14:A3:D4:C9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/df6777c83b4a4a37f042b28ecdd7c8deadefd729.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/543e38d7-bd22-4290-ab4b-de3782447a1c/7c0095a1240e4da6567049d7b9dc17235e162e27.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/543e38d7-bd22-4290-ab4b-de3782447a1c/df6777c83b4a4a37f042b28ecdd7c8deadefd729.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:13f8::/32

    Signature Algorithm: sha256WithRSAEncryption
         27:a8:b8:2a:65:46:60:b3:43:43:18:00:7d:5c:b8:48:d6:0b:
         fd:fc:27:aa:68:91:ae:34:a0:9c:54:33:fc:20:e3:ec:47:76:
         8e:f7:46:8f:68:be:d9:65:17:28:78:03:01:38:4d:91:d8:f2:
         17:6c:91:c7:c2:4b:c0:e3:c4:b2:c6:c6:36:d8:cc:79:fb:80:
         91:b2:56:bb:99:43:4a:47:db:83:a4:42:10:4b:a0:72:3d:4c:
         c6:2b:a3:a8:ec:fe:de:b4:90:6e:e3:bd:f8:64:2a:47:75:16:
         b9:af:37:d9:a3:b6:ae:97:4d:a8:83:77:67:dc:8c:31:4c:e9:
         f6:44:0d:fd:b0:61:2a:bd:95:3f:e0:ff:ce:df:8f:1d:c4:be:
         25:8e:a2:20:6d:70:14:6c:a8:16:f5:cc:2b:a7:e6:a0:7a:51:
         79:3d:11:45:e1:dc:f3:53:99:72:dd:eb:b9:dd:c0:2f:a0:64:
         7d:1e:4d:4c:bf:a6:3b:23:30:70:fd:50:3f:ba:0f:40:07:2b:
         89:c7:34:86:a1:bf:b7:a1:5b:e4:09:e1:5e:25:cf:6f:4d:3d:
         ba:6a:59:d8:27:71:e8:52:81:b5:30:bd:28:4c:23:4a:03:6c:
         09:94:a4:3e:b2:5c:95:b9:10:69:7e:18:28:e7:c5:19:3d:1e:
         94:d5:a0:29
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgIDA5k2MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGRm
Njc3N2M4M2I0YTRhMzdmMDQyYjI4ZWNkZDdjOGRlYWRlZmQ3MjkwHhcNMjEwMzI0
MTQzNjExWhcNMjYwMzI0MTQzNjExWjAzMTEwLwYDVQQDEyg3YzAwOTVhMTI0MGU0
ZGE2NTY3MDQ5ZDdiOWRjMTcyMzVlMTYyZTI3MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEApmv9vUzDZRyQQB3cCN9RpnTUD+5+xxBNpA1KPfyMInfAY4mK
QWH46Kg890IJUsJEEjfBH+kj9AyP4frDS0ic+Ybr9c58ljs3QBIbUv39zTCEZWJV
hbDNrKUzJTXAgXG+NxCGpjx2AiPi3YojoONS0cyjQM6eqM4mjYpvo8JsiCr1i2xR
P86b2Xov7Uquxp0VbtxsQULIv1b2PRM+YK0oF8wQnBXzc4RMa8To611Lsve9swQ6
wrK5DzuQRJK77Dg2zFZnHLm9PCHdXPb0OoIuzTi0znTqtuLAVwV83gFk78ML2pzk
DX1LUS6gceiM/uCL6wId3FuUGz+ymoDzBcsz4QIDAQABo4ICXDCCAlgwHQYDVR0O
BBYEFFGtlcFjtS2LvCztdzN9uQuCXKaQMB8GA1UdIwQYMBaAFNFGGG39hv8eObTq
e9COscYUo9TJMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvZGY2Nzc3
YzgzYjRhNGEzN2YwNDJiMjhlY2RkN2M4ZGVhZGVmZDcyOS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNTQzZTM4ZDctYmQyMi00MjkwLWFiNGItZGUzNzgy
NDQ3YTFjLzdjMDA5NWExMjQwZTRkYTY1NjcwNDlkN2I5ZGMxNzIzNWUxNjJlMjcu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy81NDNlMzhkNy1iZDIyLTQyOTAtYWI0Yi1kZTM3
ODI0NDdhMWMvZGY2Nzc3YzgzYjRhNGEzN2YwNDJiMjhlY2RkN2M4ZGVhZGVmZDcy
OS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQR
MA8wDQQCAAIwBwMFACABE/gwDQYJKoZIhvcNAQELBQADggEBACeouCplRmCzQ0MY
AH1cuEjWC/38J6poka40oJxUM/wg4+xHdo73Ro9ovtllFyh4AwE4TZHY8hdskcfC
S8DjxLLGxjbYzHn7gJGyVruZQ0pH24OkQhBLoHI9TMYro6js/t60kG7jvfhkKkd1
FrmvN9mjtq6XTaiDd2fcjDFM6fZEDf2wYSq9lT/g/87fjx3EviWOoiBtcBRsqBb1
zCun5qB6UXk9EUXh3PNTmXLd67ndwC+gZH0eTUy/pjsjMHD9UD+6D0AHK4nHNIah
v7ehW+QJ4V4lz29NPbpqWdgncehSgbUwvShMI0oDbAmUpD6yXJW5EGl+GCjnxRk9
HpTVoCk=
-----END CERTIFICATE-----
Generated at Thu Mar 28 11:17:44 2024 by rpki-client on console-fra.rpki-client.org