Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/5b1e152f-fc50-435b-beeb-8b3866e1b0fe/20d0a113ae7ff893751fff003a4b13718c6e1e9d.roa
File:                     20d0a113ae7ff893751fff003a4b13718c6e1e9d.roa (raw, json)
Hash identifier:          I2uMwkmEe4dG3AgC10+tYqKIyeeRNtVG6R3aTKr54OY=
Subject key identifier:   BB:78:8E:44:0F:8D:C4:EA:2F:0F:76:06:16:E1:17:C3:7B:E4:61:53
Certificate issuer:       /CN=f595ed733bf54f430d174bb1f0bf895d6bc70b64
Certificate serial:       169C39
Authority key identifier: 34:D1:75:0D:84:1E:60:5A:A0:B8:09:8B:97:F1:F6:1C:36:10:0E:97
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/f595ed733bf54f430d174bb1f0bf895d6bc70b64.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/5b1e152f-fc50-435b-beeb-8b3866e1b0fe/20d0a113ae7ff893751fff003a4b13718c6e1e9d.roa
Signing time:             Sat 31 Dec 2022 07:30:06 +0000
ROA not before:           Fri 30 Dec 2022 07:30:06 +0000
ROA not after:            Sun 29 Dec 2024 07:30:06 +0000
asID:                     269862
IP address blocks:        2803:b0e0:9984::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/5b1e152f-fc50-435b-beeb-8b3866e1b0fe/f595ed733bf54f430d174bb1f0bf895d6bc70b64.crl
                          rsync://repository.lacnic.net/rpki/lacnic/5b1e152f-fc50-435b-beeb-8b3866e1b0fe/f595ed733bf54f430d174bb1f0bf895d6bc70b64.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/f595ed733bf54f430d174bb1f0bf895d6bc70b64.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 19:38:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1481785 (0x169c39)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f595ed733bf54f430d174bb1f0bf895d6bc70b64
        Validity
            Not Before: Dec 30 07:30:06 2022 GMT
            Not After : Dec 29 07:30:06 2024 GMT
        Subject: CN=20d0a113ae7ff893751fff003a4b13718c6e1e9d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:43:0f:27:30:c3:3f:98:b0:41:99:6f:f6:74:
                    88:9c:28:0a:c0:09:14:37:68:e5:8d:14:c6:c5:9f:
                    11:d1:2e:ba:37:00:17:e9:88:05:21:eb:b5:4e:af:
                    a7:5a:c9:9c:d6:48:5c:0e:60:05:f2:96:87:ee:25:
                    6c:79:52:22:67:68:f9:dc:db:27:d3:18:8e:63:f4:
                    fb:e1:72:1e:b2:9a:d9:32:88:6b:7a:d1:be:72:15:
                    58:90:f2:6d:bd:a9:ba:fa:b4:6e:1e:17:59:a7:53:
                    fe:61:9b:cf:35:7d:ca:25:a7:02:df:c0:26:28:fe:
                    62:50:92:69:9f:c7:c2:74:aa:b1:9a:04:ba:b0:c1:
                    a5:0d:92:d0:af:35:77:0d:dd:2f:20:29:08:bf:ea:
                    6d:22:b3:5b:e0:c1:41:69:62:66:06:b5:19:11:34:
                    36:96:34:54:c5:a5:30:07:5c:91:53:ff:8f:ed:bb:
                    bf:c7:2a:54:e7:c2:ac:37:13:4d:28:a9:f2:b3:63:
                    40:13:e0:57:f7:6a:35:7a:3a:19:7f:ef:f8:89:96:
                    2f:b2:79:15:ba:1a:14:60:86:03:d9:6e:3e:5a:d9:
                    f3:72:a1:8c:82:a1:2e:40:70:0d:0e:fe:12:97:e2:
                    55:cd:bf:eb:f7:d0:62:4e:fd:6d:cf:8f:ba:52:46:
                    60:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BB:78:8E:44:0F:8D:C4:EA:2F:0F:76:06:16:E1:17:C3:7B:E4:61:53
            X509v3 Authority Key Identifier:
                keyid:34:D1:75:0D:84:1E:60:5A:A0:B8:09:8B:97:F1:F6:1C:36:10:0E:97

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/f595ed733bf54f430d174bb1f0bf895d6bc70b64.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/5b1e152f-fc50-435b-beeb-8b3866e1b0fe/20d0a113ae7ff893751fff003a4b13718c6e1e9d.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/5b1e152f-fc50-435b-beeb-8b3866e1b0fe/f595ed733bf54f430d174bb1f0bf895d6bc70b64.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2803:b0e0:9984::/48

    Signature Algorithm: sha256WithRSAEncryption
         62:98:bb:a7:d4:06:9f:c6:65:b4:31:85:4a:07:f7:b4:e4:82:
         8a:85:e2:22:7d:b5:e0:24:82:06:5b:9b:e1:6d:6b:bc:23:77:
         57:4a:5f:90:72:3d:16:f9:90:5b:25:b8:fe:c9:ff:aa:fb:7f:
         a4:55:ae:72:c7:98:50:78:13:df:e5:95:8a:7b:69:ef:b7:21:
         76:6d:63:1e:39:21:3c:b1:2a:d8:5c:27:bf:d2:05:e2:bc:77:
         b1:75:f5:6b:c6:83:b8:f6:06:0e:bf:d0:ed:87:df:26:b6:59:
         b3:ae:eb:52:45:4d:6f:6f:c8:ad:9a:87:99:af:14:ed:62:4a:
         6b:c2:e5:75:75:80:3b:b8:9e:45:ea:c5:db:00:c3:16:23:0c:
         83:5d:3f:42:f3:64:36:76:4d:10:8a:58:b4:9d:10:f7:d7:45:
         4f:92:f1:36:4b:88:0a:0a:6a:d3:d4:67:f3:c1:8d:2c:a0:fd:
         cb:03:d8:70:e4:70:4b:c2:56:a5:6b:34:1f:e6:54:91:2b:e9:
         6c:c1:ef:0f:02:42:55:41:4c:36:33:6b:f8:3c:c5:3a:ae:c9:
         b9:cf:7a:29:41:00:f1:f1:aa:a4:76:5f:72:9a:11:23:54:a8:
         6b:db:6f:e6:c2:69:2e:89:61:ac:f9:cf:f4:fc:c5:c1:fb:a7:
         c4:7c:a4:5a
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgIDFpw5MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGY1
OTVlZDczM2JmNTRmNDMwZDE3NGJiMWYwYmY4OTVkNmJjNzBiNjQwHhcNMjIxMjMw
MDczMDA2WhcNMjQxMjI5MDczMDA2WjAzMTEwLwYDVQQDEygyMGQwYTExM2FlN2Zm
ODkzNzUxZmZmMDAzYTRiMTM3MThjNmUxZTlkMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEApkMPJzDDP5iwQZlv9nSInCgKwAkUN2jljRTGxZ8R0S66NwAX
6YgFIeu1Tq+nWsmc1khcDmAF8paH7iVseVIiZ2j53Nsn0xiOY/T74XIesprZMohr
etG+chVYkPJtvam6+rRuHhdZp1P+YZvPNX3KJacC38AmKP5iUJJpn8fCdKqxmgS6
sMGlDZLQrzV3Dd0vICkIv+ptIrNb4MFBaWJmBrUZETQ2ljRUxaUwB1yRU/+P7bu/
xypU58KsNxNNKKnys2NAE+BX92o1ejoZf+/4iZYvsnkVuhoUYIYD2W4+WtnzcqGM
gqEuQHANDv4Sl+JVzb/r99BiTv1tz4+6UkZgLQIDAQABo4ICXjCCAlowHQYDVR0O
BBYEFLt4jkQPjcTqLw92BhbhF8N75GFTMB8GA1UdIwQYMBaAFDTRdQ2EHmBaoLgJ
i5fx9hw2EA6XMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvZjU5NWVk
NzMzYmY1NGY0MzBkMTc0YmIxZjBiZjg5NWQ2YmM3MGI2NC5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNWIxZTE1MmYtZmM1MC00MzViLWJlZWItOGIzODY2
ZTFiMGZlLzIwZDBhMTEzYWU3ZmY4OTM3NTFmZmYwMDNhNGIxMzcxOGM2ZTFlOWQu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy81YjFlMTUyZi1mYzUwLTQzNWItYmVlYi04YjM4
NjZlMWIwZmUvZjU5NWVkNzMzYmY1NGY0MzBkMTc0YmIxZjBiZjg5NWQ2YmM3MGI2
NC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQT
MBEwDwQCAAIwCQMHACgDsOCZhDANBgkqhkiG9w0BAQsFAAOCAQEAYpi7p9QGn8Zl
tDGFSgf3tOSCioXiIn214CSCBlub4W1rvCN3V0pfkHI9FvmQWyW4/sn/qvt/pFWu
cseYUHgT3+WVintp77chdm1jHjkhPLEq2Fwnv9IF4rx3sXX1a8aDuPYGDr/Q7Yff
JrZZs67rUkVNb2/IrZqHma8U7WJKa8LldXWAO7ieRerF2wDDFiMMg10/QvNkNnZN
EIpYtJ0Q99dFT5LxNkuICgpq09Rn88GNLKD9ywPYcORwS8JWpWs0H+ZUkSvpbMHv
DwJCVUFMNjNr+DzFOq7Juc96KUEA8fGqpHZfcpoRI1Soa9tv5sJpLolhrPnP9PzF
wfunxHykWg==
-----END CERTIFICATE-----
Generated at Thu Mar 28 23:59:02 2024 by rpki-client on console-fra.rpki-client.org