Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/5e9c80ec-67a7-4ac4-9de4-21d8134e8e99/1c8b6158c0f971b76622153625a76a90e8b860fe.roa
File:                     1c8b6158c0f971b76622153625a76a90e8b860fe.roa (raw, json)
Hash identifier:          2q78DgTfgcDadc0Esx1UnJC4Rm+8pkhHNn8s7Ka6c/Y=
Subject key identifier:   E8:89:4F:0D:88:EF:5A:81:8F:0D:8B:B8:69:95:0B:1F:2F:33:C4:DF
Certificate issuer:       /CN=b89e6f83f092429d4e523cebb3044e5f86895d46
Certificate serial:       190C9C
Authority key identifier: BF:72:71:A4:6C:27:21:8E:09:23:1B:65:5D:32:10:50:CA:BE:4E:A0
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/b89e6f83f092429d4e523cebb3044e5f86895d46.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/5e9c80ec-67a7-4ac4-9de4-21d8134e8e99/1c8b6158c0f971b76622153625a76a90e8b860fe.roa
Signing time:             Wed 12 Oct 2022 09:59:15 +0000
ROA not before:           Wed 12 Oct 2022 09:58:16 +0000
ROA not after:            Sat 12 Oct 2024 09:58:16 +0000
asID:                     265825
IP address blocks:        2803:3420::/32 maxlen: 32

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/5e9c80ec-67a7-4ac4-9de4-21d8134e8e99/b89e6f83f092429d4e523cebb3044e5f86895d46.crl
                          rsync://repository.lacnic.net/rpki/lacnic/5e9c80ec-67a7-4ac4-9de4-21d8134e8e99/b89e6f83f092429d4e523cebb3044e5f86895d46.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/b89e6f83f092429d4e523cebb3044e5f86895d46.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 01 Apr 2024 05:58:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1641628 (0x190c9c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b89e6f83f092429d4e523cebb3044e5f86895d46
        Validity
            Not Before: Oct 12 09:58:16 2022 GMT
            Not After : Oct 12 09:58:16 2024 GMT
        Subject: CN=1c8b6158c0f971b76622153625a76a90e8b860fe
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:1c:f9:5a:36:7b:7e:6f:77:c7:a0:2b:aa:e4:
                    b8:72:a4:47:fe:b9:df:e4:38:d9:fd:56:54:fc:2f:
                    32:6b:98:95:b3:cb:6f:b4:fc:3b:34:1f:00:0d:0c:
                    84:5b:c7:70:de:ae:e2:e2:9f:e0:1c:9c:c3:08:9b:
                    13:c1:21:13:b1:88:f6:2f:c7:24:1e:e6:97:f1:19:
                    42:34:4f:3d:88:39:41:90:b6:56:c5:22:6c:31:9d:
                    fb:01:cb:2e:ce:bc:8b:5d:6d:72:1d:a8:e7:fc:1b:
                    7e:05:44:00:4a:cd:43:3f:a9:5e:3d:9e:88:40:98:
                    bb:a3:54:13:42:dd:26:20:87:a5:ad:5d:5d:a7:83:
                    d4:e6:0c:ee:a0:f9:d2:4d:1a:68:43:54:f4:1e:5b:
                    aa:42:8c:8f:85:b9:b1:e3:1f:61:96:20:8f:b8:f0:
                    b9:ea:15:b5:24:75:c3:e8:24:f7:d1:26:88:79:14:
                    03:67:e9:0c:5e:cd:52:67:1d:67:45:78:b5:70:e6:
                    2a:5b:ec:20:b0:65:d8:90:9c:bf:9f:9c:8e:90:fa:
                    44:00:18:9a:0b:8c:05:61:23:07:f5:ab:f5:30:a2:
                    e6:34:32:7c:98:b0:6c:af:63:96:9c:8d:be:17:d5:
                    35:77:b1:d5:fc:45:35:6f:79:bd:3d:02:65:ed:f0:
                    b2:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E8:89:4F:0D:88:EF:5A:81:8F:0D:8B:B8:69:95:0B:1F:2F:33:C4:DF
            X509v3 Authority Key Identifier:
                keyid:BF:72:71:A4:6C:27:21:8E:09:23:1B:65:5D:32:10:50:CA:BE:4E:A0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/b89e6f83f092429d4e523cebb3044e5f86895d46.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/5e9c80ec-67a7-4ac4-9de4-21d8134e8e99/1c8b6158c0f971b76622153625a76a90e8b860fe.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/5e9c80ec-67a7-4ac4-9de4-21d8134e8e99/b89e6f83f092429d4e523cebb3044e5f86895d46.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2803:3420::/32

    Signature Algorithm: sha256WithRSAEncryption
         5d:38:f8:2f:81:57:e4:87:f8:a5:03:e5:24:44:a8:5c:2a:cc:
         96:23:e6:64:16:e4:83:d4:eb:c6:97:1d:aa:f1:46:85:7b:8b:
         a0:a8:43:da:a4:6b:82:f8:46:75:c1:5e:76:c5:28:f6:8a:1b:
         f4:26:cf:fe:24:a1:32:5a:85:40:24:19:f8:a4:53:8b:89:fb:
         96:7a:dc:31:80:46:b2:bf:e0:45:59:d8:63:4d:33:35:9a:c8:
         b3:37:27:74:fc:7f:4d:9d:64:0b:a8:76:ea:83:37:56:a6:f0:
         7c:bf:6b:79:1d:52:80:ca:fe:d6:f9:3a:bc:d4:f9:2a:5e:fc:
         79:11:f8:fe:68:ae:6b:f3:7b:15:26:64:e1:da:6f:a7:b2:3e:
         d4:84:90:bc:cf:cb:d2:14:4c:5e:2c:c9:33:37:fe:d7:1e:da:
         16:48:95:7a:30:e5:bb:18:01:7c:8d:99:58:d0:57:6e:48:b9:
         40:d7:9b:24:c1:45:d4:d7:98:fe:88:e5:2a:e2:e7:4e:e2:2f:
         ef:94:ee:94:a0:07:88:ba:b3:78:04:95:32:bd:aa:42:00:18:
         84:e7:ad:2f:6a:da:c6:dc:d6:4d:93:d8:e7:5c:0b:dd:59:a6:
         29:0a:1b:50:7f:a0:4f:4f:4b:5d:d1:df:d8:c0:1a:ca:2a:d5:
         b2:30:5e:f4
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgIDGQycMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGI4
OWU2ZjgzZjA5MjQyOWQ0ZTUyM2NlYmIzMDQ0ZTVmODY4OTVkNDYwHhcNMjIxMDEy
MDk1ODE2WhcNMjQxMDEyMDk1ODE2WjAzMTEwLwYDVQQDEygxYzhiNjE1OGMwZjk3
MWI3NjYyMjE1MzYyNWE3NmE5MGU4Yjg2MGZlMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA1hz5WjZ7fm93x6ArquS4cqRH/rnf5DjZ/VZU/C8ya5iVs8tv
tPw7NB8ADQyEW8dw3q7i4p/gHJzDCJsTwSETsYj2L8ckHuaX8RlCNE89iDlBkLZW
xSJsMZ37AcsuzryLXW1yHajn/Bt+BUQASs1DP6lePZ6IQJi7o1QTQt0mIIelrV1d
p4PU5gzuoPnSTRpoQ1T0HluqQoyPhbmx4x9hliCPuPC56hW1JHXD6CT30SaIeRQD
Z+kMXs1SZx1nRXi1cOYqW+wgsGXYkJy/n5yOkPpEABiaC4wFYSMH9av1MKLmNDJ8
mLBsr2OWnI2+F9U1d7HV/EU1b3m9PQJl7fCy9wIDAQABo4ICXDCCAlgwHQYDVR0O
BBYEFOiJTw2I71qBjw2LuGmVCx8vM8TfMB8GA1UdIwQYMBaAFL9ycaRsJyGOCSMb
ZV0yEFDKvk6gMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYjg5ZTZm
ODNmMDkyNDI5ZDRlNTIzY2ViYjMwNDRlNWY4Njg5NWQ0Ni5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNWU5YzgwZWMtNjdhNy00YWM0LTlkZTQtMjFkODEz
NGU4ZTk5LzFjOGI2MTU4YzBmOTcxYjc2NjIyMTUzNjI1YTc2YTkwZThiODYwZmUu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy81ZTljODBlYy02N2E3LTRhYzQtOWRlNC0yMWQ4
MTM0ZThlOTkvYjg5ZTZmODNmMDkyNDI5ZDRlNTIzY2ViYjMwNDRlNWY4Njg5NWQ0
Ni5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQR
MA8wDQQCAAIwBwMFACgDNCAwDQYJKoZIhvcNAQELBQADggEBAF04+C+BV+SH+KUD
5SREqFwqzJYj5mQW5IPU68aXHarxRoV7i6CoQ9qka4L4RnXBXnbFKPaKG/Qmz/4k
oTJahUAkGfikU4uJ+5Z63DGARrK/4EVZ2GNNMzWayLM3J3T8f02dZAuoduqDN1am
8Hy/a3kdUoDK/tb5OrzU+Spe/HkR+P5ormvzexUmZOHab6eyPtSEkLzPy9IUTF4s
yTM3/tce2hZIlXow5bsYAXyNmVjQV25IuUDXmyTBRdTXmP6I5Sri507iL++U7pSg
B4i6s3gElTK9qkIAGITnrS9q2sbc1k2T2OdcC91ZpikKG1B/oE9PS13R39jAGsoq
1bIwXvQ=
-----END CERTIFICATE-----
Generated at Fri Mar 29 12:22:12 2024 by rpki-client on console-fra.rpki-client.org