Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/61f10a77-bf40-4414-bd27-1137e5de28f6/2be68fbcd66700364eb08737ae89d5f47f3d530e.roa
File:                     2be68fbcd66700364eb08737ae89d5f47f3d530e.roa (raw, json)
Hash identifier:          2ZHJojelCtTYHkP9DoNvd3HQ4+kbQJpt7xSudxFMaRM=
Subject key identifier:   C8:AC:76:14:7B:FF:F7:86:96:F7:19:93:43:40:55:04:62:F3:BD:45
Certificate issuer:       /CN=1a218671f562f7bf310bd8da78423d60e1395e66
Certificate serial:       01068D
Authority key identifier: 5F:84:68:E0:0B:3D:D5:A0:33:0B:6F:78:57:2A:6D:5D:05:B7:EA:27
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/1a218671f562f7bf310bd8da78423d60e1395e66.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/61f10a77-bf40-4414-bd27-1137e5de28f6/2be68fbcd66700364eb08737ae89d5f47f3d530e.roa
Signing time:             Mon 18 Jul 2022 21:52:09 +0000
ROA not before:           Mon 18 Jul 2022 03:00:00 +0000
ROA not after:            Thu 18 Jul 2030 03:00:00 +0000
asID:                     272153
IP address blocks:        2801:189::/44 maxlen: 44

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/61f10a77-bf40-4414-bd27-1137e5de28f6/1a218671f562f7bf310bd8da78423d60e1395e66.crl
                          rsync://repository.lacnic.net/rpki/lacnic/61f10a77-bf40-4414-bd27-1137e5de28f6/1a218671f562f7bf310bd8da78423d60e1395e66.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/1a218671f562f7bf310bd8da78423d60e1395e66.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Tue 27 Feb 2024 11:58:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 67213 (0x1068d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1a218671f562f7bf310bd8da78423d60e1395e66
        Validity
            Not Before: Jul 18 03:00:00 2022 GMT
            Not After : Jul 18 03:00:00 2030 GMT
        Subject: CN=2be68fbcd66700364eb08737ae89d5f47f3d530e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:76:55:f5:9a:c8:e3:06:0a:be:c5:dc:33:88:
                    ab:99:ac:22:26:a3:e6:f8:a2:12:3b:f4:d0:7d:d5:
                    47:4e:6b:eb:ac:ea:41:bd:43:99:83:4c:1f:b6:e3:
                    28:08:0f:67:c1:97:f3:bb:68:7a:64:d6:ed:f2:73:
                    0c:45:ce:00:2d:4b:0d:1a:4e:99:e0:3a:ee:df:bb:
                    f8:9f:0a:b4:1b:99:03:ad:5e:d7:bc:5f:7e:db:a2:
                    39:99:3e:fa:fb:b7:3b:d9:f6:c2:fe:9d:43:bc:11:
                    dc:90:d4:61:5e:b1:00:67:c4:73:44:a6:97:d2:eb:
                    85:8b:e0:e5:38:ea:6b:ea:de:0b:35:70:4b:d1:55:
                    c6:1b:81:f7:a2:bb:32:47:50:f6:28:50:b2:51:7a:
                    b7:5f:95:09:f2:5c:44:5f:93:c9:24:61:c9:13:80:
                    04:7b:f1:48:fc:1a:85:21:bc:8a:44:53:70:24:82:
                    92:43:d8:76:95:93:0b:21:75:8e:2c:51:79:0d:70:
                    32:10:2d:a0:8c:b7:c0:d1:60:48:5c:7c:19:b5:44:
                    51:9f:a0:a6:92:fb:34:8f:1f:de:b8:dd:8e:13:ca:
                    b4:e1:73:e3:d3:5e:30:2d:2a:c9:41:ae:75:e8:67:
                    33:0f:d4:dd:78:f8:aa:57:67:ad:97:c2:97:1a:11:
                    e3:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C8:AC:76:14:7B:FF:F7:86:96:F7:19:93:43:40:55:04:62:F3:BD:45
            X509v3 Authority Key Identifier:
                keyid:5F:84:68:E0:0B:3D:D5:A0:33:0B:6F:78:57:2A:6D:5D:05:B7:EA:27

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/1a218671f562f7bf310bd8da78423d60e1395e66.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/61f10a77-bf40-4414-bd27-1137e5de28f6/2be68fbcd66700364eb08737ae89d5f47f3d530e.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/61f10a77-bf40-4414-bd27-1137e5de28f6/1a218671f562f7bf310bd8da78423d60e1395e66.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2801:189::/44

    Signature Algorithm: sha256WithRSAEncryption
         67:78:5f:1b:1a:e6:61:b4:eb:4e:c3:3b:91:a1:57:0d:31:b8:
         13:94:3e:15:70:ab:70:b0:74:d3:44:45:22:4a:6b:a1:3e:7d:
         84:2e:dc:6d:90:f2:d3:e0:37:ec:cc:e7:ed:56:d2:50:59:a9:
         36:40:9c:1d:c8:1d:af:8f:0e:73:de:8a:83:31:eb:9a:f8:7b:
         be:5a:06:c5:34:c1:cc:3a:8c:bc:82:4b:af:93:76:b1:bc:79:
         22:c7:ea:00:56:68:bf:5c:80:af:3b:f5:5b:6a:de:f8:33:f3:
         4c:cd:c4:e6:6f:d5:9b:3d:78:1a:44:98:67:d2:1b:69:b8:fe:
         8f:e6:2d:13:2c:02:8d:7f:98:31:03:1b:c9:a5:eb:d2:16:d1:
         60:11:f3:ad:37:05:79:3b:22:72:5c:49:4f:2a:f8:bc:2f:56:
         45:25:1e:20:36:4a:29:9b:99:1c:32:e4:a7:d6:77:99:70:46:
         cc:39:b1:64:e2:94:69:37:2a:ba:eb:54:d5:09:88:81:49:4d:
         83:b8:70:ce:e4:d2:77:c0:d1:df:0b:ba:83:a6:bd:bb:92:e1:
         19:df:1c:15:b8:aa:dc:df:96:38:29:42:32:c1:80:ca:5f:c5:
         74:1e:47:b1:20:58:c5:e6:d9:a9:41:57:7b:72:a1:5f:61:cd:
         7f:60:32:30
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgIDAQaNMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDFh
MjE4NjcxZjU2MmY3YmYzMTBiZDhkYTc4NDIzZDYwZTEzOTVlNjYwHhcNMjIwNzE4
MDMwMDAwWhcNMzAwNzE4MDMwMDAwWjAzMTEwLwYDVQQDEygyYmU2OGZiY2Q2Njcw
MDM2NGViMDg3MzdhZTg5ZDVmNDdmM2Q1MzBlMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAwXZV9ZrI4wYKvsXcM4irmawiJqPm+KISO/TQfdVHTmvrrOpB
vUOZg0wftuMoCA9nwZfzu2h6ZNbt8nMMRc4ALUsNGk6Z4Dru37v4nwq0G5kDrV7X
vF9+26I5mT76+7c72fbC/p1DvBHckNRhXrEAZ8RzRKaX0uuFi+DlOOpr6t4LNXBL
0VXGG4H3orsyR1D2KFCyUXq3X5UJ8lxEX5PJJGHJE4AEe/FI/BqFIbyKRFNwJIKS
Q9h2lZMLIXWOLFF5DXAyEC2gjLfA0WBIXHwZtURRn6Cmkvs0jx/euN2OE8q04XPj
014wLSrJQa516GczD9TdePiqV2etl8KXGhHjXQIDAQABo4ICXjCCAlowHQYDVR0O
BBYEFMisdhR7//eGlvcZk0NAVQRi871FMB8GA1UdIwQYMBaAFF+EaOALPdWgMwtv
eFcqbV0Ft+onMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvMWEyMTg2
NzFmNTYyZjdiZjMxMGJkOGRhNzg0MjNkNjBlMTM5NWU2Ni5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNjFmMTBhNzctYmY0MC00NDE0LWJkMjctMTEzN2U1
ZGUyOGY2LzJiZTY4ZmJjZDY2NzAwMzY0ZWIwODczN2FlODlkNWY0N2YzZDUzMGUu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy82MWYxMGE3Ny1iZjQwLTQ0MTQtYmQyNy0xMTM3
ZTVkZTI4ZjYvMWEyMTg2NzFmNTYyZjdiZjMxMGJkOGRhNzg0MjNkNjBlMTM5NWU2
Ni5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQT
MBEwDwQCAAIwCQMHBCgBAYkAADANBgkqhkiG9w0BAQsFAAOCAQEAZ3hfGxrmYbTr
TsM7kaFXDTG4E5Q+FXCrcLB000RFIkproT59hC7cbZDy0+A37Mzn7VbSUFmpNkCc
Hcgdr48Oc96KgzHrmvh7vloGxTTBzDqMvIJLr5N2sbx5IsfqAFZov1yArzv1W2re
+DPzTM3E5m/Vmz14GkSYZ9Ibabj+j+YtEywCjX+YMQMbyaXr0hbRYBHzrTcFeTsi
clxJTyr4vC9WRSUeIDZKKZuZHDLkp9Z3mXBGzDmxZOKUaTcquutU1QmIgUlNg7hw
zuTSd8DR3wu6g6a9u5LhGd8cFbiq3N+WOClCMsGAyl/FdB5HsSBYxebZqUFXe3Kh
X2HNf2AyMA==
-----END CERTIFICATE-----
Generated at Sat Feb 24 12:30:22 2024 by rpki-client on console-fra.rpki-client.org