Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/61f10a77-bf40-4414-bd27-1137e5de28f6/920e042bf744feba8186986353fdbd1364d257ac.roa
File:                     920e042bf744feba8186986353fdbd1364d257ac.roa (raw, json)
Hash identifier:          3s8jwwIGOoyRa+Z2kkVLLqHw63zcscEqCtq3whBmXsw=
Subject key identifier:   D8:CF:02:4B:83:4E:BA:B6:B6:A7:45:28:50:D0:83:B1:0E:6D:4B:63
Certificate issuer:       /CN=1a218671f562f7bf310bd8da78423d60e1395e66
Certificate serial:       0FD1
Authority key identifier: 5F:84:68:E0:0B:3D:D5:A0:33:0B:6F:78:57:2A:6D:5D:05:B7:EA:27
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/1a218671f562f7bf310bd8da78423d60e1395e66.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/61f10a77-bf40-4414-bd27-1137e5de28f6/920e042bf744feba8186986353fdbd1364d257ac.roa
Signing time:             Fri 10 Jun 2022 20:59:33 +0000
ROA not before:           Fri 10 Jun 2022 03:00:00 +0000
ROA not after:            Wed 31 Dec 2025 03:00:00 +0000
asID:                     3549
IP address blocks:        2801:189::/44 maxlen: 44

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/61f10a77-bf40-4414-bd27-1137e5de28f6/1a218671f562f7bf310bd8da78423d60e1395e66.crl
                          rsync://repository.lacnic.net/rpki/lacnic/61f10a77-bf40-4414-bd27-1137e5de28f6/1a218671f562f7bf310bd8da78423d60e1395e66.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/1a218671f562f7bf310bd8da78423d60e1395e66.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Tue 27 Feb 2024 02:19:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4049 (0xfd1)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1a218671f562f7bf310bd8da78423d60e1395e66
        Validity
            Not Before: Jun 10 03:00:00 2022 GMT
            Not After : Dec 31 03:00:00 2025 GMT
        Subject: CN=920e042bf744feba8186986353fdbd1364d257ac
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:6d:91:81:6e:1c:db:80:f0:d3:af:ce:fa:4e:
                    94:d1:82:85:c2:70:76:01:a3:a5:b0:c5:6c:55:2b:
                    60:17:dc:be:64:af:6f:0c:eb:3f:9e:a5:52:0d:72:
                    43:c4:5c:64:68:4c:79:f8:9e:bb:c8:f0:28:38:6b:
                    18:41:73:bf:a9:a8:c3:d7:2e:9a:ff:97:2b:38:ca:
                    d3:27:a0:09:93:7b:4b:14:ed:af:38:e4:a4:73:46:
                    8d:92:c7:4d:97:8d:d3:30:71:75:cd:c4:a8:f0:aa:
                    60:c2:6f:2c:53:da:0a:57:45:f6:c5:21:14:dc:e4:
                    5d:bd:6f:2d:07:5c:c3:eb:cc:30:55:b5:ab:e8:a6:
                    22:63:9c:13:9d:d9:ff:3d:f9:71:b2:6b:fa:e4:f2:
                    d5:88:13:c4:56:80:fd:a9:79:0f:e1:66:da:e5:57:
                    78:2a:d5:d5:06:2d:22:f2:9c:dd:37:ee:07:c8:84:
                    ec:49:1d:56:1a:64:87:9f:bd:38:ca:41:e2:af:a4:
                    36:8f:92:65:d3:0f:52:73:31:f7:48:98:d7:dc:be:
                    c7:72:8b:63:1d:59:a9:8b:b8:62:82:c4:17:eb:33:
                    22:3a:96:47:09:b1:9c:71:17:70:a3:cf:1e:bd:5e:
                    9c:d7:ca:26:a4:bf:0b:3b:47:a5:44:28:42:42:a8:
                    ba:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D8:CF:02:4B:83:4E:BA:B6:B6:A7:45:28:50:D0:83:B1:0E:6D:4B:63
            X509v3 Authority Key Identifier:
                keyid:5F:84:68:E0:0B:3D:D5:A0:33:0B:6F:78:57:2A:6D:5D:05:B7:EA:27

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/1a218671f562f7bf310bd8da78423d60e1395e66.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/61f10a77-bf40-4414-bd27-1137e5de28f6/920e042bf744feba8186986353fdbd1364d257ac.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/61f10a77-bf40-4414-bd27-1137e5de28f6/1a218671f562f7bf310bd8da78423d60e1395e66.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2801:189::/44

    Signature Algorithm: sha256WithRSAEncryption
         46:24:46:fa:e3:e1:92:a0:84:e6:df:98:4d:3e:15:22:88:3e:
         68:80:d9:a4:6f:7f:36:c5:2b:bc:e2:19:fc:ae:9d:b4:d1:39:
         05:96:13:68:fb:7d:ff:d2:ca:6b:e9:73:9a:40:a0:76:31:19:
         87:3a:9b:cf:d8:02:1e:6e:0b:7e:a5:94:59:8a:1b:c5:3a:1d:
         4b:1a:38:65:9e:3b:b8:ab:5d:ca:6e:89:b4:38:5f:84:57:44:
         5c:41:6a:98:6f:b9:59:f9:6a:23:37:4a:ab:5a:66:62:09:b5:
         d7:3b:8c:00:66:62:f8:2e:81:0e:2a:1a:0e:47:d0:4c:ee:07:
         e6:a0:80:1e:1d:e0:44:70:6d:80:ca:da:f7:a2:5b:07:70:13:
         a5:8a:6e:92:42:07:f2:e3:a1:05:82:dc:bd:6b:08:ed:ab:a4:
         e8:15:77:29:85:b5:16:20:0a:ba:b8:4e:c3:d2:06:61:d8:42:
         81:e0:39:94:aa:3b:35:76:37:2e:10:74:16:b3:3b:4a:aa:5f:
         68:d2:25:e3:71:b7:ea:a8:51:38:9d:54:0f:36:55:17:57:a1:
         86:af:b7:dc:25:e0:2d:91:06:f2:e0:d9:d7:1d:4e:12:42:0a:
         af:bc:5b:9f:c3:37:fd:9e:3f:61:ea:d0:8a:57:cd:5b:08:4e:
         5b:6d:c6:8f
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgICD9EwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMWEy
MTg2NzFmNTYyZjdiZjMxMGJkOGRhNzg0MjNkNjBlMTM5NWU2NjAeFw0yMjA2MTAw
MzAwMDBaFw0yNTEyMzEwMzAwMDBaMDMxMTAvBgNVBAMTKDkyMGUwNDJiZjc0NGZl
YmE4MTg2OTg2MzUzZmRiZDEzNjRkMjU3YWMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCFbZGBbhzbgPDTr876TpTRgoXCcHYBo6WwxWxVK2AX3L5kr28M
6z+epVINckPEXGRoTHn4nrvI8Cg4axhBc7+pqMPXLpr/lys4ytMnoAmTe0sU7a84
5KRzRo2Sx02XjdMwcXXNxKjwqmDCbyxT2gpXRfbFIRTc5F29by0HXMPrzDBVtavo
piJjnBOd2f89+XGya/rk8tWIE8RWgP2peQ/hZtrlV3gq1dUGLSLynN037gfIhOxJ
HVYaZIefvTjKQeKvpDaPkmXTD1JzMfdImNfcvsdyi2MdWamLuGKCxBfrMyI6lkcJ
sZxxF3Cjzx69XpzXyiakvws7R6VEKEJCqLoFAgMBAAGjggJeMIICWjAdBgNVHQ4E
FgQU2M8CS4NOura2p0UoUNCDsQ5tS2MwHwYDVR0jBBgwFoAUX4Ro4As91aAzC294
VyptXQW36icwDgYDVR0PAQH/BAQDAgeAMIGaBggrBgEFBQcBAQSBjTCBijCBhwYI
KwYBBQUHMAKGe3JzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jwa2kvbGFj
bmljLzQ4ZjA4M2JiLWY2MDMtNDg5My05OTkwLTAyODRjMDRjZWI4NS8xYTIxODY3
MWY1NjJmN2JmMzEwYmQ4ZGE3ODQyM2Q2MGUxMzk1ZTY2LmNlcjCBmgYIKwYBBQUH
AQsEgY0wgYowgYcGCCsGAQUFBzALhntyc3luYzovL3JlcG9zaXRvcnkubGFjbmlj
Lm5ldC9ycGtpL2xhY25pYy82MWYxMGE3Ny1iZjQwLTQ0MTQtYmQyNy0xMTM3ZTVk
ZTI4ZjYvOTIwZTA0MmJmNzQ0ZmViYTgxODY5ODYzNTNmZGJkMTM2NGQyNTdhYy5y
b2EwgY8GA1UdHwSBhzCBhDCBgaB/oH2Ge3JzeW5jOi8vcmVwb3NpdG9yeS5sYWNu
aWMubmV0L3Jwa2kvbGFjbmljLzYxZjEwYTc3LWJmNDAtNDQxNC1iZDI3LTExMzdl
NWRlMjhmNi8xYTIxODY3MWY1NjJmN2JmMzEwYmQ4ZGE3ODQyM2Q2MGUxMzk1ZTY2
LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMw
ETAPBAIAAjAJAwcEKAEBiQAAMA0GCSqGSIb3DQEBCwUAA4IBAQBGJEb64+GSoITm
35hNPhUiiD5ogNmkb382xSu84hn8rp200TkFlhNo+33/0spr6XOaQKB2MRmHOpvP
2AIebgt+pZRZihvFOh1LGjhlnju4q13Kbom0OF+EV0RcQWqYb7lZ+WojN0qrWmZi
CbXXO4wAZmL4LoEOKhoOR9BM7gfmoIAeHeBEcG2Aytr3olsHcBOlim6SQgfy46EF
gty9awjtq6ToFXcphbUWIAq6uE7D0gZh2EKB4DmUqjs1djcuEHQWsztKql9o0iXj
cbfqqFE4nVQPNlUXV6GGr7fcJeAtkQby4NnXHU4SQgqvvFufwzf9nj9h6tCKV81b
CE5bbcaP
-----END CERTIFICATE-----
Generated at Sat Feb 24 10:17:37 2024 by rpki-client on console-ams.rpki-client.org