Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/61f10a77-bf40-4414-bd27-1137e5de28f6/f18db2ff66c82fb9e3fcd48ed5ad7e56a3a0a5d9.roa
File:                     f18db2ff66c82fb9e3fcd48ed5ad7e56a3a0a5d9.roa (raw, json)
Hash identifier:          XYdTHZM1tuighLxmmfW3Py5X71H6HdzAEE+lLR2k4Ho=
Subject key identifier:   D0:BD:97:95:E6:0B:06:5F:70:03:70:3E:F5:88:55:AB:67:36:96:2C
Certificate issuer:       /CN=1a218671f562f7bf310bd8da78423d60e1395e66
Certificate serial:       010AE3
Authority key identifier: 5F:84:68:E0:0B:3D:D5:A0:33:0B:6F:78:57:2A:6D:5D:05:B7:EA:27
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/1a218671f562f7bf310bd8da78423d60e1395e66.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/61f10a77-bf40-4414-bd27-1137e5de28f6/f18db2ff66c82fb9e3fcd48ed5ad7e56a3a0a5d9.roa
Signing time:             Mon 18 Jul 2022 21:57:04 +0000
ROA not before:           Mon 18 Jul 2022 03:00:00 +0000
ROA not after:            Thu 18 Jul 2030 03:00:00 +0000
asID:                     272153
IP address blocks:        2801:189::/44 maxlen: 44

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/61f10a77-bf40-4414-bd27-1137e5de28f6/1a218671f562f7bf310bd8da78423d60e1395e66.crl
                          rsync://repository.lacnic.net/rpki/lacnic/61f10a77-bf40-4414-bd27-1137e5de28f6/1a218671f562f7bf310bd8da78423d60e1395e66.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/1a218671f562f7bf310bd8da78423d60e1395e66.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 01 Apr 2024 05:58:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 68323 (0x10ae3)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1a218671f562f7bf310bd8da78423d60e1395e66
        Validity
            Not Before: Jul 18 03:00:00 2022 GMT
            Not After : Jul 18 03:00:00 2030 GMT
        Subject: CN=f18db2ff66c82fb9e3fcd48ed5ad7e56a3a0a5d9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:66:17:3f:a8:c2:a8:a4:e6:7c:34:b8:96:4e:
                    72:7d:e6:3c:a8:52:62:1d:f4:28:da:e0:bd:c5:02:
                    74:31:80:6a:6d:11:95:1e:27:cc:77:01:db:c9:6f:
                    66:75:6a:9c:e3:c2:48:12:c8:cc:e6:2b:c7:06:86:
                    76:6d:94:99:9f:89:35:37:c2:55:f3:f4:8d:28:61:
                    1a:0e:7a:ef:e9:2a:2a:fd:f1:78:c2:6c:a9:c5:5c:
                    ff:2d:f9:4a:98:a9:8a:bb:fd:07:83:b4:e4:b8:b2:
                    4b:a0:4c:64:9e:a3:5a:12:ef:f7:50:1d:59:fc:1c:
                    68:55:48:06:c0:39:c3:b5:36:8e:42:8f:11:a0:01:
                    7f:5f:a2:45:45:92:f7:a7:62:5b:7b:95:07:a8:73:
                    6e:c5:4d:7b:5a:a3:b1:84:d6:0c:d1:13:0c:ea:5d:
                    31:7a:c2:a4:13:eb:cf:cd:0e:e6:c6:a6:df:80:46:
                    3b:75:93:1e:57:91:93:32:9d:30:ac:d8:aa:49:b7:
                    6f:95:8e:b3:fb:5e:22:99:d8:1e:8a:d2:64:36:dd:
                    f7:e4:98:87:1a:b5:8c:3f:f9:8e:f7:c4:eb:0c:79:
                    d8:7e:27:f3:00:ab:9f:c5:74:2b:60:7e:f4:a0:c8:
                    00:cf:5e:63:0c:40:cc:31:83:14:1a:53:b5:3b:6d:
                    ee:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D0:BD:97:95:E6:0B:06:5F:70:03:70:3E:F5:88:55:AB:67:36:96:2C
            X509v3 Authority Key Identifier:
                keyid:5F:84:68:E0:0B:3D:D5:A0:33:0B:6F:78:57:2A:6D:5D:05:B7:EA:27

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/1a218671f562f7bf310bd8da78423d60e1395e66.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/61f10a77-bf40-4414-bd27-1137e5de28f6/f18db2ff66c82fb9e3fcd48ed5ad7e56a3a0a5d9.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/61f10a77-bf40-4414-bd27-1137e5de28f6/1a218671f562f7bf310bd8da78423d60e1395e66.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2801:189::/44

    Signature Algorithm: sha256WithRSAEncryption
         59:6a:ec:3e:8c:a6:a5:61:d1:11:fa:86:32:91:fd:dd:22:91:
         73:73:33:67:be:f6:f4:f9:20:5c:57:78:91:28:3d:9c:c9:85:
         18:e1:ce:c6:40:d6:e5:59:d2:f2:2d:d0:58:0e:5b:66:c7:63:
         6a:1d:56:0d:f3:61:78:38:a5:1b:58:99:c2:ca:63:12:c7:f8:
         74:35:3c:68:ee:99:40:de:41:5c:76:6e:a1:90:59:9c:a0:2a:
         a7:84:00:24:d1:56:1f:95:94:a4:6f:ce:aa:5d:24:f6:03:00:
         51:0d:85:2e:ad:f8:65:63:74:60:df:08:42:2b:02:c8:e6:fb:
         b5:79:5e:1c:c8:d9:18:bd:50:ed:7c:2a:1e:d9:22:74:bf:ff:
         d4:c7:6c:dc:37:e5:f0:98:80:7d:57:81:95:59:24:7a:51:1a:
         09:41:4b:74:19:c1:1b:42:0f:44:9c:d7:a3:db:b4:6a:c9:82:
         d4:86:e8:15:30:66:6c:e8:b9:4a:7d:94:16:be:6e:a6:d0:d6:
         b4:78:cb:02:f9:99:83:71:31:9f:87:44:82:fa:73:e6:a5:cf:
         38:20:af:3c:1a:fa:e5:cb:9f:b5:0a:9a:b9:88:cd:a8:f9:7d:
         bc:00:78:cf:e8:99:31:82:75:40:60:6a:d0:14:c8:ba:15:21:
         ba:a4:a0:18
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgIDAQrjMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDFh
MjE4NjcxZjU2MmY3YmYzMTBiZDhkYTc4NDIzZDYwZTEzOTVlNjYwHhcNMjIwNzE4
MDMwMDAwWhcNMzAwNzE4MDMwMDAwWjAzMTEwLwYDVQQDEyhmMThkYjJmZjY2Yzgy
ZmI5ZTNmY2Q0OGVkNWFkN2U1NmEzYTBhNWQ5MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAmmYXP6jCqKTmfDS4lk5yfeY8qFJiHfQo2uC9xQJ0MYBqbRGV
HifMdwHbyW9mdWqc48JIEsjM5ivHBoZ2bZSZn4k1N8JV8/SNKGEaDnrv6Soq/fF4
wmypxVz/LflKmKmKu/0Hg7TkuLJLoExknqNaEu/3UB1Z/BxoVUgGwDnDtTaOQo8R
oAF/X6JFRZL3p2Jbe5UHqHNuxU17WqOxhNYM0RMM6l0xesKkE+vPzQ7mxqbfgEY7
dZMeV5GTMp0wrNiqSbdvlY6z+14imdgeitJkNt335JiHGrWMP/mO98TrDHnYfifz
AKufxXQrYH70oMgAz15jDEDMMYMUGlO1O23uGwIDAQABo4ICXjCCAlowHQYDVR0O
BBYEFNC9l5XmCwZfcANwPvWIVatnNpYsMB8GA1UdIwQYMBaAFF+EaOALPdWgMwtv
eFcqbV0Ft+onMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvMWEyMTg2
NzFmNTYyZjdiZjMxMGJkOGRhNzg0MjNkNjBlMTM5NWU2Ni5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNjFmMTBhNzctYmY0MC00NDE0LWJkMjctMTEzN2U1
ZGUyOGY2L2YxOGRiMmZmNjZjODJmYjllM2ZjZDQ4ZWQ1YWQ3ZTU2YTNhMGE1ZDku
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy82MWYxMGE3Ny1iZjQwLTQ0MTQtYmQyNy0xMTM3
ZTVkZTI4ZjYvMWEyMTg2NzFmNTYyZjdiZjMxMGJkOGRhNzg0MjNkNjBlMTM5NWU2
Ni5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQT
MBEwDwQCAAIwCQMHBCgBAYkAADANBgkqhkiG9w0BAQsFAAOCAQEAWWrsPoympWHR
EfqGMpH93SKRc3MzZ7729PkgXFd4kSg9nMmFGOHOxkDW5VnS8i3QWA5bZsdjah1W
DfNheDilG1iZwspjEsf4dDU8aO6ZQN5BXHZuoZBZnKAqp4QAJNFWH5WUpG/Oql0k
9gMAUQ2FLq34ZWN0YN8IQisCyOb7tXleHMjZGL1Q7XwqHtkidL//1Mds3Dfl8JiA
fVeBlVkkelEaCUFLdBnBG0IPRJzXo9u0asmC1IboFTBmbOi5Sn2UFr5uptDWtHjL
AvmZg3Exn4dEgvpz5qXPOCCvPBr65cuftQqauYjNqPl9vAB4z+iZMYJ1QGBq0BTI
uhUhuqSgGA==
-----END CERTIFICATE-----
Generated at Fri Mar 29 08:55:27 2024 by rpki-client on console-fra.rpki-client.org