Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/647519f6-3376-4812-8a7e-4b8cbb93cfc4/a60d6c4e179aff6b3252d8c5ed462090bad0368f.roa
File:                     a60d6c4e179aff6b3252d8c5ed462090bad0368f.roa (raw, json)
Hash identifier:          CpFCzoxsS3iXvLVNeGcWnhSWwbbib1H0fJoKuUlbGvQ=
Subject key identifier:   99:B1:F9:2F:33:7C:95:37:62:F3:9F:C8:76:26:5F:BF:C5:92:01:BA
Certificate issuer:       /CN=39261b9b5e4f3326ca8a356c916043cb5ba9a74b
Certificate serial:       0410
Authority key identifier: 4D:21:A6:1D:FE:C0:20:51:A6:1C:1C:05:5A:9E:53:41:21:91:D5:94
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/39261b9b5e4f3326ca8a356c916043cb5ba9a74b.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/647519f6-3376-4812-8a7e-4b8cbb93cfc4/a60d6c4e179aff6b3252d8c5ed462090bad0368f.roa
Signing time:             Fri 22 Jul 2022 21:02:45 +0000
ROA not before:           Fri 22 Jul 2022 03:00:00 +0000
ROA not after:            Mon 22 Jul 2024 03:00:00 +0000
asID:                     3816
IP address blocks:        2801:1c6::/44 maxlen: 44

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/647519f6-3376-4812-8a7e-4b8cbb93cfc4/39261b9b5e4f3326ca8a356c916043cb5ba9a74b.crl
                          rsync://repository.lacnic.net/rpki/lacnic/647519f6-3376-4812-8a7e-4b8cbb93cfc4/39261b9b5e4f3326ca8a356c916043cb5ba9a74b.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/39261b9b5e4f3326ca8a356c916043cb5ba9a74b.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 12:22:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1040 (0x410)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=39261b9b5e4f3326ca8a356c916043cb5ba9a74b
        Validity
            Not Before: Jul 22 03:00:00 2022 GMT
            Not After : Jul 22 03:00:00 2024 GMT
        Subject: CN=a60d6c4e179aff6b3252d8c5ed462090bad0368f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f9:a2:0f:24:e1:4d:16:03:6c:48:ad:5e:c6:9b:
                    aa:e7:1c:00:e8:a4:65:05:d1:22:2d:5d:0c:9a:a8:
                    bb:79:8a:41:08:e0:8f:af:e3:a1:de:34:e8:7b:3a:
                    6c:22:f9:8d:58:82:77:a8:ca:2c:97:da:b3:b7:bc:
                    2e:87:4a:b7:a2:a6:63:27:e2:0b:b6:91:0e:a0:a8:
                    47:fa:f0:3f:9f:f4:1c:22:13:21:88:78:a6:bd:cc:
                    48:23:1c:a5:57:64:06:e6:02:05:7f:6a:4e:a1:1b:
                    98:6a:a7:be:4f:cd:c3:50:18:63:b1:eb:f9:2e:ef:
                    27:93:36:8c:90:fd:bd:ad:52:29:8f:54:60:d8:2b:
                    77:e9:7b:05:7a:d6:a1:47:63:7b:a3:0d:51:fb:94:
                    ab:0d:77:0c:2e:88:d8:c9:5d:08:75:e2:a7:f8:a9:
                    e4:3f:ec:70:4b:c6:7a:10:40:51:94:54:65:2b:78:
                    24:23:68:dc:50:94:7d:96:f0:71:8d:20:65:8d:ac:
                    4d:d1:5e:00:76:df:20:f2:bf:ee:17:2c:ed:e4:ee:
                    c9:a4:08:91:da:1a:16:7a:65:8c:7c:2e:39:d6:ea:
                    ca:43:7a:71:a8:bc:db:0a:c5:d2:6a:dc:dc:9c:49:
                    5f:f2:1b:33:fa:c0:bf:cc:73:49:5f:56:93:f3:04:
                    78:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                99:B1:F9:2F:33:7C:95:37:62:F3:9F:C8:76:26:5F:BF:C5:92:01:BA
            X509v3 Authority Key Identifier:
                keyid:4D:21:A6:1D:FE:C0:20:51:A6:1C:1C:05:5A:9E:53:41:21:91:D5:94

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/39261b9b5e4f3326ca8a356c916043cb5ba9a74b.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/647519f6-3376-4812-8a7e-4b8cbb93cfc4/a60d6c4e179aff6b3252d8c5ed462090bad0368f.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/647519f6-3376-4812-8a7e-4b8cbb93cfc4/39261b9b5e4f3326ca8a356c916043cb5ba9a74b.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2801:1c6::/44

    Signature Algorithm: sha256WithRSAEncryption
         34:f2:07:28:fe:81:b1:66:93:3e:65:1e:b8:88:56:db:1f:be:
         a7:d5:8e:62:46:0c:71:8b:70:69:f1:dc:00:57:a9:e8:25:50:
         85:83:0e:79:8c:87:69:91:20:98:04:21:0e:5b:a8:8d:dd:2d:
         f5:75:f4:f4:10:d8:8c:a9:6e:7f:e9:e6:4c:00:27:86:08:bb:
         a4:ad:3e:a6:c5:a2:d5:cd:73:fc:b7:4f:20:d9:20:2b:2d:40:
         a9:5f:a1:2b:37:20:c1:22:28:d7:22:2c:f2:bc:f9:90:d3:5b:
         17:8e:53:88:23:cb:43:01:2c:34:2c:b9:f4:15:3b:62:17:cb:
         42:0f:28:0a:a7:4a:24:80:62:b0:54:22:04:f6:65:63:8b:12:
         ca:ac:e3:b6:ba:c5:2a:2b:de:34:13:0b:10:59:67:84:35:a3:
         f2:7a:f5:51:38:61:0c:61:28:18:0f:24:e4:d5:4e:8f:b5:0a:
         ee:41:10:b4:6e:1c:f5:52:a9:38:83:6a:d2:45:bf:a1:9f:30:
         69:eb:2b:49:ba:ec:a9:05:ce:82:4e:5f:9e:b1:39:fc:de:c4:
         5f:17:cc:5c:67:2a:10:66:4b:5d:c6:94:9e:46:3b:35:c0:8c:
         19:3d:cd:ea:40:4d:cf:3b:53:df:6c:a5:d0:b6:91:6a:e0:d7:
         73:1b:cb:69
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgICBBAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzky
NjFiOWI1ZTRmMzMyNmNhOGEzNTZjOTE2MDQzY2I1YmE5YTc0YjAeFw0yMjA3MjIw
MzAwMDBaFw0yNDA3MjIwMzAwMDBaMDMxMTAvBgNVBAMTKGE2MGQ2YzRlMTc5YWZm
NmIzMjUyZDhjNWVkNDYyMDkwYmFkMDM2OGYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQD5og8k4U0WA2xIrV7Gm6rnHADopGUF0SItXQyaqLt5ikEI4I+v
46HeNOh7Omwi+Y1YgneoyiyX2rO3vC6HSreipmMn4gu2kQ6gqEf68D+f9BwiEyGI
eKa9zEgjHKVXZAbmAgV/ak6hG5hqp75PzcNQGGOx6/ku7yeTNoyQ/b2tUimPVGDY
K3fpewV61qFHY3ujDVH7lKsNdwwuiNjJXQh14qf4qeQ/7HBLxnoQQFGUVGUreCQj
aNxQlH2W8HGNIGWNrE3RXgB23yDyv+4XLO3k7smkCJHaGhZ6ZYx8LjnW6spDenGo
vNsKxdJq3NycSV/yGzP6wL/Mc0lfVpPzBHgnAgMBAAGjggJeMIICWjAdBgNVHQ4E
FgQUmbH5LzN8lTdi85/IdiZfv8WSAbowHwYDVR0jBBgwFoAUTSGmHf7AIFGmHBwF
Wp5TQSGR1ZQwDgYDVR0PAQH/BAQDAgeAMIGaBggrBgEFBQcBAQSBjTCBijCBhwYI
KwYBBQUHMAKGe3JzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jwa2kvbGFj
bmljLzQ4ZjA4M2JiLWY2MDMtNDg5My05OTkwLTAyODRjMDRjZWI4NS8zOTI2MWI5
YjVlNGYzMzI2Y2E4YTM1NmM5MTYwNDNjYjViYTlhNzRiLmNlcjCBmgYIKwYBBQUH
AQsEgY0wgYowgYcGCCsGAQUFBzALhntyc3luYzovL3JlcG9zaXRvcnkubGFjbmlj
Lm5ldC9ycGtpL2xhY25pYy82NDc1MTlmNi0zMzc2LTQ4MTItOGE3ZS00YjhjYmI5
M2NmYzQvYTYwZDZjNGUxNzlhZmY2YjMyNTJkOGM1ZWQ0NjIwOTBiYWQwMzY4Zi5y
b2EwgY8GA1UdHwSBhzCBhDCBgaB/oH2Ge3JzeW5jOi8vcmVwb3NpdG9yeS5sYWNu
aWMubmV0L3Jwa2kvbGFjbmljLzY0NzUxOWY2LTMzNzYtNDgxMi04YTdlLTRiOGNi
YjkzY2ZjNC8zOTI2MWI5YjVlNGYzMzI2Y2E4YTM1NmM5MTYwNDNjYjViYTlhNzRi
LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMw
ETAPBAIAAjAJAwcEKAEBxgAAMA0GCSqGSIb3DQEBCwUAA4IBAQA08gco/oGxZpM+
ZR64iFbbH76n1Y5iRgxxi3Bp8dwAV6noJVCFgw55jIdpkSCYBCEOW6iN3S31dfT0
ENiMqW5/6eZMACeGCLukrT6mxaLVzXP8t08g2SArLUCpX6ErNyDBIijXIizyvPmQ
01sXjlOII8tDASw0LLn0FTtiF8tCDygKp0okgGKwVCIE9mVjixLKrOO2usUqK940
EwsQWWeENaPyevVROGEMYSgYDyTk1U6PtQruQRC0bhz1Uqk4g2rSRb+hnzBp6ytJ
uuypBc6CTl+esTn83sRfF8xcZyoQZktdxpSeRjs1wIwZPc3qQE3PO1PfbKXQtpFq
4NdzG8tp
-----END CERTIFICATE-----
Generated at Thu Mar 28 16:43:49 2024 by rpki-client on console-fra.rpki-client.org