Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/651c63b7-e13e-43bf-b010-265cb1f0b182/a38cee4ef4dfe072cf2d8b658f5412a1df0dd714.roa
File:                     a38cee4ef4dfe072cf2d8b658f5412a1df0dd714.roa (raw, json)
Hash identifier:          oDzdeytAE9Di7/AY9o+fMvLdQtx9laANSenK3Vv9MiY=
Subject key identifier:   A7:2D:C4:26:9B:DD:67:C7:C6:94:EF:77:B5:14:97:67:C2:E1:EA:23
Certificate issuer:       /CN=2b7cd4fbbabfe5565e23150fa6f1ec48b4fd3a82
Certificate serial:       0917AC
Authority key identifier: 92:B6:4A:50:EF:06:00:D0:23:FF:00:07:AC:5F:C0:FD:73:E1:A9:D3
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/2b7cd4fbbabfe5565e23150fa6f1ec48b4fd3a82.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/651c63b7-e13e-43bf-b010-265cb1f0b182/a38cee4ef4dfe072cf2d8b658f5412a1df0dd714.roa
Signing time:             Wed 24 Nov 2021 17:22:18 +0000
ROA not before:           Wed 24 Mar 2021 03:00:00 +0000
ROA not after:            Tue 24 Mar 2026 03:00:00 +0000
asID:                     19169
IP address blocks:        2803:5810::/32 maxlen: 48

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/651c63b7-e13e-43bf-b010-265cb1f0b182/2b7cd4fbbabfe5565e23150fa6f1ec48b4fd3a82.crl
                          rsync://repository.lacnic.net/rpki/lacnic/651c63b7-e13e-43bf-b010-265cb1f0b182/2b7cd4fbbabfe5565e23150fa6f1ec48b4fd3a82.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/2b7cd4fbbabfe5565e23150fa6f1ec48b4fd3a82.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 19:38:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 595884 (0x917ac)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2b7cd4fbbabfe5565e23150fa6f1ec48b4fd3a82
        Validity
            Not Before: Mar 24 03:00:00 2021 GMT
            Not After : Mar 24 03:00:00 2026 GMT
        Subject: CN=a38cee4ef4dfe072cf2d8b658f5412a1df0dd714
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:2c:61:6c:24:2e:75:6e:5f:26:6a:14:d5:ad:
                    5a:08:36:be:b7:49:7d:96:96:6f:db:bb:0b:59:08:
                    36:a6:fc:09:ba:32:10:4b:81:13:18:41:c6:ca:e8:
                    c1:71:e9:f4:22:98:c4:84:8a:ac:8c:4f:d3:b7:b3:
                    ea:e0:a5:bd:16:c6:bd:a9:2b:a8:8f:79:15:69:19:
                    09:56:de:af:d8:c5:ac:24:50:ad:e1:e3:08:e8:85:
                    cb:f1:f2:aa:52:84:52:ed:87:f8:34:1b:07:13:3a:
                    2c:ce:45:c7:d5:bc:ed:3b:7c:0b:23:4b:7f:a6:c9:
                    6c:af:05:a0:d9:24:6b:df:f4:08:23:57:b0:45:19:
                    57:c9:bc:95:39:26:1b:53:77:e2:9f:61:ae:dc:82:
                    20:af:a9:56:a3:13:f3:26:be:17:6c:8e:16:6e:13:
                    4f:c4:35:95:e6:71:6f:88:b6:f1:e7:ab:ca:06:b9:
                    9d:c6:88:ad:ac:80:bf:65:7e:45:14:90:8b:f3:09:
                    4d:75:9b:ef:3d:64:ab:b1:25:d4:2b:41:85:00:96:
                    ba:0a:d7:6a:70:59:f2:df:ed:ac:1f:39:94:2f:42:
                    57:ba:74:d1:66:de:24:df:df:a9:57:8e:a9:15:19:
                    7a:d4:6b:f4:47:16:fe:12:d3:12:ea:d8:4d:dd:65:
                    e3:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A7:2D:C4:26:9B:DD:67:C7:C6:94:EF:77:B5:14:97:67:C2:E1:EA:23
            X509v3 Authority Key Identifier:
                keyid:92:B6:4A:50:EF:06:00:D0:23:FF:00:07:AC:5F:C0:FD:73:E1:A9:D3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/2b7cd4fbbabfe5565e23150fa6f1ec48b4fd3a82.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/651c63b7-e13e-43bf-b010-265cb1f0b182/a38cee4ef4dfe072cf2d8b658f5412a1df0dd714.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/651c63b7-e13e-43bf-b010-265cb1f0b182/2b7cd4fbbabfe5565e23150fa6f1ec48b4fd3a82.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2803:5810::/32

    Signature Algorithm: sha256WithRSAEncryption
         6d:6c:1e:ea:76:a0:f8:2e:13:84:ee:66:c5:3d:f4:a3:02:6a:
         ad:48:60:91:e3:16:19:86:16:59:d0:bd:13:35:04:79:b2:a2:
         cd:94:0a:dc:00:d6:73:43:a4:09:e0:b0:67:86:b5:93:40:ea:
         a9:1c:20:08:51:25:2b:13:7d:8f:c7:6d:66:1d:9b:f2:67:da:
         b9:f0:05:ed:97:b9:cd:40:38:07:54:5d:69:e4:bd:05:33:01:
         26:4d:0d:e8:6c:7b:30:02:cf:62:89:31:d4:2b:32:d5:c7:71:
         8e:84:6b:22:a7:72:6f:d0:80:c0:2d:d7:d3:ec:87:a8:65:72:
         46:61:d7:95:b4:3f:fc:40:d9:2f:39:47:60:51:4b:8c:74:93:
         a8:66:5c:8c:64:5a:6d:18:e4:81:fa:00:15:74:f7:3c:61:0b:
         64:b5:93:75:65:6f:16:54:fc:86:86:fb:e5:65:e3:d8:f6:b4:
         b2:3e:ea:d5:97:25:39:15:c6:21:96:12:fc:c9:ca:e6:b4:b4:
         c3:5b:89:08:0c:5e:c7:92:65:0e:2d:d3:8b:24:e0:82:5e:39:
         a4:cc:fc:7a:2d:d1:3c:a1:3c:0d:f9:04:06:71:42:81:22:57:
         99:d5:67:e6:6b:e2:eb:3d:8a:4d:14:d2:3c:b7:35:54:48:5f:
         5d:38:a1:53
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgIDCResMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDJi
N2NkNGZiYmFiZmU1NTY1ZTIzMTUwZmE2ZjFlYzQ4YjRmZDNhODIwHhcNMjEwMzI0
MDMwMDAwWhcNMjYwMzI0MDMwMDAwWjAzMTEwLwYDVQQDEyhhMzhjZWU0ZWY0ZGZl
MDcyY2YyZDhiNjU4ZjU0MTJhMWRmMGRkNzE0MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEApixhbCQudW5fJmoU1a1aCDa+t0l9lpZv27sLWQg2pvwJujIQ
S4ETGEHGyujBcen0IpjEhIqsjE/Tt7Pq4KW9Fsa9qSuoj3kVaRkJVt6v2MWsJFCt
4eMI6IXL8fKqUoRS7Yf4NBsHEzoszkXH1bztO3wLI0t/pslsrwWg2SRr3/QII1ew
RRlXybyVOSYbU3fin2Gu3IIgr6lWoxPzJr4XbI4WbhNPxDWV5nFviLbx56vKBrmd
xoitrIC/ZX5FFJCL8wlNdZvvPWSrsSXUK0GFAJa6CtdqcFny3+2sHzmUL0JXunTR
Zt4k39+pV46pFRl61Gv0Rxb+EtMS6thN3WXj6QIDAQABo4ICXDCCAlgwHQYDVR0O
BBYEFKctxCab3WfHxpTvd7UUl2fC4eojMB8GA1UdIwQYMBaAFJK2SlDvBgDQI/8A
B6xfwP1z4anTMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvMmI3Y2Q0
ZmJiYWJmZTU1NjVlMjMxNTBmYTZmMWVjNDhiNGZkM2E4Mi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNjUxYzYzYjctZTEzZS00M2JmLWIwMTAtMjY1Y2Ix
ZjBiMTgyL2EzOGNlZTRlZjRkZmUwNzJjZjJkOGI2NThmNTQxMmExZGYwZGQ3MTQu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy82NTFjNjNiNy1lMTNlLTQzYmYtYjAxMC0yNjVj
YjFmMGIxODIvMmI3Y2Q0ZmJiYWJmZTU1NjVlMjMxNTBmYTZmMWVjNDhiNGZkM2E4
Mi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQR
MA8wDQQCAAIwBwMFACgDWBAwDQYJKoZIhvcNAQELBQADggEBAG1sHup2oPguE4Tu
ZsU99KMCaq1IYJHjFhmGFlnQvRM1BHmyos2UCtwA1nNDpAngsGeGtZNA6qkcIAhR
JSsTfY/HbWYdm/Jn2rnwBe2Xuc1AOAdUXWnkvQUzASZNDehsezACz2KJMdQrMtXH
cY6EayKncm/QgMAt19Psh6hlckZh15W0P/xA2S85R2BRS4x0k6hmXIxkWm0Y5IH6
ABV09zxhC2S1k3VlbxZU/IaG++Vl49j2tLI+6tWXJTkVxiGWEvzJyua0tMNbiQgM
XseSZQ4t04sk4IJeOaTM/Hot0TyhPA35BAZxQoEiV5nVZ+Zr4us9ik0U0jy3NVRI
X104oVM=
-----END CERTIFICATE-----
Generated at Thu Mar 28 23:59:03 2024 by rpki-client on console-fra.rpki-client.org