Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/6a899f67-c65f-4d64-b9fe-2de6a60c7307/bf33fbfb02d79c65a383ec5a93f376ab913ee235.roa
File:                     bf33fbfb02d79c65a383ec5a93f376ab913ee235.roa (raw, json)
Hash identifier:          Ha7g+qtzYDljnRGZI0PZojLfKtESBnfn1+msuU2UIMM=
Subject key identifier:   73:1C:0A:6E:37:2F:69:97:58:17:A7:DD:CD:C0:DA:49:21:49:17:93
Certificate issuer:       /CN=1dfddfe2f66b991bd6c0a52036c8bafed2f1f289
Certificate serial:       15043D
Authority key identifier: 2F:F0:EB:90:52:72:03:93:9D:EB:1E:9A:33:44:7B:44:E1:57:DD:72
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/1dfddfe2f66b991bd6c0a52036c8bafed2f1f289.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/6a899f67-c65f-4d64-b9fe-2de6a60c7307/bf33fbfb02d79c65a383ec5a93f376ab913ee235.roa
Signing time:             Mon 28 Mar 2022 13:40:51 +0000
ROA not before:           Mon 28 Mar 2022 03:00:00 +0000
ROA not after:            Thu 28 Mar 2024 03:00:00 +0000
asID:                     265554
IP address blocks:        2803:aba0:2200::/40 maxlen: 40

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/6a899f67-c65f-4d64-b9fe-2de6a60c7307/1dfddfe2f66b991bd6c0a52036c8bafed2f1f289.crl
                          rsync://repository.lacnic.net/rpki/lacnic/6a899f67-c65f-4d64-b9fe-2de6a60c7307/1dfddfe2f66b991bd6c0a52036c8bafed2f1f289.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/1dfddfe2f66b991bd6c0a52036c8bafed2f1f289.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 18 Mar 2023 02:22:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1377341 (0x15043d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1dfddfe2f66b991bd6c0a52036c8bafed2f1f289
        Validity
            Not Before: Mar 28 03:00:00 2022 GMT
            Not After : Mar 28 03:00:00 2024 GMT
        Subject: CN=bf33fbfb02d79c65a383ec5a93f376ab913ee235
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:c1:e2:a4:c2:38:c5:31:63:b1:a4:89:43:4b:
                    10:f1:1c:6f:ed:11:a0:98:48:81:95:67:a1:a3:1b:
                    89:de:0f:3a:af:b3:0e:da:90:cc:f9:7a:8e:c8:54:
                    c2:de:21:7c:c2:c8:84:34:b3:77:53:e3:80:91:3d:
                    cd:18:00:34:dd:26:4c:ef:b7:36:41:ec:60:19:83:
                    9e:e9:bf:ac:60:ed:90:cb:51:2e:ba:c4:fe:ce:0c:
                    78:70:71:86:f8:0f:d9:de:92:68:e9:64:e8:40:01:
                    cf:50:54:6f:6d:4b:c4:77:ee:ba:d4:ca:5c:e8:eb:
                    ff:d6:a6:ff:b2:b3:59:4d:8d:72:f9:a5:94:86:74:
                    a7:c0:88:25:55:b6:bc:2b:3a:76:65:35:53:fb:3a:
                    4b:1e:15:31:09:5e:7c:2c:35:96:25:d7:78:72:6c:
                    82:64:cc:22:f0:48:4b:9d:1d:bc:17:0f:29:db:1d:
                    8d:d3:a9:7b:e7:a3:11:36:ae:6d:33:6b:82:43:dd:
                    a1:0c:2f:f7:67:fa:76:19:89:a0:a9:f2:e8:42:ee:
                    9b:23:34:61:c9:09:fe:25:1f:92:3e:f1:b7:24:84:
                    fa:aa:96:66:a9:62:f9:ed:06:18:3c:5e:5c:03:f1:
                    98:54:a1:30:0e:cb:b4:ea:85:72:6d:0c:83:5c:66:
                    88:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                73:1C:0A:6E:37:2F:69:97:58:17:A7:DD:CD:C0:DA:49:21:49:17:93
            X509v3 Authority Key Identifier: 
                keyid:2F:F0:EB:90:52:72:03:93:9D:EB:1E:9A:33:44:7B:44:E1:57:DD:72

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/1dfddfe2f66b991bd6c0a52036c8bafed2f1f289.cer

            Subject Information Access: 
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/6a899f67-c65f-4d64-b9fe-2de6a60c7307/bf33fbfb02d79c65a383ec5a93f376ab913ee235.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/6a899f67-c65f-4d64-b9fe-2de6a60c7307/1dfddfe2f66b991bd6c0a52036c8bafed2f1f289.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2803:aba0:2200::/40

    Signature Algorithm: sha256WithRSAEncryption
         13:ef:0a:62:cf:5d:3a:d9:75:41:1e:24:7c:23:4d:f5:7b:fa:
         1f:1d:ff:16:fa:74:54:68:72:22:f2:90:58:c6:88:2e:60:c7:
         a9:ff:04:c9:b0:cc:b0:d2:65:09:f0:b3:75:aa:6b:42:9c:08:
         9a:f3:54:7e:cd:12:b0:25:9e:07:a4:51:7a:84:49:4e:3b:d2:
         ee:26:c8:51:f7:18:d4:ff:84:34:6c:23:27:d4:d1:11:80:da:
         57:cc:63:a1:24:90:8c:54:be:42:5e:d2:96:03:ee:cc:6d:4c:
         21:68:bc:e5:83:4e:8a:2e:39:b5:8a:9b:2a:c2:71:00:bf:bb:
         e2:d8:c6:bf:a8:ac:01:c0:ff:89:3c:16:a7:14:b9:45:88:57:
         f0:1a:3c:fc:d0:eb:c9:b5:d8:44:eb:c8:89:de:7f:da:1a:ec:
         fa:9b:25:a2:4b:94:e0:a5:a0:fa:01:8b:45:ba:4f:9c:bb:a8:
         95:5e:c6:88:29:86:ac:db:f9:a2:2c:c1:09:f6:2f:c2:7e:76:
         33:39:2b:07:06:7d:37:17:73:a8:3e:ea:d8:c0:37:e7:47:5e:
         70:3f:4b:b8:d5:78:a2:89:f0:af:0c:44:73:58:fe:07:c8:d0:
         fb:b1:1a:74:44:88:58:b7:e8:78:aa:fd:49:55:16:8a:07:80:
         56:63:cf:9e
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgIDFQQ9MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDFk
ZmRkZmUyZjY2Yjk5MWJkNmMwYTUyMDM2YzhiYWZlZDJmMWYyODkwHhcNMjIwMzI4
MDMwMDAwWhcNMjQwMzI4MDMwMDAwWjAzMTEwLwYDVQQDEyhiZjMzZmJmYjAyZDc5
YzY1YTM4M2VjNWE5M2YzNzZhYjkxM2VlMjM1MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAmMHipMI4xTFjsaSJQ0sQ8Rxv7RGgmEiBlWehoxuJ3g86r7MO
2pDM+XqOyFTC3iF8wsiENLN3U+OAkT3NGAA03SZM77c2QexgGYOe6b+sYO2Qy1Eu
usT+zgx4cHGG+A/Z3pJo6WToQAHPUFRvbUvEd+661Mpc6Ov/1qb/srNZTY1y+aWU
hnSnwIglVba8Kzp2ZTVT+zpLHhUxCV58LDWWJdd4cmyCZMwi8EhLnR28Fw8p2x2N
06l756MRNq5tM2uCQ92hDC/3Z/p2GYmgqfLoQu6bIzRhyQn+JR+SPvG3JIT6qpZm
qWL57QYYPF5cA/GYVKEwDsu06oVybQyDXGaIqQIDAQABo4ICXTCCAlkwHQYDVR0O
BBYEFHMcCm43L2mXWBen3c3A2kkhSReTMB8GA1UdIwQYMBaAFC/w65BScgOTnese
mjNEe0ThV91yMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvMWRmZGRm
ZTJmNjZiOTkxYmQ2YzBhNTIwMzZjOGJhZmVkMmYxZjI4OS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNmE4OTlmNjctYzY1Zi00ZDY0LWI5ZmUtMmRlNmE2
MGM3MzA3L2JmMzNmYmZiMDJkNzljNjVhMzgzZWM1YTkzZjM3NmFiOTEzZWUyMzUu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy82YTg5OWY2Ny1jNjVmLTRkNjQtYjlmZS0yZGU2
YTYwYzczMDcvMWRmZGRmZTJmNjZiOTkxYmQ2YzBhNTIwMzZjOGJhZmVkMmYxZjI4
OS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQS
MBAwDgQCAAIwCAMGACgDq6AiMA0GCSqGSIb3DQEBCwUAA4IBAQAT7wpiz1062XVB
HiR8I031e/ofHf8W+nRUaHIi8pBYxoguYMep/wTJsMyw0mUJ8LN1qmtCnAia81R+
zRKwJZ4HpFF6hElOO9LuJshR9xjU/4Q0bCMn1NERgNpXzGOhJJCMVL5CXtKWA+7M
bUwhaLzlg06KLjm1ipsqwnEAv7vi2Ma/qKwBwP+JPBanFLlFiFfwGjz80OvJtdhE
68iJ3n/aGuz6myWiS5TgpaD6AYtFuk+cu6iVXsaIKYas2/miLMEJ9i/CfnYzOSsH
Bn03F3OoPurYwDfnR15wP0u41XiiifCvDERzWP4HyND7sRp0RIhYt+h4qv1JVRaK
B4BWY8+e
-----END CERTIFICATE-----
Generated at Wed Mar 15 11:34:44 2023 by rpki-client on console-ams.rpki-client.org