Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/6a899f67-c65f-4d64-b9fe-2de6a60c7307/cebfa2e88a35b8d1d3e4b8426162f57c880970c2.roa
File:                     cebfa2e88a35b8d1d3e4b8426162f57c880970c2.roa (raw, json)
Hash identifier:          1vKBcVbEE52EIn2oHXjgYWAFd+zRQl5BAg8XOm0BJ08=
Subject key identifier:   B3:BB:13:04:14:C0:E7:DC:C2:5F:22:CD:37:D9:E5:9D:FF:33:BC:EB
Certificate issuer:       /CN=1dfddfe2f66b991bd6c0a52036c8bafed2f1f289
Certificate serial:       1512E7
Authority key identifier: 2F:F0:EB:90:52:72:03:93:9D:EB:1E:9A:33:44:7B:44:E1:57:DD:72
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/1dfddfe2f66b991bd6c0a52036c8bafed2f1f289.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/6a899f67-c65f-4d64-b9fe-2de6a60c7307/cebfa2e88a35b8d1d3e4b8426162f57c880970c2.roa
Signing time:             Mon 28 Mar 2022 14:00:40 +0000
ROA not before:           Mon 28 Mar 2022 03:00:00 +0000
ROA not after:            Thu 28 Mar 2024 03:00:00 +0000
asID:                     265554
IP address blocks:        2803:aba0:2000::/40 maxlen: 40

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/6a899f67-c65f-4d64-b9fe-2de6a60c7307/1dfddfe2f66b991bd6c0a52036c8bafed2f1f289.crl
                          rsync://repository.lacnic.net/rpki/lacnic/6a899f67-c65f-4d64-b9fe-2de6a60c7307/1dfddfe2f66b991bd6c0a52036c8bafed2f1f289.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/1dfddfe2f66b991bd6c0a52036c8bafed2f1f289.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 18 Mar 2023 02:22:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1381095 (0x1512e7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1dfddfe2f66b991bd6c0a52036c8bafed2f1f289
        Validity
            Not Before: Mar 28 03:00:00 2022 GMT
            Not After : Mar 28 03:00:00 2024 GMT
        Subject: CN=cebfa2e88a35b8d1d3e4b8426162f57c880970c2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:0d:18:63:f4:72:d4:be:25:5d:ae:8c:51:fb:
                    3f:91:fc:e8:e1:0f:57:68:11:32:9a:5b:7c:ed:c9:
                    96:5b:e6:6b:74:68:66:35:4a:1b:70:e5:2c:a8:62:
                    d3:b8:81:84:78:c4:c9:24:2d:da:ea:01:71:cf:2d:
                    d9:3e:40:00:d7:78:d3:e1:9f:55:a1:f1:5a:40:d2:
                    6e:bf:57:40:2a:d3:d9:f5:87:90:2e:13:21:c2:99:
                    ce:a1:36:b6:13:fc:17:fa:72:16:3c:13:82:2d:e4:
                    1e:41:09:8d:b5:58:0a:20:79:f8:ff:36:91:1f:f7:
                    3d:75:25:c1:31:c2:1c:f5:8e:c3:af:2e:96:f6:a1:
                    8a:a7:3e:ca:9f:9d:a8:7d:22:89:0f:9a:79:61:8b:
                    2d:84:e1:be:7c:11:26:2b:a4:c5:a8:b3:dc:1a:53:
                    e1:f5:dc:2a:9c:4d:d6:24:d0:8b:bb:65:c8:f7:88:
                    9c:47:13:45:39:69:b5:1a:8b:7d:ec:3c:15:0d:6e:
                    88:80:63:69:76:5e:9f:2a:7a:04:ef:d1:6a:43:12:
                    3d:29:b4:04:a6:3a:59:15:ac:1e:9d:61:e7:fe:15:
                    f5:e0:82:81:bd:c7:8c:f8:de:5c:1f:6e:79:9c:1d:
                    49:b5:09:7c:79:eb:0c:e7:9b:fa:fe:ec:a2:a0:33:
                    6e:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                B3:BB:13:04:14:C0:E7:DC:C2:5F:22:CD:37:D9:E5:9D:FF:33:BC:EB
            X509v3 Authority Key Identifier: 
                keyid:2F:F0:EB:90:52:72:03:93:9D:EB:1E:9A:33:44:7B:44:E1:57:DD:72

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/1dfddfe2f66b991bd6c0a52036c8bafed2f1f289.cer

            Subject Information Access: 
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/6a899f67-c65f-4d64-b9fe-2de6a60c7307/cebfa2e88a35b8d1d3e4b8426162f57c880970c2.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/6a899f67-c65f-4d64-b9fe-2de6a60c7307/1dfddfe2f66b991bd6c0a52036c8bafed2f1f289.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2803:aba0:2000::/40

    Signature Algorithm: sha256WithRSAEncryption
         7b:4e:2a:7c:96:37:e0:04:d0:e5:da:63:50:74:e6:9b:b1:29:
         ab:79:9a:ad:8f:e6:38:b4:99:04:5f:25:37:44:2a:fd:3b:d4:
         e1:1a:56:de:50:cc:d5:8a:22:db:d5:cd:b4:13:f3:87:8d:21:
         3d:6b:2f:6e:40:1b:dd:71:84:4f:49:e2:2c:30:36:f5:91:f9:
         bb:e1:fd:75:b7:4c:9b:f3:0f:8f:4b:16:0a:95:a8:60:4c:eb:
         62:b5:61:b1:9a:30:0d:13:08:41:c5:10:83:77:13:44:31:60:
         68:f8:2a:09:b3:b0:07:d8:a7:0e:95:bf:fc:8d:e4:e5:46:d1:
         14:dd:ed:a3:ee:5a:20:e3:73:01:3a:5e:b0:79:39:1a:cc:70:
         03:9a:fa:76:76:3b:85:98:e1:b4:ed:ec:69:37:63:f0:b8:28:
         91:28:32:92:02:89:f8:d2:34:33:f9:46:01:cb:6a:28:4c:84:
         94:5a:99:d3:a8:65:30:fa:9f:93:81:c7:8c:66:15:44:cb:5e:
         fe:16:cb:7c:b6:80:62:5b:31:42:41:6f:1b:a6:31:8d:5e:3c:
         d0:27:1b:2a:aa:04:35:b1:f0:bb:a4:ca:39:a0:99:c7:1e:d3:
         c2:ef:d2:6e:8d:44:bc:53:53:a0:22:56:f1:22:77:e5:15:c4:
         07:8a:e3:a2
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgIDFRLnMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDFk
ZmRkZmUyZjY2Yjk5MWJkNmMwYTUyMDM2YzhiYWZlZDJmMWYyODkwHhcNMjIwMzI4
MDMwMDAwWhcNMjQwMzI4MDMwMDAwWjAzMTEwLwYDVQQDEyhjZWJmYTJlODhhMzVi
OGQxZDNlNGI4NDI2MTYyZjU3Yzg4MDk3MGMyMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAkQ0YY/Ry1L4lXa6MUfs/kfzo4Q9XaBEymlt87cmWW+ZrdGhm
NUobcOUsqGLTuIGEeMTJJC3a6gFxzy3ZPkAA13jT4Z9VofFaQNJuv1dAKtPZ9YeQ
LhMhwpnOoTa2E/wX+nIWPBOCLeQeQQmNtVgKIHn4/zaRH/c9dSXBMcIc9Y7Dry6W
9qGKpz7Kn52ofSKJD5p5YYsthOG+fBEmK6TFqLPcGlPh9dwqnE3WJNCLu2XI94ic
RxNFOWm1Got97DwVDW6IgGNpdl6fKnoE79FqQxI9KbQEpjpZFawenWHn/hX14IKB
vceM+N5cH255nB1JtQl8eesM55v6/uyioDNuCwIDAQABo4ICXTCCAlkwHQYDVR0O
BBYEFLO7EwQUwOfcwl8izTfZ5Z3/M7zrMB8GA1UdIwQYMBaAFC/w65BScgOTnese
mjNEe0ThV91yMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvMWRmZGRm
ZTJmNjZiOTkxYmQ2YzBhNTIwMzZjOGJhZmVkMmYxZjI4OS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNmE4OTlmNjctYzY1Zi00ZDY0LWI5ZmUtMmRlNmE2
MGM3MzA3L2NlYmZhMmU4OGEzNWI4ZDFkM2U0Yjg0MjYxNjJmNTdjODgwOTcwYzIu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy82YTg5OWY2Ny1jNjVmLTRkNjQtYjlmZS0yZGU2
YTYwYzczMDcvMWRmZGRmZTJmNjZiOTkxYmQ2YzBhNTIwMzZjOGJhZmVkMmYxZjI4
OS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQS
MBAwDgQCAAIwCAMGACgDq6AgMA0GCSqGSIb3DQEBCwUAA4IBAQB7Tip8ljfgBNDl
2mNQdOabsSmreZqtj+Y4tJkEXyU3RCr9O9ThGlbeUMzViiLb1c20E/OHjSE9ay9u
QBvdcYRPSeIsMDb1kfm74f11t0yb8w+PSxYKlahgTOtitWGxmjANEwhBxRCDdxNE
MWBo+CoJs7AH2KcOlb/8jeTlRtEU3e2j7log43MBOl6weTkazHADmvp2djuFmOG0
7expN2PwuCiRKDKSAon40jQz+UYBy2ooTISUWpnTqGUw+p+TgceMZhVEy17+Fst8
toBiWzFCQW8bpjGNXjzQJxsqqgQ1sfC7pMo5oJnHHtPC79JujUS8U1OgIlbxInfl
FcQHiuOi
-----END CERTIFICATE-----
Generated at Wed Mar 15 11:34:44 2023 by rpki-client on console-ams.rpki-client.org