Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/6c1e57fa-5211-43f2-8bc5-4ce86d437d57/2caa895f57df9d4d803bcd8973f1db79a250f9f3.roa
File:                     2caa895f57df9d4d803bcd8973f1db79a250f9f3.roa (raw, json)
Hash identifier:          9/ta8s9zpXa5ZaY1+3wr8BEaNq8jJ6ssc847XXDv7RA=
Subject key identifier:   6D:8A:9C:B8:AB:A3:74:44:CB:72:C8:BF:F9:E6:07:8D:A4:22:34:92
Certificate issuer:       /CN=b80851dbe630162fa48a971618bbb58a4472f664
Certificate serial:       0D3F61
Authority key identifier: A4:A6:89:EF:41:2A:2A:64:AA:27:89:7A:AC:D0:DB:0C:BE:80:C1:C9
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/b80851dbe630162fa48a971618bbb58a4472f664.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/6c1e57fa-5211-43f2-8bc5-4ce86d437d57/2caa895f57df9d4d803bcd8973f1db79a250f9f3.roa
Signing time:             Wed 24 Mar 2021 14:47:05 +0000
ROA not before:           Wed 24 Mar 2021 14:47:05 +0000
ROA not after:            Tue 24 Mar 2026 14:47:05 +0000
asID:                     27800
IP address blocks:        131.100.36.0/22 maxlen: 24
                          170.82.208.0/22 maxlen: 24
                          170.84.8.0/22 maxlen: 24
                          179.60.212.0/22 maxlen: 24
                          181.118.32.0/19 maxlen: 24
                          200.7.88.0/21 maxlen: 24
                          2803:1500::/32 maxlen: 40

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/6c1e57fa-5211-43f2-8bc5-4ce86d437d57/b80851dbe630162fa48a971618bbb58a4472f664.crl
                          rsync://repository.lacnic.net/rpki/lacnic/6c1e57fa-5211-43f2-8bc5-4ce86d437d57/b80851dbe630162fa48a971618bbb58a4472f664.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/b80851dbe630162fa48a971618bbb58a4472f664.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 01 Apr 2024 05:58:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 868193 (0xd3f61)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b80851dbe630162fa48a971618bbb58a4472f664
        Validity
            Not Before: Mar 24 14:47:05 2021 GMT
            Not After : Mar 24 14:47:05 2026 GMT
        Subject: CN=2caa895f57df9d4d803bcd8973f1db79a250f9f3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:23:f6:f5:30:75:bf:7e:72:01:9d:ae:47:bc:
                    ed:76:09:53:6b:68:66:46:17:55:6e:44:8c:1d:90:
                    ca:f0:a5:43:a6:56:96:2c:91:6f:68:67:17:69:e6:
                    86:66:28:08:d2:f4:fc:3d:a0:89:e6:5f:51:82:da:
                    a3:9a:45:1a:4e:a6:83:58:77:84:dc:7c:4a:b2:2b:
                    77:68:6a:6e:b7:0a:3e:e4:1a:22:0f:7b:aa:d9:39:
                    be:18:9c:25:36:0d:13:b2:9f:10:a1:45:d2:9b:df:
                    43:3a:ae:7e:4c:6e:b0:3d:4a:7f:7f:dd:49:2c:dd:
                    d8:c0:97:2b:05:f0:ed:e5:b7:e5:9c:29:c5:98:2b:
                    59:a1:21:b7:5c:c3:63:c1:09:b3:63:aa:c0:89:f8:
                    ab:35:5f:98:07:4c:94:fd:14:2e:e7:a7:09:d4:df:
                    ea:db:9f:2f:63:f5:da:89:0a:ef:ce:e5:c5:59:92:
                    c2:2f:7b:00:36:53:6e:b2:bb:42:b4:97:22:52:a6:
                    b6:cd:8a:9b:40:74:f7:94:ef:1b:9f:28:0d:67:97:
                    5c:cc:cb:ef:f2:05:e4:07:55:3d:6a:ad:10:a0:85:
                    58:25:27:22:c8:45:ce:e3:69:f0:59:13:7d:86:25:
                    a9:28:6a:15:a2:ce:72:08:a3:11:e7:5b:67:fc:f1:
                    7b:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6D:8A:9C:B8:AB:A3:74:44:CB:72:C8:BF:F9:E6:07:8D:A4:22:34:92
            X509v3 Authority Key Identifier:
                keyid:A4:A6:89:EF:41:2A:2A:64:AA:27:89:7A:AC:D0:DB:0C:BE:80:C1:C9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/b80851dbe630162fa48a971618bbb58a4472f664.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/6c1e57fa-5211-43f2-8bc5-4ce86d437d57/2caa895f57df9d4d803bcd8973f1db79a250f9f3.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/6c1e57fa-5211-43f2-8bc5-4ce86d437d57/b80851dbe630162fa48a971618bbb58a4472f664.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  131.100.36.0/22
                  170.82.208.0/22
                  170.84.8.0/22
                  179.60.212.0/22
                  181.118.32.0/19
                  200.7.88.0/21
                IPv6:
                  2803:1500::/32

    Signature Algorithm: sha256WithRSAEncryption
         45:b0:da:c5:fe:99:7e:9b:10:07:33:a0:90:21:99:ac:77:a6:
         72:a3:64:b7:9a:eb:f5:44:4e:8f:95:72:31:05:58:17:72:06:
         ab:2a:d2:c0:66:52:db:04:91:35:e7:b4:e8:e2:9d:f8:93:2e:
         c4:c7:26:b4:b7:95:f0:87:b5:85:da:f0:23:cc:1c:a0:e7:ae:
         36:45:ce:5f:8a:5c:60:26:bc:c5:61:bf:93:ab:a4:95:b8:23:
         6f:e5:89:8f:5c:a3:a5:99:83:48:4c:f7:b8:9e:69:cc:57:a5:
         cd:66:1e:6b:53:84:86:3c:38:a4:63:1e:5a:6b:67:4f:07:77:
         33:59:f6:65:e8:31:26:03:80:08:fa:5f:70:40:26:96:f4:6a:
         97:2e:c0:36:30:75:9e:53:45:ad:b1:96:ee:04:4e:6e:b8:26:
         cc:7e:18:b5:c5:86:a8:b7:8d:c9:2f:e3:79:e5:50:1f:37:f8:
         e8:06:9b:f3:ac:3d:1f:a7:34:b6:cd:9d:87:fe:ae:f1:2f:38:
         55:30:7c:c9:a2:a3:d4:82:e2:a8:60:3f:a2:9d:06:bd:33:38:
         e6:fa:81:9d:42:e1:5d:26:6f:ef:68:0d:7a:85:f8:d5:b4:32:
         d8:41:1e:81:90:36:db:7c:5f:ae:25:bb:ba:51:cb:5a:19:c1:
         81:c1:3c:9f
-----BEGIN CERTIFICATE-----
MIIFbTCCBFWgAwIBAgIDDT9hMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGI4
MDg1MWRiZTYzMDE2MmZhNDhhOTcxNjE4YmJiNThhNDQ3MmY2NjQwHhcNMjEwMzI0
MTQ0NzA1WhcNMjYwMzI0MTQ0NzA1WjAzMTEwLwYDVQQDEygyY2FhODk1ZjU3ZGY5
ZDRkODAzYmNkODk3M2YxZGI3OWEyNTBmOWYzMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAmiP29TB1v35yAZ2uR7ztdglTa2hmRhdVbkSMHZDK8KVDplaW
LJFvaGcXaeaGZigI0vT8PaCJ5l9RgtqjmkUaTqaDWHeE3HxKsit3aGputwo+5Boi
D3uq2Tm+GJwlNg0Tsp8QoUXSm99DOq5+TG6wPUp/f91JLN3YwJcrBfDt5bflnCnF
mCtZoSG3XMNjwQmzY6rAifirNV+YB0yU/RQu56cJ1N/q258vY/XaiQrvzuXFWZLC
L3sANlNusrtCtJciUqa2zYqbQHT3lO8bnygNZ5dczMvv8gXkB1U9aq0QoIVYJSci
yEXO42nwWRN9hiWpKGoVos5yCKMR51tn/PF7LQIDAQABo4ICiDCCAoQwHQYDVR0O
BBYEFG2KnLiro3REy3LIv/nmB42kIjSSMB8GA1UdIwQYMBaAFKSmie9BKipkqieJ
eqzQ2wy+gMHJMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYjgwODUx
ZGJlNjMwMTYyZmE0OGE5NzE2MThiYmI1OGE0NDcyZjY2NC5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNmMxZTU3ZmEtNTIxMS00M2YyLThiYzUtNGNlODZk
NDM3ZDU3LzJjYWE4OTVmNTdkZjlkNGQ4MDNiY2Q4OTczZjFkYjc5YTI1MGY5ZjMu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy82YzFlNTdmYS01MjExLTQzZjItOGJjNS00Y2U4
NmQ0MzdkNTcvYjgwODUxZGJlNjMwMTYyZmE0OGE5NzE2MThiYmI1OGE0NDcyZjY2
NC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBMBggrBgEFBQcBBwEB/wQ9
MDswKgQCAAEwJAMEAoNkJAMEAqpS0AMEAqpUCAMEArM81AMEBbV2IAMEA8gHWDAN
BAIAAjAHAwUAKAMVADANBgkqhkiG9w0BAQsFAAOCAQEARbDaxf6ZfpsQBzOgkCGZ
rHemcqNkt5rr9UROj5VyMQVYF3IGqyrSwGZS2wSRNee06OKd+JMuxMcmtLeV8Ie1
hdrwI8wcoOeuNkXOX4pcYCa8xWG/k6uklbgjb+WJj1yjpZmDSEz3uJ5pzFelzWYe
a1OEhjw4pGMeWmtnTwd3M1n2ZegxJgOACPpfcEAmlvRqly7ANjB1nlNFrbGW7gRO
brgmzH4YtcWGqLeNyS/jeeVQHzf46Aab86w9H6c0ts2dh/6u8S84VTB8yaKj1ILi
qGA/op0GvTM45vqBnULhXSZv72gNeoX41bQy2EEegZA223xfriW7ulHLWhnBgcE8
nw==
-----END CERTIFICATE-----
Generated at Fri Mar 29 07:06:36 2024 by rpki-client on console-ams.rpki-client.org