Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/6f79674c-0735-446e-b332-22235befb824/c823840ed7dc919327023537d85506f14c221ed0.roa
File:                     c823840ed7dc919327023537d85506f14c221ed0.roa (raw, json)
Hash identifier:          qqS/NJ4uLAFeHewVuLCwdBKOpeMXH6kD0DpxVP2l5vo=
Subject key identifier:   EC:0B:92:AC:F9:5F:81:76:9C:8D:58:27:9A:DA:2C:C6:6B:57:FA:6D
Certificate issuer:       /CN=a4f5c6cc455d4e5671af9abbe01fdee26ec6aa79
Certificate serial:       0C90B5
Authority key identifier: 1E:79:50:6C:D7:F7:11:82:46:33:C5:C3:AC:74:E6:A3:16:36:24:52
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/a4f5c6cc455d4e5671af9abbe01fdee26ec6aa79.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/6f79674c-0735-446e-b332-22235befb824/c823840ed7dc919327023537d85506f14c221ed0.roa
Signing time:             Wed 24 Mar 2021 14:36:12 +0000
ROA not before:           Wed 24 Mar 2021 14:36:11 +0000
ROA not after:            Tue 24 Mar 2026 14:36:11 +0000
asID:                     13489
IP address blocks:        2803:87a0:0:1::/64 maxlen: 64
                          2803:87a0:0:2::/64 maxlen: 64

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/6f79674c-0735-446e-b332-22235befb824/a4f5c6cc455d4e5671af9abbe01fdee26ec6aa79.crl
                          rsync://repository.lacnic.net/rpki/lacnic/6f79674c-0735-446e-b332-22235befb824/a4f5c6cc455d4e5671af9abbe01fdee26ec6aa79.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/a4f5c6cc455d4e5671af9abbe01fdee26ec6aa79.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Wed 28 Feb 2024 07:55:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 823477 (0xc90b5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a4f5c6cc455d4e5671af9abbe01fdee26ec6aa79
        Validity
            Not Before: Mar 24 14:36:11 2021 GMT
            Not After : Mar 24 14:36:11 2026 GMT
        Subject: CN=c823840ed7dc919327023537d85506f14c221ed0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:4a:d9:f4:c2:f7:6a:dd:e2:d4:19:a4:be:c4:
                    6e:cd:bc:e7:af:8e:7d:0d:18:eb:cf:80:c7:88:c3:
                    89:0d:6a:06:68:8e:52:4b:c3:4e:15:af:53:68:19:
                    1a:c1:72:04:8e:c9:08:3f:38:b2:46:17:18:c0:a3:
                    57:81:5f:87:43:a2:48:83:f2:71:b9:4f:aa:34:ca:
                    21:c2:b6:b2:71:61:b6:c3:dc:c0:d9:c4:00:e5:9b:
                    28:32:fc:14:68:6a:5a:da:73:19:91:77:91:14:56:
                    66:ba:8e:8e:b9:0a:0e:46:27:a6:c0:af:13:d9:06:
                    1a:18:64:a9:29:65:1c:8e:c3:e8:05:c4:ed:f3:32:
                    62:e6:ee:1f:46:26:5b:a3:7e:2a:12:77:91:a2:9c:
                    d6:8b:f8:cf:3c:13:9b:f7:b0:32:04:97:43:ce:72:
                    22:db:77:51:a1:be:92:6c:21:6c:02:6b:36:7a:2c:
                    1a:d3:d6:77:1b:4b:e7:48:a1:f8:62:0f:49:49:6c:
                    e5:e0:c8:d5:0c:84:89:e2:97:23:01:bf:4b:45:84:
                    a1:4c:3e:69:19:42:d8:88:3d:92:5f:69:be:6a:9e:
                    e0:4d:66:be:ee:d6:e9:b0:d3:6c:f8:ca:ce:64:30:
                    70:94:0c:3b:91:e1:d1:f4:12:e2:ac:22:d7:4b:98:
                    e3:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EC:0B:92:AC:F9:5F:81:76:9C:8D:58:27:9A:DA:2C:C6:6B:57:FA:6D
            X509v3 Authority Key Identifier:
                keyid:1E:79:50:6C:D7:F7:11:82:46:33:C5:C3:AC:74:E6:A3:16:36:24:52

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/a4f5c6cc455d4e5671af9abbe01fdee26ec6aa79.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/6f79674c-0735-446e-b332-22235befb824/c823840ed7dc919327023537d85506f14c221ed0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/6f79674c-0735-446e-b332-22235befb824/a4f5c6cc455d4e5671af9abbe01fdee26ec6aa79.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2803:87a0:0:1::-2803:87a0:0:2:ffff:ffff:ffff:ffff

    Signature Algorithm: sha256WithRSAEncryption
         56:60:a4:9a:e8:5a:d1:b8:b3:6a:53:4b:41:a2:55:59:a9:5e:
         26:2d:cf:43:15:17:d1:65:0f:a6:74:40:0c:70:4b:bf:37:40:
         56:11:af:1e:50:da:4d:18:8e:9c:6c:f1:86:4f:41:97:e4:50:
         f5:05:41:16:3a:7a:6a:a6:89:94:f7:9a:7e:c4:8d:e5:ce:51:
         18:89:e5:be:bd:51:0d:22:7d:ba:32:15:24:c1:56:66:05:78:
         25:45:7e:15:e4:29:3b:d7:e0:3f:26:bd:fb:c1:e7:67:eb:7f:
         3b:f3:a8:f6:27:55:2d:0d:d0:12:16:02:00:7e:ea:37:31:91:
         bf:8d:9a:22:d5:bc:2a:ce:26:e0:82:92:c1:1d:5d:de:29:04:
         8b:44:68:63:1f:12:84:3d:9a:f3:e9:ab:4d:19:6d:b9:fa:c7:
         08:62:61:01:87:20:a7:81:8f:0c:ec:36:39:5e:c9:8d:17:1d:
         66:b5:99:ef:fa:94:7b:9f:b2:8a:9c:c9:e5:42:07:7f:30:22:
         16:bf:11:af:4d:4b:42:26:c2:6f:81:c0:cd:03:00:54:66:f9:
         af:e0:eb:3e:24:75:42:27:7c:63:69:fd:7f:8e:ed:b2:e1:f5:
         90:22:5e:93:f0:ae:f3:94:39:78:98:40:3d:7a:24:bd:c2:54:
         ce:5a:e8:8e
-----BEGIN CERTIFICATE-----
MIIFUjCCBDqgAwIBAgIDDJC1MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGE0
ZjVjNmNjNDU1ZDRlNTY3MWFmOWFiYmUwMWZkZWUyNmVjNmFhNzkwHhcNMjEwMzI0
MTQzNjExWhcNMjYwMzI0MTQzNjExWjAzMTEwLwYDVQQDEyhjODIzODQwZWQ3ZGM5
MTkzMjcwMjM1MzdkODU1MDZmMTRjMjIxZWQwMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAlUrZ9ML3at3i1BmkvsRuzbznr459DRjrz4DHiMOJDWoGaI5S
S8NOFa9TaBkawXIEjskIPziyRhcYwKNXgV+HQ6JIg/JxuU+qNMohwraycWG2w9zA
2cQA5ZsoMvwUaGpa2nMZkXeRFFZmuo6OuQoORiemwK8T2QYaGGSpKWUcjsPoBcTt
8zJi5u4fRiZbo34qEneRopzWi/jPPBOb97AyBJdDznIi23dRob6SbCFsAms2eiwa
09Z3G0vnSKH4Yg9JSWzl4MjVDISJ4pcjAb9LRYShTD5pGULYiD2SX2m+ap7gTWa+
7tbpsNNs+MrOZDBwlAw7keHR9BLirCLXS5jjQQIDAQABo4ICbTCCAmkwHQYDVR0O
BBYEFOwLkqz5X4F2nI1YJ5raLMZrV/ptMB8GA1UdIwQYMBaAFB55UGzX9xGCRjPF
w6x05qMWNiRSMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYTRmNWM2
Y2M0NTVkNGU1NjcxYWY5YWJiZTAxZmRlZTI2ZWM2YWE3OS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNmY3OTY3NGMtMDczNS00NDZlLWIzMzItMjIyMzVi
ZWZiODI0L2M4MjM4NDBlZDdkYzkxOTMyNzAyMzUzN2Q4NTUwNmYxNGMyMjFlZDAu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy82Zjc5Njc0Yy0wNzM1LTQ0NmUtYjMzMi0yMjIz
NWJlZmI4MjQvYTRmNWM2Y2M0NTVkNGU1NjcxYWY5YWJiZTAxZmRlZTI2ZWM2YWE3
OS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAxBggrBgEFBQcBBwEB/wQi
MCAwHgQCAAIwGDAWAwkAKAOHoAAAAAEDCQAoA4egAAAAAjANBgkqhkiG9w0BAQsF
AAOCAQEAVmCkmuha0bizalNLQaJVWaleJi3PQxUX0WUPpnRADHBLvzdAVhGvHlDa
TRiOnGzxhk9Bl+RQ9QVBFjp6aqaJlPeafsSN5c5RGInlvr1RDSJ9ujIVJMFWZgV4
JUV+FeQpO9fgPya9+8HnZ+t/O/Oo9idVLQ3QEhYCAH7qNzGRv42aItW8Ks4m4IKS
wR1d3ikEi0RoYx8ShD2a8+mrTRltufrHCGJhAYcgp4GPDOw2OV7JjRcdZrWZ7/qU
e5+yipzJ5UIHfzAiFr8Rr01LQibCb4HAzQMAVGb5r+DrPiR1Qid8Y2n9f47tsuH1
kCJek/Cu85Q5eJhAPXokvcJUzlrojg==
-----END CERTIFICATE-----
Generated at Sun Feb 25 09:14:23 2024 by rpki-client on console-ams.rpki-client.org