Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/789d9465-ffc1-440f-b0db-fd34349bd4b7/2a093a71acaaf2bdb30a0d97262046e6ae28f87d.roa
File:                     2a093a71acaaf2bdb30a0d97262046e6ae28f87d.roa (raw, json)
Hash identifier:          +MIaXc/AtBc6FKidA2HUWFM8Q6EuMU4JqyYdAXSACj4=
Subject key identifier:   3B:5C:54:FD:F9:42:35:C9:16:0C:80:3D:B2:08:F1:95:B1:04:B1:47
Certificate issuer:       /CN=33e5f7299dfe8ea46e162f2df927c39c5600c8c2
Certificate serial:       0B47F4
Authority key identifier: BD:36:D6:EB:BF:AC:B0:2C:47:7F:9E:A2:B6:A0:DE:FF:DF:BD:8B:D8
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/33e5f7299dfe8ea46e162f2df927c39c5600c8c2.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/789d9465-ffc1-440f-b0db-fd34349bd4b7/2a093a71acaaf2bdb30a0d97262046e6ae28f87d.roa
Signing time:             Mon 25 Sep 2023 00:13:59 +0000
ROA not before:           Sun 24 Sep 2023 00:13:59 +0000
ROA not after:            Thu 25 Sep 2025 00:13:59 +0000
asID:                     272804
IP address blocks:        2803:1890::/32 maxlen: 48

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/789d9465-ffc1-440f-b0db-fd34349bd4b7/33e5f7299dfe8ea46e162f2df927c39c5600c8c2.crl
                          rsync://repository.lacnic.net/rpki/lacnic/789d9465-ffc1-440f-b0db-fd34349bd4b7/33e5f7299dfe8ea46e162f2df927c39c5600c8c2.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/33e5f7299dfe8ea46e162f2df927c39c5600c8c2.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Wed 06 Mar 2024 06:24:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 739316 (0xb47f4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=33e5f7299dfe8ea46e162f2df927c39c5600c8c2
        Validity
            Not Before: Sep 24 00:13:59 2023 GMT
            Not After : Sep 25 00:13:59 2025 GMT
        Subject: CN=2a093a71acaaf2bdb30a0d97262046e6ae28f87d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:78:8c:8f:ed:0d:6d:4a:97:74:c3:3a:c2:f2:
                    a0:2d:af:98:4a:e0:ae:71:53:44:06:38:b6:cd:97:
                    a9:a4:3c:64:4c:ec:e1:cf:27:6e:cb:c1:2b:dd:6e:
                    31:85:e1:f1:08:8e:f4:65:2c:c8:36:27:2f:80:31:
                    70:4e:e9:95:06:30:09:8a:c0:2e:e2:c7:aa:2b:65:
                    0c:01:0c:5e:0b:42:69:b5:05:cb:7f:07:78:35:21:
                    b2:f8:6a:0b:98:e1:33:ce:80:ee:6f:5f:90:2f:6b:
                    76:af:c5:63:c1:dc:2d:7e:18:44:23:c7:a9:06:3e:
                    de:64:71:b6:e8:a9:3e:a1:98:85:c2:d4:f0:a7:06:
                    6f:c5:a8:f8:95:af:31:0b:b5:d9:c5:2f:33:8c:15:
                    a9:53:f5:73:c5:a4:e8:e1:0e:ec:ae:78:64:34:92:
                    ae:af:ef:61:18:af:7d:da:b2:a4:8f:cb:05:a9:24:
                    1d:71:73:88:a3:50:a8:48:d2:e6:69:02:66:a4:e7:
                    39:ac:7e:38:f4:0b:34:97:43:f2:08:e0:1a:41:e6:
                    97:15:42:0d:c5:19:78:4a:48:8b:8f:59:24:47:98:
                    39:82:6e:0c:76:66:28:af:64:c9:83:df:15:79:1c:
                    96:0d:90:20:78:8e:36:34:42:df:a1:9a:ec:a7:d7:
                    25:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3B:5C:54:FD:F9:42:35:C9:16:0C:80:3D:B2:08:F1:95:B1:04:B1:47
            X509v3 Authority Key Identifier:
                keyid:BD:36:D6:EB:BF:AC:B0:2C:47:7F:9E:A2:B6:A0:DE:FF:DF:BD:8B:D8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/33e5f7299dfe8ea46e162f2df927c39c5600c8c2.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/789d9465-ffc1-440f-b0db-fd34349bd4b7/2a093a71acaaf2bdb30a0d97262046e6ae28f87d.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/789d9465-ffc1-440f-b0db-fd34349bd4b7/33e5f7299dfe8ea46e162f2df927c39c5600c8c2.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2803:1890::/32

    Signature Algorithm: sha256WithRSAEncryption
         88:1e:c0:8b:b3:19:5d:81:bb:56:4a:49:3d:04:57:20:2c:ef:
         ae:5f:bb:6e:d6:ae:5f:65:ad:d9:d5:0d:a8:f6:e0:d1:35:21:
         e4:98:ae:a2:4a:43:9f:d8:3e:4f:5b:6a:84:83:09:c1:69:29:
         85:35:15:1c:86:5c:47:d5:1f:21:a9:f6:c8:4d:d9:67:98:52:
         db:cc:3c:94:0f:cc:d3:b8:03:6c:33:e3:f3:58:6d:00:3d:f0:
         46:4e:e9:4b:5e:e8:a8:b1:70:6b:8e:22:51:6d:0a:ff:2d:7a:
         ba:6c:ab:53:0e:23:9a:3e:f0:1b:b7:38:6d:9d:bf:50:15:5c:
         e3:c8:5c:ec:91:d5:4b:36:3d:7d:e3:ab:53:24:46:0d:c2:2e:
         40:e3:26:b2:3f:82:1c:9c:3e:07:dc:3a:be:9e:de:f4:95:70:
         d4:77:90:df:e1:a6:61:fa:03:26:6a:5e:b8:93:6c:73:71:74:
         e0:38:b9:88:39:a1:ca:fd:9f:db:59:3d:f5:bd:e8:57:9c:2d:
         aa:81:14:b9:16:76:54:28:63:07:b2:b4:cc:49:bf:a4:47:d7:
         f6:fc:1c:41:9b:68:cd:c8:e4:53:83:55:db:4e:1a:c0:cc:fd:
         82:db:aa:c3:c9:73:2c:d6:61:b4:0a:5f:49:47:e6:74:98:bb:
         dd:6f:2c:57
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgIDC0f0MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDMz
ZTVmNzI5OWRmZThlYTQ2ZTE2MmYyZGY5MjdjMzljNTYwMGM4YzIwHhcNMjMwOTI0
MDAxMzU5WhcNMjUwOTI1MDAxMzU5WjAzMTEwLwYDVQQDEygyYTA5M2E3MWFjYWFm
MmJkYjMwYTBkOTcyNjIwNDZlNmFlMjhmODdkMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA4HiMj+0NbUqXdMM6wvKgLa+YSuCucVNEBji2zZeppDxkTOzh
zyduy8Er3W4xheHxCI70ZSzINicvgDFwTumVBjAJisAu4seqK2UMAQxeC0JptQXL
fwd4NSGy+GoLmOEzzoDub1+QL2t2r8VjwdwtfhhEI8epBj7eZHG26Kk+oZiFwtTw
pwZvxaj4la8xC7XZxS8zjBWpU/VzxaTo4Q7srnhkNJKur+9hGK992rKkj8sFqSQd
cXOIo1CoSNLmaQJmpOc5rH449As0l0PyCOAaQeaXFUINxRl4SkiLj1kkR5g5gm4M
dmYor2TJg98VeRyWDZAgeI42NELfoZrsp9cl0wIDAQABo4ICXDCCAlgwHQYDVR0O
BBYEFDtcVP35QjXJFgyAPbII8ZWxBLFHMB8GA1UdIwQYMBaAFL021uu/rLAsR3+e
orag3v/fvYvYMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvMzNlNWY3
Mjk5ZGZlOGVhNDZlMTYyZjJkZjkyN2MzOWM1NjAwYzhjMi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNzg5ZDk0NjUtZmZjMS00NDBmLWIwZGItZmQzNDM0
OWJkNGI3LzJhMDkzYTcxYWNhYWYyYmRiMzBhMGQ5NzI2MjA0NmU2YWUyOGY4N2Qu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy83ODlkOTQ2NS1mZmMxLTQ0MGYtYjBkYi1mZDM0
MzQ5YmQ0YjcvMzNlNWY3Mjk5ZGZlOGVhNDZlMTYyZjJkZjkyN2MzOWM1NjAwYzhj
Mi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQR
MA8wDQQCAAIwBwMFACgDGJAwDQYJKoZIhvcNAQELBQADggEBAIgewIuzGV2Bu1ZK
ST0EVyAs765fu27Wrl9lrdnVDaj24NE1IeSYrqJKQ5/YPk9baoSDCcFpKYU1FRyG
XEfVHyGp9shN2WeYUtvMPJQPzNO4A2wz4/NYbQA98EZO6Ute6KixcGuOIlFtCv8t
erpsq1MOI5o+8Bu3OG2dv1AVXOPIXOyR1Us2PX3jq1MkRg3CLkDjJrI/ghycPgfc
Or6e3vSVcNR3kN/hpmH6AyZqXriTbHNxdOA4uYg5ocr9n9tZPfW96FecLaqBFLkW
dlQoYweytMxJv6RH1/b8HEGbaM3I5FODVdtOGsDM/YLbqsPJcyzWYbQKX0lH5nSY
u91vLFc=
-----END CERTIFICATE-----
Generated at Sun Mar 3 13:24:02 2024 by rpki-client on console-fra.rpki-client.org