Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/793364d4-dc2e-4449-8e34-4610fa58e87f/a1021b689cef320e178f1959d64b802cabf28b96.roa
File:                     a1021b689cef320e178f1959d64b802cabf28b96.roa (raw, json)
Hash identifier:          fwBzAPsHg+R754h6lUAiihdMTYSDJS5HVe+Lggr/sQE=
Subject key identifier:   9A:9E:67:9D:33:3F:50:46:7A:76:47:1C:B5:8B:45:D3:FD:23:C7:F8
Certificate issuer:       /CN=d81e5fc116ecd393cdbf8127afbbabd5b1758ebb
Certificate serial:       1C5F27
Authority key identifier: 10:85:A4:CD:F7:8C:98:7B:F6:A3:6F:7B:6A:13:AC:B2:E8:91:E0:F3
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/d81e5fc116ecd393cdbf8127afbbabd5b1758ebb.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/793364d4-dc2e-4449-8e34-4610fa58e87f/a1021b689cef320e178f1959d64b802cabf28b96.roa
Signing time:             Mon 23 Jan 2023 09:58:16 +0000
ROA not before:           Sun 22 Jan 2023 09:56:12 +0000
ROA not after:            Thu 23 Jan 2025 09:56:12 +0000
asID:                     13335
IP address blocks:        2803:f800:52::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/793364d4-dc2e-4449-8e34-4610fa58e87f/d81e5fc116ecd393cdbf8127afbbabd5b1758ebb.crl
                          rsync://repository.lacnic.net/rpki/lacnic/793364d4-dc2e-4449-8e34-4610fa58e87f/d81e5fc116ecd393cdbf8127afbbabd5b1758ebb.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/d81e5fc116ecd393cdbf8127afbbabd5b1758ebb.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 12:22:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1859367 (0x1c5f27)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d81e5fc116ecd393cdbf8127afbbabd5b1758ebb
        Validity
            Not Before: Jan 22 09:56:12 2023 GMT
            Not After : Jan 23 09:56:12 2025 GMT
        Subject: CN=a1021b689cef320e178f1959d64b802cabf28b96
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:0e:0d:55:93:0a:c0:ee:29:8a:68:70:fd:5e:
                    14:0e:e7:aa:93:a7:2f:72:d7:b6:08:c6:67:67:09:
                    9b:30:92:a6:3d:ec:0c:a9:09:17:c5:3c:6a:47:cc:
                    aa:90:13:af:d2:63:10:fb:b0:5f:ce:96:18:43:a6:
                    4e:d6:a5:32:9b:a6:8b:f8:8d:f5:4f:60:1b:92:3e:
                    ad:6b:54:ea:55:5d:c9:c7:c8:1d:d1:ec:a1:ae:33:
                    c2:c6:f2:e4:12:b6:4e:28:56:1e:06:a3:da:a7:b1:
                    cc:03:64:df:b9:62:05:15:d7:a1:98:35:7b:b4:10:
                    cd:88:81:5c:95:74:0c:b5:8c:9c:96:76:e3:aa:52:
                    36:ed:52:6d:c9:2f:d6:8b:40:f7:00:13:b1:f8:e3:
                    43:23:5f:15:de:3e:83:07:fd:95:82:74:2e:ee:96:
                    3c:d9:0f:93:e3:64:e3:9d:65:90:0a:b1:bf:e5:d2:
                    fe:09:67:5c:35:ee:7c:ed:2b:f1:cf:01:a9:e6:aa:
                    b7:ff:9c:d7:79:e4:b1:59:c8:20:ac:26:ea:95:77:
                    b8:1d:da:a2:1f:04:3f:24:98:8d:79:48:b8:46:0a:
                    ac:e6:69:44:dd:af:f3:83:46:45:10:77:da:58:92:
                    15:8c:70:f6:d1:83:5f:93:8c:23:8e:fc:65:6e:aa:
                    67:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9A:9E:67:9D:33:3F:50:46:7A:76:47:1C:B5:8B:45:D3:FD:23:C7:F8
            X509v3 Authority Key Identifier:
                keyid:10:85:A4:CD:F7:8C:98:7B:F6:A3:6F:7B:6A:13:AC:B2:E8:91:E0:F3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/d81e5fc116ecd393cdbf8127afbbabd5b1758ebb.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/793364d4-dc2e-4449-8e34-4610fa58e87f/a1021b689cef320e178f1959d64b802cabf28b96.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/793364d4-dc2e-4449-8e34-4610fa58e87f/d81e5fc116ecd393cdbf8127afbbabd5b1758ebb.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2803:f800:52::/48

    Signature Algorithm: sha256WithRSAEncryption
         50:9b:53:a6:54:9b:b9:50:d2:30:63:b2:33:3c:d3:01:51:e7:
         bc:4e:da:b4:c7:15:e1:07:ad:ea:0a:db:74:c8:e2:24:55:04:
         46:e2:b5:51:f8:2b:55:e3:8b:ee:98:1b:b4:73:89:94:75:b2:
         59:48:c5:9a:05:99:c6:3d:1d:84:0e:b5:de:57:70:e8:3e:b4:
         17:37:53:10:b1:93:cb:5d:c3:aa:f1:6c:21:73:cc:e8:43:dd:
         1c:29:ab:c2:af:b8:59:c3:88:3c:a5:b8:cb:6d:2d:10:29:70:
         b1:8d:d6:46:41:35:59:5f:d5:65:0e:eb:02:a4:ab:0e:cf:d3:
         a5:d9:56:cc:ab:79:66:87:10:ee:55:6f:20:2e:6f:1c:b0:06:
         58:b6:74:d7:61:6a:82:e4:33:73:a7:c9:63:41:1b:7d:64:58:
         1a:8a:19:fe:94:1c:7f:0e:13:75:c6:0c:5a:a0:91:30:d9:9d:
         95:c1:40:bc:c9:3e:b9:b9:8e:ab:b8:74:d7:79:c3:01:c9:7d:
         04:90:a3:bf:14:09:f3:fd:ab:db:2a:e2:55:b2:17:d4:aa:69:
         d8:6a:33:bb:b8:fe:7d:0a:c6:3b:e9:ff:8a:f7:62:68:ca:41:
         a5:16:70:a2:2d:2a:ee:23:8f:e7:c6:2d:ef:84:5a:d5:8d:53:
         6a:0f:f3:ed
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgIDHF8nMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGQ4
MWU1ZmMxMTZlY2QzOTNjZGJmODEyN2FmYmJhYmQ1YjE3NThlYmIwHhcNMjMwMTIy
MDk1NjEyWhcNMjUwMTIzMDk1NjEyWjAzMTEwLwYDVQQDEyhhMTAyMWI2ODljZWYz
MjBlMTc4ZjE5NTlkNjRiODAyY2FiZjI4Yjk2MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAxg4NVZMKwO4pimhw/V4UDueqk6cvcte2CMZnZwmbMJKmPewM
qQkXxTxqR8yqkBOv0mMQ+7BfzpYYQ6ZO1qUym6aL+I31T2Abkj6ta1TqVV3Jx8gd
0eyhrjPCxvLkErZOKFYeBqPap7HMA2TfuWIFFdehmDV7tBDNiIFclXQMtYyclnbj
qlI27VJtyS/Wi0D3ABOx+ONDI18V3j6DB/2VgnQu7pY82Q+T42TjnWWQCrG/5dL+
CWdcNe587SvxzwGp5qq3/5zXeeSxWcggrCbqlXe4HdqiHwQ/JJiNeUi4Rgqs5mlE
3a/zg0ZFEHfaWJIVjHD20YNfk4wjjvxlbqpndwIDAQABo4ICXjCCAlowHQYDVR0O
BBYEFJqeZ50zP1BGenZHHLWLRdP9I8f4MB8GA1UdIwQYMBaAFBCFpM33jJh79qNv
e2oTrLLokeDzMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvZDgxZTVm
YzExNmVjZDM5M2NkYmY4MTI3YWZiYmFiZDViMTc1OGViYi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNzkzMzY0ZDQtZGMyZS00NDQ5LThlMzQtNDYxMGZh
NThlODdmL2ExMDIxYjY4OWNlZjMyMGUxNzhmMTk1OWQ2NGI4MDJjYWJmMjhiOTYu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy83OTMzNjRkNC1kYzJlLTQ0NDktOGUzNC00NjEw
ZmE1OGU4N2YvZDgxZTVmYzExNmVjZDM5M2NkYmY4MTI3YWZiYmFiZDViMTc1OGVi
Yi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQT
MBEwDwQCAAIwCQMHACgD+AAAUjANBgkqhkiG9w0BAQsFAAOCAQEAUJtTplSbuVDS
MGOyMzzTAVHnvE7atMcV4Qet6grbdMjiJFUERuK1UfgrVeOL7pgbtHOJlHWyWUjF
mgWZxj0dhA613ldw6D60FzdTELGTy13DqvFsIXPM6EPdHCmrwq+4WcOIPKW4y20t
EClwsY3WRkE1WV/VZQ7rAqSrDs/TpdlWzKt5ZocQ7lVvIC5vHLAGWLZ012FqguQz
c6fJY0EbfWRYGooZ/pQcfw4TdcYMWqCRMNmdlcFAvMk+ubmOq7h013nDAcl9BJCj
vxQJ8/2r2yriVbIX1Kpp2Gozu7j+fQrGO+n/ivdiaMpBpRZwoi0q7iOP58Yt74Ra
1Y1Tag/z7Q==
-----END CERTIFICATE-----
Generated at Thu Mar 28 13:29:18 2024 by rpki-client on console-ams.rpki-client.org