Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/817186bd-5556-4e29-a2f4-4961a6f94897/8e70a00922dfaa162685302c3504d50b1b5dfc29.roa
File:                     8e70a00922dfaa162685302c3504d50b1b5dfc29.roa (raw, json)
Hash identifier:          tnavw2IMFBwGDdRHJUq8EKSTR1OI0XCi7igftnmJdYg=
Subject key identifier:   F9:0F:D7:94:00:50:A9:7C:61:8C:99:CC:AB:09:91:41:D1:20:0B:3F
Certificate issuer:       /CN=8376e0c0962757e44ca6c3bedc880f9f24398416
Certificate serial:       0531
Authority key identifier: 24:2E:F9:73:63:9E:E2:27:DF:B0:8C:DD:9F:B0:2A:BE:40:59:B2:68
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/8376e0c0962757e44ca6c3bedc880f9f24398416.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/817186bd-5556-4e29-a2f4-4961a6f94897/8e70a00922dfaa162685302c3504d50b1b5dfc29.roa
Signing time:             Wed 24 Aug 2022 01:43:42 +0000
ROA not before:           Wed 24 Aug 2022 01:41:24 +0000
ROA not after:            Sat 24 Aug 2024 01:41:24 +0000
asID:                     272073
IP address blocks:        2803:8b10::/32 maxlen: 32

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/817186bd-5556-4e29-a2f4-4961a6f94897/8376e0c0962757e44ca6c3bedc880f9f24398416.crl
                          rsync://repository.lacnic.net/rpki/lacnic/817186bd-5556-4e29-a2f4-4961a6f94897/8376e0c0962757e44ca6c3bedc880f9f24398416.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/8376e0c0962757e44ca6c3bedc880f9f24398416.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 19:38:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1329 (0x531)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8376e0c0962757e44ca6c3bedc880f9f24398416
        Validity
            Not Before: Aug 24 01:41:24 2022 GMT
            Not After : Aug 24 01:41:24 2024 GMT
        Subject: CN=8e70a00922dfaa162685302c3504d50b1b5dfc29
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:68:a7:5e:22:0f:ba:1a:e5:68:b5:0a:e5:d5:
                    b3:52:51:3b:7e:67:dc:b0:bc:68:e6:fd:dd:a9:1d:
                    88:82:f9:76:f5:7d:ff:c1:af:6a:af:37:f5:16:9f:
                    c6:af:4c:9a:b5:96:0e:ec:d8:b6:3f:9a:2d:33:0c:
                    98:b5:97:2a:cc:ad:af:e5:6e:52:9d:d0:ce:f4:21:
                    57:4f:aa:72:12:3b:4b:79:ab:b3:8e:bf:bb:6d:35:
                    f7:7f:97:f2:23:b8:31:46:89:df:b2:84:af:f4:15:
                    7d:81:32:12:a3:10:29:a5:e2:74:57:ca:f0:c5:0a:
                    c4:e1:60:7d:0e:4c:2d:80:ab:ed:58:4c:83:95:82:
                    bb:72:21:97:9c:c2:fe:58:bb:34:57:d2:45:f6:a9:
                    0f:b0:25:8a:2a:05:3c:3c:15:c8:e5:85:a9:4f:ab:
                    4a:05:e6:91:cd:79:23:0b:7e:0a:2f:3e:a9:26:b1:
                    82:a1:a8:df:f3:90:55:d2:e5:c4:52:27:94:df:4b:
                    c5:2d:43:ba:52:5d:6d:2a:e3:ac:7b:da:1f:ea:88:
                    df:00:7f:5f:0c:f4:42:6e:b1:f9:1c:1e:0c:1e:87:
                    bd:02:57:3c:26:63:84:46:c7:4c:33:63:7e:03:00:
                    d4:31:8d:c0:cb:d4:48:f1:d7:a3:c1:b4:ab:47:5f:
                    fb:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F9:0F:D7:94:00:50:A9:7C:61:8C:99:CC:AB:09:91:41:D1:20:0B:3F
            X509v3 Authority Key Identifier:
                keyid:24:2E:F9:73:63:9E:E2:27:DF:B0:8C:DD:9F:B0:2A:BE:40:59:B2:68

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/8376e0c0962757e44ca6c3bedc880f9f24398416.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/817186bd-5556-4e29-a2f4-4961a6f94897/8e70a00922dfaa162685302c3504d50b1b5dfc29.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/817186bd-5556-4e29-a2f4-4961a6f94897/8376e0c0962757e44ca6c3bedc880f9f24398416.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2803:8b10::/32

    Signature Algorithm: sha256WithRSAEncryption
         7b:dc:a2:52:9b:ee:66:9c:e5:51:c9:13:94:97:1f:5e:66:fd:
         72:ed:a3:e5:29:14:24:cf:91:5e:e7:1d:fd:08:23:c6:77:c4:
         07:ab:fc:95:3b:8e:80:db:93:68:29:51:a5:b4:e1:93:b3:51:
         5a:14:f9:86:79:6a:1f:a6:5e:54:86:76:11:3b:5a:59:a5:b4:
         70:95:01:e0:9d:03:8f:49:fa:a8:46:eb:bb:52:61:d8:cd:cc:
         29:8e:7c:15:5a:9e:d5:6e:0c:f2:39:8e:c1:cc:c9:52:9b:fa:
         b1:3d:1b:dc:15:6d:74:a2:bb:71:d4:62:71:65:bb:71:6b:05:
         0f:b0:3f:34:8f:c7:f6:af:e0:a8:ae:3c:b5:3c:3c:0c:ee:ae:
         34:52:2d:f2:28:a0:b3:bb:b3:91:5c:8d:3c:7b:e7:3f:51:da:
         8d:77:53:9f:3a:2f:d0:98:9d:b5:ac:dc:7b:7a:2e:d9:ba:95:
         ff:08:d8:c8:9d:f8:a0:b3:e6:1b:30:8e:b5:af:2e:e0:8a:16:
         d0:9f:3d:24:e7:6c:67:0a:ac:0a:9c:9a:20:c3:36:3e:cd:26:
         69:53:1f:98:cd:d1:31:5f:4b:4b:81:8b:bb:1f:97:53:11:d0:
         f4:06:81:09:11:a0:22:25:1d:e7:9c:be:c8:9e:49:3b:97:5a:
         72:91:51:10
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgICBTEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODM3
NmUwYzA5NjI3NTdlNDRjYTZjM2JlZGM4ODBmOWYyNDM5ODQxNjAeFw0yMjA4MjQw
MTQxMjRaFw0yNDA4MjQwMTQxMjRaMDMxMTAvBgNVBAMTKDhlNzBhMDA5MjJkZmFh
MTYyNjg1MzAyYzM1MDRkNTBiMWI1ZGZjMjkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCvaKdeIg+6GuVotQrl1bNSUTt+Z9ywvGjm/d2pHYiC+Xb1ff/B
r2qvN/UWn8avTJq1lg7s2LY/mi0zDJi1lyrMra/lblKd0M70IVdPqnISO0t5q7OO
v7ttNfd/l/IjuDFGid+yhK/0FX2BMhKjECml4nRXyvDFCsThYH0OTC2Aq+1YTIOV
grtyIZecwv5YuzRX0kX2qQ+wJYoqBTw8FcjlhalPq0oF5pHNeSMLfgovPqkmsYKh
qN/zkFXS5cRSJ5TfS8UtQ7pSXW0q46x72h/qiN8Af18M9EJusfkcHgweh70CVzwm
Y4RGx0wzY34DANQxjcDL1Ejx16PBtKtHX/uPAgMBAAGjggJcMIICWDAdBgNVHQ4E
FgQU+Q/XlABQqXxhjJnMqwmRQdEgCz8wHwYDVR0jBBgwFoAUJC75c2Oe4iffsIzd
n7AqvkBZsmgwDgYDVR0PAQH/BAQDAgeAMIGaBggrBgEFBQcBAQSBjTCBijCBhwYI
KwYBBQUHMAKGe3JzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jwa2kvbGFj
bmljLzQ4ZjA4M2JiLWY2MDMtNDg5My05OTkwLTAyODRjMDRjZWI4NS84Mzc2ZTBj
MDk2Mjc1N2U0NGNhNmMzYmVkYzg4MGY5ZjI0Mzk4NDE2LmNlcjCBmgYIKwYBBQUH
AQsEgY0wgYowgYcGCCsGAQUFBzALhntyc3luYzovL3JlcG9zaXRvcnkubGFjbmlj
Lm5ldC9ycGtpL2xhY25pYy84MTcxODZiZC01NTU2LTRlMjktYTJmNC00OTYxYTZm
OTQ4OTcvOGU3MGEwMDkyMmRmYWExNjI2ODUzMDJjMzUwNGQ1MGIxYjVkZmMyOS5y
b2EwgY8GA1UdHwSBhzCBhDCBgaB/oH2Ge3JzeW5jOi8vcmVwb3NpdG9yeS5sYWNu
aWMubmV0L3Jwa2kvbGFjbmljLzgxNzE4NmJkLTU1NTYtNGUyOS1hMmY0LTQ5NjFh
NmY5NDg5Ny84Mzc2ZTBjMDk2Mjc1N2U0NGNhNmMzYmVkYzg4MGY5ZjI0Mzk4NDE2
LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEw
DzANBAIAAjAHAwUAKAOLEDANBgkqhkiG9w0BAQsFAAOCAQEAe9yiUpvuZpzlUckT
lJcfXmb9cu2j5SkUJM+RXucd/QgjxnfEB6v8lTuOgNuTaClRpbThk7NRWhT5hnlq
H6ZeVIZ2ETtaWaW0cJUB4J0Dj0n6qEbru1Jh2M3MKY58FVqe1W4M8jmOwczJUpv6
sT0b3BVtdKK7cdRicWW7cWsFD7A/NI/H9q/gqK48tTw8DO6uNFIt8iigs7uzkVyN
PHvnP1HajXdTnzov0Jidtazce3ou2bqV/wjYyJ34oLPmGzCOta8u4IoW0J89JOds
ZwqsCpyaIMM2Ps0maVMfmM3RMV9LS4GLux+XUxHQ9AaBCRGgIiUd55y+yJ5JO5da
cpFREA==
-----END CERTIFICATE-----
Generated at Fri Mar 29 02:14:18 2024 by rpki-client on console-ams.rpki-client.org