Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/96e2334f-bcf8-44eb-a7cb-907d2f4a3087/b080fa9c8caabc2285dab9b81168528d9f814361.roa
File:                     b080fa9c8caabc2285dab9b81168528d9f814361.roa (raw, json)
Hash identifier:          eR1WACjCLmB0+zYA7SP+5NmbaBCGhUxSb19opFj7jyA=
Subject key identifier:   D4:C6:48:8A:3E:16:2F:AE:5C:C1:2B:0D:CD:9A:5B:BF:95:FC:C4:6E
Certificate issuer:       /CN=ecc11edee32c9394c905ec3bca5e788e0606fe35
Certificate serial:       0D43B0
Authority key identifier: C2:7C:EC:53:F1:E2:19:DE:89:6F:05:D3:3F:0F:33:CB:6E:39:55:EE
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ecc11edee32c9394c905ec3bca5e788e0606fe35.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/96e2334f-bcf8-44eb-a7cb-907d2f4a3087/b080fa9c8caabc2285dab9b81168528d9f814361.roa
Signing time:             Wed 24 Mar 2021 14:37:33 +0000
ROA not before:           Wed 24 Mar 2021 14:37:33 +0000
ROA not after:            Tue 24 Mar 2026 14:37:33 +0000
asID:                     262149
IP address blocks:        2800:640::/32 maxlen: 48

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/96e2334f-bcf8-44eb-a7cb-907d2f4a3087/ecc11edee32c9394c905ec3bca5e788e0606fe35.crl
                          rsync://repository.lacnic.net/rpki/lacnic/96e2334f-bcf8-44eb-a7cb-907d2f4a3087/ecc11edee32c9394c905ec3bca5e788e0606fe35.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ecc11edee32c9394c905ec3bca5e788e0606fe35.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 03:49:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 869296 (0xd43b0)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ecc11edee32c9394c905ec3bca5e788e0606fe35
        Validity
            Not Before: Mar 24 14:37:33 2021 GMT
            Not After : Mar 24 14:37:33 2026 GMT
        Subject: CN=b080fa9c8caabc2285dab9b81168528d9f814361
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:8a:db:32:54:f2:fd:c2:fc:66:ae:4b:84:b1:
                    bb:77:05:3a:20:e3:8a:83:71:c7:ab:d8:87:28:53:
                    53:76:d8:f2:75:06:50:08:2d:7e:66:6b:ac:57:61:
                    67:12:d7:c4:0b:fe:ee:ac:bb:03:e0:ab:de:b4:4e:
                    6d:9e:aa:f0:d1:f9:86:b3:92:ca:8c:e5:4d:fc:a2:
                    b0:58:fe:2c:73:04:11:53:9e:81:56:65:ca:41:d2:
                    23:6d:6c:88:77:08:ab:0b:e5:21:62:c0:1f:28:d1:
                    32:60:01:14:96:c4:1b:d6:73:79:7b:c1:9a:9d:5b:
                    24:65:39:8c:57:fc:c4:4f:4c:84:aa:94:d8:21:a2:
                    71:38:08:28:d5:05:0d:23:cc:d0:46:1b:03:89:26:
                    97:72:bf:64:06:00:32:b3:6a:92:33:79:01:08:c0:
                    67:e9:11:c2:c0:b4:0d:de:4f:b5:25:16:63:ba:2e:
                    e7:ba:d0:36:cc:3f:c0:f1:9d:dd:6c:b4:d2:6f:d3:
                    7c:f4:5c:be:0a:0c:71:db:39:14:38:07:7d:49:53:
                    ad:89:16:b5:33:a8:2a:ae:ce:11:32:d0:5a:40:d1:
                    55:70:a5:8e:03:c6:c3:68:af:44:df:83:25:5c:ea:
                    5c:e0:7b:00:b0:f8:9e:ac:4a:7b:13:9b:be:d0:78:
                    93:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D4:C6:48:8A:3E:16:2F:AE:5C:C1:2B:0D:CD:9A:5B:BF:95:FC:C4:6E
            X509v3 Authority Key Identifier:
                keyid:C2:7C:EC:53:F1:E2:19:DE:89:6F:05:D3:3F:0F:33:CB:6E:39:55:EE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ecc11edee32c9394c905ec3bca5e788e0606fe35.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/96e2334f-bcf8-44eb-a7cb-907d2f4a3087/b080fa9c8caabc2285dab9b81168528d9f814361.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/96e2334f-bcf8-44eb-a7cb-907d2f4a3087/ecc11edee32c9394c905ec3bca5e788e0606fe35.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2800:640::/32

    Signature Algorithm: sha256WithRSAEncryption
         3f:e0:5b:90:c5:64:af:5d:ed:1b:24:4c:e3:d8:11:52:b4:89:
         58:74:a8:39:82:3d:c6:ab:06:fd:04:e9:98:64:d3:83:e1:2c:
         27:5b:38:c1:43:dc:70:61:48:e8:8f:91:7c:eb:d7:70:5e:ce:
         94:2f:41:36:59:a0:7a:09:8d:fb:1b:42:88:ec:79:1a:25:c0:
         87:b4:4f:2c:a1:b9:f3:7f:9d:6a:61:d1:82:ee:20:22:e7:da:
         cc:f5:75:97:c6:00:e2:91:dd:12:7f:3f:da:b3:2e:29:1c:d9:
         fc:74:a9:4c:2a:66:b4:d9:a3:47:81:21:42:dd:f4:75:45:88:
         26:08:54:e8:c3:f0:f4:93:59:04:8c:bc:d2:66:dc:fc:db:2c:
         c4:a5:34:6e:ed:08:2c:df:a5:cb:ca:51:43:95:88:45:f1:53:
         d4:20:a4:a6:f8:f3:1d:1e:e1:b4:b0:af:86:84:c3:8d:75:69:
         96:93:89:55:ba:0b:a1:b4:ca:30:3a:b9:c2:80:28:ca:2b:c9:
         02:6a:74:0e:2d:82:d3:26:d4:c4:26:9e:80:73:33:3b:f5:fd:
         52:8c:62:aa:01:b9:34:34:15:47:c6:37:ee:cc:0b:cb:0d:53:
         0a:26:fb:83:8b:2f:df:83:22:ae:f8:73:ac:dd:39:dc:f4:9c:
         4a:85:4a:87
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgIDDUOwMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGVj
YzExZWRlZTMyYzkzOTRjOTA1ZWMzYmNhNWU3ODhlMDYwNmZlMzUwHhcNMjEwMzI0
MTQzNzMzWhcNMjYwMzI0MTQzNzMzWjAzMTEwLwYDVQQDEyhiMDgwZmE5YzhjYWFi
YzIyODVkYWI5YjgxMTY4NTI4ZDlmODE0MzYxMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAxorbMlTy/cL8Zq5LhLG7dwU6IOOKg3HHq9iHKFNTdtjydQZQ
CC1+ZmusV2FnEtfEC/7urLsD4KvetE5tnqrw0fmGs5LKjOVN/KKwWP4scwQRU56B
VmXKQdIjbWyIdwirC+UhYsAfKNEyYAEUlsQb1nN5e8GanVskZTmMV/zET0yEqpTY
IaJxOAgo1QUNI8zQRhsDiSaXcr9kBgAys2qSM3kBCMBn6RHCwLQN3k+1JRZjui7n
utA2zD/A8Z3dbLTSb9N89Fy+Cgxx2zkUOAd9SVOtiRa1M6gqrs4RMtBaQNFVcKWO
A8bDaK9E34MlXOpc4HsAsPierEp7E5u+0HiT/QIDAQABo4ICXDCCAlgwHQYDVR0O
BBYEFNTGSIo+Fi+uXMErDc2aW7+V/MRuMB8GA1UdIwQYMBaAFMJ87FPx4hneiW8F
0z8PM8tuOVXuMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvZWNjMTFl
ZGVlMzJjOTM5NGM5MDVlYzNiY2E1ZTc4OGUwNjA2ZmUzNS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvOTZlMjMzNGYtYmNmOC00NGViLWE3Y2ItOTA3ZDJm
NGEzMDg3L2IwODBmYTljOGNhYWJjMjI4NWRhYjliODExNjg1MjhkOWY4MTQzNjEu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy85NmUyMzM0Zi1iY2Y4LTQ0ZWItYTdjYi05MDdk
MmY0YTMwODcvZWNjMTFlZGVlMzJjOTM5NGM5MDVlYzNiY2E1ZTc4OGUwNjA2ZmUz
NS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQR
MA8wDQQCAAIwBwMFACgABkAwDQYJKoZIhvcNAQELBQADggEBAD/gW5DFZK9d7Rsk
TOPYEVK0iVh0qDmCPcarBv0E6Zhk04PhLCdbOMFD3HBhSOiPkXzr13BezpQvQTZZ
oHoJjfsbQojseRolwIe0TyyhufN/nWph0YLuICLn2sz1dZfGAOKR3RJ/P9qzLikc
2fx0qUwqZrTZo0eBIULd9HVFiCYIVOjD8PSTWQSMvNJm3PzbLMSlNG7tCCzfpcvK
UUOViEXxU9QgpKb48x0e4bSwr4aEw411aZaTiVW6C6G0yjA6ucKAKMoryQJqdA4t
gtMm1MQmnoBzMzv1/VKMYqoBuTQ0FUfGN+7MC8sNUwom+4OLL9+DIq74c6zdOdz0
nEqFSoc=
-----END CERTIFICATE-----
Generated at Thu Mar 28 11:17:54 2024 by rpki-client on console-fra.rpki-client.org