Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/9aebed69-30de-4262-a494-d262b33c2c9c/294f399e264da55b09534f7b833c8c256b486c99.roa
File:                     294f399e264da55b09534f7b833c8c256b486c99.roa (raw, json)
Hash identifier:          8/bR66jj3VWEosuu3opUHSydwV5664qOLPjsFetlKmg=
Subject key identifier:   29:39:EE:39:EB:B4:2E:13:50:73:BE:38:7E:2A:C6:01:EB:6A:F1:38
Certificate issuer:       /CN=f4a582f6c7807f5fdd31b69ae270f85d00c39706
Certificate serial:       0D78B9
Authority key identifier: 65:0A:83:02:70:66:B1:DD:B3:AE:82:16:83:CF:34:D2:8B:74:66:7B
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/f4a582f6c7807f5fdd31b69ae270f85d00c39706.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/9aebed69-30de-4262-a494-d262b33c2c9c/294f399e264da55b09534f7b833c8c256b486c99.roa
Signing time:             Wed 24 Mar 2021 14:40:01 +0000
ROA not before:           Wed 24 Mar 2021 14:39:56 +0000
ROA not after:            Tue 24 Mar 2026 14:39:56 +0000
asID:                     22724
IP address blocks:        2803:b2c0::/32 maxlen: 48

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/9aebed69-30de-4262-a494-d262b33c2c9c/f4a582f6c7807f5fdd31b69ae270f85d00c39706.crl
                          rsync://repository.lacnic.net/rpki/lacnic/9aebed69-30de-4262-a494-d262b33c2c9c/f4a582f6c7807f5fdd31b69ae270f85d00c39706.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/f4a582f6c7807f5fdd31b69ae270f85d00c39706.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 01 Apr 2024 15:49:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 882873 (0xd78b9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f4a582f6c7807f5fdd31b69ae270f85d00c39706
        Validity
            Not Before: Mar 24 14:39:56 2021 GMT
            Not After : Mar 24 14:39:56 2026 GMT
        Subject: CN=294f399e264da55b09534f7b833c8c256b486c99
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:2d:51:b1:55:d6:44:73:e2:44:00:98:4d:e3:
                    c1:46:da:26:46:8c:a9:d5:a8:6d:b3:65:2d:ca:dc:
                    4d:7b:51:97:36:ef:b2:28:29:74:06:0c:ca:d1:d6:
                    1a:21:77:0a:e1:e4:84:5d:81:35:a3:0c:6c:37:22:
                    f9:d9:67:a9:19:91:d0:64:53:a6:d9:a2:1f:bd:fe:
                    e0:8f:bf:47:47:1d:e6:ed:33:0a:75:fe:da:40:9c:
                    c2:c7:cd:d1:2c:b4:b5:01:9e:cc:50:fe:61:dd:40:
                    e9:05:97:14:de:73:96:1a:81:3d:36:a0:f0:20:35:
                    e7:8a:b0:d6:69:72:4b:fc:40:98:08:07:4a:1a:cc:
                    17:77:fe:89:e2:db:fa:cf:27:58:b2:25:69:a9:bf:
                    8c:62:da:64:1a:e4:39:f8:97:98:7d:c7:8f:2d:06:
                    69:ab:ec:99:a7:6e:d7:be:05:2a:d9:91:aa:8a:ef:
                    8f:14:de:a3:5d:03:11:85:21:68:09:0a:a0:c7:69:
                    dd:55:e1:53:7a:21:a0:14:57:63:fa:63:b3:4b:65:
                    37:61:1d:a5:bd:cb:2c:0b:a0:48:dd:e1:20:d7:e3:
                    a9:9a:18:1e:e4:1a:f4:cd:43:0c:7c:f5:c5:49:04:
                    a7:f1:fb:1d:30:d5:29:37:ee:67:b4:cb:d8:3d:d4:
                    cd:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                29:39:EE:39:EB:B4:2E:13:50:73:BE:38:7E:2A:C6:01:EB:6A:F1:38
            X509v3 Authority Key Identifier:
                keyid:65:0A:83:02:70:66:B1:DD:B3:AE:82:16:83:CF:34:D2:8B:74:66:7B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/f4a582f6c7807f5fdd31b69ae270f85d00c39706.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/9aebed69-30de-4262-a494-d262b33c2c9c/294f399e264da55b09534f7b833c8c256b486c99.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/9aebed69-30de-4262-a494-d262b33c2c9c/f4a582f6c7807f5fdd31b69ae270f85d00c39706.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2803:b2c0::/32

    Signature Algorithm: sha256WithRSAEncryption
         6b:f7:af:58:ce:80:b2:81:c9:72:c8:ec:af:00:9a:f3:b5:e2:
         97:ee:3d:29:8c:1d:38:ee:51:15:ba:22:96:bd:bc:17:c7:39:
         d5:33:a9:2e:dc:c8:1f:6e:e9:0c:59:89:b1:c0:d7:4e:85:07:
         6b:92:13:97:a2:60:3d:6e:48:d8:7b:fd:25:cb:39:16:4b:f8:
         51:7f:a4:3f:24:f9:90:1a:3f:60:10:d4:f9:20:10:3b:86:38:
         6b:02:be:2e:ee:db:6e:bf:f1:dc:d3:8f:28:c6:9d:c6:73:79:
         c2:66:c5:ea:32:52:25:f4:4e:4b:3b:6e:54:6a:7e:d9:6b:e9:
         a2:3e:09:3c:3e:13:59:f4:d8:6b:a5:0d:be:17:2d:dd:6e:f1:
         6e:4e:45:bf:ef:d8:93:14:c5:9b:d0:33:3c:e0:d6:a3:64:ad:
         57:e0:a7:5d:e5:9f:c6:13:b2:8d:b2:6e:03:bb:a6:7f:46:2d:
         0d:9f:48:83:b4:df:1a:58:ec:67:8e:c1:25:b6:1d:86:61:ee:
         63:43:f6:4e:5d:23:28:4a:de:86:5b:cf:8f:3f:c0:33:9d:12:
         eb:2d:72:7f:1d:57:09:46:e3:eb:72:71:0c:bc:b7:fc:bd:0c:
         42:a5:71:0c:83:af:ef:75:1b:6c:1b:72:cf:01:d2:9d:bf:6c:
         ad:bf:e5:36
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgIDDXi5MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGY0
YTU4MmY2Yzc4MDdmNWZkZDMxYjY5YWUyNzBmODVkMDBjMzk3MDYwHhcNMjEwMzI0
MTQzOTU2WhcNMjYwMzI0MTQzOTU2WjAzMTEwLwYDVQQDEygyOTRmMzk5ZTI2NGRh
NTViMDk1MzRmN2I4MzNjOGMyNTZiNDg2Yzk5MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAiS1RsVXWRHPiRACYTePBRtomRoyp1ahts2UtytxNe1GXNu+y
KCl0BgzK0dYaIXcK4eSEXYE1owxsNyL52WepGZHQZFOm2aIfvf7gj79HRx3m7TMK
df7aQJzCx83RLLS1AZ7MUP5h3UDpBZcU3nOWGoE9NqDwIDXnirDWaXJL/ECYCAdK
GswXd/6J4tv6zydYsiVpqb+MYtpkGuQ5+JeYfcePLQZpq+yZp27XvgUq2ZGqiu+P
FN6jXQMRhSFoCQqgx2ndVeFTeiGgFFdj+mOzS2U3YR2lvcssC6BI3eEg1+Opmhge
5Br0zUMMfPXFSQSn8fsdMNUpN+5ntMvYPdTNLwIDAQABo4ICXDCCAlgwHQYDVR0O
BBYEFCk57jnrtC4TUHO+OH4qxgHravE4MB8GA1UdIwQYMBaAFGUKgwJwZrHds66C
FoPPNNKLdGZ7MA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvZjRhNTgy
ZjZjNzgwN2Y1ZmRkMzFiNjlhZTI3MGY4NWQwMGMzOTcwNi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvOWFlYmVkNjktMzBkZS00MjYyLWE0OTQtZDI2MmIz
M2MyYzljLzI5NGYzOTllMjY0ZGE1NWIwOTUzNGY3YjgzM2M4YzI1NmI0ODZjOTku
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy85YWViZWQ2OS0zMGRlLTQyNjItYTQ5NC1kMjYy
YjMzYzJjOWMvZjRhNTgyZjZjNzgwN2Y1ZmRkMzFiNjlhZTI3MGY4NWQwMGMzOTcw
Ni5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQR
MA8wDQQCAAIwBwMFACgDssAwDQYJKoZIhvcNAQELBQADggEBAGv3r1jOgLKByXLI
7K8AmvO14pfuPSmMHTjuURW6Ipa9vBfHOdUzqS7cyB9u6QxZibHA106FB2uSE5ei
YD1uSNh7/SXLORZL+FF/pD8k+ZAaP2AQ1PkgEDuGOGsCvi7u226/8dzTjyjGncZz
ecJmxeoyUiX0Tks7blRqftlr6aI+CTw+E1n02GulDb4XLd1u8W5ORb/v2JMUxZvQ
Mzzg1qNkrVfgp13ln8YTso2ybgO7pn9GLQ2fSIO03xpY7GeOwSW2HYZh7mND9k5d
IyhK3oZbz48/wDOdEustcn8dVwlG4+tycQy8t/y9DEKlcQyDr+91G2wbcs8B0p2/
bK2/5TY=
-----END CERTIFICATE-----
Generated at Sat Mar 30 00:17:09 2024 by rpki-client on console-ams.rpki-client.org