Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/9aebed69-30de-4262-a494-d262b33c2c9c/2a87da0b093f37e482b817f71529bc97b3e80fe0.roa
File:                     2a87da0b093f37e482b817f71529bc97b3e80fe0.roa (raw, json)
Hash identifier:          pV3hv0Jy1D5OO1c1XCu610zn0oYLBSp19s1LZQFQ7AA=
Subject key identifier:   C9:45:41:DB:C0:B6:F0:80:F9:4D:F1:B4:6B:49:1A:CF:71:F1:9B:3D
Certificate issuer:       /CN=f4a582f6c7807f5fdd31b69ae270f85d00c39706
Certificate serial:       0D7686
Authority key identifier: 65:0A:83:02:70:66:B1:DD:B3:AE:82:16:83:CF:34:D2:8B:74:66:7B
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/f4a582f6c7807f5fdd31b69ae270f85d00c39706.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/9aebed69-30de-4262-a494-d262b33c2c9c/2a87da0b093f37e482b817f71529bc97b3e80fe0.roa
Signing time:             Wed 24 Mar 2021 14:39:59 +0000
ROA not before:           Wed 24 Mar 2021 14:39:56 +0000
ROA not after:            Tue 24 Mar 2026 14:39:56 +0000
asID:                     264851
IP address blocks:        2803:b2c0::/32 maxlen: 48

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/9aebed69-30de-4262-a494-d262b33c2c9c/f4a582f6c7807f5fdd31b69ae270f85d00c39706.crl
                          rsync://repository.lacnic.net/rpki/lacnic/9aebed69-30de-4262-a494-d262b33c2c9c/f4a582f6c7807f5fdd31b69ae270f85d00c39706.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/f4a582f6c7807f5fdd31b69ae270f85d00c39706.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 19:38:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 882310 (0xd7686)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f4a582f6c7807f5fdd31b69ae270f85d00c39706
        Validity
            Not Before: Mar 24 14:39:56 2021 GMT
            Not After : Mar 24 14:39:56 2026 GMT
        Subject: CN=2a87da0b093f37e482b817f71529bc97b3e80fe0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:ad:f1:d6:2f:63:21:b0:9d:6b:c3:ab:f1:4f:
                    4a:20:6e:d9:2c:2b:b8:70:d8:de:21:80:2b:ae:c1:
                    1a:66:6e:db:60:e2:60:b1:75:7f:08:2c:e5:3f:4f:
                    51:82:a1:01:ca:a2:f9:b2:55:a9:47:b6:ba:97:16:
                    53:d9:c9:2c:5f:9b:e1:7d:01:61:f9:61:31:df:a0:
                    cc:d9:51:76:cf:f6:21:e4:70:f6:c9:db:0f:8a:5d:
                    15:99:06:a9:4b:ad:10:9f:8d:f4:33:6c:fb:cb:db:
                    1d:06:5e:92:4e:98:86:7b:ea:66:03:94:b1:62:50:
                    4f:2e:0f:7f:56:24:7a:6f:d6:ce:c8:30:0a:56:31:
                    92:45:1b:9d:78:97:4e:4f:e7:ea:68:aa:4e:e1:5d:
                    0e:6c:59:06:21:7b:e2:4f:ff:eb:9b:97:78:de:11:
                    ee:27:09:61:ac:8b:3e:42:1d:7f:f8:a0:ad:4d:b0:
                    a9:30:1b:70:54:59:12:c9:22:63:05:ee:76:fe:a9:
                    e7:6b:16:54:35:85:ce:83:ef:bb:4d:0f:b6:b6:eb:
                    0e:7d:e4:b1:f3:01:0e:2c:1b:fb:75:4c:e5:56:d0:
                    e6:05:83:f4:f0:f1:f4:b4:7d:30:d7:1c:49:07:cc:
                    c0:4e:ec:5b:2e:7b:2b:de:7c:b9:46:fa:b6:08:09:
                    07:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C9:45:41:DB:C0:B6:F0:80:F9:4D:F1:B4:6B:49:1A:CF:71:F1:9B:3D
            X509v3 Authority Key Identifier:
                keyid:65:0A:83:02:70:66:B1:DD:B3:AE:82:16:83:CF:34:D2:8B:74:66:7B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/f4a582f6c7807f5fdd31b69ae270f85d00c39706.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/9aebed69-30de-4262-a494-d262b33c2c9c/2a87da0b093f37e482b817f71529bc97b3e80fe0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/9aebed69-30de-4262-a494-d262b33c2c9c/f4a582f6c7807f5fdd31b69ae270f85d00c39706.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2803:b2c0::/32

    Signature Algorithm: sha256WithRSAEncryption
         19:d6:da:f4:57:fc:df:87:d7:5f:71:0d:52:f6:54:49:bf:4f:
         af:9f:29:18:93:8e:9d:bd:2f:b9:a0:50:71:79:cd:ef:7b:81:
         a5:13:93:96:f8:61:1c:ef:20:7c:59:6c:44:20:66:24:1e:db:
         71:2a:30:77:c2:94:7d:35:47:c1:7e:ff:b0:09:29:ae:64:c9:
         cb:8c:b5:26:76:5f:50:a3:c0:c0:bf:68:f1:92:74:30:a5:22:
         07:c4:93:22:ab:5d:de:2c:b7:6f:c5:2c:f6:f1:23:4a:00:bd:
         60:16:a4:01:ea:42:2b:c9:b9:6b:fb:a9:23:9b:51:52:7f:45:
         49:b6:68:f5:f0:be:13:39:5f:fc:9c:4a:85:ec:8c:31:01:a7:
         37:b9:1d:fb:48:84:6d:fd:d0:67:a7:a0:52:dc:ae:b1:0f:ad:
         d9:d8:2e:be:3b:b8:f0:cd:d9:60:d1:e5:d9:82:9d:f8:07:d8:
         da:74:3a:ab:b7:68:70:36:4f:69:90:11:fd:e8:ea:f7:ec:41:
         5a:42:43:f1:5f:7e:ac:ca:bb:eb:0b:5c:48:0d:e0:e6:6f:06:
         cb:6f:5a:81:94:50:6f:58:bc:db:ad:f6:96:7f:57:d6:17:38:
         24:ed:9e:31:ca:ab:f9:1a:99:96:f0:53:a4:87:11:61:73:15:
         b3:8b:c7:46
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgIDDXaGMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGY0
YTU4MmY2Yzc4MDdmNWZkZDMxYjY5YWUyNzBmODVkMDBjMzk3MDYwHhcNMjEwMzI0
MTQzOTU2WhcNMjYwMzI0MTQzOTU2WjAzMTEwLwYDVQQDEygyYTg3ZGEwYjA5M2Yz
N2U0ODJiODE3ZjcxNTI5YmM5N2IzZTgwZmUwMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAiq3x1i9jIbCda8Or8U9KIG7ZLCu4cNjeIYArrsEaZm7bYOJg
sXV/CCzlP09RgqEByqL5slWpR7a6lxZT2cksX5vhfQFh+WEx36DM2VF2z/Yh5HD2
ydsPil0VmQapS60Qn430M2z7y9sdBl6STpiGe+pmA5SxYlBPLg9/ViR6b9bOyDAK
VjGSRRudeJdOT+fqaKpO4V0ObFkGIXviT//rm5d43hHuJwlhrIs+Qh1/+KCtTbCp
MBtwVFkSySJjBe52/qnnaxZUNYXOg++7TQ+2tusOfeSx8wEOLBv7dUzlVtDmBYP0
8PH0tH0w1xxJB8zATuxbLnsr3ny5Rvq2CAkHLQIDAQABo4ICXDCCAlgwHQYDVR0O
BBYEFMlFQdvAtvCA+U3xtGtJGs9x8Zs9MB8GA1UdIwQYMBaAFGUKgwJwZrHds66C
FoPPNNKLdGZ7MA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvZjRhNTgy
ZjZjNzgwN2Y1ZmRkMzFiNjlhZTI3MGY4NWQwMGMzOTcwNi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvOWFlYmVkNjktMzBkZS00MjYyLWE0OTQtZDI2MmIz
M2MyYzljLzJhODdkYTBiMDkzZjM3ZTQ4MmI4MTdmNzE1MjliYzk3YjNlODBmZTAu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy85YWViZWQ2OS0zMGRlLTQyNjItYTQ5NC1kMjYy
YjMzYzJjOWMvZjRhNTgyZjZjNzgwN2Y1ZmRkMzFiNjlhZTI3MGY4NWQwMGMzOTcw
Ni5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQR
MA8wDQQCAAIwBwMFACgDssAwDQYJKoZIhvcNAQELBQADggEBABnW2vRX/N+H119x
DVL2VEm/T6+fKRiTjp29L7mgUHF5ze97gaUTk5b4YRzvIHxZbEQgZiQe23EqMHfC
lH01R8F+/7AJKa5kycuMtSZ2X1CjwMC/aPGSdDClIgfEkyKrXd4st2/FLPbxI0oA
vWAWpAHqQivJuWv7qSObUVJ/RUm2aPXwvhM5X/ycSoXsjDEBpze5HftIhG390Gen
oFLcrrEPrdnYLr47uPDN2WDR5dmCnfgH2Np0Oqu3aHA2T2mQEf3o6vfsQVpCQ/Ff
fqzKu+sLXEgN4OZvBstvWoGUUG9YvNut9pZ/V9YXOCTtnjHKq/kamZbwU6SHEWFz
FbOLx0Y=
-----END CERTIFICATE-----
Generated at Fri Mar 29 02:33:39 2024 by rpki-client on console-fra.rpki-client.org