Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/9af91a20-1298-470f-b387-8f4ebd887215/9f52d32f358ef5a17d290509b13bb51015e8596b.roa
File:                     9f52d32f358ef5a17d290509b13bb51015e8596b.roa (raw, json)
Hash identifier:          fX0kGv0kKN9CJ6zI/wrg8MH0gjyOh5OhzcxlCr6Fz2E=
Subject key identifier:   AC:2C:7A:3C:B7:EE:23:50:BD:50:DB:F7:4F:37:73:FF:22:E0:5A:63
Certificate issuer:       /CN=5f0cbd5d19d2d38d3fe5697e00b723b50fc45c4b
Certificate serial:       02B845
Authority key identifier: 5A:B8:27:5D:8C:CB:00:63:54:CD:F0:93:65:C5:B8:04:10:25:44:2D
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/5f0cbd5d19d2d38d3fe5697e00b723b50fc45c4b.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/9af91a20-1298-470f-b387-8f4ebd887215/9f52d32f358ef5a17d290509b13bb51015e8596b.roa
Signing time:             Wed 24 Mar 2021 14:34:54 +0000
ROA not before:           Wed 24 Mar 2021 14:34:53 +0000
ROA not after:            Tue 24 Mar 2026 14:34:53 +0000
asID:                     19429
IP address blocks:        2801:17:a800::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/9af91a20-1298-470f-b387-8f4ebd887215/5f0cbd5d19d2d38d3fe5697e00b723b50fc45c4b.crl
                          rsync://repository.lacnic.net/rpki/lacnic/9af91a20-1298-470f-b387-8f4ebd887215/5f0cbd5d19d2d38d3fe5697e00b723b50fc45c4b.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/5f0cbd5d19d2d38d3fe5697e00b723b50fc45c4b.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 24 Feb 2024 17:37:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 178245 (0x2b845)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5f0cbd5d19d2d38d3fe5697e00b723b50fc45c4b
        Validity
            Not Before: Mar 24 14:34:53 2021 GMT
            Not After : Mar 24 14:34:53 2026 GMT
        Subject: CN=9f52d32f358ef5a17d290509b13bb51015e8596b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:bd:0b:ce:04:fb:e7:49:3b:70:fe:93:6f:d1:
                    18:0b:5f:a3:1a:31:e5:b8:1a:f5:ea:31:64:d2:bf:
                    6e:95:30:c5:d5:f4:a6:83:35:f6:eb:cd:a1:8a:ef:
                    e5:92:9e:ba:4b:b7:49:2f:2b:ec:94:65:33:d1:b4:
                    6c:34:5b:6d:5f:ae:8c:b7:58:a9:f8:3c:a3:dd:42:
                    e2:21:f0:9f:18:10:4f:92:1d:c1:0a:de:a7:38:ca:
                    60:cc:ec:95:70:86:87:c6:2e:cf:d3:aa:78:6d:3f:
                    d7:29:15:29:4b:11:3d:92:69:6b:b9:82:8c:3f:a7:
                    d5:29:b0:f2:a5:b6:b5:1c:b4:cc:3a:ae:63:a8:c9:
                    08:d6:bc:fa:70:2e:99:b0:2f:07:c0:67:f7:f7:0e:
                    ee:9b:d2:08:c7:d0:b3:99:63:60:c0:07:36:95:b1:
                    27:46:31:6f:86:cd:dc:48:a1:5f:d7:d3:98:fd:bc:
                    7c:42:b5:32:1a:a2:26:31:2e:94:4f:b2:28:ef:05:
                    9d:b2:a9:08:89:e3:d1:78:3d:59:97:54:07:17:cd:
                    4a:b8:a7:37:1b:a4:62:e1:02:cb:2b:9f:d5:83:d9:
                    d6:5c:b2:2b:93:fd:6d:30:b5:24:2f:65:45:54:d2:
                    ea:c3:59:fe:eb:f6:c7:a7:c3:99:75:83:fe:c0:dc:
                    fe:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AC:2C:7A:3C:B7:EE:23:50:BD:50:DB:F7:4F:37:73:FF:22:E0:5A:63
            X509v3 Authority Key Identifier:
                keyid:5A:B8:27:5D:8C:CB:00:63:54:CD:F0:93:65:C5:B8:04:10:25:44:2D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/5f0cbd5d19d2d38d3fe5697e00b723b50fc45c4b.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/9af91a20-1298-470f-b387-8f4ebd887215/9f52d32f358ef5a17d290509b13bb51015e8596b.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/9af91a20-1298-470f-b387-8f4ebd887215/5f0cbd5d19d2d38d3fe5697e00b723b50fc45c4b.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2801:17:a800::/48

    Signature Algorithm: sha256WithRSAEncryption
         75:d2:48:4a:8c:44:c4:03:cd:bb:da:6d:81:e9:e9:01:5b:d4:
         b1:fc:89:ed:09:ca:3a:19:d1:61:71:48:ea:c9:49:16:1a:6a:
         1b:c7:40:68:bb:4f:65:76:71:6a:f8:e8:04:80:f1:3d:a6:ce:
         44:1c:8c:b7:b9:aa:e0:ff:6b:86:2a:18:ae:db:3d:f5:17:df:
         0a:de:c2:df:c8:1c:bd:4b:4a:a0:92:0a:54:25:26:f9:bb:90:
         c7:d5:1d:fe:77:7c:3e:c7:27:d8:2d:37:59:45:21:5c:16:5a:
         ce:c5:13:16:97:94:da:b9:79:74:45:9b:d7:4a:bc:c6:03:8e:
         d6:97:c7:cc:ef:7e:c7:1f:b5:b8:4e:77:c6:f3:6b:ca:91:aa:
         b2:61:60:25:5c:cd:73:d7:d9:5b:ef:9f:01:c4:88:70:7c:96:
         e2:a0:18:2a:7d:38:4e:c4:0e:32:07:ae:2d:73:a2:e6:25:f5:
         fa:2d:19:60:13:c2:af:e4:07:85:af:4b:14:ae:64:99:71:05:
         e5:e8:b0:b4:75:ee:97:97:3f:3d:7b:46:22:97:cb:a4:bf:af:
         67:81:76:ea:e5:bf:e8:a4:11:89:d5:cd:64:43:d9:83:60:d9:
         3c:8e:55:be:8a:ae:7d:bb:aa:24:6d:8d:b1:59:60:94:b2:8a:
         40:ee:12:8e
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgIDArhFMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDVm
MGNiZDVkMTlkMmQzOGQzZmU1Njk3ZTAwYjcyM2I1MGZjNDVjNGIwHhcNMjEwMzI0
MTQzNDUzWhcNMjYwMzI0MTQzNDUzWjAzMTEwLwYDVQQDEyg5ZjUyZDMyZjM1OGVm
NWExN2QyOTA1MDliMTNiYjUxMDE1ZTg1OTZiMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAhr0LzgT750k7cP6Tb9EYC1+jGjHluBr16jFk0r9ulTDF1fSm
gzX2682hiu/lkp66S7dJLyvslGUz0bRsNFttX66Mt1ip+Dyj3ULiIfCfGBBPkh3B
Ct6nOMpgzOyVcIaHxi7P06p4bT/XKRUpSxE9kmlruYKMP6fVKbDypba1HLTMOq5j
qMkI1rz6cC6ZsC8HwGf39w7um9IIx9CzmWNgwAc2lbEnRjFvhs3cSKFf19OY/bx8
QrUyGqImMS6UT7Io7wWdsqkIiePReD1Zl1QHF81KuKc3G6Ri4QLLK5/Vg9nWXLIr
k/1tMLUkL2VFVNLqw1n+6/bHp8OZdYP+wNz+HQIDAQABo4ICXjCCAlowHQYDVR0O
BBYEFKwsejy37iNQvVDb9083c/8i4FpjMB8GA1UdIwQYMBaAFFq4J12MywBjVM3w
k2XFuAQQJUQtMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvNWYwY2Jk
NWQxOWQyZDM4ZDNmZTU2OTdlMDBiNzIzYjUwZmM0NWM0Yi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvOWFmOTFhMjAtMTI5OC00NzBmLWIzODctOGY0ZWJk
ODg3MjE1LzlmNTJkMzJmMzU4ZWY1YTE3ZDI5MDUwOWIxM2JiNTEwMTVlODU5NmIu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy85YWY5MWEyMC0xMjk4LTQ3MGYtYjM4Ny04ZjRl
YmQ4ODcyMTUvNWYwY2JkNWQxOWQyZDM4ZDNmZTU2OTdlMDBiNzIzYjUwZmM0NWM0
Yi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQT
MBEwDwQCAAIwCQMHACgBABeoADANBgkqhkiG9w0BAQsFAAOCAQEAddJISoxExAPN
u9ptgenpAVvUsfyJ7QnKOhnRYXFI6slJFhpqG8dAaLtPZXZxavjoBIDxPabORByM
t7mq4P9rhioYrts99RffCt7C38gcvUtKoJIKVCUm+buQx9Ud/nd8Pscn2C03WUUh
XBZazsUTFpeU2rl5dEWb10q8xgOO1pfHzO9+xx+1uE53xvNrypGqsmFgJVzNc9fZ
W++fAcSIcHyW4qAYKn04TsQOMgeuLXOi5iX1+i0ZYBPCr+QHha9LFK5kmXEF5eiw
tHXul5c/PXtGIpfLpL+vZ4F26uW/6KQRidXNZEPZg2DZPI5VvoqufbuqJG2NsVlg
lLKKQO4Sjg==
-----END CERTIFICATE-----
Generated at Wed Feb 21 20:21:04 2024 by rpki-client on console-fra.rpki-client.org