Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/9d4b155f-07b8-4cc7-a37a-464b5ce820ab/280d8fd0bdeb108e86841c0130430b17ad5c6a5c.roa
File:                     280d8fd0bdeb108e86841c0130430b17ad5c6a5c.roa (raw, json)
Hash identifier:          vNYr6jJSFXfk4J6QmGGhUz+vHcvuJPHCX2bKT7o7R9M=
Subject key identifier:   2A:5D:F5:62:5A:23:F9:CC:CA:62:DC:1C:C3:73:4D:6B:C3:0E:34:60
Certificate issuer:       /CN=6af5cddc4fa9cbead677ae35560cc236ac5a2cf8
Certificate serial:       0432DA
Authority key identifier: 0C:8A:D9:22:B4:21:6E:C6:55:6D:48:48:F4:8A:E5:87:69:43:53:60
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/6af5cddc4fa9cbead677ae35560cc236ac5a2cf8.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/9d4b155f-07b8-4cc7-a37a-464b5ce820ab/280d8fd0bdeb108e86841c0130430b17ad5c6a5c.roa
Signing time:             Tue 14 Nov 2023 23:58:28 +0000
ROA not before:           Tue 14 Nov 2023 23:58:28 +0000
ROA not after:            Fri 14 Nov 2025 23:58:28 +0000
asID:                     270165
IP address blocks:        2806:3eb::/32 maxlen: 32

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/9d4b155f-07b8-4cc7-a37a-464b5ce820ab/6af5cddc4fa9cbead677ae35560cc236ac5a2cf8.crl
                          rsync://repository.lacnic.net/rpki/lacnic/9d4b155f-07b8-4cc7-a37a-464b5ce820ab/6af5cddc4fa9cbead677ae35560cc236ac5a2cf8.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/6af5cddc4fa9cbead677ae35560cc236ac5a2cf8.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 24 Feb 2024 17:37:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 275162 (0x432da)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6af5cddc4fa9cbead677ae35560cc236ac5a2cf8
        Validity
            Not Before: Nov 14 23:58:28 2023 GMT
            Not After : Nov 14 23:58:28 2025 GMT
        Subject: CN=280d8fd0bdeb108e86841c0130430b17ad5c6a5c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:9e:15:63:18:9b:76:74:22:dd:bc:b1:0a:b4:
                    f4:de:f9:43:8d:73:80:d6:66:f7:17:5a:4d:fe:da:
                    ee:d4:31:16:c0:95:38:d1:c1:ff:2f:62:95:b6:a6:
                    ba:95:06:f8:61:f9:a4:4a:76:41:3c:16:d8:6a:ee:
                    c0:18:f7:3d:7c:94:6c:28:0a:04:a2:1d:30:ff:d5:
                    1f:f4:6f:bf:2f:1e:a1:3c:01:ad:db:c7:ee:31:c4:
                    20:59:57:fd:bc:63:ce:bb:14:c5:00:3e:4b:a9:19:
                    ec:77:bb:17:d9:a8:8d:67:8a:10:f8:6f:dd:cf:1c:
                    d7:7e:7a:c2:e9:ff:a2:4f:8f:90:11:77:32:47:f2:
                    e0:d7:e6:5b:84:26:3d:d5:2a:6c:76:98:93:e9:77:
                    1e:de:54:a4:56:44:41:8c:5c:65:a5:65:e3:03:15:
                    e1:5c:0c:ef:d8:ad:47:55:5a:98:55:7f:33:6f:74:
                    51:1b:01:a9:89:98:5b:f4:03:19:72:af:76:6f:f7:
                    11:de:1e:f6:8f:8b:ee:e5:61:2b:c2:4a:86:35:a3:
                    7d:9b:eb:0a:38:07:e7:bb:d1:71:a7:5c:d9:c0:57:
                    20:8c:5b:ec:4e:41:c5:bb:55:19:be:62:8c:4c:f9:
                    7f:85:12:a3:93:bd:dd:5c:6e:02:55:5f:fc:aa:0a:
                    6f:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:5D:F5:62:5A:23:F9:CC:CA:62:DC:1C:C3:73:4D:6B:C3:0E:34:60
            X509v3 Authority Key Identifier:
                keyid:0C:8A:D9:22:B4:21:6E:C6:55:6D:48:48:F4:8A:E5:87:69:43:53:60

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/6af5cddc4fa9cbead677ae35560cc236ac5a2cf8.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/9d4b155f-07b8-4cc7-a37a-464b5ce820ab/280d8fd0bdeb108e86841c0130430b17ad5c6a5c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/9d4b155f-07b8-4cc7-a37a-464b5ce820ab/6af5cddc4fa9cbead677ae35560cc236ac5a2cf8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2806:3eb::/32

    Signature Algorithm: sha256WithRSAEncryption
         2f:a5:37:87:fe:c3:78:92:45:b3:13:c2:c9:67:7d:aa:fd:6f:
         23:e3:ff:f2:db:34:78:25:03:9a:d7:c4:11:a4:8d:8b:33:24:
         78:89:8b:a8:35:16:11:08:30:4f:ee:fd:b1:a0:8e:b8:67:be:
         74:fb:85:a9:b8:37:bb:5e:80:3a:a6:39:fe:08:4f:c0:e6:7a:
         3a:fe:26:7e:10:8a:52:5e:e2:0a:65:b8:6b:38:d9:a0:f8:c1:
         f1:60:e3:02:34:24:b9:7c:11:21:3c:f2:f0:15:31:27:4c:61:
         13:55:4d:36:32:a7:77:98:12:8d:4f:20:75:be:36:96:e7:b6:
         b1:3c:35:83:e3:ef:ac:32:83:d4:3f:04:cd:6d:a9:ac:39:00:
         04:2d:b6:20:48:8a:6b:67:7d:66:f6:4d:65:03:40:25:6a:a7:
         37:6d:09:64:f5:20:c9:f7:50:f2:39:84:61:d3:2d:04:f8:54:
         9a:ef:3b:ba:59:8a:76:59:bf:7b:09:09:7f:24:ca:d2:a3:1a:
         52:75:c8:2e:ca:9d:8c:d8:f0:3f:79:76:c8:4b:68:4e:a0:42:
         4a:fb:7b:ef:4a:a0:72:d3:92:aa:00:15:a7:30:df:98:64:f8:
         93:fc:c6:02:13:12:1a:a2:3f:d5:7c:fc:df:a3:a4:e0:63:3a:
         31:e9:7a:c6
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgIDBDLaMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDZh
ZjVjZGRjNGZhOWNiZWFkNjc3YWUzNTU2MGNjMjM2YWM1YTJjZjgwHhcNMjMxMTE0
MjM1ODI4WhcNMjUxMTE0MjM1ODI4WjAzMTEwLwYDVQQDEygyODBkOGZkMGJkZWIx
MDhlODY4NDFjMDEzMDQzMGIxN2FkNWM2YTVjMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAoZ4VYxibdnQi3byxCrT03vlDjXOA1mb3F1pN/tru1DEWwJU4
0cH/L2KVtqa6lQb4YfmkSnZBPBbYau7AGPc9fJRsKAoEoh0w/9Uf9G+/Lx6hPAGt
28fuMcQgWVf9vGPOuxTFAD5LqRnsd7sX2aiNZ4oQ+G/dzxzXfnrC6f+iT4+QEXcy
R/Lg1+ZbhCY91SpsdpiT6Xce3lSkVkRBjFxlpWXjAxXhXAzv2K1HVVqYVX8zb3RR
GwGpiZhb9AMZcq92b/cR3h72j4vu5WErwkqGNaN9m+sKOAfnu9Fxp1zZwFcgjFvs
TkHFu1UZvmKMTPl/hRKjk73dXG4CVV/8qgpvvQIDAQABo4ICXDCCAlgwHQYDVR0O
BBYEFCpd9WJaI/nMymLcHMNzTWvDDjRgMB8GA1UdIwQYMBaAFAyK2SK0IW7GVW1I
SPSK5YdpQ1NgMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvNmFmNWNk
ZGM0ZmE5Y2JlYWQ2NzdhZTM1NTYwY2MyMzZhYzVhMmNmOC5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvOWQ0YjE1NWYtMDdiOC00Y2M3LWEzN2EtNDY0YjVj
ZTgyMGFiLzI4MGQ4ZmQwYmRlYjEwOGU4Njg0MWMwMTMwNDMwYjE3YWQ1YzZhNWMu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy85ZDRiMTU1Zi0wN2I4LTRjYzctYTM3YS00NjRi
NWNlODIwYWIvNmFmNWNkZGM0ZmE5Y2JlYWQ2NzdhZTM1NTYwY2MyMzZhYzVhMmNm
OC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQR
MA8wDQQCAAIwBwMFACgGA+swDQYJKoZIhvcNAQELBQADggEBAC+lN4f+w3iSRbMT
wslnfar9byPj//LbNHglA5rXxBGkjYszJHiJi6g1FhEIME/u/bGgjrhnvnT7ham4
N7tegDqmOf4IT8Dmejr+Jn4QilJe4gpluGs42aD4wfFg4wI0JLl8ESE88vAVMSdM
YRNVTTYyp3eYEo1PIHW+NpbntrE8NYPj76wyg9Q/BM1tqaw5AAQttiBIimtnfWb2
TWUDQCVqpzdtCWT1IMn3UPI5hGHTLQT4VJrvO7pZinZZv3sJCX8kytKjGlJ1yC7K
nYzY8D95dshLaE6gQkr7e+9KoHLTkqoAFacw35hk+JP8xgITEhqiP9V8/N+jpOBj
OjHpesY=
-----END CERTIFICATE-----
Generated at Wed Feb 21 20:21:04 2024 by rpki-client on console-fra.rpki-client.org