Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/a24a8a49-2724-4dd3-a7fd-9fb5bf99ef86/39fcab660c862c3c3f07a7f34e7a0d08eff0d67c.roa
File:                     39fcab660c862c3c3f07a7f34e7a0d08eff0d67c.roa (raw, json)
Hash identifier:          zx620pcK/elFljUH9ruyN041hSsygOGZ9lJx4iy6LKs=
Subject key identifier:   80:AF:C0:D6:18:BE:AA:08:BE:A7:15:71:95:49:8B:C2:56:4E:8B:BE
Certificate issuer:       /CN=8f81e4aaad6a0d73a6f8c9786a766940dd1daf0d
Certificate serial:       010827
Authority key identifier: DF:04:11:59:40:71:62:78:1C:7D:C7:8E:35:88:31:67:24:7D:00:00
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/8f81e4aaad6a0d73a6f8c9786a766940dd1daf0d.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/a24a8a49-2724-4dd3-a7fd-9fb5bf99ef86/39fcab660c862c3c3f07a7f34e7a0d08eff0d67c.roa
Signing time:             Thu 16 Nov 2023 19:34:29 +0000
ROA not before:           Thu 16 Nov 2023 19:34:29 +0000
ROA not after:            Sun 16 Nov 2025 19:34:29 +0000
asID:                     273103
IP address blocks:        2803:7050::/32 maxlen: 48

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/a24a8a49-2724-4dd3-a7fd-9fb5bf99ef86/8f81e4aaad6a0d73a6f8c9786a766940dd1daf0d.crl
                          rsync://repository.lacnic.net/rpki/lacnic/a24a8a49-2724-4dd3-a7fd-9fb5bf99ef86/8f81e4aaad6a0d73a6f8c9786a766940dd1daf0d.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/8f81e4aaad6a0d73a6f8c9786a766940dd1daf0d.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 02 Mar 2024 19:51:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 67623 (0x10827)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8f81e4aaad6a0d73a6f8c9786a766940dd1daf0d
        Validity
            Not Before: Nov 16 19:34:29 2023 GMT
            Not After : Nov 16 19:34:29 2025 GMT
        Subject: CN=39fcab660c862c3c3f07a7f34e7a0d08eff0d67c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:90:4a:12:8e:15:5d:6b:04:b6:a2:a6:31:32:
                    8d:a1:16:0f:a1:d0:90:ef:8b:7c:31:d0:4e:07:f8:
                    f1:1e:f1:4f:f2:9f:75:46:be:93:ad:a1:bb:f8:9f:
                    d3:e0:98:01:d3:ca:70:88:ff:cc:50:69:22:37:83:
                    37:7f:ca:71:80:0b:99:c5:b8:7a:ce:cc:d9:bc:03:
                    9b:fe:96:52:4c:6d:ed:05:9f:11:f9:01:94:bd:d6:
                    66:4e:1a:bc:db:c4:0d:54:4f:db:f5:47:f6:69:85:
                    30:10:13:ba:30:95:36:b3:75:03:6c:08:8d:3f:63:
                    b3:c9:17:5c:29:fa:df:17:48:cc:63:cf:1f:e4:7b:
                    a9:2d:66:5f:03:bb:95:92:61:0e:bc:22:8f:97:41:
                    5c:6c:e0:cb:d1:4e:11:53:57:9c:a4:49:ff:59:ad:
                    fc:34:44:6c:af:e6:1d:2f:91:79:e6:d4:c6:05:b0:
                    40:29:a2:cf:79:5e:e5:9d:4a:7f:42:a2:da:ec:5f:
                    ac:11:f5:c3:a0:e2:31:04:26:27:4d:80:0e:29:b7:
                    d9:7c:f3:70:89:35:f8:f7:bf:ee:82:db:65:26:0e:
                    00:eb:ba:73:5c:25:75:51:97:b8:b9:79:c4:0e:87:
                    60:47:9a:b5:89:72:6d:8a:8d:ab:82:d8:da:4d:03:
                    75:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                80:AF:C0:D6:18:BE:AA:08:BE:A7:15:71:95:49:8B:C2:56:4E:8B:BE
            X509v3 Authority Key Identifier:
                keyid:DF:04:11:59:40:71:62:78:1C:7D:C7:8E:35:88:31:67:24:7D:00:00

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/8f81e4aaad6a0d73a6f8c9786a766940dd1daf0d.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/a24a8a49-2724-4dd3-a7fd-9fb5bf99ef86/39fcab660c862c3c3f07a7f34e7a0d08eff0d67c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/a24a8a49-2724-4dd3-a7fd-9fb5bf99ef86/8f81e4aaad6a0d73a6f8c9786a766940dd1daf0d.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2803:7050::/32

    Signature Algorithm: sha256WithRSAEncryption
         3c:b1:5f:a6:b1:ab:b9:55:b1:e3:03:86:b0:a8:64:ab:24:5a:
         8b:a4:85:cf:e4:ad:b5:e3:80:87:7e:da:29:5d:e9:69:f8:6d:
         be:36:32:00:cc:b2:6a:66:3c:31:1a:1c:76:73:23:29:92:b8:
         19:c5:38:6b:ce:0a:d4:56:86:5a:4a:c3:43:aa:b7:f2:11:fa:
         1c:f8:5b:10:f6:13:1c:9a:32:ba:bb:be:5a:ff:aa:cc:28:92:
         7f:7b:05:cf:e1:20:46:d2:8b:b1:3c:37:89:6d:65:26:92:80:
         4f:69:d8:fa:05:f2:d5:5f:d1:74:a8:94:db:3a:a1:2d:40:7b:
         73:d7:6f:16:79:b8:2a:79:8f:ff:72:61:09:f8:6f:e4:96:d1:
         60:f4:88:26:b6:d8:3b:b5:06:ea:f8:f3:ab:0c:13:d5:11:0b:
         84:72:76:32:b6:50:21:ce:87:8b:d0:11:20:c1:ac:fe:75:03:
         52:97:b7:14:f6:b4:d0:28:c4:2c:95:05:1e:cf:df:4f:31:f7:
         bc:0f:31:f8:fd:43:b8:ba:d8:9b:a2:bf:c5:de:6a:51:91:46:
         93:be:1e:db:13:26:56:7a:a9:8c:e3:e6:15:19:48:42:18:23:
         74:e8:fa:bd:40:61:91:bf:f8:5c:eb:e7:ca:1d:11:d6:6a:77:
         ce:8f:58:b0
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgIDAQgnMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDhm
ODFlNGFhYWQ2YTBkNzNhNmY4Yzk3ODZhNzY2OTQwZGQxZGFmMGQwHhcNMjMxMTE2
MTkzNDI5WhcNMjUxMTE2MTkzNDI5WjAzMTEwLwYDVQQDEygzOWZjYWI2NjBjODYy
YzNjM2YwN2E3ZjM0ZTdhMGQwOGVmZjBkNjdjMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEArJBKEo4VXWsEtqKmMTKNoRYPodCQ74t8MdBOB/jxHvFP8p91
Rr6TraG7+J/T4JgB08pwiP/MUGkiN4M3f8pxgAuZxbh6zszZvAOb/pZSTG3tBZ8R
+QGUvdZmThq828QNVE/b9Uf2aYUwEBO6MJU2s3UDbAiNP2OzyRdcKfrfF0jMY88f
5HupLWZfA7uVkmEOvCKPl0FcbODL0U4RU1ecpEn/Wa38NERsr+YdL5F55tTGBbBA
KaLPeV7lnUp/QqLa7F+sEfXDoOIxBCYnTYAOKbfZfPNwiTX497/ugttlJg4A67pz
XCV1UZe4uXnEDodgR5q1iXJtio2rgtjaTQN1CQIDAQABo4ICXDCCAlgwHQYDVR0O
BBYEFICvwNYYvqoIvqcVcZVJi8JWTou+MB8GA1UdIwQYMBaAFN8EEVlAcWJ4HH3H
jjWIMWckfQAAMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvOGY4MWU0
YWFhZDZhMGQ3M2E2ZjhjOTc4NmE3NjY5NDBkZDFkYWYwZC5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvYTI0YThhNDktMjcyNC00ZGQzLWE3ZmQtOWZiNWJm
OTllZjg2LzM5ZmNhYjY2MGM4NjJjM2MzZjA3YTdmMzRlN2EwZDA4ZWZmMGQ2N2Mu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9hMjRhOGE0OS0yNzI0LTRkZDMtYTdmZC05ZmI1
YmY5OWVmODYvOGY4MWU0YWFhZDZhMGQ3M2E2ZjhjOTc4NmE3NjY5NDBkZDFkYWYw
ZC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQR
MA8wDQQCAAIwBwMFACgDcFAwDQYJKoZIhvcNAQELBQADggEBADyxX6axq7lVseMD
hrCoZKskWoukhc/krbXjgId+2ild6Wn4bb42MgDMsmpmPDEaHHZzIymSuBnFOGvO
CtRWhlpKw0Oqt/IR+hz4WxD2ExyaMrq7vlr/qswokn97Bc/hIEbSi7E8N4ltZSaS
gE9p2PoF8tVf0XSolNs6oS1Ae3PXbxZ5uCp5j/9yYQn4b+SW0WD0iCa22Du1Bur4
86sME9URC4RydjK2UCHOh4vQESDBrP51A1KXtxT2tNAoxCyVBR7P308x97wPMfj9
Q7i62Juiv8XealGRRpO+HtsTJlZ6qYzj5hUZSEIYI3To+r1AYZG/+Fzr58odEdZq
d86PWLA=
-----END CERTIFICATE-----
Generated at Wed Feb 28 20:52:26 2024 by rpki-client on console-fra.rpki-client.org