Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/a6633726-35df-4b6e-b11f-eb20fb2ebf30/94802f365891f469fd58be1720615641cf051729.roa
File:                     94802f365891f469fd58be1720615641cf051729.roa (raw, json)
Hash identifier:          TCypWWPBQWXIceFusDTkZretNg/FBtEOFFNMtAEDDj4=
Subject key identifier:   89:71:A4:5F:91:5C:60:D0:B7:D7:D7:3F:09:4A:E8:70:DA:1E:A6:8F
Certificate issuer:       /CN=3ebe12192c5a777cd4ac7f461d9df9d8027ae845
Certificate serial:       7C0D
Authority key identifier: A0:03:8A:CA:39:BB:A5:36:62:CC:0C:10:5F:2C:01:7F:A7:6A:DF:B8
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/3ebe12192c5a777cd4ac7f461d9df9d8027ae845.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/a6633726-35df-4b6e-b11f-eb20fb2ebf30/94802f365891f469fd58be1720615641cf051729.roa
Signing time:             Fri 03 Feb 2023 15:30:29 +0000
ROA not before:           Thu 02 Feb 2023 15:29:32 +0000
ROA not after:            Mon 03 Feb 2025 15:29:32 +0000
asID:                     262186
IP address blocks:        2801:159:3::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/a6633726-35df-4b6e-b11f-eb20fb2ebf30/3ebe12192c5a777cd4ac7f461d9df9d8027ae845.crl
                          rsync://repository.lacnic.net/rpki/lacnic/a6633726-35df-4b6e-b11f-eb20fb2ebf30/3ebe12192c5a777cd4ac7f461d9df9d8027ae845.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/3ebe12192c5a777cd4ac7f461d9df9d8027ae845.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Fri 09 Jun 2023 11:50:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 31757 (0x7c0d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3ebe12192c5a777cd4ac7f461d9df9d8027ae845
        Validity
            Not Before: Feb  2 15:29:32 2023 GMT
            Not After : Feb  3 15:29:32 2025 GMT
        Subject: CN=94802f365891f469fd58be1720615641cf051729
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:39:2e:61:72:83:be:69:e8:4e:d4:c6:eb:4a:
                    d5:9b:a0:a1:ee:db:d3:c8:2d:e9:d8:c9:7a:b8:e6:
                    49:1c:7f:94:99:6f:31:7a:b8:77:03:6d:97:12:6c:
                    ed:df:f4:c7:ae:d9:e2:f0:e7:5f:b2:6e:79:c8:bf:
                    e8:b1:62:cf:84:7a:58:01:db:bb:67:64:c1:43:40:
                    e4:de:47:f5:5b:91:5f:18:80:c3:d0:92:a9:dc:90:
                    39:c0:21:ce:83:fe:a3:72:61:54:cd:a6:58:d9:a0:
                    40:03:68:b1:14:78:35:65:d3:2e:a9:ce:dc:f9:da:
                    6f:17:c7:73:0e:5e:0f:da:ec:f4:bf:57:60:3d:90:
                    e8:c8:86:83:04:c5:7a:b2:b3:dd:37:ff:d6:6d:dc:
                    a7:44:14:45:1f:4d:f9:34:ca:12:bd:08:3a:14:05:
                    2b:72:67:f9:c2:cd:f1:56:e8:99:51:f5:03:da:23:
                    d7:02:8b:7a:43:cf:be:e4:36:5d:d9:02:e7:5b:f5:
                    66:6c:41:d3:5e:17:92:98:7b:81:4e:79:4b:56:f3:
                    56:1b:84:02:1f:c9:84:eb:2a:8c:26:de:65:0f:40:
                    01:50:6c:e9:cd:ad:69:35:e6:9f:f8:57:96:31:c6:
                    bb:d8:ad:c6:a2:de:8f:e3:b1:5a:9b:e4:1a:13:8b:
                    48:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                89:71:A4:5F:91:5C:60:D0:B7:D7:D7:3F:09:4A:E8:70:DA:1E:A6:8F
            X509v3 Authority Key Identifier:
                keyid:A0:03:8A:CA:39:BB:A5:36:62:CC:0C:10:5F:2C:01:7F:A7:6A:DF:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/3ebe12192c5a777cd4ac7f461d9df9d8027ae845.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/a6633726-35df-4b6e-b11f-eb20fb2ebf30/94802f365891f469fd58be1720615641cf051729.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/a6633726-35df-4b6e-b11f-eb20fb2ebf30/3ebe12192c5a777cd4ac7f461d9df9d8027ae845.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2801:159:3::/48

    Signature Algorithm: sha256WithRSAEncryption
         19:d4:1c:00:71:d0:b6:27:ac:ec:80:90:e9:e6:7c:4a:99:ca:
         08:8d:c5:ae:e4:25:64:ae:2e:68:8c:d1:34:16:5e:58:f8:f2:
         52:f8:b6:19:d9:b7:0a:02:3a:68:c7:13:b0:c5:cc:55:05:fb:
         bf:96:80:b4:36:6f:f6:6d:71:16:47:a8:b7:cd:a7:1b:55:aa:
         8e:6f:1e:3c:d7:2e:0b:87:ae:0c:c2:a4:9b:9b:6e:d3:cd:fc:
         b7:2e:fd:14:0e:a9:c6:e0:01:d7:92:7b:ac:d2:5f:f1:fc:00:
         1f:c2:a2:c8:d6:df:e6:ac:89:51:eb:07:ed:c5:e2:cd:dd:55:
         e0:dd:91:25:04:d9:24:b4:26:d5:cb:bb:5c:e3:ec:78:ef:c8:
         92:7e:79:db:37:dc:1f:e7:f6:eb:6e:18:24:d3:07:ec:e0:cb:
         34:47:30:ae:58:95:e5:76:1d:3d:9f:ef:dd:54:6d:80:20:19:
         ff:bc:54:a9:9a:c1:67:68:2b:88:9d:95:41:e8:88:7f:02:45:
         56:bc:98:9e:d1:b0:78:f7:dd:c8:16:58:ca:15:e7:6d:f6:73:
         3b:4e:1e:2b:15:95:90:7e:23:17:87:a3:fb:97:48:b1:9c:85:
         1e:13:11:61:ff:da:24:f9:a9:43:3f:41:20:f9:2d:e7:ad:80:
         88:5a:a1:ae
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgICfA0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM2Vi
ZTEyMTkyYzVhNzc3Y2Q0YWM3ZjQ2MWQ5ZGY5ZDgwMjdhZTg0NTAeFw0yMzAyMDIx
NTI5MzJaFw0yNTAyMDMxNTI5MzJaMDMxMTAvBgNVBAMTKDk0ODAyZjM2NTg5MWY0
NjlmZDU4YmUxNzIwNjE1NjQxY2YwNTE3MjkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCKOS5hcoO+aehO1MbrStWboKHu29PILenYyXq45kkcf5SZbzF6
uHcDbZcSbO3f9Meu2eLw51+ybnnIv+ixYs+EelgB27tnZMFDQOTeR/VbkV8YgMPQ
kqnckDnAIc6D/qNyYVTNpljZoEADaLEUeDVl0y6pztz52m8Xx3MOXg/a7PS/V2A9
kOjIhoMExXqys903/9Zt3KdEFEUfTfk0yhK9CDoUBStyZ/nCzfFW6JlR9QPaI9cC
i3pDz77kNl3ZAudb9WZsQdNeF5KYe4FOeUtW81YbhAIfyYTrKowm3mUPQAFQbOnN
rWk15p/4V5YxxrvYrcai3o/jsVqb5BoTi0hLAgMBAAGjggJeMIICWjAdBgNVHQ4E
FgQUiXGkX5FcYNC319c/CUrocNoepo8wHwYDVR0jBBgwFoAUoAOKyjm7pTZizAwQ
XywBf6dq37gwDgYDVR0PAQH/BAQDAgeAMIGaBggrBgEFBQcBAQSBjTCBijCBhwYI
KwYBBQUHMAKGe3JzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jwa2kvbGFj
bmljLzQ4ZjA4M2JiLWY2MDMtNDg5My05OTkwLTAyODRjMDRjZWI4NS8zZWJlMTIx
OTJjNWE3NzdjZDRhYzdmNDYxZDlkZjlkODAyN2FlODQ1LmNlcjCBmgYIKwYBBQUH
AQsEgY0wgYowgYcGCCsGAQUFBzALhntyc3luYzovL3JlcG9zaXRvcnkubGFjbmlj
Lm5ldC9ycGtpL2xhY25pYy9hNjYzMzcyNi0zNWRmLTRiNmUtYjExZi1lYjIwZmIy
ZWJmMzAvOTQ4MDJmMzY1ODkxZjQ2OWZkNThiZTE3MjA2MTU2NDFjZjA1MTcyOS5y
b2EwgY8GA1UdHwSBhzCBhDCBgaB/oH2Ge3JzeW5jOi8vcmVwb3NpdG9yeS5sYWNu
aWMubmV0L3Jwa2kvbGFjbmljL2E2NjMzNzI2LTM1ZGYtNGI2ZS1iMTFmLWViMjBm
YjJlYmYzMC8zZWJlMTIxOTJjNWE3NzdjZDRhYzdmNDYxZDlkZjlkODAyN2FlODQ1
LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMw
ETAPBAIAAjAJAwcAKAEBWQADMA0GCSqGSIb3DQEBCwUAA4IBAQAZ1BwAcdC2J6zs
gJDp5nxKmcoIjcWu5CVkri5ojNE0Fl5Y+PJS+LYZ2bcKAjpoxxOwxcxVBfu/loC0
Nm/2bXEWR6i3zacbVaqObx481y4Lh64MwqSbm27Tzfy3Lv0UDqnG4AHXknus0l/x
/AAfwqLI1t/mrIlR6wftxeLN3VXg3ZElBNkktCbVy7tc4+x478iSfnnbN9wf5/br
bhgk0wfs4Ms0RzCuWJXldh09n+/dVG2AIBn/vFSpmsFnaCuInZVB6Ih/AkVWvJie
0bB4993IFljKFedt9nM7Th4rFZWQfiMXh6P7l0ixnIUeExFh/9ok+alDP0Eg+S3n
rYCIWqGu
-----END CERTIFICATE-----
Generated at Tue Jun 6 14:14:58 2023 by rpki-client on console-fra.rpki-client.org