Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/a6633726-35df-4b6e-b11f-eb20fb2ebf30/cebe6a486138f4d5fcf7f478f3c5c8e29aaf85c7.roa
File:                     cebe6a486138f4d5fcf7f478f3c5c8e29aaf85c7.roa (raw, json)
Hash identifier:          UidQ2uEpVvGzyq5eZDWA/pbtp1t+kXfob3xSuVISHDM=
Subject key identifier:   84:52:C8:E4:F8:B2:6F:6E:FE:E3:C4:FF:5D:F0:2B:48:80:A9:A9:F3
Certificate issuer:       /CN=3ebe12192c5a777cd4ac7f461d9df9d8027ae845
Certificate serial:       73BB
Authority key identifier: A0:03:8A:CA:39:BB:A5:36:62:CC:0C:10:5F:2C:01:7F:A7:6A:DF:B8
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/3ebe12192c5a777cd4ac7f461d9df9d8027ae845.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/a6633726-35df-4b6e-b11f-eb20fb2ebf30/cebe6a486138f4d5fcf7f478f3c5c8e29aaf85c7.roa
Signing time:             Fri 03 Feb 2023 15:29:17 +0000
ROA not before:           Thu 02 Feb 2023 15:28:02 +0000
ROA not after:            Mon 03 Feb 2025 15:28:02 +0000
asID:                     262186
IP address blocks:        2801:159:2::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/a6633726-35df-4b6e-b11f-eb20fb2ebf30/3ebe12192c5a777cd4ac7f461d9df9d8027ae845.crl
                          rsync://repository.lacnic.net/rpki/lacnic/a6633726-35df-4b6e-b11f-eb20fb2ebf30/3ebe12192c5a777cd4ac7f461d9df9d8027ae845.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/3ebe12192c5a777cd4ac7f461d9df9d8027ae845.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 01 Apr 2024 05:55:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 29627 (0x73bb)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3ebe12192c5a777cd4ac7f461d9df9d8027ae845
        Validity
            Not Before: Feb  2 15:28:02 2023 GMT
            Not After : Feb  3 15:28:02 2025 GMT
        Subject: CN=cebe6a486138f4d5fcf7f478f3c5c8e29aaf85c7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:58:9a:d2:c8:12:cb:89:50:0c:2b:8d:ef:73:
                    b2:ca:4f:78:1a:7e:6d:f7:6c:9f:73:26:5c:6b:75:
                    72:09:d7:3e:8b:fa:c6:64:93:2f:43:39:9f:50:f2:
                    5e:62:f3:56:2e:4d:b1:61:61:0d:95:60:0e:79:2c:
                    8b:48:12:5f:b6:af:c9:bf:44:b3:d1:30:fe:52:ca:
                    91:b9:2d:6a:74:a2:5d:d1:2c:7e:bc:5b:d3:2c:2d:
                    c1:61:e1:38:18:38:7c:5e:dc:5f:9a:62:95:ef:b1:
                    bf:bf:80:a7:d7:c3:12:16:10:8f:01:d3:76:79:c3:
                    35:7b:a3:a3:6a:3f:1c:79:20:74:28:fc:87:ce:3c:
                    a1:63:47:66:2f:9a:b0:11:85:ca:11:00:31:cf:bc:
                    03:9d:0a:6b:ae:65:79:7e:d6:e1:c2:0b:c2:d8:52:
                    84:a0:8c:19:40:6c:e9:32:87:de:43:39:23:48:01:
                    ac:56:58:9c:0e:a7:20:53:fb:ef:e6:21:3a:f6:f9:
                    4b:60:79:ed:79:e5:fe:ea:4e:92:f8:e4:cd:66:f2:
                    98:f4:31:d0:c4:66:0c:3f:cf:94:fc:e6:18:aa:73:
                    72:70:16:0c:61:5d:54:29:a9:a0:78:25:c9:89:4a:
                    db:4c:e6:49:66:1e:bd:4e:c4:39:0b:c5:82:f6:10:
                    34:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:52:C8:E4:F8:B2:6F:6E:FE:E3:C4:FF:5D:F0:2B:48:80:A9:A9:F3
            X509v3 Authority Key Identifier:
                keyid:A0:03:8A:CA:39:BB:A5:36:62:CC:0C:10:5F:2C:01:7F:A7:6A:DF:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/3ebe12192c5a777cd4ac7f461d9df9d8027ae845.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/a6633726-35df-4b6e-b11f-eb20fb2ebf30/cebe6a486138f4d5fcf7f478f3c5c8e29aaf85c7.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/a6633726-35df-4b6e-b11f-eb20fb2ebf30/3ebe12192c5a777cd4ac7f461d9df9d8027ae845.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2801:159:2::/48

    Signature Algorithm: sha256WithRSAEncryption
         33:49:62:11:e7:47:46:9f:a1:88:ea:54:67:b1:9a:78:5a:f5:
         30:e0:ca:92:0c:40:fc:24:25:b2:eb:10:d8:a0:94:15:b8:35:
         15:a9:59:e8:a1:30:f4:38:a3:a7:f4:ca:4b:bb:aa:30:17:46:
         c4:6e:35:01:a6:9e:41:63:42:56:86:b5:c3:1d:13:43:13:e0:
         7a:d3:ac:f7:8b:39:de:40:13:47:2c:da:c7:f8:05:d4:0d:0f:
         05:1e:77:7e:5c:6d:81:0a:81:1f:90:10:46:3f:74:2b:80:78:
         49:d2:a0:4c:ba:b1:a2:1b:10:bc:db:b9:ba:97:ce:03:b5:37:
         88:c6:24:9f:ae:b3:76:ef:0e:a4:ee:9e:ae:b5:8b:5f:ac:ed:
         43:e7:01:5c:b6:a1:86:e3:18:30:05:17:bf:d7:4f:a5:16:fc:
         4e:0c:ec:ff:77:98:71:d1:03:aa:b7:c5:d0:db:5c:cd:87:e1:
         38:d7:43:45:a9:38:5e:48:4d:ae:c4:94:eb:ea:bf:82:80:d6:
         a8:fa:5b:af:e9:b5:d4:7d:0a:14:bf:b5:ae:46:2d:45:a6:2f:
         e1:88:82:10:94:92:c5:43:60:86:6a:3f:3a:06:78:eb:f3:33:
         c6:54:50:a6:88:6a:ec:ea:54:60:ce:9c:df:64:3a:37:a4:a7:
         14:a8:ab:f1
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgICc7swDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM2Vi
ZTEyMTkyYzVhNzc3Y2Q0YWM3ZjQ2MWQ5ZGY5ZDgwMjdhZTg0NTAeFw0yMzAyMDIx
NTI4MDJaFw0yNTAyMDMxNTI4MDJaMDMxMTAvBgNVBAMTKGNlYmU2YTQ4NjEzOGY0
ZDVmY2Y3ZjQ3OGYzYzVjOGUyOWFhZjg1YzcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDSWJrSyBLLiVAMK43vc7LKT3gafm33bJ9zJlxrdXIJ1z6L+sZk
ky9DOZ9Q8l5i81YuTbFhYQ2VYA55LItIEl+2r8m/RLPRMP5SypG5LWp0ol3RLH68
W9MsLcFh4TgYOHxe3F+aYpXvsb+/gKfXwxIWEI8B03Z5wzV7o6NqPxx5IHQo/IfO
PKFjR2YvmrARhcoRADHPvAOdCmuuZXl+1uHCC8LYUoSgjBlAbOkyh95DOSNIAaxW
WJwOpyBT++/mITr2+Utgee155f7qTpL45M1m8pj0MdDEZgw/z5T85hiqc3JwFgxh
XVQpqaB4JcmJSttM5klmHr1OxDkLxYL2EDQzAgMBAAGjggJeMIICWjAdBgNVHQ4E
FgQUhFLI5Piyb27+48T/XfArSICpqfMwHwYDVR0jBBgwFoAUoAOKyjm7pTZizAwQ
XywBf6dq37gwDgYDVR0PAQH/BAQDAgeAMIGaBggrBgEFBQcBAQSBjTCBijCBhwYI
KwYBBQUHMAKGe3JzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jwa2kvbGFj
bmljLzQ4ZjA4M2JiLWY2MDMtNDg5My05OTkwLTAyODRjMDRjZWI4NS8zZWJlMTIx
OTJjNWE3NzdjZDRhYzdmNDYxZDlkZjlkODAyN2FlODQ1LmNlcjCBmgYIKwYBBQUH
AQsEgY0wgYowgYcGCCsGAQUFBzALhntyc3luYzovL3JlcG9zaXRvcnkubGFjbmlj
Lm5ldC9ycGtpL2xhY25pYy9hNjYzMzcyNi0zNWRmLTRiNmUtYjExZi1lYjIwZmIy
ZWJmMzAvY2ViZTZhNDg2MTM4ZjRkNWZjZjdmNDc4ZjNjNWM4ZTI5YWFmODVjNy5y
b2EwgY8GA1UdHwSBhzCBhDCBgaB/oH2Ge3JzeW5jOi8vcmVwb3NpdG9yeS5sYWNu
aWMubmV0L3Jwa2kvbGFjbmljL2E2NjMzNzI2LTM1ZGYtNGI2ZS1iMTFmLWViMjBm
YjJlYmYzMC8zZWJlMTIxOTJjNWE3NzdjZDRhYzdmNDYxZDlkZjlkODAyN2FlODQ1
LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMw
ETAPBAIAAjAJAwcAKAEBWQACMA0GCSqGSIb3DQEBCwUAA4IBAQAzSWIR50dGn6GI
6lRnsZp4WvUw4MqSDED8JCWy6xDYoJQVuDUVqVnooTD0OKOn9MpLu6owF0bEbjUB
pp5BY0JWhrXDHRNDE+B606z3izneQBNHLNrH+AXUDQ8FHnd+XG2BCoEfkBBGP3Qr
gHhJ0qBMurGiGxC827m6l84DtTeIxiSfrrN27w6k7p6utYtfrO1D5wFctqGG4xgw
BRe/10+lFvxODOz/d5hx0QOqt8XQ21zNh+E410NFqTheSE2uxJTr6r+CgNao+luv
6bXUfQoUv7WuRi1Fpi/hiIIQlJLFQ2CGaj86Bnjr8zPGVFCmiGrs6lRgzpzfZDo3
pKcUqKvx
-----END CERTIFICATE-----
Generated at Fri Mar 29 06:25:34 2024 by rpki-client on console-ams.rpki-client.org