Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/a8ca7c1e-d8c4-4e98-a9f2-6a38acd124c0/210b50d5204bc1925b60785e66921bcb8d1312c9.roa
File:                     210b50d5204bc1925b60785e66921bcb8d1312c9.roa (raw, json)
Hash identifier:          HG5aZab++zEsGfDgw5Hg7KqAcIr3NVJcWNKWVQfZ5Q4=
Subject key identifier:   AE:17:83:58:9C:5B:FA:6F:F0:E3:58:F1:43:4D:F6:2E:16:72:E5:3E
Certificate issuer:       /CN=6af76d03537ffc48ed548ee10d0640bdebb815c6
Certificate serial:       8CD1
Authority key identifier: B3:21:AA:16:AC:B9:29:E4:21:55:55:CD:87:D9:27:95:F8:05:0D:BF
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/6af76d03537ffc48ed548ee10d0640bdebb815c6.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/a8ca7c1e-d8c4-4e98-a9f2-6a38acd124c0/210b50d5204bc1925b60785e66921bcb8d1312c9.roa
Signing time:             Fri 27 Oct 2023 20:50:58 +0000
ROA not before:           Fri 27 Oct 2023 20:50:58 +0000
ROA not after:            Mon 27 Oct 2025 20:50:58 +0000
asID:                     273100
IP address blocks:        2803:d050::/32 maxlen: 32

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/a8ca7c1e-d8c4-4e98-a9f2-6a38acd124c0/6af76d03537ffc48ed548ee10d0640bdebb815c6.crl
                          rsync://repository.lacnic.net/rpki/lacnic/a8ca7c1e-d8c4-4e98-a9f2-6a38acd124c0/6af76d03537ffc48ed548ee10d0640bdebb815c6.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/6af76d03537ffc48ed548ee10d0640bdebb815c6.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 26 Feb 2024 16:36:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 36049 (0x8cd1)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6af76d03537ffc48ed548ee10d0640bdebb815c6
        Validity
            Not Before: Oct 27 20:50:58 2023 GMT
            Not After : Oct 27 20:50:58 2025 GMT
        Subject: CN=210b50d5204bc1925b60785e66921bcb8d1312c9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:1a:22:d4:f1:1d:51:a6:b8:a7:c4:6f:8f:95:
                    70:29:3d:55:b6:6b:10:63:b0:65:63:04:91:4e:a2:
                    a6:49:76:b3:32:11:f7:1a:ef:64:e5:99:b8:26:7a:
                    49:85:1e:b3:9a:17:1d:06:3c:e9:41:db:e1:03:d8:
                    1e:e5:fb:90:f8:87:77:79:d9:17:b3:f2:3e:75:06:
                    95:3e:bd:e1:95:66:28:50:63:c0:94:b2:6e:13:fa:
                    6d:5f:d1:c4:02:06:a0:c7:0b:49:7f:9b:64:87:3f:
                    a9:a7:05:32:09:b3:2e:25:e4:3e:84:b2:29:b6:6d:
                    f5:99:c9:0a:66:8d:08:b4:ef:e6:ee:90:d1:5d:ac:
                    7e:c5:91:7b:0a:6d:14:c0:45:3f:de:99:db:37:7e:
                    64:cd:68:68:20:08:1f:83:e5:b5:3c:5b:db:15:47:
                    dd:12:47:db:d6:68:0f:c1:28:8f:1e:7c:16:37:13:
                    38:b9:4f:f5:16:10:f6:f2:61:ce:a7:75:69:c2:0d:
                    fb:33:b1:19:3d:e3:04:93:80:8b:01:4d:34:bf:8e:
                    f3:b0:a3:d2:78:5f:d8:f6:21:df:7f:c4:6f:07:c0:
                    47:fa:c0:6a:c8:e1:57:f4:d0:f6:95:c8:5e:29:05:
                    8a:0a:97:76:3f:8e:7a:a1:bd:95:0e:36:6f:d8:ce:
                    db:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AE:17:83:58:9C:5B:FA:6F:F0:E3:58:F1:43:4D:F6:2E:16:72:E5:3E
            X509v3 Authority Key Identifier:
                keyid:B3:21:AA:16:AC:B9:29:E4:21:55:55:CD:87:D9:27:95:F8:05:0D:BF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/6af76d03537ffc48ed548ee10d0640bdebb815c6.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/a8ca7c1e-d8c4-4e98-a9f2-6a38acd124c0/210b50d5204bc1925b60785e66921bcb8d1312c9.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/a8ca7c1e-d8c4-4e98-a9f2-6a38acd124c0/6af76d03537ffc48ed548ee10d0640bdebb815c6.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2803:d050::/32

    Signature Algorithm: sha256WithRSAEncryption
         02:29:e5:41:e1:84:a1:0b:ff:04:65:3b:90:6c:8b:67:f0:ad:
         4d:ba:60:fb:b1:12:8c:46:9b:f4:25:0d:0b:ca:5d:83:c8:18:
         ee:0c:64:55:a8:72:3d:7c:71:8a:c7:8a:47:e8:9c:e0:76:f9:
         de:37:99:c3:f5:94:b0:6f:a0:9d:ba:99:36:63:c4:57:34:90:
         11:56:a2:74:bc:30:3f:99:55:f4:0a:17:8a:01:7b:01:89:52:
         51:06:2e:8a:d2:dd:d8:f3:54:15:e0:bc:41:ab:29:bd:37:59:
         07:ce:1a:ce:bd:35:35:f3:c8:7b:e1:5f:24:97:b7:ca:2f:46:
         03:6d:d3:cd:a8:9f:0a:c4:e1:8c:6e:df:c0:40:54:08:a1:b2:
         2e:04:17:a6:60:64:61:b3:91:be:14:62:fc:28:0f:a3:c6:92:
         1a:d6:18:9f:2c:0e:3e:a3:fb:68:62:42:54:3c:4b:d9:7e:fa:
         a5:02:28:59:b3:79:e7:5f:69:43:2a:65:3a:79:b1:51:8d:5b:
         73:2a:31:00:2e:61:bd:7d:7a:a8:c5:73:63:c0:13:a5:f8:5d:
         74:2e:e1:e8:21:a5:b1:bd:b3:ce:d0:66:c5:ef:2b:26:82:58:
         ff:37:cf:58:4a:6d:ee:d4:3a:2b:73:fe:5f:b3:af:49:0d:06:
         7f:be:67:a2
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgIDAIzRMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDZh
Zjc2ZDAzNTM3ZmZjNDhlZDU0OGVlMTBkMDY0MGJkZWJiODE1YzYwHhcNMjMxMDI3
MjA1MDU4WhcNMjUxMDI3MjA1MDU4WjAzMTEwLwYDVQQDEygyMTBiNTBkNTIwNGJj
MTkyNWI2MDc4NWU2NjkyMWJjYjhkMTMxMmM5MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAqRoi1PEdUaa4p8Rvj5VwKT1VtmsQY7BlYwSRTqKmSXazMhH3
Gu9k5Zm4JnpJhR6zmhcdBjzpQdvhA9ge5fuQ+Id3edkXs/I+dQaVPr3hlWYoUGPA
lLJuE/ptX9HEAgagxwtJf5tkhz+ppwUyCbMuJeQ+hLIptm31mckKZo0ItO/m7pDR
Xax+xZF7Cm0UwEU/3pnbN35kzWhoIAgfg+W1PFvbFUfdEkfb1mgPwSiPHnwWNxM4
uU/1FhD28mHOp3Vpwg37M7EZPeMEk4CLAU00v47zsKPSeF/Y9iHff8RvB8BH+sBq
yOFX9ND2lcheKQWKCpd2P456ob2VDjZv2M7b+QIDAQABo4ICXDCCAlgwHQYDVR0O
BBYEFK4Xg1icW/pv8ONY8UNN9i4WcuU+MB8GA1UdIwQYMBaAFLMhqhasuSnkIVVV
zYfZJ5X4BQ2/MA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvNmFmNzZk
MDM1MzdmZmM0OGVkNTQ4ZWUxMGQwNjQwYmRlYmI4MTVjNi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvYThjYTdjMWUtZDhjNC00ZTk4LWE5ZjItNmEzOGFj
ZDEyNGMwLzIxMGI1MGQ1MjA0YmMxOTI1YjYwNzg1ZTY2OTIxYmNiOGQxMzEyYzku
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9hOGNhN2MxZS1kOGM0LTRlOTgtYTlmMi02YTM4
YWNkMTI0YzAvNmFmNzZkMDM1MzdmZmM0OGVkNTQ4ZWUxMGQwNjQwYmRlYmI4MTVj
Ni5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQR
MA8wDQQCAAIwBwMFACgD0FAwDQYJKoZIhvcNAQELBQADggEBAAIp5UHhhKEL/wRl
O5Bsi2fwrU26YPuxEoxGm/QlDQvKXYPIGO4MZFWocj18cYrHikfonOB2+d43mcP1
lLBvoJ26mTZjxFc0kBFWonS8MD+ZVfQKF4oBewGJUlEGLorS3djzVBXgvEGrKb03
WQfOGs69NTXzyHvhXySXt8ovRgNt082onwrE4Yxu38BAVAihsi4EF6ZgZGGzkb4U
YvwoD6PGkhrWGJ8sDj6j+2hiQlQ8S9l++qUCKFmzeedfaUMqZTp5sVGNW3MqMQAu
Yb19eqjFc2PAE6X4XXQu4eghpbG9s87QZsXvKyaCWP83z1hKbe7UOitz/l+zr0kN
Bn++Z6I=
-----END CERTIFICATE-----
Generated at Fri Feb 23 20:02:58 2024 by rpki-client on console-fra.rpki-client.org