Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/b957220c-7cec-4f43-92ed-f819af748e0b/2b96863e068d5769f245c811aeed18ee7315ada2.roa
File:                     2b96863e068d5769f245c811aeed18ee7315ada2.roa (raw, json)
Hash identifier:          rN9Xc+IbhkdiDwM9xfJwUIf4xXiNjJwO2xWWMghKzBM=
Subject key identifier:   8F:C4:24:42:6A:8B:B2:17:80:99:FD:9F:38:95:62:A6:7D:A5:F2:C1
Certificate issuer:       /CN=4b7abec4f849963dc643b8a5f832ceabcc5ba2ac
Certificate serial:       0CFB82
Authority key identifier: 5D:D8:34:2B:FF:92:96:38:67:66:D2:36:2B:32:5A:2B:F4:7C:BF:14
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/4b7abec4f849963dc643b8a5f832ceabcc5ba2ac.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/b957220c-7cec-4f43-92ed-f819af748e0b/2b96863e068d5769f245c811aeed18ee7315ada2.roa
Signing time:             Wed 24 Mar 2021 14:33:01 +0000
ROA not before:           Wed 24 Mar 2021 14:33:01 +0000
ROA not after:            Tue 24 Mar 2026 14:33:01 +0000
asID:                     264794
IP address blocks:        2803:44c0::/32 maxlen: 48

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/b957220c-7cec-4f43-92ed-f819af748e0b/4b7abec4f849963dc643b8a5f832ceabcc5ba2ac.crl
                          rsync://repository.lacnic.net/rpki/lacnic/b957220c-7cec-4f43-92ed-f819af748e0b/4b7abec4f849963dc643b8a5f832ceabcc5ba2ac.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/4b7abec4f849963dc643b8a5f832ceabcc5ba2ac.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 19:38:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 850818 (0xcfb82)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4b7abec4f849963dc643b8a5f832ceabcc5ba2ac
        Validity
            Not Before: Mar 24 14:33:01 2021 GMT
            Not After : Mar 24 14:33:01 2026 GMT
        Subject: CN=2b96863e068d5769f245c811aeed18ee7315ada2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:3a:a7:75:1e:46:ff:c6:48:34:25:76:4c:0f:
                    e2:54:dc:ef:c7:e1:42:91:60:3d:b2:2d:75:9d:3d:
                    31:ab:b7:6b:a2:81:6d:9b:21:b4:fa:47:3a:48:86:
                    ac:e0:b9:78:7d:ae:3f:64:87:f2:d8:ef:c6:56:d1:
                    a4:7e:0b:a2:1a:bf:e6:f8:65:2f:45:ff:a4:c2:9e:
                    be:48:3a:4c:f8:33:a9:9c:9b:04:f7:5b:b3:11:1a:
                    56:7c:e9:af:cd:2d:34:32:07:a0:29:de:99:93:73:
                    29:25:27:3e:93:42:59:90:ea:78:98:77:5a:47:9f:
                    1b:38:fa:d6:39:8e:57:fa:39:47:42:0a:e5:47:55:
                    fe:ad:d5:c3:60:a9:d5:47:1b:ee:23:54:64:03:ed:
                    31:51:5f:f9:97:b6:e6:33:75:54:8f:b5:06:3a:aa:
                    a6:0e:50:da:6e:1f:d8:99:ec:da:ad:3a:75:da:1a:
                    9e:4e:91:2e:fd:f7:01:60:b5:46:69:0d:f8:e7:fd:
                    36:74:bf:4b:4f:ed:db:6e:cf:71:27:f5:ea:bb:ea:
                    f7:d6:ac:6b:4c:13:bd:22:36:67:83:b2:23:b8:33:
                    07:9c:9a:80:88:3b:eb:27:f3:70:5c:cb:f4:82:31:
                    71:84:ac:1b:b6:9e:cb:dc:4e:ba:b8:80:10:c1:e1:
                    e9:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8F:C4:24:42:6A:8B:B2:17:80:99:FD:9F:38:95:62:A6:7D:A5:F2:C1
            X509v3 Authority Key Identifier:
                keyid:5D:D8:34:2B:FF:92:96:38:67:66:D2:36:2B:32:5A:2B:F4:7C:BF:14

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/4b7abec4f849963dc643b8a5f832ceabcc5ba2ac.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/b957220c-7cec-4f43-92ed-f819af748e0b/2b96863e068d5769f245c811aeed18ee7315ada2.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/b957220c-7cec-4f43-92ed-f819af748e0b/4b7abec4f849963dc643b8a5f832ceabcc5ba2ac.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2803:44c0::/32

    Signature Algorithm: sha256WithRSAEncryption
         15:a7:c2:7a:a9:51:56:16:ca:37:97:d7:05:a2:f0:39:c0:59:
         c4:40:4e:b9:43:67:c8:be:d5:49:31:67:7b:99:22:13:48:72:
         e4:c5:35:d0:db:5f:6d:ca:52:f5:42:59:1c:21:cc:0c:5f:b6:
         00:a4:95:d8:a8:9a:e2:86:a2:e3:bc:7e:73:54:4f:2c:5a:ed:
         c2:95:cf:d9:3d:b1:7d:33:89:92:10:3e:38:5b:10:db:56:92:
         9e:ac:1e:92:97:3d:04:f6:c5:67:81:e6:f4:0b:89:5a:0c:17:
         61:7c:91:47:40:32:a2:2c:fe:b3:29:45:fd:09:10:8c:2a:0d:
         ae:25:2a:8c:e3:73:ce:bf:0a:a0:13:d5:c4:a0:d8:46:da:09:
         25:b4:8c:8b:4a:6f:1f:03:f5:7b:1b:e4:94:36:37:40:1c:45:
         1c:1a:c3:50:3c:71:89:73:98:ab:3b:b2:91:4d:8b:75:34:df:
         1f:a8:6e:d6:b7:6f:34:a9:a7:02:d1:f9:7d:52:b7:74:09:12:
         48:91:c3:70:91:95:f5:b6:97:89:54:87:e3:9b:1d:b9:aa:57:
         ec:7e:aa:ca:15:65:1e:ff:45:c6:3c:bc:57:ac:d1:ce:67:36:
         fc:79:ab:4a:41:a3:c9:7e:05:8d:ae:c0:d1:b5:25:04:f3:fd:
         d3:e2:3b:64
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgIDDPuCMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDRi
N2FiZWM0Zjg0OTk2M2RjNjQzYjhhNWY4MzJjZWFiY2M1YmEyYWMwHhcNMjEwMzI0
MTQzMzAxWhcNMjYwMzI0MTQzMzAxWjAzMTEwLwYDVQQDEygyYjk2ODYzZTA2OGQ1
NzY5ZjI0NWM4MTFhZWVkMThlZTczMTVhZGEyMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAuDqndR5G/8ZINCV2TA/iVNzvx+FCkWA9si11nT0xq7drooFt
myG0+kc6SIas4Ll4fa4/ZIfy2O/GVtGkfguiGr/m+GUvRf+kwp6+SDpM+DOpnJsE
91uzERpWfOmvzS00MgegKd6Zk3MpJSc+k0JZkOp4mHdaR58bOPrWOY5X+jlHQgrl
R1X+rdXDYKnVRxvuI1RkA+0xUV/5l7bmM3VUj7UGOqqmDlDabh/YmezarTp12hqe
TpEu/fcBYLVGaQ345/02dL9LT+3bbs9xJ/Xqu+r31qxrTBO9IjZng7IjuDMHnJqA
iDvrJ/NwXMv0gjFxhKwbtp7L3E66uIAQweHpJQIDAQABo4ICXDCCAlgwHQYDVR0O
BBYEFI/EJEJqi7IXgJn9nziVYqZ9pfLBMB8GA1UdIwQYMBaAFF3YNCv/kpY4Z2bS
NisyWiv0fL8UMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvNGI3YWJl
YzRmODQ5OTYzZGM2NDNiOGE1ZjgzMmNlYWJjYzViYTJhYy5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvYjk1NzIyMGMtN2NlYy00ZjQzLTkyZWQtZjgxOWFm
NzQ4ZTBiLzJiOTY4NjNlMDY4ZDU3NjlmMjQ1YzgxMWFlZWQxOGVlNzMxNWFkYTIu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9iOTU3MjIwYy03Y2VjLTRmNDMtOTJlZC1mODE5
YWY3NDhlMGIvNGI3YWJlYzRmODQ5OTYzZGM2NDNiOGE1ZjgzMmNlYWJjYzViYTJh
Yy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQR
MA8wDQQCAAIwBwMFACgDRMAwDQYJKoZIhvcNAQELBQADggEBABWnwnqpUVYWyjeX
1wWi8DnAWcRATrlDZ8i+1UkxZ3uZIhNIcuTFNdDbX23KUvVCWRwhzAxftgCkldio
muKGouO8fnNUTyxa7cKVz9k9sX0ziZIQPjhbENtWkp6sHpKXPQT2xWeB5vQLiVoM
F2F8kUdAMqIs/rMpRf0JEIwqDa4lKozjc86/CqAT1cSg2EbaCSW0jItKbx8D9Xsb
5JQ2N0AcRRwaw1A8cYlzmKs7spFNi3U03x+obta3bzSppwLR+X1St3QJEkiRw3CR
lfW2l4lUh+ObHbmqV+x+qsoVZR7/RcY8vFes0c5nNvx5q0pBo8l+BY2uwNG1JQTz
/dPiO2Q=
-----END CERTIFICATE-----
Generated at Thu Mar 28 21:30:59 2024 by rpki-client on console-ams.rpki-client.org