Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/bcf91970-903a-4734-815f-762b38efe5a3/820e61d7cc555ee5d16630aeced63daa8a3be939.roa
File:                     820e61d7cc555ee5d16630aeced63daa8a3be939.roa (raw, json)
Hash identifier:          EiEmiTrsmDcn4PNe5e0NrNSiswWM9hQ++RD78RULbq4=
Subject key identifier:   63:66:8B:F8:48:D7:2C:87:9C:7C:C1:B8:02:66:2D:69:66:56:4F:59
Certificate issuer:       /CN=9d44e5cc8623c5cdabd559bdad688e9f03759533
Certificate serial:       12525F
Authority key identifier: 88:50:96:CD:A6:E7:72:8D:C1:9C:13:39:45:81:74:B5:69:6E:44:F4
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/9d44e5cc8623c5cdabd559bdad688e9f03759533.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/bcf91970-903a-4734-815f-762b38efe5a3/820e61d7cc555ee5d16630aeced63daa8a3be939.roa
Signing time:             Tue 21 Sep 2021 02:17:55 +0000
ROA not before:           Mon 20 Sep 2021 03:00:00 +0000
ROA not after:            Wed 20 Sep 2023 03:00:00 +0000
asID:                     61506
IP address blocks:        2803:4640::/32 maxlen: 32

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/bcf91970-903a-4734-815f-762b38efe5a3/9d44e5cc8623c5cdabd559bdad688e9f03759533.crl
                          rsync://repository.lacnic.net/rpki/lacnic/bcf91970-903a-4734-815f-762b38efe5a3/9d44e5cc8623c5cdabd559bdad688e9f03759533.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/9d44e5cc8623c5cdabd559bdad688e9f03759533.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 18 Mar 2023 08:07:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1200735 (0x12525f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9d44e5cc8623c5cdabd559bdad688e9f03759533
        Validity
            Not Before: Sep 20 03:00:00 2021 GMT
            Not After : Sep 20 03:00:00 2023 GMT
        Subject: CN=820e61d7cc555ee5d16630aeced63daa8a3be939
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:48:3b:1c:80:3d:cb:86:3d:a3:11:66:ca:50:
                    8b:3b:dd:89:a7:f0:a2:4b:d9:7f:4c:bb:fe:98:4f:
                    c5:82:c4:c4:ba:c7:7d:d0:ee:32:39:a2:c7:af:fe:
                    fe:5f:47:67:42:8a:f1:8d:75:be:99:9b:98:f1:45:
                    a4:85:f9:94:89:42:89:e0:5c:31:24:99:06:18:44:
                    7e:53:4a:44:26:ef:81:81:11:12:a2:a9:0f:f3:ff:
                    6d:7f:0a:f2:3a:4a:50:67:16:4f:41:10:38:03:11:
                    37:4f:15:01:41:40:d9:95:e2:6d:fd:5d:cf:a1:e5:
                    fa:94:20:20:7d:af:f0:8e:38:00:e0:f5:f6:a4:f0:
                    c0:b5:67:ad:6f:5e:f7:62:ba:00:d5:df:79:4d:5a:
                    2a:94:eb:65:17:08:29:ec:c1:b3:fe:40:22:58:a8:
                    df:70:47:bf:e7:3f:5e:da:7a:a1:14:af:9a:1a:62:
                    7d:b3:94:20:a1:99:03:09:97:d1:7c:77:1d:38:b3:
                    e0:c0:2a:a2:27:6e:e7:99:1c:a5:56:50:d1:fa:15:
                    b5:df:28:76:76:3f:39:30:b1:cc:e0:26:f0:07:08:
                    64:a0:a2:33:a7:e5:f7:73:9e:0e:56:32:9e:97:84:
                    60:cb:8f:9b:23:5e:89:68:04:32:b0:c2:44:bd:5c:
                    75:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                63:66:8B:F8:48:D7:2C:87:9C:7C:C1:B8:02:66:2D:69:66:56:4F:59
            X509v3 Authority Key Identifier: 
                keyid:88:50:96:CD:A6:E7:72:8D:C1:9C:13:39:45:81:74:B5:69:6E:44:F4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/9d44e5cc8623c5cdabd559bdad688e9f03759533.cer

            Subject Information Access: 
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/bcf91970-903a-4734-815f-762b38efe5a3/820e61d7cc555ee5d16630aeced63daa8a3be939.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/bcf91970-903a-4734-815f-762b38efe5a3/9d44e5cc8623c5cdabd559bdad688e9f03759533.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2803:4640::/32

    Signature Algorithm: sha256WithRSAEncryption
         13:ef:30:8c:e9:8f:86:da:15:ec:6f:12:c1:58:49:75:18:05:
         6d:44:63:ae:2e:45:ef:51:b8:6f:93:d0:a4:52:35:ba:92:aa:
         ee:80:f6:fd:7a:cc:bf:fb:84:67:44:60:bf:15:7a:78:1d:b5:
         80:65:30:bd:5b:57:16:dd:6a:b1:ee:f3:b0:b4:1b:5f:b4:f4:
         ac:4a:a7:84:9c:79:b3:09:22:8c:9e:77:d2:3a:dd:af:ec:c3:
         7e:37:bc:02:2c:be:84:2e:50:64:b9:23:89:fe:6d:c6:8e:83:
         1f:96:24:61:ee:cc:59:41:71:08:49:bb:23:1a:20:6a:8d:99:
         1a:e4:72:a2:72:ea:8e:c9:4b:1c:75:24:6d:8c:4f:51:c5:f8:
         f5:d2:ce:eb:0a:00:a0:ea:1d:c4:90:e1:df:7f:b5:7b:e5:82:
         5c:71:64:b4:db:a6:6e:38:4b:6b:04:27:ef:b7:12:c4:42:c9:
         f9:fd:81:cf:ea:38:59:07:fd:fe:4b:fc:11:ca:b1:ca:67:f7:
         e4:7b:c5:0d:4d:0f:2e:66:51:36:14:c4:94:5b:0f:06:0a:4d:
         cf:7b:42:d7:08:3c:c3:3f:0c:3e:43:8c:67:e0:fe:04:85:65:
         b2:e8:21:5b:7b:a0:13:5a:c8:76:f8:54:d2:3a:47:6e:a3:31:
         7a:58:29:b9
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgIDElJfMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDlk
NDRlNWNjODYyM2M1Y2RhYmQ1NTliZGFkNjg4ZTlmMDM3NTk1MzMwHhcNMjEwOTIw
MDMwMDAwWhcNMjMwOTIwMDMwMDAwWjAzMTEwLwYDVQQDEyg4MjBlNjFkN2NjNTU1
ZWU1ZDE2NjMwYWVjZWQ2M2RhYThhM2JlOTM5MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA4Eg7HIA9y4Y9oxFmylCLO92Jp/CiS9l/TLv+mE/FgsTEusd9
0O4yOaLHr/7+X0dnQorxjXW+mZuY8UWkhfmUiUKJ4FwxJJkGGER+U0pEJu+BgRES
oqkP8/9tfwryOkpQZxZPQRA4AxE3TxUBQUDZleJt/V3PoeX6lCAgfa/wjjgA4PX2
pPDAtWetb173YroA1d95TVoqlOtlFwgp7MGz/kAiWKjfcEe/5z9e2nqhFK+aGmJ9
s5QgoZkDCZfRfHcdOLPgwCqiJ27nmRylVlDR+hW13yh2dj85MLHM4CbwBwhkoKIz
p+X3c54OVjKel4Rgy4+bI16JaAQysMJEvVx1xwIDAQABo4ICXDCCAlgwHQYDVR0O
BBYEFGNmi/hI1yyHnHzBuAJmLWlmVk9ZMB8GA1UdIwQYMBaAFIhQls2m53KNwZwT
OUWBdLVpbkT0MA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvOWQ0NGU1
Y2M4NjIzYzVjZGFiZDU1OWJkYWQ2ODhlOWYwMzc1OTUzMy5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvYmNmOTE5NzAtOTAzYS00NzM0LTgxNWYtNzYyYjM4
ZWZlNWEzLzgyMGU2MWQ3Y2M1NTVlZTVkMTY2MzBhZWNlZDYzZGFhOGEzYmU5Mzku
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9iY2Y5MTk3MC05MDNhLTQ3MzQtODE1Zi03NjJi
MzhlZmU1YTMvOWQ0NGU1Y2M4NjIzYzVjZGFiZDU1OWJkYWQ2ODhlOWYwMzc1OTUz
My5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQR
MA8wDQQCAAIwBwMFACgDRkAwDQYJKoZIhvcNAQELBQADggEBABPvMIzpj4baFexv
EsFYSXUYBW1EY64uRe9RuG+T0KRSNbqSqu6A9v16zL/7hGdEYL8VengdtYBlML1b
VxbdarHu87C0G1+09KxKp4ScebMJIoyed9I63a/sw343vAIsvoQuUGS5I4n+bcaO
gx+WJGHuzFlBcQhJuyMaIGqNmRrkcqJy6o7JSxx1JG2MT1HF+PXSzusKAKDqHcSQ
4d9/tXvlglxxZLTbpm44S2sEJ++3EsRCyfn9gc/qOFkH/f5L/BHKscpn9+R7xQ1N
Dy5mUTYUxJRbDwYKTc97QtcIPMM/DD5DjGfg/gSFZbLoIVt7oBNayHb4VNI6R26j
MXpYKbk=
-----END CERTIFICATE-----
Generated at Wed Mar 15 11:46:53 2023 by rpki-client on console-fra.rpki-client.org