Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/be17fe30-26bf-4a2b-83d8-1e80e398c063/c28d1bc50da56f2e6e847ec4759bb5644219aebd.roa
File:                     c28d1bc50da56f2e6e847ec4759bb5644219aebd.roa (raw, json)
Hash identifier:          tqUKY/0+NJnwHBlSGNcFNYRmhk7iIQmhSh/MIBI6vOw=
Subject key identifier:   D3:CE:E2:AB:AF:27:39:F8:60:3E:F1:CD:98:63:77:DC:6B:41:9B:7F
Certificate issuer:       /CN=224dea1fd2772d1b6b4820cdf6e1d40eeafef4c5
Certificate serial:       1347BB
Authority key identifier: 9E:E5:D1:FF:15:91:45:AE:59:15:D0:C3:A0:54:B8:92:42:48:34:63
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/224dea1fd2772d1b6b4820cdf6e1d40eeafef4c5.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/be17fe30-26bf-4a2b-83d8-1e80e398c063/c28d1bc50da56f2e6e847ec4759bb5644219aebd.roa
Signing time:             Tue 17 Jan 2023 17:21:04 +0000
ROA not before:           Mon 16 Jan 2023 17:19:09 +0000
ROA not after:            Fri 17 Jan 2025 17:19:09 +0000
asID:                     269991
IP address blocks:        2803:dee0::/32 maxlen: 32

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/be17fe30-26bf-4a2b-83d8-1e80e398c063/224dea1fd2772d1b6b4820cdf6e1d40eeafef4c5.crl
                          rsync://repository.lacnic.net/rpki/lacnic/be17fe30-26bf-4a2b-83d8-1e80e398c063/224dea1fd2772d1b6b4820cdf6e1d40eeafef4c5.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/224dea1fd2772d1b6b4820cdf6e1d40eeafef4c5.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 12:22:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1263547 (0x1347bb)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=224dea1fd2772d1b6b4820cdf6e1d40eeafef4c5
        Validity
            Not Before: Jan 16 17:19:09 2023 GMT
            Not After : Jan 17 17:19:09 2025 GMT
        Subject: CN=c28d1bc50da56f2e6e847ec4759bb5644219aebd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:24:a7:b7:be:29:de:24:73:15:a7:6d:04:a9:
                    96:91:b3:64:3d:eb:79:89:dd:6c:a4:0a:ce:a5:41:
                    64:b9:1b:4a:00:54:94:44:84:d7:37:67:ba:52:e7:
                    7c:86:2e:fd:d5:e5:32:60:3a:b7:58:ae:29:35:4c:
                    fb:6d:bd:c1:5b:32:87:57:56:13:a8:04:76:f3:5d:
                    47:18:ee:63:7b:b7:e8:a4:3b:22:bc:b5:59:9a:e4:
                    01:a1:fa:a4:46:82:e9:fb:82:4d:d1:3b:7a:41:a0:
                    da:b3:e7:96:ba:df:57:04:b1:e1:9d:71:a3:96:dc:
                    6e:92:b1:ab:cc:3a:9e:62:7d:09:19:64:7f:07:ac:
                    b4:e9:cb:80:f8:ac:52:e8:9b:cd:3a:bb:cd:af:76:
                    0c:26:6c:6f:a8:60:5d:58:69:16:ab:40:4d:ac:0a:
                    7f:12:5f:f9:96:2a:c8:1a:ce:f9:aa:c7:b3:91:e3:
                    82:19:15:e4:b1:e7:03:28:c2:56:eb:a0:c0:80:2a:
                    11:f1:f5:b1:d5:0d:bf:5b:95:b1:96:f9:d6:34:c2:
                    68:6b:87:d0:3b:c4:83:2e:24:4c:12:85:e1:54:7a:
                    2c:08:f5:26:d0:1f:f1:14:8d:6c:9e:78:04:23:d7:
                    21:f9:f8:5c:e2:d0:af:83:76:eb:5a:10:ab:32:e6:
                    40:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D3:CE:E2:AB:AF:27:39:F8:60:3E:F1:CD:98:63:77:DC:6B:41:9B:7F
            X509v3 Authority Key Identifier:
                keyid:9E:E5:D1:FF:15:91:45:AE:59:15:D0:C3:A0:54:B8:92:42:48:34:63

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/224dea1fd2772d1b6b4820cdf6e1d40eeafef4c5.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/be17fe30-26bf-4a2b-83d8-1e80e398c063/c28d1bc50da56f2e6e847ec4759bb5644219aebd.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/be17fe30-26bf-4a2b-83d8-1e80e398c063/224dea1fd2772d1b6b4820cdf6e1d40eeafef4c5.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2803:dee0::/32

    Signature Algorithm: sha256WithRSAEncryption
         65:79:7c:12:2b:e8:90:6e:d1:11:52:02:3a:7b:20:9f:88:0b:
         51:11:0f:40:80:8b:c7:b8:77:15:11:f3:36:2f:e5:59:bd:70:
         87:64:ca:cd:70:10:98:5e:d9:5e:ba:50:15:34:43:75:78:43:
         25:64:0a:aa:fc:e3:02:b3:91:d4:c5:0f:74:8d:6f:60:46:d3:
         23:2f:ca:1d:08:69:e3:c4:1e:5f:65:91:23:ce:fd:db:63:4d:
         87:b9:46:79:c2:e8:4d:f8:84:a5:5c:27:dd:4c:b5:8f:ce:d9:
         ed:95:fb:9b:1f:a9:ef:5f:db:f2:ae:3a:4b:d3:bf:83:c7:c6:
         01:a9:37:ab:e7:22:df:9c:cb:00:e7:06:1d:e9:05:1d:a9:1d:
         57:c6:55:0c:bc:87:6e:23:8b:82:e4:82:19:f0:e5:e7:68:33:
         2c:ab:4c:6b:0b:9c:1b:45:c9:13:3e:d9:38:66:fd:05:d9:58:
         36:ef:a6:cc:5c:e1:82:98:64:fd:d4:7f:9b:48:84:79:ca:09:
         6b:c5:17:d7:83:58:22:06:4d:7f:96:f9:cd:cb:03:6c:9a:2f:
         dd:c5:50:eb:c6:d9:ba:1f:63:95:83:6f:86:a6:89:ed:b8:c2:
         85:c1:97:80:2f:ac:2c:2c:4d:0f:a2:62:82:5e:51:39:f7:58:
         83:d7:bd:b0
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgIDE0e7MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDIy
NGRlYTFmZDI3NzJkMWI2YjQ4MjBjZGY2ZTFkNDBlZWFmZWY0YzUwHhcNMjMwMTE2
MTcxOTA5WhcNMjUwMTE3MTcxOTA5WjAzMTEwLwYDVQQDEyhjMjhkMWJjNTBkYTU2
ZjJlNmU4NDdlYzQ3NTliYjU2NDQyMTlhZWJkMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAmCSnt74p3iRzFadtBKmWkbNkPet5id1spArOpUFkuRtKAFSU
RITXN2e6Uud8hi791eUyYDq3WK4pNUz7bb3BWzKHV1YTqAR2811HGO5je7fopDsi
vLVZmuQBofqkRoLp+4JN0Tt6QaDas+eWut9XBLHhnXGjltxukrGrzDqeYn0JGWR/
B6y06cuA+KxS6JvNOrvNr3YMJmxvqGBdWGkWq0BNrAp/El/5lirIGs75qsezkeOC
GRXksecDKMJW66DAgCoR8fWx1Q2/W5WxlvnWNMJoa4fQO8SDLiRMEoXhVHosCPUm
0B/xFI1snngEI9ch+fhc4tCvg3brWhCrMuZAGwIDAQABo4ICXDCCAlgwHQYDVR0O
BBYEFNPO4quvJzn4YD7xzZhjd9xrQZt/MB8GA1UdIwQYMBaAFJ7l0f8VkUWuWRXQ
w6BUuJJCSDRjMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvMjI0ZGVh
MWZkMjc3MmQxYjZiNDgyMGNkZjZlMWQ0MGVlYWZlZjRjNS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvYmUxN2ZlMzAtMjZiZi00YTJiLTgzZDgtMWU4MGUz
OThjMDYzL2MyOGQxYmM1MGRhNTZmMmU2ZTg0N2VjNDc1OWJiNTY0NDIxOWFlYmQu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9iZTE3ZmUzMC0yNmJmLTRhMmItODNkOC0xZTgw
ZTM5OGMwNjMvMjI0ZGVhMWZkMjc3MmQxYjZiNDgyMGNkZjZlMWQ0MGVlYWZlZjRj
NS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQR
MA8wDQQCAAIwBwMFACgD3uAwDQYJKoZIhvcNAQELBQADggEBAGV5fBIr6JBu0RFS
Ajp7IJ+IC1ERD0CAi8e4dxUR8zYv5Vm9cIdkys1wEJhe2V66UBU0Q3V4QyVkCqr8
4wKzkdTFD3SNb2BG0yMvyh0IaePEHl9lkSPO/dtjTYe5RnnC6E34hKVcJ91MtY/O
2e2V+5sfqe9f2/KuOkvTv4PHxgGpN6vnIt+cywDnBh3pBR2pHVfGVQy8h24ji4Lk
ghnw5edoMyyrTGsLnBtFyRM+2Thm/QXZWDbvpsxc4YKYZP3Uf5tIhHnKCWvFF9eD
WCIGTX+W+c3LA2yaL93FUOvG2bofY5WDb4amie24woXBl4AvrCwsTQ+iYoJeUTn3
WIPXvbA=
-----END CERTIFICATE-----
Generated at Thu Mar 28 14:02:54 2024 by rpki-client on console-fra.rpki-client.org