Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/bee6a1fe-c4e0-4236-8170-de0d77f4e292/f4305c900029f5524df1b9ed60395d5a1c728858.roa
File:                     f4305c900029f5524df1b9ed60395d5a1c728858.roa (raw, json)
Hash identifier:          bkq2nv8RYUnoyvONcH96O6gzUQoy1J7i2EpmVJW6hyA=
Subject key identifier:   80:59:58:0B:1F:49:4B:52:19:CD:5B:D9:F3:25:B3:CA:BF:D4:92:D8
Certificate issuer:       /CN=56c3a26bfe1f2ba89c0d10d235f8d546cb537932
Certificate serial:       0D359B
Authority key identifier: FF:D6:0A:3D:12:E8:DE:BE:61:82:65:33:ED:71:64:80:7D:B2:08:69
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/56c3a26bfe1f2ba89c0d10d235f8d546cb537932.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/bee6a1fe-c4e0-4236-8170-de0d77f4e292/f4305c900029f5524df1b9ed60395d5a1c728858.roa
Signing time:             Wed 24 Mar 2021 14:34:00 +0000
ROA not before:           Wed 24 Mar 2021 14:34:00 +0000
ROA not after:            Tue 24 Mar 2026 14:34:00 +0000
asID:                     267848
IP address blocks:        2800:be0:3e2::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/bee6a1fe-c4e0-4236-8170-de0d77f4e292/56c3a26bfe1f2ba89c0d10d235f8d546cb537932.crl
                          rsync://repository.lacnic.net/rpki/lacnic/bee6a1fe-c4e0-4236-8170-de0d77f4e292/56c3a26bfe1f2ba89c0d10d235f8d546cb537932.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/56c3a26bfe1f2ba89c0d10d235f8d546cb537932.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 19:38:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 865691 (0xd359b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=56c3a26bfe1f2ba89c0d10d235f8d546cb537932
        Validity
            Not Before: Mar 24 14:34:00 2021 GMT
            Not After : Mar 24 14:34:00 2026 GMT
        Subject: CN=f4305c900029f5524df1b9ed60395d5a1c728858
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:8d:d5:d9:b3:7e:63:f7:a8:e1:a7:25:e6:a5:
                    5c:19:22:2b:6e:82:ae:61:31:73:a5:3b:f6:30:52:
                    8a:e1:fb:70:05:7f:a2:6f:a6:ee:9d:0c:76:94:af:
                    37:46:57:46:e7:16:7d:ea:5e:c8:09:83:ac:cd:b1:
                    e9:20:d7:fb:3c:77:2b:7d:cf:ca:63:4c:bc:ce:eb:
                    18:c4:e1:fa:ae:c4:3b:2f:6d:93:04:86:5d:8a:ff:
                    7e:de:6d:9c:41:90:3c:9e:08:55:69:68:16:c0:7a:
                    8f:ef:9d:ad:24:c4:93:c7:12:a3:8e:6f:38:2b:c2:
                    4c:c9:1d:b5:b5:e8:b3:2a:c5:1c:cf:08:b1:47:af:
                    d7:bb:21:13:cb:14:97:59:6a:ba:02:c8:4d:a4:fd:
                    d3:f5:96:47:69:bb:56:4e:4f:5c:31:b6:bf:ed:99:
                    11:9e:28:8e:74:2a:37:8c:00:b0:31:ba:08:fe:91:
                    3f:b1:a5:60:5c:9a:78:dd:6d:de:31:fd:ad:fb:1a:
                    3e:24:9f:63:a8:73:03:e2:6c:2a:0c:10:93:0a:f7:
                    fc:3a:23:ff:b7:82:ad:d8:97:9b:5b:75:7b:88:ff:
                    0b:61:d4:17:41:a5:57:48:db:40:b4:4b:1d:93:d1:
                    d0:e8:73:cc:8b:1b:d8:b1:f9:f2:90:e4:7f:2b:0c:
                    45:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                80:59:58:0B:1F:49:4B:52:19:CD:5B:D9:F3:25:B3:CA:BF:D4:92:D8
            X509v3 Authority Key Identifier:
                keyid:FF:D6:0A:3D:12:E8:DE:BE:61:82:65:33:ED:71:64:80:7D:B2:08:69

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/56c3a26bfe1f2ba89c0d10d235f8d546cb537932.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/bee6a1fe-c4e0-4236-8170-de0d77f4e292/f4305c900029f5524df1b9ed60395d5a1c728858.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/bee6a1fe-c4e0-4236-8170-de0d77f4e292/56c3a26bfe1f2ba89c0d10d235f8d546cb537932.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2800:be0:3e2::/48

    Signature Algorithm: sha256WithRSAEncryption
         3c:1e:75:3c:d9:dc:6f:42:d6:1b:92:ef:4b:39:49:e0:6f:36:
         08:be:e8:63:49:97:08:87:8a:6b:c5:f1:fc:60:16:80:4f:8e:
         6e:88:8b:2a:01:a3:16:c2:a8:ed:b9:4b:3d:3b:cd:9f:4d:1d:
         1b:2f:c9:b8:80:ab:5f:ae:98:88:35:50:cd:4b:62:91:25:74:
         74:09:39:53:3a:6c:d4:03:79:94:81:ea:85:f4:90:7a:4d:c9:
         09:9f:90:24:59:3f:32:d0:94:21:aa:1e:c4:19:d5:fc:55:2c:
         bd:f8:ea:98:9f:b7:11:0a:4c:ed:85:df:b1:35:26:a4:8f:f4:
         fa:31:65:33:5c:bf:8e:8c:fb:79:0e:ca:74:82:6f:a6:c4:a5:
         12:a1:66:49:54:1e:fe:97:c7:1b:ac:45:28:b0:9c:33:0b:ac:
         e9:cc:4b:dc:9c:af:7f:04:6e:93:c9:e7:f2:d2:15:44:fa:4c:
         d9:c6:58:4c:a0:1e:7d:90:35:62:b0:f0:80:c3:da:97:f4:c3:
         60:01:be:33:95:f2:02:78:fe:3b:94:b3:62:23:c6:8c:02:8e:
         49:41:29:dd:04:b7:5e:59:77:1d:f5:9f:9c:2d:de:e2:85:b6:
         21:3d:2a:2d:9c:62:64:45:9a:8b:4c:22:dd:ab:2e:f3:0a:aa:
         84:be:ff:89
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgIDDTWbMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDU2
YzNhMjZiZmUxZjJiYTg5YzBkMTBkMjM1ZjhkNTQ2Y2I1Mzc5MzIwHhcNMjEwMzI0
MTQzNDAwWhcNMjYwMzI0MTQzNDAwWjAzMTEwLwYDVQQDEyhmNDMwNWM5MDAwMjlm
NTUyNGRmMWI5ZWQ2MDM5NWQ1YTFjNzI4ODU4MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAyI3V2bN+Y/eo4acl5qVcGSIrboKuYTFzpTv2MFKK4ftwBX+i
b6bunQx2lK83RldG5xZ96l7ICYOszbHpINf7PHcrfc/KY0y8zusYxOH6rsQ7L22T
BIZdiv9+3m2cQZA8nghVaWgWwHqP752tJMSTxxKjjm84K8JMyR21teizKsUczwix
R6/XuyETyxSXWWq6AshNpP3T9ZZHabtWTk9cMba/7ZkRniiOdCo3jACwMboI/pE/
saVgXJp43W3eMf2t+xo+JJ9jqHMD4mwqDBCTCvf8OiP/t4Kt2JebW3V7iP8LYdQX
QaVXSNtAtEsdk9HQ6HPMixvYsfnykOR/KwxFBQIDAQABo4ICXjCCAlowHQYDVR0O
BBYEFIBZWAsfSUtSGc1b2fMls8q/1JLYMB8GA1UdIwQYMBaAFP/WCj0S6N6+YYJl
M+1xZIB9sghpMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvNTZjM2Ey
NmJmZTFmMmJhODljMGQxMGQyMzVmOGQ1NDZjYjUzNzkzMi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvYmVlNmExZmUtYzRlMC00MjM2LTgxNzAtZGUwZDc3
ZjRlMjkyL2Y0MzA1YzkwMDAyOWY1NTI0ZGYxYjllZDYwMzk1ZDVhMWM3Mjg4NTgu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9iZWU2YTFmZS1jNGUwLTQyMzYtODE3MC1kZTBk
NzdmNGUyOTIvNTZjM2EyNmJmZTFmMmJhODljMGQxMGQyMzVmOGQ1NDZjYjUzNzkz
Mi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQT
MBEwDwQCAAIwCQMHACgAC+AD4jANBgkqhkiG9w0BAQsFAAOCAQEAPB51PNncb0LW
G5LvSzlJ4G82CL7oY0mXCIeKa8Xx/GAWgE+OboiLKgGjFsKo7blLPTvNn00dGy/J
uICrX66YiDVQzUtikSV0dAk5Uzps1AN5lIHqhfSQek3JCZ+QJFk/MtCUIaoexBnV
/FUsvfjqmJ+3EQpM7YXfsTUmpI/0+jFlM1y/joz7eQ7KdIJvpsSlEqFmSVQe/pfH
G6xFKLCcMwus6cxL3JyvfwRuk8nn8tIVRPpM2cZYTKAefZA1YrDwgMPal/TDYAG+
M5XyAnj+O5SzYiPGjAKOSUEp3QS3Xll3HfWfnC3e4oW2IT0qLZxiZEWai0wi3asu
8wqqhL7/iQ==
-----END CERTIFICATE-----
Generated at Fri Mar 29 02:14:24 2024 by rpki-client on console-ams.rpki-client.org