Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/c66a21f5-0086-45de-a933-1b8a80eda119/a0ecef8e84928feca2d9364af4b9eb93ac74304d.roa
File:                     a0ecef8e84928feca2d9364af4b9eb93ac74304d.roa (raw, json)
Hash identifier:          G45zwiqUVVv0z8+/+SGq/s6vMobxEwKTSJhfJuD8jpY=
Subject key identifier:   64:4C:7F:40:CB:80:47:1B:CC:7A:D1:0D:23:BC:2E:7F:5E:50:BF:61
Certificate issuer:       /CN=348e4be7878a9fdd1d422e44bc7ce5502f14ee61
Certificate serial:       0A69DD
Authority key identifier: 5E:B8:96:D1:B9:D4:1F:A0:87:37:5A:FB:2D:E6:96:48:C4:45:F9:46
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/348e4be7878a9fdd1d422e44bc7ce5502f14ee61.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/c66a21f5-0086-45de-a933-1b8a80eda119/a0ecef8e84928feca2d9364af4b9eb93ac74304d.roa
Signing time:             Wed 24 Mar 2021 14:35:03 +0000
ROA not before:           Wed 24 Mar 2021 14:35:03 +0000
ROA not after:            Tue 24 Mar 2026 14:35:03 +0000
asID:                     14080
IP address blocks:        2801:172::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/c66a21f5-0086-45de-a933-1b8a80eda119/348e4be7878a9fdd1d422e44bc7ce5502f14ee61.crl
                          rsync://repository.lacnic.net/rpki/lacnic/c66a21f5-0086-45de-a933-1b8a80eda119/348e4be7878a9fdd1d422e44bc7ce5502f14ee61.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/348e4be7878a9fdd1d422e44bc7ce5502f14ee61.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 19:38:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 682461 (0xa69dd)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=348e4be7878a9fdd1d422e44bc7ce5502f14ee61
        Validity
            Not Before: Mar 24 14:35:03 2021 GMT
            Not After : Mar 24 14:35:03 2026 GMT
        Subject: CN=a0ecef8e84928feca2d9364af4b9eb93ac74304d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:30:c2:c4:ad:65:8b:ff:99:4a:af:34:0a:ca:
                    44:94:1d:10:e1:90:78:61:be:a9:73:dc:42:a0:14:
                    c0:ff:28:f3:61:0c:52:5c:b0:f3:7f:8e:15:e5:19:
                    6d:be:4c:e8:11:15:d2:0e:32:e7:b6:b6:56:69:8f:
                    58:68:d1:db:ac:03:82:1c:8a:36:54:3f:a1:46:d3:
                    33:4c:ed:2f:63:5c:32:5d:56:86:05:67:e0:5f:46:
                    74:4b:ca:74:a5:26:2e:8f:93:71:79:4e:fc:6e:39:
                    06:03:62:0d:ab:53:50:91:e2:37:6e:42:eb:98:cb:
                    0f:72:5e:8c:02:0d:c1:5e:18:ea:f0:aa:5c:3c:b9:
                    14:a3:96:09:9f:e6:28:6b:d0:3d:1a:6d:19:32:3c:
                    ac:97:15:7e:26:a5:73:16:c8:65:3a:41:0f:0b:f7:
                    6b:d4:fc:95:16:9a:4f:18:40:17:37:80:2a:b3:fe:
                    43:2a:38:b5:f7:1d:12:89:97:31:7c:e4:06:42:4f:
                    99:0c:50:30:8d:14:fe:e4:d4:e7:ba:8b:e9:f2:9c:
                    b8:89:12:6d:d0:1c:d5:80:9b:64:95:05:3f:7b:b8:
                    f5:b1:06:5f:0a:f9:c9:68:22:68:57:02:58:8c:9f:
                    0d:40:a4:50:13:ef:4b:69:71:a4:92:2b:fb:41:c9:
                    01:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                64:4C:7F:40:CB:80:47:1B:CC:7A:D1:0D:23:BC:2E:7F:5E:50:BF:61
            X509v3 Authority Key Identifier:
                keyid:5E:B8:96:D1:B9:D4:1F:A0:87:37:5A:FB:2D:E6:96:48:C4:45:F9:46

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/348e4be7878a9fdd1d422e44bc7ce5502f14ee61.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/c66a21f5-0086-45de-a933-1b8a80eda119/a0ecef8e84928feca2d9364af4b9eb93ac74304d.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/c66a21f5-0086-45de-a933-1b8a80eda119/348e4be7878a9fdd1d422e44bc7ce5502f14ee61.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2801:172::/48

    Signature Algorithm: sha256WithRSAEncryption
         27:30:f5:c4:9f:ac:be:0b:f2:7b:66:50:78:63:22:09:3c:c0:
         c1:36:e6:dd:ec:be:74:5d:88:73:50:f5:8c:45:56:4a:d5:57:
         b0:83:65:6e:42:49:c7:72:b0:09:b7:ae:cf:36:c7:f8:d3:68:
         60:6d:d5:f2:87:8e:c5:86:50:7b:81:c8:b8:21:9b:aa:92:d8:
         e0:3d:c8:7e:25:37:63:02:a8:9f:b2:a8:69:d2:70:ab:10:85:
         ac:02:63:34:b6:37:6e:eb:a8:3c:67:4c:25:8d:3e:74:a6:ba:
         99:d5:5a:34:f0:9c:8f:34:da:31:91:db:ba:9b:05:36:91:01:
         c1:a4:ed:4b:66:81:4d:3d:1b:c5:82:7e:64:eb:c8:4d:5f:91:
         50:81:e0:78:30:22:e2:a9:b0:32:bb:83:f7:39:ff:89:75:20:
         12:d2:e0:43:ac:24:16:34:3e:d9:cc:de:6c:f8:af:b2:4f:f5:
         b6:58:7f:cf:9d:90:4d:ee:51:2b:e8:07:ad:38:2f:35:2b:9b:
         d0:75:99:a9:24:50:c3:c2:32:93:0b:58:cb:f4:16:42:40:d0:
         c4:37:1b:0e:b1:e0:28:40:fa:18:29:02:ef:59:31:af:06:e2:
         78:60:ee:a8:b8:1b:99:d0:e6:2b:86:5c:03:db:25:a3:d9:f8:
         13:d7:27:ed
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgIDCmndMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDM0
OGU0YmU3ODc4YTlmZGQxZDQyMmU0NGJjN2NlNTUwMmYxNGVlNjEwHhcNMjEwMzI0
MTQzNTAzWhcNMjYwMzI0MTQzNTAzWjAzMTEwLwYDVQQDEyhhMGVjZWY4ZTg0OTI4
ZmVjYTJkOTM2NGFmNGI5ZWI5M2FjNzQzMDRkMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAmzDCxK1li/+ZSq80CspElB0Q4ZB4Yb6pc9xCoBTA/yjzYQxS
XLDzf44V5RltvkzoERXSDjLntrZWaY9YaNHbrAOCHIo2VD+hRtMzTO0vY1wyXVaG
BWfgX0Z0S8p0pSYuj5NxeU78bjkGA2INq1NQkeI3bkLrmMsPcl6MAg3BXhjq8Kpc
PLkUo5YJn+Yoa9A9Gm0ZMjyslxV+JqVzFshlOkEPC/dr1PyVFppPGEAXN4Aqs/5D
Kji19x0SiZcxfOQGQk+ZDFAwjRT+5NTnuovp8py4iRJt0BzVgJtklQU/e7j1sQZf
CvnJaCJoVwJYjJ8NQKRQE+9LaXGkkiv7QckBewIDAQABo4ICXjCCAlowHQYDVR0O
BBYEFGRMf0DLgEcbzHrRDSO8Ln9eUL9hMB8GA1UdIwQYMBaAFF64ltG51B+ghzda
+y3mlkjERflGMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvMzQ4ZTRi
ZTc4NzhhOWZkZDFkNDIyZTQ0YmM3Y2U1NTAyZjE0ZWU2MS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvYzY2YTIxZjUtMDA4Ni00NWRlLWE5MzMtMWI4YTgw
ZWRhMTE5L2EwZWNlZjhlODQ5MjhmZWNhMmQ5MzY0YWY0YjllYjkzYWM3NDMwNGQu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9jNjZhMjFmNS0wMDg2LTQ1ZGUtYTkzMy0xYjhh
ODBlZGExMTkvMzQ4ZTRiZTc4NzhhOWZkZDFkNDIyZTQ0YmM3Y2U1NTAyZjE0ZWU2
MS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQT
MBEwDwQCAAIwCQMHACgBAXIAADANBgkqhkiG9w0BAQsFAAOCAQEAJzD1xJ+svgvy
e2ZQeGMiCTzAwTbm3ey+dF2Ic1D1jEVWStVXsINlbkJJx3KwCbeuzzbH+NNoYG3V
8oeOxYZQe4HIuCGbqpLY4D3IfiU3YwKon7KoadJwqxCFrAJjNLY3buuoPGdMJY0+
dKa6mdVaNPCcjzTaMZHbupsFNpEBwaTtS2aBTT0bxYJ+ZOvITV+RUIHgeDAi4qmw
MruD9zn/iXUgEtLgQ6wkFjQ+2czebPivsk/1tlh/z52QTe5RK+gHrTgvNSub0HWZ
qSRQw8IykwtYy/QWQkDQxDcbDrHgKED6GCkC71kxrwbieGDuqLgbmdDmK4ZcA9sl
o9n4E9cn7Q==
-----END CERTIFICATE-----
Generated at Fri Mar 29 04:03:31 2024 by rpki-client on console-ams.rpki-client.org