Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/c7d09245-f3d5-4f4c-ad79-8fca5321efe8/c1af0b553c9c0b88401964dcb9fd47f5253de422.roa
File:                     c1af0b553c9c0b88401964dcb9fd47f5253de422.roa (raw, json)
Hash identifier:          09oIWnDAGAPlp5kt7YA39ib5NNcQV/1TiD1DSjjdipo=
Subject key identifier:   02:7C:EF:AE:EE:CE:51:72:43:71:EC:F9:95:9A:A4:D2:59:FB:6B:C6
Certificate issuer:       /CN=d5620db6d95921ffe5a29805479423583a9ae9a9
Certificate serial:       F603
Authority key identifier: 65:6A:46:4C:AE:36:EA:FA:39:53:C2:3B:4D:1C:EC:FC:D3:42:B6:48
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/d5620db6d95921ffe5a29805479423583a9ae9a9.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/c7d09245-f3d5-4f4c-ad79-8fca5321efe8/c1af0b553c9c0b88401964dcb9fd47f5253de422.roa
Signing time:             Sun 18 Jun 2023 02:54:23 +0000
ROA not before:           Sat 17 Jun 2023 02:54:23 +0000
ROA not after:            Wed 18 Jun 2025 02:54:23 +0000
asID:                     272986
IP address blocks:        2803:f590::/32 maxlen: 48

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/c7d09245-f3d5-4f4c-ad79-8fca5321efe8/d5620db6d95921ffe5a29805479423583a9ae9a9.crl
                          rsync://repository.lacnic.net/rpki/lacnic/c7d09245-f3d5-4f4c-ad79-8fca5321efe8/d5620db6d95921ffe5a29805479423583a9ae9a9.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/d5620db6d95921ffe5a29805479423583a9ae9a9.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 24 Feb 2024 17:37:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 62979 (0xf603)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d5620db6d95921ffe5a29805479423583a9ae9a9
        Validity
            Not Before: Jun 17 02:54:23 2023 GMT
            Not After : Jun 18 02:54:23 2025 GMT
        Subject: CN=c1af0b553c9c0b88401964dcb9fd47f5253de422
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:aa:99:ea:a5:8e:2d:2d:bc:91:ab:48:fb:9e:
                    8a:0c:ad:35:9c:8f:52:d0:4f:e3:75:d8:5b:01:e9:
                    f9:a5:07:4e:aa:47:67:b4:b4:02:4b:07:73:0a:8e:
                    44:03:29:73:6c:e0:b3:87:da:44:3c:45:dd:dd:f6:
                    96:86:0c:96:02:71:55:0e:2c:82:16:76:f8:a3:36:
                    ad:1c:5a:cc:4e:43:82:fd:87:5b:b4:16:ae:fd:92:
                    30:27:01:e7:39:18:ca:e6:dc:15:0d:4a:29:82:86:
                    1b:4e:7d:1d:af:7b:33:f8:9c:2e:cd:76:7c:d7:96:
                    9e:5e:ee:ba:0b:86:ff:28:54:d3:89:ea:90:fe:14:
                    1b:2b:4c:31:4c:23:9b:dc:dc:ee:2e:37:24:63:2f:
                    4a:6b:13:48:3d:ac:a2:3c:42:b2:dc:53:3b:42:3d:
                    e8:49:29:22:6f:72:ce:78:02:4e:d7:07:12:86:14:
                    b7:02:df:00:92:bd:6e:ab:94:41:b7:d9:1a:ef:d7:
                    b2:c7:d2:0a:3f:fe:76:0f:74:64:8d:73:23:cb:cb:
                    32:0f:2c:52:ae:86:15:e2:ad:f0:46:61:8f:0b:93:
                    d4:eb:1f:e5:af:be:83:a9:3b:ea:f4:38:c3:12:4e:
                    f1:d9:83:54:ab:b5:97:0c:55:f9:ca:39:84:72:4d:
                    79:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                02:7C:EF:AE:EE:CE:51:72:43:71:EC:F9:95:9A:A4:D2:59:FB:6B:C6
            X509v3 Authority Key Identifier:
                keyid:65:6A:46:4C:AE:36:EA:FA:39:53:C2:3B:4D:1C:EC:FC:D3:42:B6:48

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/d5620db6d95921ffe5a29805479423583a9ae9a9.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/c7d09245-f3d5-4f4c-ad79-8fca5321efe8/c1af0b553c9c0b88401964dcb9fd47f5253de422.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/c7d09245-f3d5-4f4c-ad79-8fca5321efe8/d5620db6d95921ffe5a29805479423583a9ae9a9.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2803:f590::/32

    Signature Algorithm: sha256WithRSAEncryption
         0a:fd:06:5f:9a:d3:de:28:0e:ae:a3:a6:42:f0:6b:4f:97:22:
         f6:d2:78:0f:ba:70:65:2f:ce:71:10:ca:a8:be:89:8d:4d:bb:
         37:c5:21:38:51:e2:fe:f8:19:45:f7:9c:bd:3b:ed:8f:35:c4:
         d9:47:91:35:7a:d0:41:7c:36:0a:e9:fd:25:4c:07:27:d3:df:
         fe:de:b5:3f:a2:34:89:16:42:68:e8:97:5d:23:a9:05:86:38:
         e6:62:fb:ae:91:6c:d3:a0:6f:6c:f3:f1:e3:c3:44:44:f7:8b:
         52:ef:d8:d1:e3:e8:6a:4e:ad:6c:20:d7:b1:5b:ba:44:73:d9:
         e5:8f:27:17:d6:3e:fc:9c:5e:db:1f:5c:34:fb:10:e7:3c:a7:
         99:b8:b2:1a:7e:3f:38:80:40:8c:d5:c9:59:68:a8:f1:f8:cc:
         35:ab:23:38:de:cb:16:c8:66:be:1a:89:04:f9:54:1c:4e:c5:
         f7:dc:fd:0a:59:a6:79:8e:2d:b2:ab:65:bf:6d:08:f4:d1:cf:
         13:2c:0d:3a:67:9b:5d:75:7a:0a:23:10:6d:a9:1c:44:ee:67:
         ea:fd:1e:28:c3:76:e5:31:b0:e0:8d:3b:b1:ce:b6:e0:96:e7:
         3b:06:ae:00:d2:b6:de:04:b2:7d:ae:bc:0c:a8:84:03:e8:a6:
         16:34:6f:18
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgIDAPYDMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGQ1
NjIwZGI2ZDk1OTIxZmZlNWEyOTgwNTQ3OTQyMzU4M2E5YWU5YTkwHhcNMjMwNjE3
MDI1NDIzWhcNMjUwNjE4MDI1NDIzWjAzMTEwLwYDVQQDEyhjMWFmMGI1NTNjOWMw
Yjg4NDAxOTY0ZGNiOWZkNDdmNTI1M2RlNDIyMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAhqqZ6qWOLS28katI+56KDK01nI9S0E/jddhbAen5pQdOqkdn
tLQCSwdzCo5EAylzbOCzh9pEPEXd3faWhgyWAnFVDiyCFnb4ozatHFrMTkOC/Ydb
tBau/ZIwJwHnORjK5twVDUopgoYbTn0dr3sz+JwuzXZ815aeXu66C4b/KFTTieqQ
/hQbK0wxTCOb3NzuLjckYy9KaxNIPayiPEKy3FM7Qj3oSSkib3LOeAJO1wcShhS3
At8Akr1uq5RBt9ka79eyx9IKP/52D3RkjXMjy8syDyxSroYV4q3wRmGPC5PU6x/l
r76DqTvq9DjDEk7x2YNUq7WXDFX5yjmEck15BQIDAQABo4ICXDCCAlgwHQYDVR0O
BBYEFAJ8767uzlFyQ3Hs+ZWapNJZ+2vGMB8GA1UdIwQYMBaAFGVqRkyuNur6OVPC
O00c7PzTQrZIMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvZDU2MjBk
YjZkOTU5MjFmZmU1YTI5ODA1NDc5NDIzNTgzYTlhZTlhOS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvYzdkMDkyNDUtZjNkNS00ZjRjLWFkNzktOGZjYTUz
MjFlZmU4L2MxYWYwYjU1M2M5YzBiODg0MDE5NjRkY2I5ZmQ0N2Y1MjUzZGU0MjIu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9jN2QwOTI0NS1mM2Q1LTRmNGMtYWQ3OS04ZmNh
NTMyMWVmZTgvZDU2MjBkYjZkOTU5MjFmZmU1YTI5ODA1NDc5NDIzNTgzYTlhZTlh
OS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQR
MA8wDQQCAAIwBwMFACgD9ZAwDQYJKoZIhvcNAQELBQADggEBAAr9Bl+a094oDq6j
pkLwa0+XIvbSeA+6cGUvznEQyqi+iY1NuzfFIThR4v74GUX3nL077Y81xNlHkTV6
0EF8Ngrp/SVMByfT3/7etT+iNIkWQmjol10jqQWGOOZi+66RbNOgb2zz8ePDRET3
i1Lv2NHj6GpOrWwg17FbukRz2eWPJxfWPvycXtsfXDT7EOc8p5m4shp+PziAQIzV
yVloqPH4zDWrIzjeyxbIZr4aiQT5VBxOxffc/QpZpnmOLbKrZb9tCPTRzxMsDTpn
m111egojEG2pHETuZ+r9HijDduUxsOCNO7HOtuCW5zsGrgDStt4Esn2uvAyohAPo
phY0bxg=
-----END CERTIFICATE-----
Generated at Wed Feb 21 21:43:08 2024 by rpki-client on console-fra.rpki-client.org