Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/c854cbf0-2f63-41ef-aca7-548b22bc0b72/172aa522607f044097907ced4d9846b76a5217ba.roa
File:                     172aa522607f044097907ced4d9846b76a5217ba.roa (raw, json)
Hash identifier:          9hKkMERXjJb0NW+Hl8pu5FMAtmjUxjDqkuGimIC9gGg=
Subject key identifier:   EA:A5:6C:36:89:CD:1A:3B:3D:5E:E4:5D:05:2E:27:CE:21:2E:12:87
Certificate issuer:       /CN=c30a806d41d84ec3e49524fa586db653ea1cd745
Certificate serial:       02B44E
Authority key identifier: F9:13:75:6A:9F:70:6C:CC:EA:09:46:66:9D:FA:B3:C3:86:67:DC:A4
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/c30a806d41d84ec3e49524fa586db653ea1cd745.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/c854cbf0-2f63-41ef-aca7-548b22bc0b72/172aa522607f044097907ced4d9846b76a5217ba.roa
Signing time:             Fri 04 Aug 2023 18:54:48 +0000
ROA not before:           Thu 03 Aug 2023 18:54:48 +0000
ROA not after:            Mon 04 Aug 2025 18:54:48 +0000
asID:                     265844
IP address blocks:        2803:b220::/32 maxlen: 48

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/c854cbf0-2f63-41ef-aca7-548b22bc0b72/c30a806d41d84ec3e49524fa586db653ea1cd745.crl
                          rsync://repository.lacnic.net/rpki/lacnic/c854cbf0-2f63-41ef-aca7-548b22bc0b72/c30a806d41d84ec3e49524fa586db653ea1cd745.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/c30a806d41d84ec3e49524fa586db653ea1cd745.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Tue 27 Feb 2024 21:42:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 177230 (0x2b44e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c30a806d41d84ec3e49524fa586db653ea1cd745
        Validity
            Not Before: Aug  3 18:54:48 2023 GMT
            Not After : Aug  4 18:54:48 2025 GMT
        Subject: CN=172aa522607f044097907ced4d9846b76a5217ba
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:97:2e:e0:b0:fc:98:c3:cc:7f:96:c8:43:ff:
                    ba:0c:77:7f:20:f5:d9:43:48:98:a8:32:13:58:dd:
                    9f:8f:bc:db:09:32:25:5e:12:7c:e7:97:b6:47:1e:
                    a4:03:d1:a5:ba:46:eb:fd:0c:d7:6f:48:85:e0:c0:
                    82:20:bf:f8:7b:56:c7:3f:00:50:04:9c:57:e2:05:
                    4c:d1:b5:ea:b0:c5:ef:33:af:38:d5:0d:bc:ab:95:
                    30:a6:60:1f:2c:3d:0c:95:53:a3:3a:6d:7e:74:2a:
                    92:c0:3c:ed:73:8b:07:02:c5:9e:4e:1b:ac:10:43:
                    85:36:4c:c1:60:ed:54:4f:49:44:d7:ea:21:d7:92:
                    e9:32:07:38:5c:35:de:71:c3:ae:38:f0:72:ea:56:
                    f4:a0:25:5c:ca:7f:f5:88:d1:b3:12:74:8d:9d:c0:
                    94:4f:a3:05:51:ad:37:d3:fe:86:03:65:f2:97:77:
                    a6:08:2a:ce:04:d7:17:e6:11:a7:1d:71:4a:fe:ce:
                    92:55:be:a4:24:26:ce:b6:c9:d8:92:68:43:e3:67:
                    a7:6d:be:d1:d9:d0:74:4f:ba:f4:14:a0:ba:24:c4:
                    f7:2f:49:4c:99:fd:9f:c4:0b:36:51:31:0e:27:a4:
                    74:7f:94:61:7e:7b:8e:f4:f1:bc:aa:d0:f0:76:fa:
                    cc:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EA:A5:6C:36:89:CD:1A:3B:3D:5E:E4:5D:05:2E:27:CE:21:2E:12:87
            X509v3 Authority Key Identifier:
                keyid:F9:13:75:6A:9F:70:6C:CC:EA:09:46:66:9D:FA:B3:C3:86:67:DC:A4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/c30a806d41d84ec3e49524fa586db653ea1cd745.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/c854cbf0-2f63-41ef-aca7-548b22bc0b72/172aa522607f044097907ced4d9846b76a5217ba.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/c854cbf0-2f63-41ef-aca7-548b22bc0b72/c30a806d41d84ec3e49524fa586db653ea1cd745.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2803:b220::/32

    Signature Algorithm: sha256WithRSAEncryption
         6f:6b:c1:70:c1:f1:67:db:0b:5e:af:26:89:b7:ed:aa:d6:6f:
         bb:28:46:4c:f1:21:57:51:8b:79:0c:f5:1b:bb:89:f2:94:78:
         12:00:08:0d:38:77:46:83:0c:67:8c:fa:fd:75:9a:6b:da:bc:
         49:67:59:9a:7d:ad:2e:10:7c:41:8e:99:28:74:99:54:35:0f:
         4d:18:87:dd:60:b6:70:ea:96:be:92:02:0a:29:39:68:31:4e:
         36:70:a4:83:2d:ec:ac:d5:18:f5:22:09:ea:28:19:06:56:dc:
         d9:f7:3f:3e:dc:54:64:69:8c:4f:c1:61:ae:33:61:7f:6f:a2:
         c0:02:68:cb:a3:ba:7a:fd:58:fd:14:ed:76:f8:5a:69:2c:3f:
         f6:75:e5:b1:40:31:62:0d:ff:7b:8d:92:92:4b:61:cb:4d:22:
         a0:42:22:44:14:b8:04:43:01:34:b2:d8:66:05:6a:ea:e7:2a:
         c0:02:24:63:30:5d:43:72:ca:d9:00:3d:df:45:13:25:1a:79:
         ee:b1:ab:34:1b:64:0a:03:e5:54:89:42:b9:5e:93:f3:12:56:
         27:02:0e:41:24:84:ae:a6:50:c3:70:0c:5f:8e:94:e6:48:81:
         4f:45:db:61:c4:55:e0:96:8e:33:32:af:44:f9:e7:dd:8c:26:
         fb:5e:2b:b0
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgIDArROMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGMz
MGE4MDZkNDFkODRlYzNlNDk1MjRmYTU4NmRiNjUzZWExY2Q3NDUwHhcNMjMwODAz
MTg1NDQ4WhcNMjUwODA0MTg1NDQ4WjAzMTEwLwYDVQQDEygxNzJhYTUyMjYwN2Yw
NDQwOTc5MDdjZWQ0ZDk4NDZiNzZhNTIxN2JhMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAo5cu4LD8mMPMf5bIQ/+6DHd/IPXZQ0iYqDITWN2fj7zbCTIl
XhJ855e2Rx6kA9Glukbr/QzXb0iF4MCCIL/4e1bHPwBQBJxX4gVM0bXqsMXvM684
1Q28q5UwpmAfLD0MlVOjOm1+dCqSwDztc4sHAsWeThusEEOFNkzBYO1UT0lE1+oh
15LpMgc4XDXeccOuOPBy6lb0oCVcyn/1iNGzEnSNncCUT6MFUa030/6GA2Xyl3em
CCrOBNcX5hGnHXFK/s6SVb6kJCbOtsnYkmhD42enbb7R2dB0T7r0FKC6JMT3L0lM
mf2fxAs2UTEOJ6R0f5RhfnuO9PG8qtDwdvrM8QIDAQABo4ICXDCCAlgwHQYDVR0O
BBYEFOqlbDaJzRo7PV7kXQUuJ84hLhKHMB8GA1UdIwQYMBaAFPkTdWqfcGzM6glG
Zp36s8OGZ9ykMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvYzMwYTgw
NmQ0MWQ4NGVjM2U0OTUyNGZhNTg2ZGI2NTNlYTFjZDc0NS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvYzg1NGNiZjAtMmY2My00MWVmLWFjYTctNTQ4YjIy
YmMwYjcyLzE3MmFhNTIyNjA3ZjA0NDA5NzkwN2NlZDRkOTg0NmI3NmE1MjE3YmEu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9jODU0Y2JmMC0yZjYzLTQxZWYtYWNhNy01NDhi
MjJiYzBiNzIvYzMwYTgwNmQ0MWQ4NGVjM2U0OTUyNGZhNTg2ZGI2NTNlYTFjZDc0
NS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQR
MA8wDQQCAAIwBwMFACgDsiAwDQYJKoZIhvcNAQELBQADggEBAG9rwXDB8WfbC16v
Jom37arWb7soRkzxIVdRi3kM9Ru7ifKUeBIACA04d0aDDGeM+v11mmvavElnWZp9
rS4QfEGOmSh0mVQ1D00Yh91gtnDqlr6SAgopOWgxTjZwpIMt7KzVGPUiCeooGQZW
3Nn3Pz7cVGRpjE/BYa4zYX9vosACaMujunr9WP0U7Xb4WmksP/Z15bFAMWIN/3uN
kpJLYctNIqBCIkQUuARDATSy2GYFaurnKsACJGMwXUNyytkAPd9FEyUaee6xqzQb
ZAoD5VSJQrlek/MSVicCDkEkhK6mUMNwDF+OlOZIgU9F22HEVeCWjjMyr0T5592M
JvteK7A=
-----END CERTIFICATE-----
Generated at Sat Feb 24 22:37:56 2024 by rpki-client on console-ams.rpki-client.org