Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/ce4e1c85-38b7-4a68-a3fd-a812b75a731e/4726ee886e0f927dfdf87d0193d4b4f20853fa9f.roa
File:                     4726ee886e0f927dfdf87d0193d4b4f20853fa9f.roa (raw, json)
Hash identifier:          IO7f1YI3Xqhq8VHfI9UWS7soM5Qeh3j0fJZIICZtDl8=
Subject key identifier:   35:F7:D6:71:C7:7F:D1:A7:26:38:C9:E7:98:C2:68:AF:7B:6F:93:E1
Certificate issuer:       /CN=222a52d30ba3eec506c4b1db1e0d991b13603988
Certificate serial:       0D36CA
Authority key identifier: AB:D1:85:59:8B:3B:64:F3:44:13:E2:79:7F:E1:25:D7:A4:04:4A:B7
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/222a52d30ba3eec506c4b1db1e0d991b13603988.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/ce4e1c85-38b7-4a68-a3fd-a812b75a731e/4726ee886e0f927dfdf87d0193d4b4f20853fa9f.roa
Signing time:             Wed 24 Mar 2021 14:39:27 +0000
ROA not before:           Wed 24 Mar 2021 14:39:27 +0000
ROA not after:            Tue 24 Mar 2026 14:39:27 +0000
asID:                     264668
IP address blocks:        2803:b420::/32 maxlen: 32

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/ce4e1c85-38b7-4a68-a3fd-a812b75a731e/222a52d30ba3eec506c4b1db1e0d991b13603988.crl
                          rsync://repository.lacnic.net/rpki/lacnic/ce4e1c85-38b7-4a68-a3fd-a812b75a731e/222a52d30ba3eec506c4b1db1e0d991b13603988.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/222a52d30ba3eec506c4b1db1e0d991b13603988.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 01 Apr 2024 05:58:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 865994 (0xd36ca)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=222a52d30ba3eec506c4b1db1e0d991b13603988
        Validity
            Not Before: Mar 24 14:39:27 2021 GMT
            Not After : Mar 24 14:39:27 2026 GMT
        Subject: CN=4726ee886e0f927dfdf87d0193d4b4f20853fa9f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:95:e5:10:17:6a:2a:ab:d9:b0:57:12:a9:43:
                    4e:cf:50:33:7d:9d:27:19:47:00:63:a5:2e:02:29:
                    8b:1b:89:6a:8f:d1:5f:04:ce:f7:a8:6f:22:8a:9a:
                    78:02:e8:b2:6f:0f:8c:37:72:6f:90:f0:dd:8d:a9:
                    3b:86:ed:81:e7:88:3a:a1:88:f6:7b:a3:19:6c:b5:
                    4a:ff:e9:ec:4d:4d:15:a4:01:38:45:36:43:f1:cc:
                    e0:e1:3e:ee:92:b4:2b:45:9d:b9:a4:28:0d:a7:7e:
                    ce:f1:c6:23:a3:89:97:18:8c:6b:36:6f:1e:07:81:
                    d0:13:84:23:20:70:3f:3e:ee:db:a3:d5:07:c8:83:
                    d2:ee:17:3e:94:a2:25:1b:fd:f8:42:ad:6e:4a:4c:
                    ff:30:ac:59:5a:d8:fb:4f:83:50:a9:92:2c:4b:ca:
                    88:03:15:cb:4b:27:ab:8a:ee:08:5e:a6:04:0b:a3:
                    ed:d6:3a:0e:99:e7:08:df:a8:4b:6e:7b:a2:9a:41:
                    f2:f0:f3:85:62:ef:9d:a0:4f:33:44:17:6a:81:7b:
                    fb:cb:9c:de:d6:c5:e3:58:a3:35:ae:7f:a4:ff:5b:
                    d7:b7:50:89:a3:ea:28:44:a2:0e:81:f8:e8:a1:ff:
                    a3:22:7b:90:66:0c:82:5b:83:03:1c:58:b8:e2:4d:
                    0d:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                35:F7:D6:71:C7:7F:D1:A7:26:38:C9:E7:98:C2:68:AF:7B:6F:93:E1
            X509v3 Authority Key Identifier:
                keyid:AB:D1:85:59:8B:3B:64:F3:44:13:E2:79:7F:E1:25:D7:A4:04:4A:B7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/222a52d30ba3eec506c4b1db1e0d991b13603988.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/ce4e1c85-38b7-4a68-a3fd-a812b75a731e/4726ee886e0f927dfdf87d0193d4b4f20853fa9f.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/ce4e1c85-38b7-4a68-a3fd-a812b75a731e/222a52d30ba3eec506c4b1db1e0d991b13603988.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2803:b420::/32

    Signature Algorithm: sha256WithRSAEncryption
         34:8f:89:99:50:b9:6b:44:e3:06:1f:02:db:fe:04:b7:a4:f5:
         e4:31:0d:92:04:42:7d:a9:5c:c7:27:7f:0f:57:83:06:ad:a7:
         5a:6f:6f:39:94:63:47:31:81:3d:2c:c4:e4:cc:0e:65:6e:62:
         21:e7:65:43:09:42:47:81:bc:8b:c0:af:f1:12:81:7b:21:e4:
         a8:6c:14:45:73:08:3a:89:a3:18:4e:0d:01:45:f0:22:9b:69:
         06:32:b4:d3:11:a3:73:d0:ad:4d:c2:01:a0:b8:e3:cd:21:ce:
         3f:d1:21:ee:3d:b6:6a:04:2c:49:5e:49:04:ab:ac:0e:4e:c8:
         cd:e2:42:6e:c9:33:5d:3e:d1:40:52:9e:5f:07:56:12:92:1d:
         7f:0a:91:be:92:9a:d0:55:0e:c9:13:40:f9:8b:ae:37:f3:e1:
         ae:4d:95:91:87:e3:03:64:60:cd:4a:6d:a0:0f:e9:79:9e:fa:
         a4:7c:92:ec:67:1b:81:23:15:70:71:0c:8d:8e:9b:3c:32:91:
         b0:03:75:be:46:12:c1:ae:89:2d:e3:e9:e7:15:5a:a3:53:06:
         13:82:58:0e:a9:30:80:1e:31:43:29:a7:42:00:5d:b3:de:e4:
         b1:92:f4:11:d4:c0:48:8f:b0:b9:2b:d3:02:91:c8:39:c2:9c:
         5b:1d:08:98
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgIDDTbKMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDIy
MmE1MmQzMGJhM2VlYzUwNmM0YjFkYjFlMGQ5OTFiMTM2MDM5ODgwHhcNMjEwMzI0
MTQzOTI3WhcNMjYwMzI0MTQzOTI3WjAzMTEwLwYDVQQDEyg0NzI2ZWU4ODZlMGY5
MjdkZmRmODdkMDE5M2Q0YjRmMjA4NTNmYTlmMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAl5XlEBdqKqvZsFcSqUNOz1AzfZ0nGUcAY6UuAimLG4lqj9Ff
BM73qG8iipp4Auiybw+MN3JvkPDdjak7hu2B54g6oYj2e6MZbLVK/+nsTU0VpAE4
RTZD8czg4T7ukrQrRZ25pCgNp37O8cYjo4mXGIxrNm8eB4HQE4QjIHA/Pu7bo9UH
yIPS7hc+lKIlG/34Qq1uSkz/MKxZWtj7T4NQqZIsS8qIAxXLSyeriu4IXqYEC6Pt
1joOmecI36hLbnuimkHy8POFYu+doE8zRBdqgXv7y5ze1sXjWKM1rn+k/1vXt1CJ
o+ooRKIOgfjoof+jInuQZgyCW4MDHFi44k0NMQIDAQABo4ICXDCCAlgwHQYDVR0O
BBYEFDX31nHHf9GnJjjJ55jCaK97b5PhMB8GA1UdIwQYMBaAFKvRhVmLO2TzRBPi
eX/hJdekBEq3MA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvMjIyYTUy
ZDMwYmEzZWVjNTA2YzRiMWRiMWUwZDk5MWIxMzYwMzk4OC5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvY2U0ZTFjODUtMzhiNy00YTY4LWEzZmQtYTgxMmI3
NWE3MzFlLzQ3MjZlZTg4NmUwZjkyN2RmZGY4N2QwMTkzZDRiNGYyMDg1M2ZhOWYu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9jZTRlMWM4NS0zOGI3LTRhNjgtYTNmZC1hODEy
Yjc1YTczMWUvMjIyYTUyZDMwYmEzZWVjNTA2YzRiMWRiMWUwZDk5MWIxMzYwMzk4
OC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQR
MA8wDQQCAAIwBwMFACgDtCAwDQYJKoZIhvcNAQELBQADggEBADSPiZlQuWtE4wYf
Atv+BLek9eQxDZIEQn2pXMcnfw9Xgwatp1pvbzmUY0cxgT0sxOTMDmVuYiHnZUMJ
QkeBvIvAr/ESgXsh5KhsFEVzCDqJoxhODQFF8CKbaQYytNMRo3PQrU3CAaC4480h
zj/RIe49tmoELEleSQSrrA5OyM3iQm7JM10+0UBSnl8HVhKSHX8Kkb6SmtBVDskT
QPmLrjfz4a5NlZGH4wNkYM1KbaAP6Xme+qR8kuxnG4EjFXBxDI2OmzwykbADdb5G
EsGuiS3j6ecVWqNTBhOCWA6pMIAeMUMpp0IAXbPe5LGS9BHUwEiPsLkr0wKRyDnC
nFsdCJg=
-----END CERTIFICATE-----
Generated at Fri Mar 29 11:25:49 2024 by rpki-client on console-fra.rpki-client.org