Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/cff76ec0-7d4a-49c3-b4ae-3e6a91b723cb/2537e1f03ed737805c1cc0552907b08c7230f898.roa
File:                     2537e1f03ed737805c1cc0552907b08c7230f898.roa (raw, json)
Hash identifier:          MBGYixt2Qm4OgcpSrvczG/tgV0sHLgzn7PfaOPr5lJQ=
Subject key identifier:   4C:94:D0:D2:D3:F1:70:E3:03:C4:54:68:2F:64:9B:A9:7D:20:14:92
Certificate issuer:       /CN=d8cb185dc2b67fea4e8fcc9303de76b2e6b3e765
Certificate serial:       0D580D
Authority key identifier: 40:37:2B:8A:A4:64:31:7E:A5:61:E6:C4:63:CB:F7:04:CD:94:A0:63
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/d8cb185dc2b67fea4e8fcc9303de76b2e6b3e765.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/cff76ec0-7d4a-49c3-b4ae-3e6a91b723cb/2537e1f03ed737805c1cc0552907b08c7230f898.roa
Signing time:             Wed 24 Mar 2021 14:29:03 +0000
ROA not before:           Wed 24 Mar 2021 14:29:03 +0000
ROA not after:            Tue 24 Mar 2026 14:29:03 +0000
asID:                     28114
IP address blocks:        2803:2600::/32 maxlen: 48

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/cff76ec0-7d4a-49c3-b4ae-3e6a91b723cb/d8cb185dc2b67fea4e8fcc9303de76b2e6b3e765.crl
                          rsync://repository.lacnic.net/rpki/lacnic/cff76ec0-7d4a-49c3-b4ae-3e6a91b723cb/d8cb185dc2b67fea4e8fcc9303de76b2e6b3e765.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/d8cb185dc2b67fea4e8fcc9303de76b2e6b3e765.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 11:16:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 874509 (0xd580d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d8cb185dc2b67fea4e8fcc9303de76b2e6b3e765
        Validity
            Not Before: Mar 24 14:29:03 2021 GMT
            Not After : Mar 24 14:29:03 2026 GMT
        Subject: CN=2537e1f03ed737805c1cc0552907b08c7230f898
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:e2:a2:0f:53:74:7b:17:98:c6:df:ba:c9:85:
                    0f:65:e6:84:75:13:f4:34:92:20:25:22:36:47:dc:
                    0e:e6:4c:91:ef:55:ac:9a:d6:8e:63:22:c6:02:0a:
                    a4:c1:02:f0:35:f5:80:90:76:8c:aa:d1:48:ef:fb:
                    69:a4:7c:f0:92:97:54:12:75:59:06:5f:a1:ae:bd:
                    8c:85:5c:ba:70:57:1a:e5:ff:a1:7f:31:5c:0e:ab:
                    4c:82:c8:ad:4b:74:97:75:72:e9:a1:8c:7e:cf:40:
                    9b:54:fb:d8:c2:e4:6f:2b:28:bb:58:e9:2d:63:84:
                    5b:c4:d0:7f:b7:a9:a5:22:ab:39:e2:74:89:b9:b9:
                    55:61:de:74:ac:68:22:e9:f3:d3:e2:50:8f:b4:eb:
                    98:90:d5:31:8b:11:3b:34:50:29:50:e7:66:1c:d6:
                    f3:33:a3:58:86:2c:95:3c:c6:44:d4:8c:a1:ec:d1:
                    e7:c6:63:54:0b:06:c6:dc:12:cd:bb:8d:eb:00:26:
                    74:0b:ef:01:b6:5b:6e:6b:79:0a:df:c4:63:99:9b:
                    f0:61:87:f8:33:84:a5:97:b5:c0:1b:0e:94:cd:67:
                    0b:be:04:d3:34:34:56:fe:aa:6e:ad:71:f3:68:97:
                    7f:a4:1d:bc:51:01:46:51:3a:37:11:c4:80:d7:91:
                    bb:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4C:94:D0:D2:D3:F1:70:E3:03:C4:54:68:2F:64:9B:A9:7D:20:14:92
            X509v3 Authority Key Identifier:
                keyid:40:37:2B:8A:A4:64:31:7E:A5:61:E6:C4:63:CB:F7:04:CD:94:A0:63

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/d8cb185dc2b67fea4e8fcc9303de76b2e6b3e765.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/cff76ec0-7d4a-49c3-b4ae-3e6a91b723cb/2537e1f03ed737805c1cc0552907b08c7230f898.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/cff76ec0-7d4a-49c3-b4ae-3e6a91b723cb/d8cb185dc2b67fea4e8fcc9303de76b2e6b3e765.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2803:2600::/32

    Signature Algorithm: sha256WithRSAEncryption
         85:41:03:38:04:66:cd:a0:9f:f0:d6:81:e6:09:b3:f6:4a:0f:
         18:5e:11:80:d5:4a:bb:04:b6:50:80:02:9b:6c:3d:ab:57:a7:
         d2:88:8c:4a:66:fc:36:46:48:64:d8:ca:4c:19:dc:08:6e:cc:
         ec:5f:47:e6:af:da:a8:7c:13:8c:c1:db:6b:f4:3f:cb:36:37:
         f6:29:af:fe:58:d3:74:db:a2:c5:d1:60:12:fd:50:cb:e1:14:
         c6:ce:34:0d:1a:ed:12:4c:59:78:24:c9:25:60:43:20:b5:05:
         fb:0a:a5:82:e5:a1:bd:26:98:f4:90:c0:9a:07:7e:5e:29:6b:
         d8:da:39:e3:07:d6:a6:1e:44:46:8d:5d:ef:56:46:d5:37:69:
         70:2c:64:99:03:30:d4:9d:56:a0:02:54:f8:7d:cb:06:24:ea:
         2a:3b:2b:ee:df:be:fa:66:64:95:27:b2:48:fb:fb:f9:05:89:
         a6:ff:55:ac:f8:68:35:e4:36:94:7d:c4:a8:53:26:32:6b:a7:
         cb:37:dd:13:b4:20:de:86:d5:e8:13:ba:b3:0f:3c:40:87:96:
         e2:f7:d1:86:34:fb:48:33:15:67:7f:40:07:c1:86:30:50:28:
         b9:94:c9:13:31:b0:8a:74:d2:cf:59:09:f3:ce:8a:be:e8:26:
         33:e4:b0:2b
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgIDDVgNMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGQ4
Y2IxODVkYzJiNjdmZWE0ZThmY2M5MzAzZGU3NmIyZTZiM2U3NjUwHhcNMjEwMzI0
MTQyOTAzWhcNMjYwMzI0MTQyOTAzWjAzMTEwLwYDVQQDEygyNTM3ZTFmMDNlZDcz
NzgwNWMxY2MwNTUyOTA3YjA4YzcyMzBmODk4MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAnOKiD1N0exeYxt+6yYUPZeaEdRP0NJIgJSI2R9wO5kyR71Ws
mtaOYyLGAgqkwQLwNfWAkHaMqtFI7/tppHzwkpdUEnVZBl+hrr2MhVy6cFca5f+h
fzFcDqtMgsitS3SXdXLpoYx+z0CbVPvYwuRvKyi7WOktY4RbxNB/t6mlIqs54nSJ
ublVYd50rGgi6fPT4lCPtOuYkNUxixE7NFApUOdmHNbzM6NYhiyVPMZE1Iyh7NHn
xmNUCwbG3BLNu43rACZ0C+8Btltua3kK38RjmZvwYYf4M4Sll7XAGw6UzWcLvgTT
NDRW/qpurXHzaJd/pB28UQFGUTo3EcSA15G7oQIDAQABo4ICXDCCAlgwHQYDVR0O
BBYEFEyU0NLT8XDjA8RUaC9km6l9IBSSMB8GA1UdIwQYMBaAFEA3K4qkZDF+pWHm
xGPL9wTNlKBjMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvZDhjYjE4
NWRjMmI2N2ZlYTRlOGZjYzkzMDNkZTc2YjJlNmIzZTc2NS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvY2ZmNzZlYzAtN2Q0YS00OWMzLWI0YWUtM2U2YTkx
YjcyM2NiLzI1MzdlMWYwM2VkNzM3ODA1YzFjYzA1NTI5MDdiMDhjNzIzMGY4OTgu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9jZmY3NmVjMC03ZDRhLTQ5YzMtYjRhZS0zZTZh
OTFiNzIzY2IvZDhjYjE4NWRjMmI2N2ZlYTRlOGZjYzkzMDNkZTc2YjJlNmIzZTc2
NS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQR
MA8wDQQCAAIwBwMFACgDJgAwDQYJKoZIhvcNAQELBQADggEBAIVBAzgEZs2gn/DW
geYJs/ZKDxheEYDVSrsEtlCAAptsPatXp9KIjEpm/DZGSGTYykwZ3AhuzOxfR+av
2qh8E4zB22v0P8s2N/Ypr/5Y03TbosXRYBL9UMvhFMbONA0a7RJMWXgkySVgQyC1
BfsKpYLlob0mmPSQwJoHfl4pa9jaOeMH1qYeREaNXe9WRtU3aXAsZJkDMNSdVqAC
VPh9ywYk6io7K+7fvvpmZJUnskj7+/kFiab/Vaz4aDXkNpR9xKhTJjJrp8s33RO0
IN6G1egTurMPPECHluL30YY0+0gzFWd/QAfBhjBQKLmUyRMxsIp00s9ZCfPOir7o
JjPksCs=
-----END CERTIFICATE-----
Generated at Thu Mar 28 13:29:30 2024 by rpki-client on console-ams.rpki-client.org